Math behind - cthit/VoteIT GitHub Wiki
VoteIT uses 55 different alphanumeric characters when creating user codes.
LengthOfCodes
defaults to 9 characters.
Therefore the key complexity is 55^LengthOfCodes = 55^9 = 4,605366584×10^15
nbrOfCodesPerUser
determines how many different voting sessions there are on a meeting. For simplicity's sake, we can say this number can be a maximum of 50.
The maximum number of voters in any given meeting is limited to 650. Therefore the number of valid codes are: 650*nbrOfCodesPerUser = 650*50 = 32500
The probability of a brute-force attack with full knowledge is: 32500/4,605366584×10^15 = 7.056984369 × 10^-12
VoteIT will go into lock-down mode when numberOfinvalidVotes > 50000
(ref). The probability of succeeding in 50 000 tries is therefore: 7.056984369 × 10^-12 *5000=3.5284921845 × 10^-8
Therefore the probability of casting a valid vote through the use of brute-force is 2.18776879348121 × 10^-8