Giter Club home page Giter Club logo

ballot's Introduction



MCR Room Ballot

Welcome to the Churchill MCR postgraduate-room-ballot code, please read on to find out how to:

  1. Run the ballot code if you are the computing officer this year.
  2. Verify that the room ballot was run honestly!

Installation

To build the codebase you will need a c++ compiler supporting c++20, git, make, and a version of cmake greater than or equal to 3.14. Then follow the standard procedure:

git clone https://github.com/ConorWilliams/ballot
cd ballot
mkdir build && cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make

You will now have your very own copy of the ballot executable!

Alternatively 64-bit Linux binaries are provided with each release.

Running the ballot

First up you're your going to need a csv file containing everyone's room preferences see example/example.csv to get an idea of the expected format. Now compile the program, navigate to example/ and run the ballot like:

../build/ballot run example.csv

This will generate two files public_ballot.json and secret_ballot.csv. The first can be distributed and used by members of the MCR to anonymously verify the ballot was run fairly. The second contains the room assignments and some additional info. You should email each student their result, "id" and "secret_name" (last three fields in secret_ballot.csv respectively).

If you would like to encourage particular rooms to fill up (e.g. the hostels) then you can pass in a list of prefixes, for example:

../build/ballot run example.csv -h RR CJ

would preferentially fill all rooms beginning with the letters "RR" or "CJ".

Finally you can control the total number of allocated rooms using the -m or --max-rooms options.

Verifying the ballot

To verify the MCR computing officer hasn't fiddled your position you need a copy of the public_ballot.json file they generated, your "id" and "secret_name" which you should have received securely. Now run:

./ballot verify YOUR_ID YOUR_SECRET_NAME

where you can supply the optional flag -i /path/to/public_ballot.json to specify the location of the public ballot file if it is not in your current working directory.

Details about the ballot

The ballot code formulates the task as solving the balanced linear assignment problem. We define a cost function which assigns a value to allocating any student to any room. The student-room pairs are then permuted until the global minimum of the cost function (value summed over all pair) is found. This is done using the Jonker-Volgenant algorithm.

In order to allow the possibility that all students get kicked off the ballot the list of rooms is augmented with p (the number of people) "kicked-rooms". To ensure balanced assignment, preference-free null-people are appended to the list of people.

If the total number of allocated rooms needs to be limited the lowest priority students are removed from the ballot.

The cost function

In summary, the cost function prioritises people getting their first choices but prefers kicking people off the ballot to assigning them to a room they didn't want. Finally, the cost function ensures all houses designated as "hostels" are preferentially filled.

ballot's People

Contributors

conorwilliams avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar

Forkers

haritha-j

ballot's Issues

Plain text attack

This was sent to me, by email, by Jack. Hughes and I never did anything about it... It describes an attack to de-anonymise people in the public json file if you know their name. This is of course problematic if you believe peoples choices should be anonymised (something I am not sure I do). I leave it here in case anyone wants to fix it and as a reminder to myself never to do encryption!

Thank you for working on the ballot code, I think you’ve done well with it!

Would it be possible to update the name encryption code for next year’s ballot?

I don’t have a lot of experience with C++, so I haven’t submitted a pull request, but I was thinking if this would be a better approach:

  1. Instead of selecting 32 random characters from a constrained set of characters (numbers and upper/lowercase letters), just obtain 32 random bytes (key)
  2. XOR these 32 random bytes (key) with the person’s 32-char length name (padded or shortened) to get the ciphered text for the public ballot
  3. Base64 encode the 32 random bytes (key), and send this to the student
  4. Base64 encode the ciphered text, and put this into the public ballot json file

Then in the verify code:

  1. The user inputs the Base64 encoded 32 random bytes (key)
  2. The code obtains the Base64 encoded ciphered text from the json file
  3. The code decodes both Base64 strings
  4. These are then XOR’d to get the ciphered name.

This change would ensure that (a) the json file doesn’t contain random unicode characters, and (b) it should be impossible to run a plain text attack against the public ballot json file.

Due to the set of constrained characters in use for the key (numbers and upper/lowercase letters), it’s currently possible to find out my ballot choices (although this shouldn’t be too much of a security concern). If you XOR my 32-char padded name against every ciphered text in the public ballot, only one of the results is a string containing solely characters from the constrained set (the others contain random unicode characters). This remaining string is the one for my ballot.

Alternatively, it may be easier to not include names in the public ballot json file or use AES256 (or something similar)

Let me know if you have any questions

Best regards,
Jack

Produce graphs after run

I really like the graphs being presented in #5 and #1, I suggest an enhancement where (in run mode) the code prints something like this to stdout once the algorithm completes.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.