Voting system required three keys. One of them has been “irretrievably lost.”
My favorite story similar to this was Estonia was the first country to use the internet to allow people to vote. To ensure people of the “security” they set up a Webcam pointed at the server accessible 24/7 on their web server.
This wouldn’t do anything as any one trying to modify the results would like be doing it remotely over the internet but that’s fine security theater is everywhere and atleast somewhat effective.
If you logged on and looked at the Webcam behind the server a whiteboard on the wall. Someone wrote the wifi password on the whiteboard…
If anyone wants a source https://estoniaevoting.org/photos/opsec-wifi/
You’d think a bunch of cryptographers would use Shamir’s secret sharing to avoid issues like this…
or bigby’s encrypting arm.
I’m not familiar with that one. Link please?
I feel so ashamed. Im not proud and I know I will go down in infamy for being the first. But I made that up on the internet. Yes its true. I thought of a silly phrase and just posted it. Don’t look at me! Don’t look at me!
3 is just a small number in this context, you can prevent a conspiracy (of 2), or have a redundancy (of 1), but not at the same time. They choose wrong… It’s always a risk when something hinges on a single human individual.
That’s actually not true. See the other comment about Shamir Secret Sharing. Very clever stuff where you can split a key in m parts and require n<m of the pieces to get it back.
But with SSS and m=3, n can only be 1, 2 or 3. If n=2 there is a possibility for a conspiracy of 2 and a redundancy of 1, if n=3 then all three have to agree, but there is no redundancy, which was the case here.
Right. Re-reading your comment, I agree. n=3 is too small, even with SSS. BUT without it, 3 was too big in this case. So yey SSS!
My bad dude!
Have you tried using 1 2 3 4 5?
That’s amazing! I have the same combination in my luggage!
