Fooler, Are you coming to the F2F on Saturday at the CenPEG office? Please come. And please everyone who is interested come to the meeting. Thanks.
//PManalastas --- On Thu, 7/16/09, fooler mail <[email protected]> wrote: > From: fooler mail <[email protected]> > Subject: Re: [plug] Code Review & SysAdmin of Election 2010 Computers > To: "Philippine Linux Users' Group (PLUG) Technical Discussion List" > <[email protected]> > Date: Thursday, July 16, 2009, 9:44 AM > On Thu, Jul 16, 2009 at 8:18 AM, > Michael Tinsay<[email protected]> > wrote: > >> From: Rage Callao <[email protected]> > >> > >> 2009/7/13 Pablo Manalastas : > >> > >> > We can suggest to Comelec to compute SHA1 or > MD5 checksums of the approved > >> programs, and at election time, the checksums can > be recomputed (manually) and > >> if the original checksum and new checksum agree, > then there is no substitution. > >> > >> > >> AFAIR, SHA1 and MD5SUM have been broken. > > > > > > While there is still the probability of collission, > what is the possibility that such can be used to "falsely > validate" the data and programs that will be used for the > election? > > > > here is how digital signature works... > > for signing at precinct level... > > 1) ER = election return digital document > > 2) hashvalue = MD5_or_SHA1(ER) > > 3) signvalue = ENCRYPT(hashvalue, privatekey) > > send ER + signvalue to comelec server... > > the signvalue above is the encrypted hashvalue of ER > document using > the signer's privatekey.. signvalue is now the digital > signature of ER > document... > > for validating or verifying at canvasser level... > > a) hashvalue1 = DECRYPT(signvalue, publickey) > > b) hasvalue2 = MD5_or_SHA1(ER) > > c) compare hashvalue1 to hashvalue2.. if equal then > authentic... > otherwise bogus.. > > as you can see... hash function or message digest such as > MD5 or SHA1 > is not important here and whether it is collision prone or > not for > sending ERs... what important here is the privatekey > encrypting the > hash value of ER documents... once a cheater got a copy of > BEI's > privatekey without passphrase protection... he can create > its own ER > and signs it... > > take note also for manual election.. vote buying was > rampant.. for > automated election.. privatekey buying is going to happen > aside from > vote buying :-> > > but for smartmatic program to test its authenticity... we > need a > higher message digest such as SHA2 family (eg. SHA256, > SHA384, SHA512) > to avoid collision as the comelec is the one signing > smartmatic > program... they can create another program (the cheated > one) padded > some bytes just to have the same hash value with the > orignal program > (collision) and signs it... > > fooler. > _________ _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
