SlideShare a Scribd company logo

Fighting online game cheating with cryptography

Download as PPTX, PDF
Steven Davis
Steven Davis

How do you fight cheating in online games (everything from poker and other casino games to casual and first person shooters)? Instead of trying to monitor the game and detect cheaters after the fact, you can actually prevent AND detect many forms of game cheating with cryptography. This paper describes a suite of cryptographic algorithms you can use to stop many forms of cheating. The downside (and there always is a downside, isn't there) is that you have to build it into your games. It is a secure foundation on top of which your games are built. NOTE: Full notes are available with the slide package. Contact me at: steve@free2secure.com for more information.

Technology
1 of 41
Fighting game cheating with cryptography Design by: Steven B. Davis steve@free2secure.com +1.650.278.7416 Original presentation Copyright 2004 by IT GlobalSecure Inc.
Problem • Cheating in online games continues to be a serious problem. • Casino games • First-person shooters • Casual games • … and others • Most approaches depend on a trusted third party. SecurePlay was designed so that no one needs to be trusted • If there are N participants in a game, the game will be “fair” if at least one is honest or “differently dishonest”. • This does not solve every cheating problem. • For example, it cannot stop financial collusion in Poker (where players agree to share their winnings), but it can stop knowledge collusion where players share knowledge of their hands with some slight tweaks to the game rules.
Working with SecurePlay
Overview • SecurePlay Game Reference Model • How Used for Different Types of Games • Chess – Turn-based Gaming • 3-Card Monte - Games of Hidden Information • Backgammon – Basic Games with Random Events • Poker – Basic Games with Private Random Events and Dealer • Hearts – Like Poker, but with Private Moves • Rock-Paper-Scissors – Simultaneous Games • Fighting Game – Simple Real-Time and Event-based Games • Rally Cars – Secured Real-Time and Event-based Games • SecurePlay Network Model
SecurePlay Game Reference Model • Basic Model for all Network Games • Presentation • Control • State • Rules • Assets • Administration • Network(s) Game StatePresentation Control Non-Deterministic Rules Deterministic Rules Choices/Actions Event Generation Game Administration Lobbies, Administration, Infrastructure Assets (art, data) Game Play Network
Game Reference Model – Transaction Overview • Transactions are used to coordinate game play over a network • Depending on how the transactions are used, the integration can occur later in the development process with more or less difficulty Game StatePresentation Control Non-Deterministic Rules Deterministic Rules Choices/Actions Event Generation Game Administration Lobbies, Administration, Infrastructure Assets (art, data) Game Play Ship Ship Strobe Strobe Blast Blast Random Simultaneous Simultaneous Secret Multi-Part Multi-Part Random Integration Effort SecurePlay Protocols
Chess – Turn-based Gaming • Network Chess Overview • Turn-based Game • Well-known Rules • SecurePlay Integration • Understanding SecurePlay, Games, and Communications • Use Blast or Multi-part Turn Protocols to send turns • Add Security Services: Encryption, Integrity, and Non-repudiation
SecurePlay & Game Integration • SecurePlay Links Players, Games, and Communications • Allows multiple games, players, and communications to use a common SecurePlay library • Game API is basically a container for Transactions • Add and remove players • Change communications • Add and remove transactions • Transaction APIs are the main SecurePlay services used by Games Game API Other SecurePlay Transaction APIs Communications Service(s) SecurePlay API Game
SecurePlay Transactions and Games • Game Rules Code Create and Wrap SecurePlay Transactions • For Chess, the Rules Code is the moves for the various pieces • Either Blast or Multi-Part Transactions can be used to send Chess moves Game Game Rules Game Transactions Transaction API Game Transaction Event Notification Messages
SecurePlay Messages • SecurePlay is a message- based system • Message Elements • Header • Body • Signature • Security Features • Encryption • Integrity/Non-Repudiation • Privacy • Anti-Piracy • Plug-able Security Manager Header Message Signature Signed Encrypted
Blast Transaction • Simple Message • Sent to All Participants in the Game • For Chess, could be used to send Player Actions/Turns WKP to D4
Multi-Part Turn Transaction 1 • Simple, Multi-Part Transaction • Includes full transaction setup • Creation, Configuration, Start • And eventually, End. • For Chess, a Single Multi-Part Transaction would be used for the entire game. • It could also be used for “Chat”. WKP to D4
Net Play “Synchronization” – Action vs. State • Different Types of Ways to Exchange New Game Information over a network: • Action (by human or machine player) • Differential Action (* not applicable for Chess) • Rules Action (* not applicable for Chess, but common in computer games) • Action Result (Player Final Position) • Updated State (new chess board positions) • Differential State (Player Final Position, (optional) removed pieces) State 1 State 2 State 3Action 1 Action 2 Result 1 Result 2 Differential State Differential Action State 1 – State 2 Action 1 – Action 2
Game & Rules Verification • SecurePlay supports independent verification • Needed because games are inherently adversarial • Every participant needs to be able to validate actions and state by themselves • Historically, State Change Validation can be difficult • SecurePlay Simplifies Verification • Rules Action Attempt Validation • Affirmation of state • Rules Action Resolution Validation • SecurePlay’s “Go Forward” technique is more robust than checking rules “differentially” State 1 State 2 State 3Action 1 Action 2 Result 1 Result 2 Validate State Change Validate Action Attempt Can State 2 Result from State 1? Can Player 1 Perform Action 1? Validate Action Result Is Result 2 possible from State 2?
Guessing Games - 3-Card Monte • Guessing Game (Find the Queen) • Games using similar principles include Stratego™ and Battleship™ and card games like “Go Fish” • Typically Turn-based games • Guessing location or value of hidden assets • SecurePlay Integration • Secret Transaction for Hidden, Non-Repudiable* Actions or Choices • Other Transactions may be used to complete the game* Cannot be later refuted by the transaction participants
Alleged Alleged Secret Transaction 1 • At its core, this is a two-step transaction. • A Secret is identified • The “Hidden Secret” is sent to the other participants using Irreversible Transforms • Random data is appended to prevent Dictionary Attacks • At the appropriate time, the Hidden Secret and appended Random data is revealed and Verified • For 3-Card Monte: • (Secret) Set Queen Location • (Secret) Send Transform of Secret • (Multi-Part) Bet on Queen Location • (Secret) Reveal Secret • (Multi-Part) Resolve Bet Secret Secret Secret Random Random Hash Function Hash Function Transform Store Transform Send Send Transform Validate Receivers Sender Alleged
Verification – Instant vs. Deferred • Verification can be inherent in the completion of transaction or deferred until a later time. • Verification can also be deferred from a game rules perspective. • As long as every transaction and rule can eventually be verified, the game is fair. • Certain transactions and rules can allow intermediate verification in case of player complaint, though not always – again this depends on the nature of the specific game.
Backgammon • Game of Actions and Random Events • The most common game structure for traditional board games • The underlying structure of many computer games (Random Event, Move, Attack, Resolve, Repeat) or (Move, Attack, Random Event, Resolve, Repeat) • The underlying structure of most casino games (Make Bet, Random Event, Resolve, Repeat) • Use of Random Events to Move or to Resolve Actions • SecurePlay Integration • Random or Simultaneous Transaction to Generate Fair Random Events • Blast, Multi-step, or other transactions may be used to complete the game. Player 1 <Random> Roll Dice <Multi-Part> Move Pieces Player 2 <Random> Roll Dice <Multi-Part> Move Pieces … Where <> denotes the SecurePlay protocol
Simultaneous Transaction 1 • The Simultaneous Transaction essentially is the Secret Transaction with multiple parties involved. • Each party sends the Transform of their contribution, just as with the Secret Transaction. • After each party receives all of the other participants contributions, they reveal their contribution • Random Numbers are created by the contribution consisting of an arbitrary random number chosen by each Participant (for Backgammon, 2 random numbers between 1 and 6) • The Results are then added together and reduced to a value between 1 and 6 Secret 2 Random 2 Hash Function Transform 2 Secret 1 Random 1 Hash Function Transform 1 Transform 2 Transform 1 Secret 2 Random 2 Secret 1 Random 1 Secret 1 Secret 2 1. Exchange 2. Reveal Player 1 Player 2 Result Result 3. Combine 3. Combine
Random Transaction 1 • Build Collaborative Game Key by Dealer • Dealer sends Transform of his contribution to other players (uses Secret Transaction) • Each other Player posts a random contribution • Dealer combines all to build Game Key • Game Key used to generate random events • At end of Game, Dealer reveals his contribution • Everyone verifies contribution, rebuilds game key, and reconstructs random events to Verify transaction Key 1 Random 1 Hash Function Transform 1 Dealer Players Key 2 Key 3 Key 4 Transform 1 Key 2 Key 3 Key 4 Game Key Event Generator Event 1 Event 2 Event 3 Event 4 Event 5 Key 1 Verify Rebuild Events Reveal Send Post Build Play
Poker • Game of Random Deal (or deals) and Betting (or rounds of Betting) • SecurePlay Integration • Introduction to “Privacy” in SecurePlay • Requirement for “Dealer” • Combination of Random Transactions (for deals) and Multi- part Transactions (for bets) Players <Multi-Part> Ante up Dealer <Random> Deal to Player 1 <Random> Deal to Player 2 … Player 1 <Multi-Part> Bets Player 2 <Multi-Part> Bets … Where <> denotes the SecurePlay protocol to use
Message Privacy • The Privacy function allows different messages to be sent to different participants in a Game Transaction • Allowed values are: • Participant(P) - Distinguished recipient of transaction message • Non-participant(Q) – Recipient of alternate transaction message • All (A) – sent to all transaction members • Used directly within SecurePlay by the Secret Transaction, for revealing secrets to selected transaction members, and by the Random Transaction for random events such as dealing cards face down to individuals. Header Message Signature P or Q A OR Header Message Signature Header Alternate Message Signature Header Message Signature Privacy Flag
Random Transaction 2 • The set up of the Random Transaction is identical to that for Backgammon. • Random events are created without replacement to work like a deck of cards • The Transaction Master (Dealer) creates different random events to be revealed to each participant (just like dealing cards face down). • Alternate messages are sent to the other players to maintain synchronization with the “deck”. • Verification will ensure consistency, unless cards are revealed. Key 1 Random 1 Hash Function Transform 1 Dealer Players Key 2 Key 3 Key 4 Transform 1 Key 2 Key 3 Key 4 Game Key Event Generator Event 1 Event 2 Event 3 Event 4 Event 5 Key 1 Verify Rebuild Events Reveal Send Post Build Player 1 Only Player 2 Only
Net Play “Synchronization” – Asymmetric Information • Computer games often use symmetric network communications and information • Easy • Net play added late in process • Many security weaknesses • Asymmetric information (i.e., “I know something you don’t”) is a powerful game play tool • Provides uncertainty and opportunity for strategic choice • Increases re-playability and extends the life of games • Needs to be built into the game design • Needs security system for verification • Supported by SecurePlay protocols
Hearts • Game of Random Deal, Secret Exchange of Cards, and Play • SecurePlay Integration • Use of Random Transaction for Initial Deal • Use of Secret Transactions for Passing Cards • Use of Multi-Part Transaction for Play Dealer <Random> Deal to Player 1 <Random> Deal to Player 2 <Random> Deal to Player 3 <Random> Deal to Player 4 Player 1 <Secret> Pass Cards to Left Player 2 <Secret> Pass Cards to Left … <Multi-Plat> Play… End game <Random> Verify Deal <Secret> each player, verify Secret Where <> denotes the SecurePlay protocol to use
Secret Transaction 2 • The Secret Transaction supports revealing Secrets using the Privacy feature of SecurePlay messages • Passing Player uses Secret Transaction to send Transform to All Players • Passing Player reveals the Secret to the selected Player prior to play. • Passing Player reveals the Secret to the remaining Players at the end of the game. Alleged Alleged Secret Secret Secret Random Random Hash Function Hash Function Transform Store Transform Send Send Transform Validate Receivers Sender Alleged
Rock-Paper-Scissors • Simplest example of a simultaneous game • Cheating is a “timing” attack by waiting to see what the other player will do • SecurePlay Integration • Direct use of Simultaneous Transaction
