Math behind - cthit/VoteIT GitHub Wiki

VoteIT uses 55 different alphanumeric characters when creating user codes. LengthOfCodes defaults to 9 characters.

Therefore the key complexity is 55^LengthOfCodes = 55^9 = 4,605366584×10^15

nbrOfCodesPerUser determines how many different voting sessions there are on a meeting. For simplicity's sake, we can say this number can be a maximum of 50.

The maximum number of voters in any given meeting is limited to 650. Therefore the number of valid codes are: 650*nbrOfCodesPerUser = 650*50 = 32500

The probability of a brute-force attack with full knowledge is: 32500/4,605366584×10^15 = 7.056984369 × 10^-12

VoteIT will go into lock-down mode when numberOfinvalidVotes > 50000 (ref). The probability of succeeding in 50 000 tries is therefore: 7.056984369 × 10^-12 *5000=3.5284921845 × 10^-8

Therefore the probability of casting a valid vote through the use of brute-force is 2.18776879348121 × 10^-8