Like Sam, I see no particular need for salt beyond the username. However, I did notice a potential anonymity attack: the presence of consistent partial voter lists and dummy tally sheets leaked some information about which voters could have which hashes. (Batching obviously alleviated this, but there were probably hours when very few initial votes came in.)
One remedy would be not to post the list of who had voted until after the election. -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) Finger [EMAIL PROTECTED] (NOT a valid e-mail address) for more info. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
