Continuous voting for registered users

Question

Continuous voting for registered users

I want to make a pointless voting system that would allow registered users to vote on some sensitive issue in such a way that it would be impossible to track the votes of users in case the database is compromised (including a too curious DB administrator).

Detailed setting:

Each user is registered, there is no anonymous voting.
Sockpuppets, fake accounts, etc. are not within the scope of this issue - this is the responsibility of the registration system.
Each registered user can cast only one vote (it can be anything: just yes / no or weight or something else).
The user should be able to change / delete his vote before the close of voting.
No need to allow the user to view their own voice, although this can be done in the same way as deleting / changing.
Even if someone has access to the user database and the database for voting, they should not track every vote back to the user (in the sense that it should not be easier than bruteforce or otherwise hack all access to the user account) .
All parts of the system, except for communication, are open, so there can be no hidden keys. The MitM attack is beyond the scope of the question, but the attacker has full access to the sources, authorization and voting database.
. - . , , //, .
, , , .

, .

+5

security voting

Oleg V. Volkov 05 . '12 10:00

4

dDejan · Answer 1 · 2012-06-05T10:44:42+0000

, , , , , , ( )

, , , , (, , , b-, ), , , , , , .

, , (, ), , , , .

, / , , / , , . (, , , , , )

, ,

dasblinkenlight · Answer 2 · 2012-06-05T14:22:13+0000

/ , ( + ) : , , {user, poll}. :

hash # 1 # 1
hash # 2 , # 2

# 1, , , - 2 . -2 №2 .

, , , -2. №1 № 2, , , , .

Tgr · Answer 3 · 2012-06-05T10:42:20+0000

, , .

. - , . , , , , ( ).

, , , : . , , , . , ; (, bcrpyt) . E. g. bcrypt, , , , .

mit · Answer 4 · 2012-06-05T10:54:15+0000

, , , .

Either you install good keys, or you violate security.

Continuous voting for registered users

More articles: