Re: Crypto codes #1

From: Edward Cherlin <cherlin_at_pacbell_dot_net>
Date: Tue Jun 07 2005 - 23:59:50 CDT

On Monday 23 May 2005 22:23, Charlie Strauss wrote:
> On May 22, 2005, at 12:09 AM, Edward Cherlin wrote:
> > On Thursday 19 May 2005 11:36, charlie strauss wrote:

> >> If the hash function is known or knowable does not this
> >> reveal you ballot and provide a effective receipt? That is
> >> to say it's going to be fairly trivial, by crypto standards
> >> to invert the hash of a ballot string I would suspect.
> >
> > We are using hashes as signatures, not as encryption. The
> > ballot is already known, and will be published with the
> > hash. This makes it infeasible to change one ballot and its
> > hash, and keep the hash for the complete election unchanged.
> the point was that if you tell someone your hashcode before
> the keys are published or the hashes are published you can
> prove to them how you voted, since only you would be able to
> know that hash. Myabe I'm still missing the order of
> operations here...

No, the hash function is public and not dependent on a private
key. So signatures can be computed in advance for any set of
votes. Knowing the hash for a set of votes does not mean you
voted that way.

Next attack: Tell your vote-sellers how to vote on their way into
the polls, without allowing them time to get to a computer to
compute a hash. This requires a physical presence or a lot of
activity on a pay phone very near the polls, and is vulnerable
to surveillance. It can be circumvented using cell phones.

Edward Cherlin
Generalist & activist--Linux, languages, literacy and more
"A knot! Oh, do let me help to undo it!"
--Alice in Wonderland
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Thu Jun 30 23:17:04 2005

This archive was generated by hypermail 2.1.8 : Thu Jun 30 2005 - 23:17:11 CDT