You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The cryptographic function used to encrypt ballots is deterministic, ie. two encryptions of the same ballot will be equal, and the key is public. Therefore using a decrypted ballot it's possible for an attacker to re-encrypt it and see who submitted it. This is a problem only for votations with either few participants or where ballots are mostly unique (eg. with a text question)
Possible mititgations:
Use a random seed when encrypting the ballot that would not be shared during decryption (could use the new padding of ballots)
The text was updated successfully, but these errors were encountered:
The cryptographic function used to encrypt ballots is deterministic, ie. two encryptions of the same ballot will be equal, and the key is public. Therefore using a decrypted ballot it's possible for an attacker to re-encrypt it and see who submitted it. This is a problem only for votations with either few participants or where ballots are mostly unique (eg. with a text question)
Possible mititgations:
The text was updated successfully, but these errors were encountered: