On Tue, 2003-04-08 at 04:10, J-F C. (Jefsey) Morfin wrote:
>
> > > The key sequence is very simple. There is absolutely no need for anything
> > > complex (I can used MD5 but no one would be able to check I did not
> > cheat).
> > > Also the sequence is pretty long and could be folded by the email
> > > responses. Would simply send
> > >
> > > "@" as a voting ligne flag
> > > 0000 4 digit voter number
> > > 4 letters voter checker made of a simple computation on the mail name.
> > > (let say the 1st, the 3rd , the 6th and the 9th letter each plus four
> > > values modulo 26)
> > > the nr of the characters and the four values for the vote notbeing
> > disclosed.
> >
> >I am a tad concerned about this. Once I get my ballot, I will easily be
> >able to determine the sequence and could theoretically replicate it for
> >others and spoof their votes.
>
> No.
> I bet you well never be able to tell me what is the sequence I used
> to build "zldt' from sawters@luy.info and please tell me the one for
> jefsey@club-internet.fr. May be you could if you known a large nr
> of checkers, but you will only know yours.
> I suppose you forgot to consider the additional string sequence.
Just clarify, do you mean:
1) @ xxxx yyyy
Where: xxxx = a unique, randomly assigned number
yyyy = obfuscated mail digits
Or:
2) @ zzzz
Where: zzzz = obfuscated mail digits
Sorry if this seems redundant, but I want to make sure I understand you.
[1] is acceptable to me, [2] is not.
> >What I supposed you were doing was:
> >
> >1) generating a random, secret key which the watchdogs have
> >2) encrypting the mailname (or parts of it) using AES, 3DES, or similar
> >3) calculating the md5sum of the result and using that as the identifier
> >
> >With that methodology, you can generate a static linked executable for
> >each watchdog, but also release the source code without fear of giving
> >away your obscurity mechanism.
>
> Sure, but:
>
> 1. I have no time to develop that. If you can?
I could, but not in C. Perl runs everywhere, though Crypt::Rijndael
might not.
> 2. The documentation of the system will call for a lot of disputes
Nah. Maybe in C, but this process is maybe 200-300 lines of Perl and
using some relatively standard modules/libraries. Of course, I can't
make a staticly compiled version of the Perl code that will run
everywhere.
> 3. the size of the key will be large and the problem we have is that
> bnallot does not come folded before the result, or the result will be on
> another line, so we need the ID,Question,choice response to be less than 30
> chars.
The key is distributed shortly before ballots are sent out. The smallest
blocksize for AES is 128 bit -> 16 bytes -> 22 base64 chars. Besides,
you will probably have to do line folding anyway. You could always put
an ending character after the response/answer.
--start ballot--
Question 00: Please answer us this very long question on the line below.
It is pertinent that you think about this very important issue.
@MDEyMzQ1Njc4OUFCQ0RFRg 00 [ ] Yes %
Question 01: The following candidates are running for panel. Please
ensure that you rank no more than 5 candidates.
@MDEyMzQ1Njc4OUFCQ0RFRg 01 [ ] Myea Theau Tovau Vodauualskthay Tmua %
@MDEyMzQ1Njc4OUFCQ0RFRg 01 [ ] Bob Smith %
@MDEyMzQ1Njc4OUFCQ0RFRg 01 [ ] Gérard Dupont %
@MDEyMzQ1Njc4OUFCQ0RFRg 01 [ ] Gandalf the Grey %
@MDEyMzQ1Njc4OUFCQ0RFRg 01 [ ] Slartibartfast, Maker of Fjords %
@MDEyMzQ1Njc4OUFCQ0RFRg 01 [ ] Ooops I did it again %
Question 02: Hey Papa Smurf, how many smurfs does it take to run a
smurfing panel?
@MDEyMzQ1Njc4OUFCQ0RFRg 02 [ ] 5 smurf %
@MDEyMzQ1Njc4OUFCQ0RFRg 02 [ ] 7 smurfs %
@MDEyMzQ1Njc4OUFCQ0RFRg 02 [ ] 11 smurfs %
---end ballot--
Attachment:
signature.asc
Description: This is a digitally signed message part