TY - JOUR
T1 - Building Secure and Dependable Online Gaming Applications
AU - Chen, Bo
AU - Zhao, Wenbing
PY - 2008/1/1
Y1 - 2008/1/1
N2 - Online gaming has become a multibillion-dollar industry. The security and dependability of such games are critical for both the game providers and honest game players alike. Essential to all such applications is the use of random numbers; for example, random numbers are needed to shuffle cards. For obvious reasons, if the hands can be predicated, players could gain unfair advantages. The nature of this type of applications poses great challenges in increasing their availability while preserving their integrity (Arkin, Hill, Marks, Scjmod, & Walls, 1999; Viega & McGraw, 2002; Young & Yung, 2004). Byzantine fault tolerance (BFT; Castro & Liskov, 2002) is a well-known technique to tolerate various malicious attacks to online systems and it often involves state machine replication (Schneider, 1990). However, state machine replication assumes that all replicas are deterministic, which is not the case for online gaming applications. In this article, we elaborate how we address this dilemma using an online poker application that uses a pseudorandom number generator (PRNG) to shuffle the cards as an illustrating example. We propose two alternative strategies to cope with the intrinsic application nondeterminism. One depends on a Byzantine consensus algorithm and the other depends on a practical threshold signature scheme. Furthermore, we thoroughly discuss the strength and weaknesses of these two schemes.
AB - Online gaming has become a multibillion-dollar industry. The security and dependability of such games are critical for both the game providers and honest game players alike. Essential to all such applications is the use of random numbers; for example, random numbers are needed to shuffle cards. For obvious reasons, if the hands can be predicated, players could gain unfair advantages. The nature of this type of applications poses great challenges in increasing their availability while preserving their integrity (Arkin, Hill, Marks, Scjmod, & Walls, 1999; Viega & McGraw, 2002; Young & Yung, 2004). Byzantine fault tolerance (BFT; Castro & Liskov, 2002) is a well-known technique to tolerate various malicious attacks to online systems and it often involves state machine replication (Schneider, 1990). However, state machine replication assumes that all replicas are deterministic, which is not the case for online gaming applications. In this article, we elaborate how we address this dilemma using an online poker application that uses a pseudorandom number generator (PRNG) to shuffle the cards as an illustrating example. We propose two alternative strategies to cope with the intrinsic application nondeterminism. One depends on a Byzantine consensus algorithm and the other depends on a practical threshold signature scheme. Furthermore, we thoroughly discuss the strength and weaknesses of these two schemes.
UR - https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=105012813686&origin=inward
UR - https://www.scopus.com/inward/citedby.uri?partnerID=HzOxMe3b&scp=105012813686&origin=inward
U2 - 10.4018/978-1-60566-026-4.ch071
DO - 10.4018/978-1-60566-026-4.ch071
M3 - Article
SP - 428
EP - 432
JO - Encyclopedia of Information Science and Technology: Second Edition
JF - Encyclopedia of Information Science and Technology: Second Edition
ER -