Current situation

:!: WARNING: currently, there is absolutely NO security in demexp (as of versions 0.6/0.8)!

Why? Because before securing things, we need to have an absolute clear view of things to secure (i.e. requirements). Is is not currently possible without precise knowledge of the delegation subsystem.

In the future

We want to provide reasonable proofs that our users can trust demexp to keep there vote secret and to do proper voting algorithm.

Security requirements


Voting protocol

  • On privacy and anonymity in electronic and non electronic voting: the ballot-as-signature attack A very interesting paper where the ballot of complex voting schemes (like ranking in Condorcet voting) is used as a signature to identify the voter and thus void voter anonymity. Some counter-measures are proposed.

Random generation

Programming with security in mind

en/security.txt · Last modified: 2008/09/14 18:02 by dmentre
Recent changes RSS feed Powered by PHP Valid XHTML 1.0 Valid CSS Debian Driven by DokuWiki