Simultaneous Transaction 2 • Transaction process is the same as previously described • Resolution is handled purely in Game Rules code Secret 2 Random 2 Hash Function Transform 2 Secret 1 Random 1 Hash Function Transform 1 Transform 2 Transform 1 Secret 2 Random 2 Secret 1 Random 1 1. Exchange 2. Reveal Player 1 Player 2 3. Resolve Players <Simultaneous> make choices <Simultaneous> send choice transforms <Simultaneous> reveal choices <Simultaneous> verify choices Rules – resolve Choices Where <> denotes the SecurePlay protocol to use
Strobe Transaction 1 • Strobe is a sequence of Simultaneous Transactions • Strobe automatically moves from one Simultaneous Transaction to the next • Reading data out of the previous transaction • Writing data to the current transaction Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Read Read Read Read Time
Fighting Game • Basic “Real-Time” Game • Attack/Defend/React • Most games with “Tactics” use this basic model • SecurePlay Integration • Use of Strobe Transaction for Interaction • Use of Rules to Provide “Real-Time”ness • Randomization Embedded in Strobe • Like Dice in Backgammon Player 1 <Simultaneous> Tactic 1 <Simultaneous> send transform <Simultaneous> reveal Tactic <Simultaneous> verify Tactic 2 Player 2 <Simultaneous> Tactic 2 <Simultaneous> send transform <Simultaneous> reveal Tactic <Simultaneous> verify Tactic 1 Resolve Where <> denotes the SecurePlay protocol to use
Strobe Transaction 2 • Strobe can be used to chain together a sequence of actions over time. • Time does not have to be uniform and can be Event- Driven or Interval Driven • Payloads of Strobe Transactions can contain any sort of information, Actions, Results, and State updates as well as ancillary data such as random event generators Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Read Read Read Read Time
Event-based Time vs. Interval Time • Strobe simply sequences events in time,it does not force events to be uniform • A key concept, whether Strobe is used or not, is some notion of minimal time and non-interference • The minimal time interval between actions by a Player • Choices that occur during a minimal time interval should not “break” each other. • These intervals are driven by game rules and network lag Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Time Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal
Rally Cars • Racing Games use simplified interfaces to simulate car racing. • Similar mechanisms are used for Sports games and Action Games where continuous time and action are perceived • SecurePlay Integration • Use Strobe Transaction to Post Actions or State Updates • Use Multi-Step or Blast Transactions as an alternative • Physics Engine Provides Continuity
Physics is just another Set of Rules • Physics Engines can be event driven or interval driven for game play • Engine “runs” between Player Actions • No different than the table lookup done for fighting game or Rock- Paper-Scissors • Always have synchronization issue over a network • Always have a display issue over a network Steer Left 20o Steer Right 5o Steer Right 8o Accelerate 48% Brakes 5% Brakes 55%Accelerate 88% Time = 18 Time = 23 Time = 41 Time = 30 Time = 48 Time = 43 Time = 65
Abstraction of Game Play vs. Presentation • Game Presentation State for continuous state can “float” above actual game play state • Interpolation and Projection of State can occur at the presentation level, not at game play level. • Challenge is in smart control and recognizing reality of network environment • Need tools to convey anomalous network environment • Need game design to be robust under wide range of network conditions Actual GamePresentation 1 Presentation 2
Ship Transaction The Ship Transaction provides for the distribution of game data and other assets • Supports Verified Shipment • Supports Buffered Shipment for very large items • Supports Slow/Manual Shipment to minimize interference with ongoing game play Asset Shipment Packages For sending assets incrementally DATAASSET: Name: Einstein Class: Scientist Intelligence: 98 Sense of Humor: 75
SecurePlay Network Model • Communications model • Independent of Transactions • Can support client- server, peer-to-peer • Can support multiple communications systems concurrently • SecurePlay messages provide a logical network above the actual communications network • Transaction model • Internal transaction master • Transaction participants are a subset of game participants Game Instance Transactions SecurePlay Messages Communications Networks
SecurePlay and Anti-Piracy • Network games that are delivered as a service have a high degree of anti-piracy built in • Excluding the threat, mainly seen in Asia of “Doppelganger Servers” • SecurePlay’s upcoming extension, Keeper, will provide a high degree of anti-piracy for generalized network games • With capability to help stop Doppelgangers • Complementary to Other DRM/license security solutions • Customized extensions can provide additional strength in different platform, network, and game environments
SecurePlay and Tournament & High Score Games • Tournament Games • Player vs. Player games can operate in true peer-to-peer fashion • Players can agree on results or disagree • Only if disagreement occurs, SecurePlay game logs can be posted to Tournament Director for evaluation • High-Score Solitaire/Patience Games • Player is effectively playing against Game Operator • SecurePlay can be used for full interaction over network • SecurePlay can also be scaled back to seed random data, review results, or otherwise “compress” its involvement depending on security risks and suspicions. • SecurePlay can also choose to allow a review games if they are anomalous. • SecurePlay builds a Secure Game Contract
Next steps • Does this make sense (any questions)? • Does this address an interesting problem? • Are there other applications? • Are there system constraints that may invalidate or limit the effectiveness of this approach?
Who am I? • Steven Davis • Worked in high-end security design and analysis since 1987 • Current focus on “business security” – linking business and security together beyond IT • History: • Design and analyze custom cryptography and security architectures • … and lots of other security work • Several security patents: • Anti-cheating cryptography for games • “Manual” digital signature to improve credit card security • Book “Protecting Games” • Numerous papers and conferences • Blog: free2secure.com • Defunct blog: playnoevil.com – 2006 to 2012 • https://www.linkedin.com/in/free2secure • steve@free2secure.com • +1.650.278.7416

