Abstract
In this article, we point out the threats to online gaming applications and present two strategies that can be used to build secure and dependable online gaming applications. These strategies not only seek the solution for gathering entropy to seed the PRNG used in such applications, but also intend to eliminate malicious intrusions to protect the seed and to maintain replica consistency. By applying these techniques, the online gaming applications can ensure its service integrity (both the service providers and the innocent players are protected) and guarantee high availability despite the presence of Byzantine faults. Finally, we outline some open research issues in this field.
TopBackground
In this section, we provide a brief introduction of PRNG, the entropy concept, and the methods to collect and enhance entropy.
A PRNG is a computer algorithm used to produce a sequence of pseudo-random numbers. It must be initialized by a seed number and can be reseeded prior to each run. The numbers produced by a PRNG are not truly random because computer programs are in fact deterministic machines. Given the same seed, a PRNG will generate the same sequence of numbers. Consequently, if an adversary knows the seed to a PRNG, then he/she can generate and predict the entire stream of random numbers (Young & Yung, 2004). Therefore, to make the random numbers unpredictable, it is important that the seeds to the PRNG cannot be guessed or estimated. Ideally, a highly random number that is unpredictable and infeasible to be computed is required to seed the PRNG in order to produce a sequence of random numbers.
The activity of collecting truly random numbers is referred to as “collecting entropy” by cryptographers (Young & Yung, 2004). Entropy is a measure of the degree of randomness in a piece of data. As an example, consider using the outcome of coin flipping as 1 bit of entropy. If the coin-toss is perfectly fair, then the bit should have an equal chance of being a 0 or a 1. In such a case, we have a perfect 1 bit of entropy. If the coin-toss is slightly biased toward either head or tail, then we have something less than 1 bit of entropy. Entropy is what we really want when we talk about generating numbers that cannot be guessed. In general, it is often difficult to figure out how much entropy we have, and it is usually difficult to generate a lot of it in a short amount of time.
Key Terms in this Chapter
Byzantine Fault Tolerance: A replication-based technique used to ensure high availability of an application subject to Byzantine fault.
Entropy Combination: The operation that combines a number of entropy shares into one. The combination is usually achieved by using the exclusive-or (XOR) operator. Entropy combination is an effective defense against adversaries that substitute a random value by a predictable one. The combined entropy is often of higher quality than each individual share.
Entropy: A metric used to evaluate and describe the amount of randomness associated with a random variable.
Entropy Extraction: The operation that extracts entropy from a random variable (referred to as the entropy source). Entropy can be extracted using both software and hardware based methods.
Pseudorandom Number Generator (PRNG): A PRNG is a computer algorithm used to produce a sequence of pseudo-random numbers. It must be initialized by a seed number and can be reseeded prior to each run. The numbers produced by a PRNG are not truly random. Given the same seed, a PRNG will generate the same sequence of numbers.
Digital Signature: A digital signature aims to serve as the same purposes as a real-world signature. A sound digital signature ensures that the sender of the digital signature can be authenticated, the sender cannot later repudiate that she has sent the signed message, and a receiver cannot forge a digital signature (without being detected).
Threshold Digital Signature: In the (k, n) threshold digital signature scheme, a private key is divided into n shares, each owned by a player. A valid threshold digital signature can be produced if k players combine their shares. However, no valid signature can be generated by fewer than k players. Each player uses its private key share to generate a partial signature on a message and these partial signatures can be combined into a threshold signature on the message. The threshold signature can be verified using the public key corresponding to the divided private key.
Byzantine Fault: It is used to model arbitrary fault. A Byzantine faulty process might send conflicting information to other processes to prevent them from reaching an agreement.
Dependable System: A dependable system is one that is trustworthy to its users. It requires that the system to be highly available (to legitimate users) while ensuring high degree of service integrity.