Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers

To: debian-devel@lists.debian.org
Subject: Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
From: Timo Weingärtner <timo@tiwe.de>
Date: Thu, 26 Apr 2012 23:34:25 +0200
Message-id: <[🔎] 201204262334.34826.timo@tiwe.de>
In-reply-to: <[🔎] 84zk9ydw5x.fsf@sauna.l.org>
References: <[🔎] 84ehrdh2rg.fsf@sauna.l.org> <[🔎] jnbv2n$g0f$1@dough.gmane.org> <[🔎] 84zk9ydw5x.fsf@sauna.l.org>

Hi,

2012-04-26, 23:23:54 Timo Juhani wrote:
> Raphael Geissert <geissert@debian.org> writes:
> > print hmac_sha1_hex($v, $m);
> 
> Yeah that sounds promising. Now we just need to fix the code that tries
> to randomize the order of entries in the tally.

Is that randomization really needed? Why not just sort based on the hashes?


Greetings
Timo

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Follow-Ups:
- Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

References:
- devotee (debian vote engine): predictable RNG allows recovery of secret monikers
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
  - From: Raphael Geissert <geissert@debian.org>
- Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>

Prev by Date: Re: RFC: OpenRC as Init System for Debian
Next by Date: Re: wine-unstable in Debian
Previous by thread: Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
Next by thread: Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
Index(es):
- Date
- Thread