Recommended

Ddn
DdnDdn
Ddnkiranvx7
 
Game analytics - The challenges of mobile free-to-play games
Game analytics - The challenges of mobile free-to-play gamesGame analytics - The challenges of mobile free-to-play games
Game analytics - The challenges of mobile free-to-play gamesChristian Beckers
 
7 gate game design document
7 gate game design document 7 gate game design document
7 gate game design document ARshut Syabrin
 
Online Security - The Good, the Bad, and the Crooks
Online Security - The Good, the Bad, and the CrooksOnline Security - The Good, the Bad, and the Crooks
Online Security - The Good, the Bad, and the CrooksSteven Davis
 
Protect Your Passwords, Secure Your Servers
Protect Your Passwords, Secure Your ServersProtect Your Passwords, Secure Your Servers
Protect Your Passwords, Secure Your ServersSteven Davis
 
Fight Game Cheating the Easy Way
Fight Game Cheating the Easy WayFight Game Cheating the Easy Way
Fight Game Cheating the Easy WaySteven Davis
 
Game Design Principles and Inspiration
Game Design Principles and InspirationGame Design Principles and Inspiration
Game Design Principles and InspirationJohn Say
 
Protect Data in Your Software Client - Data Obfuscation
Protect Data in Your Software Client - Data ObfuscationProtect Data in Your Software Client - Data Obfuscation
Protect Data in Your Software Client - Data ObfuscationSteven Davis
 

Recommended

Ddn
DdnDdn
Ddnkiranvx7
 
Game analytics - The challenges of mobile free-to-play games
Game analytics - The challenges of mobile free-to-play gamesGame analytics - The challenges of mobile free-to-play games
Game analytics - The challenges of mobile free-to-play gamesChristian Beckers
 
7 gate game design document
7 gate game design document 7 gate game design document
7 gate game design document ARshut Syabrin
 
Online Security - The Good, the Bad, and the Crooks
Online Security - The Good, the Bad, and the CrooksOnline Security - The Good, the Bad, and the Crooks
Online Security - The Good, the Bad, and the CrooksSteven Davis
 
Protect Your Passwords, Secure Your Servers
Protect Your Passwords, Secure Your ServersProtect Your Passwords, Secure Your Servers
Protect Your Passwords, Secure Your ServersSteven Davis
 
Fight Game Cheating the Easy Way
Fight Game Cheating the Easy WayFight Game Cheating the Easy Way
Fight Game Cheating the Easy WaySteven Davis
 
Game Design Principles and Inspiration
Game Design Principles and InspirationGame Design Principles and Inspiration
Game Design Principles and InspirationJohn Say
 
Protect Data in Your Software Client - Data Obfuscation
Protect Data in Your Software Client - Data ObfuscationProtect Data in Your Software Client - Data Obfuscation
Protect Data in Your Software Client - Data ObfuscationSteven Davis
 
Hackathon 2013 - The Art Of Cheating In Games
Hackathon 2013 - The Art Of Cheating In GamesHackathon 2013 - The Art Of Cheating In Games
Hackathon 2013 - The Art Of Cheating In GamesSouhail Hammou
 
Dia internacional da mulher
Dia internacional da mulherDia internacional da mulher
Dia internacional da mulherSandra Fuso
 
Origen y evolucion de los medios de comunicacion
Origen y evolucion de los medios de comunicacionOrigen y evolucion de los medios de comunicacion
Origen y evolucion de los medios de comunicacionfranchezzcamora
 
Events Budget Worksheet Draft 1
Events Budget Worksheet Draft 1Events Budget Worksheet Draft 1
Events Budget Worksheet Draft 1Allison Coast
 
Ana Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJ
Ana Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJAna Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJ
Ana Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJanaluciaasth
 
Respiració cel·lular
Respiració cel·lularRespiració cel·lular
Respiració cel·lularernest94
 
This week in sports
This week in sportsThis week in sports
This week in sportsJak Carroll
 
Creative commons
Creative commonsCreative commons
Creative commonsmary99cueva
 
Creative commons
Creative commonsCreative commons
Creative commonsDaniel Lopez
 
draft-4-final
draft-4-finaldraft-4-final
draft-4-finalRina Schiller
 
Angelica Mancera dominguez.
Angelica Mancera dominguez.Angelica Mancera dominguez.
Angelica Mancera dominguez.Angelica Mancera Dominguez
 
1 Prova
1 Prova1 Prova
1 ProvaGarcia Arturo
 
plaza San Martín.
plaza San Martín.plaza San Martín.
plaza San Martín.yaniinaa
 
Idealle
IdealleIdealle
Idealleanaluciaasth
 
Manual de funciones
Manual de funcionesManual de funciones
Manual de funcionesEsthefanyDiaz12
 
Bengkel 5 presentation
Bengkel 5 presentationBengkel 5 presentation
Bengkel 5 presentationgamelanYK
 
GDC Next 2013 - Synching Game States Across Multiple Devices
GDC Next 2013 - Synching Game States Across Multiple DevicesGDC Next 2013 - Synching Game States Across Multiple Devices
GDC Next 2013 - Synching Game States Across Multiple DevicesDavid Geurts
 
Module_3_1.pptx
Module_3_1.pptxModule_3_1.pptx
Module_3_1.pptxDrKalaavathiBuvanesh
 
Slot Yield Presentation 2015
Slot Yield Presentation 2015Slot Yield Presentation 2015
Slot Yield Presentation 2015richlehman
 
Slot Seminar
Slot SeminarSlot Seminar
Slot Seminarrichlehman
 
Game Design Merit Badge Presentation
Game Design Merit Badge Presentation Game Design Merit Badge Presentation
Game Design Merit Badge Presentation Robert Casto
 
The Importance of Being Social
The Importance of Being SocialThe Importance of Being Social
The Importance of Being SocialPapayaMobile
 

More Related Content

Viewers also liked

Hackathon 2013 - The Art Of Cheating In Games
Hackathon 2013 - The Art Of Cheating In GamesHackathon 2013 - The Art Of Cheating In Games
Hackathon 2013 - The Art Of Cheating In GamesSouhail Hammou
 
Dia internacional da mulher
Dia internacional da mulherDia internacional da mulher
Dia internacional da mulherSandra Fuso
 
Origen y evolucion de los medios de comunicacion
Origen y evolucion de los medios de comunicacionOrigen y evolucion de los medios de comunicacion
Origen y evolucion de los medios de comunicacionfranchezzcamora
 
Events Budget Worksheet Draft 1
Events Budget Worksheet Draft 1Events Budget Worksheet Draft 1
Events Budget Worksheet Draft 1Allison Coast
 
Ana Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJ
Ana Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJAna Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJ
Ana Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJanaluciaasth
 
Respiració cel·lular
Respiració cel·lularRespiració cel·lular
Respiració cel·lularernest94
 
This week in sports
This week in sportsThis week in sports
This week in sportsJak Carroll
 
Creative commons
Creative commonsCreative commons
Creative commonsmary99cueva
 
plaza San Martín.
plaza San Martín.plaza San Martín.
plaza San Martín.yaniinaa
 
Bengkel 5 presentation
Bengkel 5 presentationBengkel 5 presentation
Bengkel 5 presentationgamelanYK
 

Viewers also liked (16)

Hackathon 2013 - The Art Of Cheating In Games
Hackathon 2013 - The Art Of Cheating In GamesHackathon 2013 - The Art Of Cheating In Games
Hackathon 2013 - The Art Of Cheating In Games
 
Dia internacional da mulher
Dia internacional da mulherDia internacional da mulher
Dia internacional da mulher
 
