Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
Jakub Wilk <firstname.lastname@example.org> writes:
> Note that 8 random alphanumeric characters can have at most ~47.6 bits
> of entropy. So just improving RNG wouldn't help here.
True. We need to both fix the RNG and use a longer moniker.
Also, I just noticed that rand() is also used to randomize the order of
votes in the final tally. If I knew the hashes sufficiently many (maybe
20?) voters I probably could predict the initial state of the RNG and
reverse this randomization step completely.