[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: computer-go: Authenticating the identity of a remote go-playingcomputer program
Yes, you are absolutely right about this and I missed that one. In
order to work, there can be no freedom of choice (like picking and
choosing a timeout) that cannot be completely verified by using the
copy of the program that the organizers have access to.
As I've said, there are deterministic solutions that are workable, but
it's asking too much to require them to be implemented by everyone.
The real problem is that we have a nasty source of chaotic input
coming into the program, the time time clock!
In my last email I noted that some parallel programs are written in
such a fashion that they cannot be deterministic (at least based on
way current hardware works.) This is one case that refutes my
theoretical proposal that we can make any program deterministic
without hurting it.
In theory, every program is already completely deterministic if you
are able to identify each and every source of "input" but in practice,
it's not so easy to do this.
Don
From: Mika Kojo <mkojo@xxxxxxxxxxxxxxxxx>
Don Dailey writes:
>
> I think I was accused of over-engineering, but I think Nicol's
> solution is more than good enough. It's one of many possible ways to
> handle time control, there are also ones that can be managed locally
> that won't severly cripple your program.
>
> If we really wanted to get paranoid, we could use secure protocols
> that are in common use already for network communication.
>
> No one claimed any of this was easy, but it's easy to make it a lot
> more commplicated than it needs to be by requiring more than is
> necessary.
My point was that Nicol's approach is not secure. It indeed makes
cheating rather easy (at least in theory).
Example. Suppose programs are allowed to query once per move the
current time from the server. By keeping local timer the program can
look at the most significant digits of the time and request a server
to record that time when it wishes. Thus if the 7-dan is quick enough
(say, 1 minute per move) then the program just queries at the right
moment to encode the move. Now, when the organizers verify the winner,
which showed remarkable 7-dan ranking, the program just instantly
queries the move from the server and outputs it. Perhaps organizers
are slightly surprised by the fact that the program is so quick now,
but the programmers just state that they runned it on slow machine at
the tournament.
If the protocol is wanted to be secure, then the method of tracing the
programs execution does not work. (Except in the case where the
tournament program and the program used in verification are exactly
same.)
Usual cryptographical protocols can guard against external cheaters
(e.g. who intercept the connection between the server and the
tournament program), but not against cheating Go playing programs.
--
Mika Kojo
SSH Communications Security Corp