Origen y evolucion de los medios de comunicacion
Origen y evolucion de los medios de comunicacionOrigen y evolucion de los medios de comunicacion
Origen y evolucion de los medios de comunicacion
 
Events Budget Worksheet Draft 1
Events Budget Worksheet Draft 1Events Budget Worksheet Draft 1
Events Budget Worksheet Draft 1
 
Ana Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJ
Ana Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJAna Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJ
Ana Asth (21) 9887-5650 - Enterprise City Center - Itaboraí - RJ
 
Respiració cel·lular
Respiració cel·lularRespiració cel·lular
Respiració cel·lular
 
This week in sports
This week in sportsThis week in sports
This week in sports
 
Creative commons
Creative commonsCreative commons
Creative commons
 
Creative commons
Creative commonsCreative commons
Creative commons
 
draft-4-final
draft-4-finaldraft-4-final
draft-4-final
 
Angelica Mancera dominguez.
Angelica Mancera dominguez.Angelica Mancera dominguez.
Angelica Mancera dominguez.
 
1 Prova
1 Prova1 Prova
1 Prova
 
plaza San Martín.
plaza San Martín.plaza San Martín.
plaza San Martín.
 
Idealle
IdealleIdealle
Idealle
 
Manual de funciones
Manual de funcionesManual de funciones
Manual de funciones
 
Bengkel 5 presentation
Bengkel 5 presentationBengkel 5 presentation
Bengkel 5 presentation
 

Similar to Fighting online game cheating with cryptography

GDC Next 2013 - Synching Game States Across Multiple Devices
GDC Next 2013 - Synching Game States Across Multiple DevicesGDC Next 2013 - Synching Game States Across Multiple Devices
GDC Next 2013 - Synching Game States Across Multiple DevicesDavid Geurts
 
Slot Yield Presentation 2015
Slot Yield Presentation 2015Slot Yield Presentation 2015
Slot Yield Presentation 2015richlehman
 
Game Design Merit Badge Presentation
Game Design Merit Badge Presentation Game Design Merit Badge Presentation
Game Design Merit Badge Presentation Robert Casto
 
The Importance of Being Social
The Importance of Being SocialThe Importance of Being Social
The Importance of Being SocialPapayaMobile
 
Not only eSports - How To Design Games That Are Fun To Watch
Not only eSports - How To Design Games That Are Fun To WatchNot only eSports - How To Design Games That Are Fun To Watch
Not only eSports - How To Design Games That Are Fun To WatchOhad Barzilay
 
Intro to liveops
Intro to liveopsIntro to liveops
Intro to liveopsCrystin Cox
 
The importance of being social
The importance of being socialThe importance of being social
The importance of being socialOscar Clark
 
The convergence of gaming and gambling
The convergence of gaming and gambling The convergence of gaming and gambling
The convergence of gaming and gambling Horizons RG
 
Leszek Szczepański (Guerrilla Games) - Creating quests in the open world of H...
Leszek Szczepański (Guerrilla Games) - Creating quests in the open world of H...Leszek Szczepański (Guerrilla Games) - Creating quests in the open world of H...
Leszek Szczepański (Guerrilla Games) - Creating quests in the open world of H...DevGAMM Conference
 
Game mechanics-puzzles (NielsQuinten)
Game mechanics-puzzles (NielsQuinten)Game mechanics-puzzles (NielsQuinten)
Game mechanics-puzzles (NielsQuinten)lieveachten
 
Understanding and improving games through machine learning - Natasha Latysheva
Understanding and improving games through machine learning - Natasha LatyshevaUnderstanding and improving games through machine learning - Natasha Latysheva
Understanding and improving games through machine learning - Natasha LatyshevaLauren Cormack
 
Hybrid Game Development with GameSalad
Hybrid Game Development with GameSaladHybrid Game Development with GameSalad
Hybrid Game Development with GameSaladmirahman
 
2-Game Design (Game Design and Development)
2-Game Design (Game Design and Development)2-Game Design (Game Design and Development)
2-Game Design (Game Design and Development)Hafiz Ammar Siddiqui
 
Adversarial search
Adversarial searchAdversarial search
Adversarial searchNilu Desai
 
What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?pqrs1234
 
Iistec 2013 game_design for id_m_broyles_id13333
Iistec 2013 game_design for id_m_broyles_id13333Iistec 2013 game_design for id_m_broyles_id13333
Iistec 2013 game_design for id_m_broyles_id13333Marie Broyles
 

Similar to Fighting online game cheating with cryptography (20)

GDC Next 2013 - Synching Game States Across Multiple Devices
GDC Next 2013 - Synching Game States Across Multiple DevicesGDC Next 2013 - Synching Game States Across Multiple Devices
GDC Next 2013 - Synching Game States Across Multiple Devices
 
Module_3_1.pptx
Module_3_1.pptxModule_3_1.pptx
Module_3_1.pptx
 
Slot Yield Presentation 2015
Slot Yield Presentation 2015Slot Yield Presentation 2015
Slot Yield Presentation 2015
 
Slot Seminar
Slot SeminarSlot Seminar
Slot Seminar
 
Game Design Merit Badge Presentation
Game Design Merit Badge Presentation Game Design Merit Badge Presentation
Game Design Merit Badge Presentation
 
The Importance of Being Social
The Importance of Being SocialThe Importance of Being Social
The Importance of Being Social
 
Not only eSports - How To Design Games That Are Fun To Watch
Not only eSports - How To Design Games That Are Fun To WatchNot only eSports - How To Design Games That Are Fun To Watch
Not only eSports - How To Design Games That Are Fun To Watch
 
Gaming in blockchain
Gaming in blockchainGaming in blockchain
Gaming in blockchain
 
Intro to liveops
Intro to liveopsIntro to liveops
Intro to liveops
 
The importance of being social
The importance of being socialThe importance of being social
The importance of being social
 
The convergence of gaming and gambling
The convergence of gaming and gambling The convergence of gaming and gambling
The convergence of gaming and gambling
 
Leszek Szczepański (Guerrilla Games) - Creating quests in the open world of H...
Leszek Szczepański (Guerrilla Games) - Creating quests in the open world of H...Leszek Szczepański (Guerrilla Games) - Creating quests in the open world of H...
Leszek Szczepański (Guerrilla Games) - Creating quests in the open world of H...
 
