Cyber Security Protection for Online Gaming Applications

Cyber Security Protection for Online Gaming Applications

Wenbing Zhao (Cleveland State University, USA)
DOI: 10.4018/978-1-5225-7492-7.ch005

Abstract

In this chapter, the authors point out the threats to online gaming applications and present two strategies that can be used to build secure and dependable online gaming applications. These strategies not only seek the solution for gathering entropy to seed the PRNG used in such applications but also intend to eliminate malicious intrusions to protect the seed and to maintain replica consistency. By applying these techniques, the online gaming applications can ensure service integrity (both the service providers and the innocent players are protected) and guarantee high availability despite the presence of Byzantine faults. Finally, the authors outline some open research issues in this field.
Chapter Preview
Top

Background

In this section, we provide a brief introduction of PRNG, the entropy concept, and the methods to collect and enhance entropy.

A PRNG is a computer algorithm used to produce a sequence of pseudo-random numbers. It must be initialized by a seed number and can be reseeded prior to each run. The numbers produced by a PRNG are not truly random because computer programs are in fact deterministic machines. Given the same seed, a PRNG will generate the same sequence of numbers. Consequently, if an adversary knows the seed to a PRNG, then he/she can generate and predict the entire stream of random numbers (Young & Yung, 2004). Therefore, to make the random numbers unpredictable, it is important that the seeds to the PRNG cannot be guessed or estimated. Ideally, a highly random number that is unpredictable and infeasible to be computed is required to seed the PRNG in order to produce a sequence of random numbers.

The activity of collecting truly random numbers is referred to as “collecting entropy” by cryptographers (Young & Yung, 2004). Entropy is a measure of the degree of randomness in a piece of data. As an example, consider using the outcome of coin flipping as 1 bit of entropy. If the coin-toss is perfectly fair, then the bit should have an equal chance of being a 0 or a 1. In such a case, we have a perfect 1 bit of entropy. If the coin-toss is slightly biased toward either head or tail, then we have something less than 1 bit of entropy. Entropy is what we really want when we talk about generating numbers that cannot be guessed. In general, it is often difficult to figure out how much entropy we have, and it is usually difficult to generate a lot of it in a short amount of time.

Complete Chapter List

Search this Book:
Reset