Denial of Service attacks to Disenfranchise Voters

[dsernst]

Discussed here: https://docs.siv.org/mitigating-attacks/dos

[dsernst]

We could do better routine stress & load testing to simulate high volume scenarios. And get a much better sense of when SIV's systems start to buckle under high load.

[dsernst]

We could switch our auth token's from being symmetric keys, to asymmetric priv/pub key pairs.

Admin would send priv key to voters, and publish the full list of authorized pub keys for everyone to see.

Implications:

• Then, if this was in place, voters could submit their votes through a mirrored network infrastructure as well (more like p2p networks), not just a single election server. Practically, it could be the political parties etc that host some of these mirroring delivery networks (so they're incentivized to make sure it gets into the final tally). Everyone would be able to verify for themselves that those votes are properly authenticated (key checks out) & pre-authorized (pub key on published list), and not used multiple times (unique pub key).
• Auth keys would have to become much longer though, because brute forcing could take place offline, so no rate-limit throttling.