Game mechanics-puzzles (NielsQuinten)
Game mechanics-puzzles (NielsQuinten)Game mechanics-puzzles (NielsQuinten)
Game mechanics-puzzles (NielsQuinten)
 
Orleans gdc2019
Orleans gdc2019Orleans gdc2019
Orleans gdc2019
 
Understanding and improving games through machine learning - Natasha Latysheva
Understanding and improving games through machine learning - Natasha LatyshevaUnderstanding and improving games through machine learning - Natasha Latysheva
Understanding and improving games through machine learning - Natasha Latysheva
 
Hybrid Game Development with GameSalad
Hybrid Game Development with GameSaladHybrid Game Development with GameSalad
Hybrid Game Development with GameSalad
 
2-Game Design (Game Design and Development)
2-Game Design (Game Design and Development)2-Game Design (Game Design and Development)
2-Game Design (Game Design and Development)
 
Adversarial search
Adversarial searchAdversarial search
Adversarial search
 
What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?What is SSL/TLS, 1-way and 2-way SSL?
What is SSL/TLS, 1-way and 2-way SSL?
 
Iistec 2013 game_design for id_m_broyles_id13333
Iistec 2013 game_design for id_m_broyles_id13333Iistec 2013 game_design for id_m_broyles_id13333
Iistec 2013 game_design for id_m_broyles_id13333
 

