Re: Spec for anonymous voting
- From: James Henstridge <james jamesh id au>
- To: Ross Golder <ross golder org>
- Cc: David Neary <dneary free fr>, foundation-list gnome org, elections gnome org
- Subject: Re: Spec for anonymous voting
- Date: Fri, 03 Jun 2005 23:52:27 +0800
Ross Golder wrote:
On Wed, 2005-06-01 at 20:38 +0200, David Neary wrote:
The hash is then encrypted with the election committee private key, to
prevent just anyone from generating a voting token, but to allow the
election committee to generate one at will for a user [4,5].
Wouldn't encrypting the hash require that the recipient has d/led and
installed the election committee's public key, and that the user has
some basic knowledge of public key encryption such that they can decrypt
their token (user #3 may have trouble here).
Did you mean that the hash would be 'signed' with the elections
committee private key?
From my reading of the document, the intent was to encrypt the hash, and
use the encrypted hash as the token.
This is so that people can't generate new voting tokens in order to vote
as other people, however it isn't clear from the description how this is
better than using randomly generated tokens.
In fact, it seems less anonymous than randomly generated tokens:
assuming the tokens are published along with the election ballots (which
would be required in order for a member to verify their vote), you could
find out how someone voted by doing the following:
1. hash their (firstname, surname, email) triple
2. decrypt all the voting tokens using the election committee public key
3. see which voting token matches the hash
James.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]