* Russ Allbery <r...@debian.org> [2022-03-05 12:39]:
I'm not sure that I see this for DPL elections because we publish both the list of votes and the list of voters. If those two lists aren't the same length, that's fairly trivially detectable.
You're right, I missed that when I looked at the election results. In that case, the forger needs to map some voters who voted identically to the same HMAC_SHA256_HEX value, which means you need to find collisions on the HMAC keys such that
H(uid1, K1) == H(uid2, K2) I don't know how resistant HMAC-SHA256 is to this type of "chosen key" attack. Cheers Timo -- ⢀⣴⠾⠻⢶⣦⠀ ╭────────────────────────────────────────────────────╮ ⣾⠁⢠⠒⠀⣿⡁ │ Timo Röhling │ ⢿⡄⠘⠷⠚⠋⠀ │ 9B03 EBB9 8300 DF97 C2B1 23BF CC8C 6BDD 1403 F4CA │ ⠈⠳⣄⠀⠀⠀⠀ ╰────────────────────────────────────────────────────╯
signature.asc
Description: PGP signature