Recently uploaded

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 

Recently uploaded (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

Fighting online game cheating with cryptography

  • 1. Fighting game cheating with cryptography Design by: Steven B. Davis steve@free2secure.com +1.650.278.7416 Original presentation Copyright 2004 by IT GlobalSecure Inc.
  • 2. Problem • Cheating in online games continues to be a serious problem. • Casino games • First-person shooters • Casual games • … and others • Most approaches depend on a trusted third party. SecurePlay was designed so that no one needs to be trusted • If there are N participants in a game, the game will be “fair” if at least one is honest or “differently dishonest”. • This does not solve every cheating problem. • For example, it cannot stop financial collusion in Poker (where players agree to share their winnings), but it can stop knowledge collusion where players share knowledge of their hands with some slight tweaks to the game rules.
  • 4. Overview • SecurePlay Game Reference Model • How Used for Different Types of Games • Chess – Turn-based Gaming • 3-Card Monte - Games of Hidden Information • Backgammon – Basic Games with Random Events • Poker – Basic Games with Private Random Events and Dealer • Hearts – Like Poker, but with Private Moves • Rock-Paper-Scissors – Simultaneous Games • Fighting Game – Simple Real-Time and Event-based Games • Rally Cars – Secured Real-Time and Event-based Games • SecurePlay Network Model
  • 5. SecurePlay Game Reference Model • Basic Model for all Network Games • Presentation • Control • State • Rules • Assets • Administration • Network(s) Game StatePresentation Control Non-Deterministic Rules Deterministic Rules Choices/Actions Event Generation Game Administration Lobbies, Administration, Infrastructure Assets (art, data) Game Play Network
  • 6. Game Reference Model – Transaction Overview • Transactions are used to coordinate game play over a network • Depending on how the transactions are used, the integration can occur later in the development process with more or less difficulty Game StatePresentation Control Non-Deterministic Rules Deterministic Rules Choices/Actions Event Generation Game Administration Lobbies, Administration, Infrastructure Assets (art, data) Game Play Ship Ship Strobe Strobe Blast Blast Random Simultaneous Simultaneous Secret Multi-Part Multi-Part Random Integration Effort SecurePlay Protocols
  • 7. Chess – Turn-based Gaming • Network Chess Overview • Turn-based Game • Well-known Rules • SecurePlay Integration • Understanding SecurePlay, Games, and Communications • Use Blast or Multi-part Turn Protocols to send turns • Add Security Services: Encryption, Integrity, and Non-repudiation
  • 8. SecurePlay & Game Integration • SecurePlay Links Players, Games, and Communications • Allows multiple games, players, and communications to use a common SecurePlay library • Game API is basically a container for Transactions • Add and remove players • Change communications • Add and remove transactions • Transaction APIs are the main SecurePlay services used by Games Game API Other SecurePlay Transaction APIs Communications Service(s) SecurePlay API Game
  • 9. SecurePlay Transactions and Games • Game Rules Code Create and Wrap SecurePlay Transactions • For Chess, the Rules Code is the moves for the various pieces • Either Blast or Multi-Part Transactions can be used to send Chess moves Game Game Rules Game Transactions Transaction API Game Transaction Event Notification Messages
  • 10. SecurePlay Messages • SecurePlay is a message- based system • Message Elements • Header • Body • Signature • Security Features • Encryption • Integrity/Non-Repudiation • Privacy • Anti-Piracy • Plug-able Security Manager Header Message Signature Signed Encrypted
  • 11. Blast Transaction • Simple Message • Sent to All Participants in the Game • For Chess, could be used to send Player Actions/Turns WKP to D4
  • 12. Multi-Part Turn Transaction 1 • Simple, Multi-Part Transaction • Includes full transaction setup • Creation, Configuration, Start • And eventually, End. • For Chess, a Single Multi-Part Transaction would be used for the entire game. • It could also be used for “Chat”. WKP to D4
  • 13. Net Play “Synchronization” – Action vs. State • Different Types of Ways to Exchange New Game Information over a network: • Action (by human or machine player) • Differential Action (* not applicable for Chess) • Rules Action (* not applicable for Chess, but common in computer games) • Action Result (Player Final Position) • Updated State (new chess board positions) • Differential State (Player Final Position, (optional) removed pieces) State 1 State 2 State 3Action 1 Action 2 Result 1 Result 2 Differential State Differential Action State 1 – State 2 Action 1 – Action 2
  • 14. Game & Rules Verification • SecurePlay supports independent verification • Needed because games are inherently adversarial • Every participant needs to be able to validate actions and state by themselves • Historically, State Change Validation can be difficult • SecurePlay Simplifies Verification • Rules Action Attempt Validation • Affirmation of state • Rules Action Resolution Validation • SecurePlay’s “Go Forward” technique is more robust than checking rules “differentially” State 1 State 2 State 3Action 1 Action 2 Result 1 Result 2 Validate State Change Validate Action Attempt Can State 2 Result from State 1? Can Player 1 Perform Action 1? Validate Action Result Is Result 2 possible from State 2?
  • 15. Guessing Games - 3-Card Monte • Guessing Game (Find the Queen) • Games using similar principles include Stratego™ and Battleship™ and card games like “Go Fish” • Typically Turn-based games • Guessing location or value of hidden assets • SecurePlay Integration • Secret Transaction for Hidden, Non-Repudiable* Actions or Choices • Other Transactions may be used to complete the game* Cannot be later refuted by the transaction participants
  • 16. Alleged Alleged Secret Transaction 1 • At its core, this is a two-step transaction. • A Secret is identified • The “Hidden Secret” is sent to the other participants using Irreversible Transforms • Random data is appended to prevent Dictionary Attacks • At the appropriate time, the Hidden Secret and appended Random data is revealed and Verified • For 3-Card Monte: • (Secret) Set Queen Location • (Secret) Send Transform of Secret • (Multi-Part) Bet on Queen Location • (Secret) Reveal Secret • (Multi-Part) Resolve Bet Secret Secret Secret Random Random Hash Function Hash Function Transform Store Transform Send Send Transform Validate Receivers Sender Alleged
  • 17. Verification – Instant vs. Deferred • Verification can be inherent in the completion of transaction or deferred until a later time. • Verification can also be deferred from a game rules perspective. • As long as every transaction and rule can eventually be verified, the game is fair. • Certain transactions and rules can allow intermediate verification in case of player complaint, though not always – again this depends on the nature of the specific game.
  • 18. Backgammon • Game of Actions and Random Events • The most common game structure for traditional board games • The underlying structure of many computer games (Random Event, Move, Attack, Resolve, Repeat) or (Move, Attack, Random Event, Resolve, Repeat) • The underlying structure of most casino games (Make Bet, Random Event, Resolve, Repeat) • Use of Random Events to Move or to Resolve Actions • SecurePlay Integration • Random or Simultaneous Transaction to Generate Fair Random Events • Blast, Multi-step, or other transactions may be used to complete the game. Player 1 <Random> Roll Dice <Multi-Part> Move Pieces Player 2 <Random> Roll Dice <Multi-Part> Move Pieces … Where <> denotes the SecurePlay protocol
  • 19. Simultaneous Transaction 1 • The Simultaneous Transaction essentially is the Secret Transaction with multiple parties involved. • Each party sends the Transform of their contribution, just as with the Secret Transaction. • After each party receives all of the other participants contributions, they reveal their contribution • Random Numbers are created by the contribution consisting of an arbitrary random number chosen by each Participant (for Backgammon, 2 random numbers between 1 and 6) • The Results are then added together and reduced to a value between 1 and 6 Secret 2 Random 2 Hash Function Transform 2 Secret 1 Random 1 Hash Function Transform 1 Transform 2 Transform 1 Secret 2 Random 2 Secret 1 Random 1 Secret 1 Secret 2 1. Exchange 2. Reveal Player 1 Player 2 Result Result 3. Combine 3. Combine
  • 20. Random Transaction 1 • Build Collaborative Game Key by Dealer • Dealer sends Transform of his contribution to other players (uses Secret Transaction) • Each other Player posts a random contribution • Dealer combines all to build Game Key • Game Key used to generate random events • At end of Game, Dealer reveals his contribution • Everyone verifies contribution, rebuilds game key, and reconstructs random events to Verify transaction Key 1 Random 1 Hash Function Transform 1 Dealer Players Key 2 Key 3 Key 4 Transform 1 Key 2 Key 3 Key 4 Game Key Event Generator Event 1 Event 2 Event 3 Event 4 Event 5 Key 1 Verify Rebuild Events Reveal Send Post Build Play
  • 21. Poker • Game of Random Deal (or deals) and Betting (or rounds of Betting) • SecurePlay Integration • Introduction to “Privacy” in SecurePlay • Requirement for “Dealer” • Combination of Random Transactions (for deals) and Multi- part Transactions (for bets) Players <Multi-Part> Ante up Dealer <Random> Deal to Player 1 <Random> Deal to Player 2 … Player 1 <Multi-Part> Bets Player 2 <Multi-Part> Bets … Where <> denotes the SecurePlay protocol to use
