benadida / helios-server

Helios server
http://heliosvoting.org
Apache License 2.0
733 stars 352 forks source link

detect when portions of a ballot are copied from one ballot to another #35

Open benadida opened 11 years ago

benadida commented 11 years ago

to prevent certain kinds of de-anonymization attacks.

glondu commented 11 years ago

I have an idea of a practical implementation for this: for each ballot, pick a random number (called hereafter "nonce"), use this nonce in all challenges in NIZK proofs for this particular ballot, and add the nonce in an additional field. This means a change in the specification for ballots. On the server-side, add a model that will track all used nonces. When a new ballot is received, its nonce is checked for non-existence and then added. Therefore, it also means a change in the database backend.

Since these are quite intrusive (interface) changes, I haven't implemented them fully but I'm pretty confident they are easy to implement.

benadida commented 11 years ago

@glondu this sounds very elegant, I like it.

For Helios v4, I am planning on breaking backwards compatibility as there is a crypto fix that I have to apply. So it is a good opportunity to make the change you suggest!