[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers

Jakub Wilk <jwilk@debian.org> writes:
> Note that 8 random alphanumeric characters can have at most ~47.6 bits
> of entropy. So just improving RNG wouldn't help here.

True. We need to both fix the RNG and use a longer moniker.

Also, I just noticed that rand() is also used to randomize the order of
votes in the final tally. If I knew the hashes sufficiently many (maybe
20?) voters I probably could predict the initial state of the RNG and
reverse this randomization step completely.

Reply to: