Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers

To: debian-devel@lists.debian.org
Subject: Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
From: Stéphane Glondu <glondu@debian.org>
Date: Fri, 27 Apr 2012 07:11:48 +0200
Message-id: <[🔎] 4F9A2A94.5050002@debian.org>
In-reply-to: <[🔎] jnbv2n$g0f$1@dough.gmane.org>
References: <[🔎] 84ehrdh2rg.fsf@sauna.l.org> <[🔎] 20120424111600.GA7690@jwilk.net> <[🔎] 84y5plf3yd.fsf@sauna.l.org> <[🔎] jnbv2n$g0f$1@dough.gmane.org>

Le 26/04/2012 19:02, Raphael Geissert a écrit :
> Timo Juhani Lindfors wrote:
>> True. We need to both fix the RNG and use a longer moniker.
> 
> M = H(CRYPT_PRNG())
> 
> for example:
> 
> use Digest::SHA qw(sha1_hex);
> 
> open(UR, '<', '/dev/urandom') or die($!);
> 
> my $rbytes;
> die if (sysread(UR, $rbytes, 16) < 16);
> 
> my $m = sha1_hex($rbytes);

While we're at it, what about giving the possibility to the voter to
contribute to the entropy of the moniker? Say, add a field to the ballot
and suggest the voter to put e.g. the output of pwgen there? This would
be in addition to the above code.

Cheers,

-- 
Stéphane

Reply to:

References:
- devotee (debian vote engine): predictable RNG allows recovery of secret monikers
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
  - From: Jakub Wilk <jwilk@debian.org>
- Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
  - From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
- Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
  - From: Raphael Geissert <geissert@debian.org>

Prev by Date: Re: RFC: OpenRC as Init System for Debian
Next by Date: Re: RFC: OpenRC as Init System for Debian
Previous by thread: Re: devotee (debian vote engine): predictable RNG allows recovery of secret monikers
Next by thread: APT Signature verification public key
Index(es):
- Date
- Thread