helios-server icon indicating copy to clipboard operation
helios-server copied to clipboard
verified publisher icon benadida

detect when portions of a ballot are copied from one ballot to another

Open benadida opened this issue 13 years ago • 2 comments

to prevent certain kinds of de-anonymization attacks.

benadida avatar Mar 10 '13 04:03 benadida

I have an idea of a practical implementation for this: for each ballot, pick a random number (called hereafter "nonce"), use this nonce in all challenges in NIZK proofs for this particular ballot, and add the nonce in an additional field. This means a change in the specification for ballots. On the server-side, add a model that will track all used nonces. When a new ballot is received, its nonce is checked for non-existence and then added. Therefore, it also means a change in the database backend.

Since these are quite intrusive (interface) changes, I haven't implemented them fully but I'm pretty confident they are easy to implement.

glondu avatar Mar 10 '13 16:03 glondu

@glondu this sounds very elegant, I like it.

For Helios v4, I am planning on breaking backwards compatibility as there is a crypto fix that I have to apply. So it is a good opportunity to make the change you suggest!

benadida avatar Mar 10 '13 20:03 benadida