Re: code validation?

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Tue Feb 22 2005 - 14:39:31 CST

On Feb 22, 2005, at 3:27 PM, Paul Kinzelman wrote:
> But I can take the code, insert my insidious
> fraudulent code, and update the hash code, then release the
> CDROM with my fraudulent code to unsuspecting precinct people,
> for instance, and the hash code will check.

Well, in a word, 'No'.

The hash code[*] isn't just distributed on a slip of paper taped to the
CD. A given version of the OVC software will have a known and
published hash. That hash would be published on websites, newspapers,
etc., and any CD poll workers got that lacked that published hash will
be deemed no-good.

[*] I would have said SHA-1 three days ago, but now that algorithm has
been broken by the same brilliant Chinese team who broke MD5

But actually, we've been through this quite a bit in the archives.
We'll use Liam's StrongBox Linux (or something much like it) which
includes a whole toolchain of all the "right* crypto procedures.
Virtual disk images for different software sets (voting station, audio,
tabulation, etc), bootable from CD, key layers for public key
verification, and so on, StrongBox does all this sort of stuff.

_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Sun Feb 27 17:17:09 2005

This archive was generated by hypermail 2.1.8 : Sun Feb 27 2005 - 17:17:13 CST