Collaborate Disseminate
The purpose of this post is to ask for people’s opinion on my idea for a digital voting system that I’ve thought of recently. The only question I ask is if the system works, which can be answered from the following paragraph,… Continue reading A Digital Auditable Secret Voting (Electoral) System Proposal [on hold]
Technology brings with it a number of conveniences, but it also opens up opportunities for scammers and hackers to take advantage of people through tech fraud. That crime involves using technology in a variety of possible ways to mislead people, steal … Continue reading 5 Risks We Face with E-Voting Technology
Let’s say I created a voting system where each voter would use an app and vote on a candidate. The app would send the vote to a server. The server would store the vote on a DB with the request IP.
Is it possible to implement… Continue reading Prove a client sent a request – voting system
There is an online membership community. Every member has the ssh key that they use to perform various functions.
There is the need to vote on sensitive issues. Members don’t want to disclose their votes, only want them to b… Continue reading Can there be a secret ballot software in a membership-based community?
My Government is designing a direct democratic voting system and would like the system to be open sourced and unable to be corrupted by individuals and other stakeholders.
Some requirements as of now:
Citizen individual vo… Continue reading Possible setup for a direct democracy voting system to prevent fraud
I’m studying and preparing a document for implementing of an online voting system (internet based system) which can be used for governmental voting purposes. I would like to ask for your advise and suggestions regarding threa… Continue reading Risks and challenges of an online voting system. Any recent updates?
What are the most reliable and privacy-oriented methods to automatically allocate an equal number of resources (such as email accounts, or a right to vote) to every human being?
I would like to prevent one person from obtain… Continue reading Fair and privacy-oriented allocation of resources to human beings
What are the most reliable and privacy-oriented methods to automatically allocate an equal number of resources (such as email accounts, or a right to vote) to every human being?
I would like to prevent one person from obtain… Continue reading Fair and privacy-oriented allocation of resources to human beings
Hello Security Experts!
I am implementing a small web application where users can cast votes. On the one hand, I want ballots to by anonymous. So the username is not stored with the ballot. But on the other hand I want that each user can verify for himself, that his vote was accounted for. So I thought about this process:
When a user casts a vote, then he must enter his password. (Of course his password is never stored directly anywhere!) The backend creates a HASH value of the users password. And only that hash value is stored with the ballot. All ballots are publicly available, including their hashes.
So when a user wants to verify that his vote was accounted for, then he can simply recreate his hash value and look it up in the list of public ballots.
Initially I thought about MD5 but then I found that there are stronger, better Hash algorythm. Now i use BCRYPT.
But the Java implementatin of BCRYPT needs a new seed value everytime you want to hash a password. I found out that JBCRYPT stores the seed together with the hashed password.
=> Is that ok? Is that normal?
=> Could I create one initial seed once, store that and then reuse the same seed value everytime a vote is casted? Or would that be a security risk.
Why do I need that? My functional requirement is a little different than with normal password hashing. When checking a hashed password then you know where to look: Does that specific hash value (at that user) fit the provided password. My requirement is different: The user has a password. When this password is hashed, is the the hash value then contained in a list of hash values.
How can I implement this?
Continue reading Anonymity of ballots when voting with BYCRYPT hashes
This is the question that I am trying to create a voting system for, and I wanted to submit it for belittlement.
It’s a remote voting system, and our voters need to show evidence they supported the basilisk after the electio… Continue reading Is this voting system secure in an information theory sense?