Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
Le 26/04/2012 19:02, Raphael Geissert a écrit :
> Timo Juhani Lindfors wrote:
>> True. We need to both fix the RNG and use a longer moniker.
>
> M = H(CRYPT_PRNG())
>
> for example:
>
> use Digest::SHA qw(sha1_hex);
>
> open(UR, '<', '/dev/urandom') or die($!);
>
> my $rbytes;
> die if (sysread(UR, $rbytes, 16) < 16);
>
> my $m = sha1_hex($rbytes);
While we're at it, what about giving the possibility to the voter to
contribute to the entropy of the moniker? Say, add a field to the ballot
and suggest the voter to put e.g. the output of pwgen there? This would
be in addition to the above code.
Cheers,
--
Stéphane
Reply to: