In the ( k , n ) threshold digital signature scheme, a private key is divided into n shares, each owned by a player. A valid threshold digital signature can be produced if k players combine their shares. However, no valid signature can be generated by fewer than k players. Each player uses its private key share to generate a partial signature on a message, and these partial signatures can be combined into a threshold signature on the message. The threshold signature can be verified using the public key corresponding to the divided private key.
Published in Chapter:
Building Secure and Dependable Online Gaming Applications
Bo Chen (Cleveland State University, USA) and Wenbing Zhao (Cleveland State University, USA)
Copyright: © 2009
|Pages: 5
DOI: 10.4018/978-1-60566-026-4.ch071
Abstract
Online gaming has become a multibillion-dollar industry. The security and dependability of such games are critical for both the game providers and honest game players alike. Essential to all such applications is the use of random numbers; for example, random numbers are needed to shuffle cards. For obvious reasons, if the hands can be predicated, players could gain unfair advantages. The nature of this type of applications poses great challenges in increasing their availability while preserving their integrity (Arkin, Hill, Marks, Scjmod, & Walls, 1999; Viega & McGraw, 2002; Young & Yung, 2004). Byzantine fault tolerance (BFT; Castro & Liskov, 2002) is a well-known technique to tolerate various malicious attacks to online systems and it often involves state machine replication (Schneider, 1990). However, state machine replication assumes that all replicas are deterministic, which is not the case for online gaming applications. In this article, we elaborate how we address this dilemma using an online poker application that uses a pseudorandom number generator (PRNG) to shuffle the cards as an illustrating example. We propose two alternative strategies to cope with the intrinsic application nondeterminism. One depends on a Byzantine consensus algorithm and the other depends on a practical threshold signature scheme. Furthermore, we thoroughly discuss the strength and weaknesses of these two schemes.