Chapter Preview
TopTechniques For Enhancing The Trustworthiness
In this section, we describe two possible strategies for enhancing the trustworthiness of online gaming applications. One depends on a Byzantine consensus algorithm and the other depends on a threshold signature algorithm. Both algorithms ensure that all replicas adopt the same value to seed their PRNGs, while each replica is taking entropy from its respective entropy source.
Key Terms in this Chapter
Entropy Extraction: The operation that extracts entropy from a random variable (referred to as the entropy source). Entropy can be extracted using both software and hardware based methods.
Pseudorandom Number Generator (PRNG): A PRNG is a computer algorithm used to produce a sequence of pseudo-random numbers. It must be initialized by a seed number and can be reseeded prior to each run. The numbers produced by a PRNG are not truly random. Given the same seed, a PRNG will generate the same sequence of numbers.
Entropy: A metric used to evaluate and describe the amount of randomness associated with a random variable.
Dependable System: A dependable system is one that is trustworthy to its users. It requires that the system to be highly available (to legitimate users) while ensuring high degree of service integrity.
Byzantine Fault Tolerance: A replication-based technique used to ensure high availability of an application subject to Byzantine fault.
Entropy Combination: The operation that combines a number of entropy shares into one. The combination is usually achieved by using the exclusive-or (XOR) operator. Entropy combination is an effective defense against adversaries that substitute a random value by a predictable one. The combined entropy is often of higher quality than each individual share.
Threshold Digital Signature: In the (k, n) threshold digital signature scheme, a private key is divided into n shares, each owned by a player. A valid threshold digital signature can be produced if k players combine their shares. However, no valid signature can be generated by fewer than k players. Each player uses its private key share to generate a partial signature on a message and these partial signatures can be combined into a threshold signature on the message. The threshold signature can be verified using the public key corresponding to the divided private key.
Digital Signature: A digital signature aims to serve as the same purposes as a real-world signature. A sound digital signature ensures that the sender of the digital signature can be authenticated, the sender cannot later repudiate that she has sent the signed message, and a receiver cannot forge a digital signature (without being detected).
Byzantine Fault: It is used to model arbitrary fault. A Byzantine faulty process might send conflicting information to other processes to prevent them from reaching an agreement.