Security

Current situation

:!: WARNING: currently, there is absolutely NO security in demexp (as of versions 0.6/0.8)!

Why? Because before securing things, we need to have an absolute clear view of things to secure (i.e. requirements). Is is not currently possible without precise knowledge of the delegation subsystem.

In the future

We want to provide reasonable proofs that our users can trust demexp to keep there vote secret and to do proper voting algorithm.

Security requirements

Bibliography

Voting protocol

  • http://hal.archives-ouvertes.fr/hal-00142440 On privacy and anonymity in electronic and non electronic voting: the ballot-as-signature attack A very interesting paper where the ballot of complex voting schemes (like ranking in Condorcet voting) is used as a signature to identify the voter and thus void voter anonymity. Some counter-measures are proposed.

Random generation

Programming with security in mind

 
en/security.txt · Last modified: 2008/09/14 18:02 by dmentre
 
Recent changes RSS feed Powered by PHP Valid XHTML 1.0 Valid CSS Debian Driven by DokuWiki