  • 22. Message Privacy • The Privacy function allows different messages to be sent to different participants in a Game Transaction • Allowed values are: • Participant(P) - Distinguished recipient of transaction message • Non-participant(Q) – Recipient of alternate transaction message • All (A) – sent to all transaction members • Used directly within SecurePlay by the Secret Transaction, for revealing secrets to selected transaction members, and by the Random Transaction for random events such as dealing cards face down to individuals. Header Message Signature P or Q A OR Header Message Signature Header Alternate Message Signature Header Message Signature Privacy Flag
  • 23. Random Transaction 2 • The set up of the Random Transaction is identical to that for Backgammon. • Random events are created without replacement to work like a deck of cards • The Transaction Master (Dealer) creates different random events to be revealed to each participant (just like dealing cards face down). • Alternate messages are sent to the other players to maintain synchronization with the “deck”. • Verification will ensure consistency, unless cards are revealed. Key 1 Random 1 Hash Function Transform 1 Dealer Players Key 2 Key 3 Key 4 Transform 1 Key 2 Key 3 Key 4 Game Key Event Generator Event 1 Event 2 Event 3 Event 4 Event 5 Key 1 Verify Rebuild Events Reveal Send Post Build Player 1 Only Player 2 Only
  • 24. Net Play “Synchronization” – Asymmetric Information • Computer games often use symmetric network communications and information • Easy • Net play added late in process • Many security weaknesses • Asymmetric information (i.e., “I know something you don’t”) is a powerful game play tool • Provides uncertainty and opportunity for strategic choice • Increases re-playability and extends the life of games • Needs to be built into the game design • Needs security system for verification • Supported by SecurePlay protocols
  • 25. Hearts • Game of Random Deal, Secret Exchange of Cards, and Play • SecurePlay Integration • Use of Random Transaction for Initial Deal • Use of Secret Transactions for Passing Cards • Use of Multi-Part Transaction for Play Dealer <Random> Deal to Player 1 <Random> Deal to Player 2 <Random> Deal to Player 3 <Random> Deal to Player 4 Player 1 <Secret> Pass Cards to Left Player 2 <Secret> Pass Cards to Left … <Multi-Plat> Play… End game <Random> Verify Deal <Secret> each player, verify Secret Where <> denotes the SecurePlay protocol to use
  • 26. Secret Transaction 2 • The Secret Transaction supports revealing Secrets using the Privacy feature of SecurePlay messages • Passing Player uses Secret Transaction to send Transform to All Players • Passing Player reveals the Secret to the selected Player prior to play. • Passing Player reveals the Secret to the remaining Players at the end of the game. Alleged Alleged Secret Secret Secret Random Random Hash Function Hash Function Transform Store Transform Send Send Transform Validate Receivers Sender Alleged
  • 27. Rock-Paper-Scissors • Simplest example of a simultaneous game • Cheating is a “timing” attack by waiting to see what the other player will do • SecurePlay Integration • Direct use of Simultaneous Transaction
  • 28. Simultaneous Transaction 2 • Transaction process is the same as previously described • Resolution is handled purely in Game Rules code Secret 2 Random 2 Hash Function Transform 2 Secret 1 Random 1 Hash Function Transform 1 Transform 2 Transform 1 Secret 2 Random 2 Secret 1 Random 1 1. Exchange 2. Reveal Player 1 Player 2 3. Resolve Players <Simultaneous> make choices <Simultaneous> send choice transforms <Simultaneous> reveal choices <Simultaneous> verify choices Rules – resolve Choices Where <> denotes the SecurePlay protocol to use
  • 29. Strobe Transaction 1 • Strobe is a sequence of Simultaneous Transactions • Strobe automatically moves from one Simultaneous Transaction to the next • Reading data out of the previous transaction • Writing data to the current transaction Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Read Read Read Read Time
  • 30. Fighting Game • Basic “Real-Time” Game • Attack/Defend/React • Most games with “Tactics” use this basic model • SecurePlay Integration • Use of Strobe Transaction for Interaction • Use of Rules to Provide “Real-Time”ness • Randomization Embedded in Strobe • Like Dice in Backgammon Player 1 <Simultaneous> Tactic 1 <Simultaneous> send transform <Simultaneous> reveal Tactic <Simultaneous> verify Tactic 2 Player 2 <Simultaneous> Tactic 2 <Simultaneous> send transform <Simultaneous> reveal Tactic <Simultaneous> verify Tactic 1 Resolve Where <> denotes the SecurePlay protocol to use
  • 31. Strobe Transaction 2 • Strobe can be used to chain together a sequence of actions over time. • Time does not have to be uniform and can be Event- Driven or Interval Driven • Payloads of Strobe Transactions can contain any sort of information, Actions, Results, and State updates as well as ancillary data such as random event generators Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Read Read Read Read Time
  • 32. Event-based Time vs. Interval Time • Strobe simply sequences events in time,it does not force events to be uniform • A key concept, whether Strobe is used or not, is some notion of minimal time and non-interference • The minimal time interval between actions by a Player • Choices that occur during a minimal time interval should not “break” each other. • These intervals are driven by game rules and network lag Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Time Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal Exchange Reveal
  • 33. Rally Cars • Racing Games use simplified interfaces to simulate car racing. • Similar mechanisms are used for Sports games and Action Games where continuous time and action are perceived • SecurePlay Integration • Use Strobe Transaction to Post Actions or State Updates • Use Multi-Step or Blast Transactions as an alternative • Physics Engine Provides Continuity
  • 34. Physics is just another Set of Rules • Physics Engines can be event driven or interval driven for game play • Engine “runs” between Player Actions • No different than the table lookup done for fighting game or Rock- Paper-Scissors • Always have synchronization issue over a network • Always have a display issue over a network Steer Left 20o Steer Right 5o Steer Right 8o Accelerate 48% Brakes 5% Brakes 55%Accelerate 88% Time = 18 Time = 23 Time = 41 Time = 30 Time = 48 Time = 43 Time = 65
  • 35. Abstraction of Game Play vs. Presentation • Game Presentation State for continuous state can “float” above actual game play state • Interpolation and Projection of State can occur at the presentation level, not at game play level. • Challenge is in smart control and recognizing reality of network environment • Need tools to convey anomalous network environment • Need game design to be robust under wide range of network conditions Actual GamePresentation 1 Presentation 2
  • 36. Ship Transaction The Ship Transaction provides for the distribution of game data and other assets • Supports Verified Shipment • Supports Buffered Shipment for very large items • Supports Slow/Manual Shipment to minimize interference with ongoing game play Asset Shipment Packages For sending assets incrementally DATAASSET: Name: Einstein Class: Scientist Intelligence: 98 Sense of Humor: 75
  • 37. SecurePlay Network Model • Communications model • Independent of Transactions • Can support client- server, peer-to-peer • Can support multiple communications systems concurrently • SecurePlay messages provide a logical network above the actual communications network • Transaction model • Internal transaction master • Transaction participants are a subset of game participants Game Instance Transactions SecurePlay Messages Communications Networks
  • 38. SecurePlay and Anti-Piracy • Network games that are delivered as a service have a high degree of anti-piracy built in • Excluding the threat, mainly seen in Asia of “Doppelganger Servers” • SecurePlay’s upcoming extension, Keeper, will provide a high degree of anti-piracy for generalized network games • With capability to help stop Doppelgangers • Complementary to Other DRM/license security solutions • Customized extensions can provide additional strength in different platform, network, and game environments
  • 39. SecurePlay and Tournament & High Score Games • Tournament Games • Player vs. Player games can operate in true peer-to-peer fashion • Players can agree on results or disagree • Only if disagreement occurs, SecurePlay game logs can be posted to Tournament Director for evaluation • High-Score Solitaire/Patience Games • Player is effectively playing against Game Operator • SecurePlay can be used for full interaction over network • SecurePlay can also be scaled back to seed random data, review results, or otherwise “compress” its involvement depending on security risks and suspicions. • SecurePlay can also choose to allow a review games if they are anomalous. • SecurePlay builds a Secure Game Contract
  • 40. Next steps • Does this make sense (any questions)? • Does this address an interesting problem? • Are there other applications? • Are there system constraints that may invalidate or limit the effectiveness of this approach?
  • 41. Who am I? • Steven Davis • Worked in high-end security design and analysis since 1987 • Current focus on “business security” – linking business and security together beyond IT • History: • Design and analyze custom cryptography and security architectures • … and lots of other security work • Several security patents: • Anti-cheating cryptography for games • “Manual” digital signature to improve credit card security • Book “Protecting Games” • Numerous papers and conferences • Blog: free2secure.com • Defunct blog: playnoevil.com – 2006 to 2012 • https://www.linkedin.com/in/free2secure • steve@free2secure.com • +1.650.278.7416