TY - GEN
T1 - Using multiplayer games to create secure communication
AU - Henno, Jaak
AU - Jaakkola, Hannu
AU - Mäkelä, Jukka
PY - 2019
Y1 - 2019
N2 - Massively multiplayer online games (MMOGs) and social networks are very popular communication and entertainment formats, where millions of players from all around the world interact in a shared environment and exchange and trade different types of digital media: texts, videos, sounds and music. The communication systems implemented in these virtual environments are in increasing number encrypted to prevent fraud and user impersonation. Ubiquity of virtual forums with massive participation and participants communication systems has raised several questions about their security - gaming servers are suitable as potential exploitation tools for terrorist groups use to conduct on-line operations. The prevailing on Internet top-down security organization where trustworthiness of an object (computer, program) is established by a strong hierarchical system of security certificates does not work, since trusted high-level certificates can already be bought online in dark web marketplaces. For many local communities (players of an online multiplayer game, local social networks etc.) is more advantageous a different, local 'sand-box' organization of a communication system where anonymous participants (initially identified only by their generated username without using even e-mails) actively interact using messages with strong encryption. For encryption they need entropy/randomness, but this they can create themselves in their interactions. In competitive interactions (e.g. they play a competitive game) all participants (trying to compete each other) behave differently, try to create thus the sequence of their actions is random and can be used as the secure key for symmetrical encryption for communication among participants. Here is considered a class of games where expectation of payoff is the same for all moves, thus players cannot get from results any additional information about the game, thus their best strategy is to select their moves randomly (non-learnable games). It is shown, that in a sense all games of this class are similar, can be created with the same procedure and can be reduced to each other using introduced here operation of rectangular modification of the game state matrix. The best strategy for moves in this class of games is uniform randomness, thus (if they are competing and try to beat each other) in the play they create with their moves a random sequence. This sequence can be used for generating a key for symmetric encryption. In a non-local (server-based) multiplayer game players know only their own moves, about moves of other players they get only results of game (not the actual moves made by other players). Thus for generating a key server sends players sequence of all moves from which the player's own moves are removed. This sequence is different for players and contains only partial information, thus an eavesdropper (man-in-the-middle) cannot use it. Players insert into this holey sequence their own moves and get all the same sequence of moves which will be used as the common key for symmetrical encryption of communication; the procedure allows several enhancements for further randomness and/or speed of key generation. The key generation from player's moves removes need for use of public-key systems and all communication (and keys) remain inside the virtual community, whose security thus becomes self-sustainable.
AB - Massively multiplayer online games (MMOGs) and social networks are very popular communication and entertainment formats, where millions of players from all around the world interact in a shared environment and exchange and trade different types of digital media: texts, videos, sounds and music. The communication systems implemented in these virtual environments are in increasing number encrypted to prevent fraud and user impersonation. Ubiquity of virtual forums with massive participation and participants communication systems has raised several questions about their security - gaming servers are suitable as potential exploitation tools for terrorist groups use to conduct on-line operations. The prevailing on Internet top-down security organization where trustworthiness of an object (computer, program) is established by a strong hierarchical system of security certificates does not work, since trusted high-level certificates can already be bought online in dark web marketplaces. For many local communities (players of an online multiplayer game, local social networks etc.) is more advantageous a different, local 'sand-box' organization of a communication system where anonymous participants (initially identified only by their generated username without using even e-mails) actively interact using messages with strong encryption. For encryption they need entropy/randomness, but this they can create themselves in their interactions. In competitive interactions (e.g. they play a competitive game) all participants (trying to compete each other) behave differently, try to create thus the sequence of their actions is random and can be used as the secure key for symmetrical encryption for communication among participants. Here is considered a class of games where expectation of payoff is the same for all moves, thus players cannot get from results any additional information about the game, thus their best strategy is to select their moves randomly (non-learnable games). It is shown, that in a sense all games of this class are similar, can be created with the same procedure and can be reduced to each other using introduced here operation of rectangular modification of the game state matrix. The best strategy for moves in this class of games is uniform randomness, thus (if they are competing and try to beat each other) in the play they create with their moves a random sequence. This sequence can be used for generating a key for symmetric encryption. In a non-local (server-based) multiplayer game players know only their own moves, about moves of other players they get only results of game (not the actual moves made by other players). Thus for generating a key server sends players sequence of all moves from which the player's own moves are removed. This sequence is different for players and contains only partial information, thus an eavesdropper (man-in-the-middle) cannot use it. Players insert into this holey sequence their own moves and get all the same sequence of moves which will be used as the common key for symmetrical encryption of communication; the procedure allows several enhancements for further randomness and/or speed of key generation. The key generation from player's moves removes need for use of public-key systems and all communication (and keys) remain inside the virtual community, whose security thus becomes self-sustainable.
M3 - Conference contribution
AN - SCOPUS:85076467185
T3 - CEUR Workshop Proceedings
BT - SQAMIA 2019 - Proceedings of the 8th Workshop on Software Quality Analysis, Monitoring, Improvement, and Applications
A2 - Budimac, Zoran
A2 - Koteska, Bojana
PB - CEUR-WS
T2 - Workshop on Software Quality Analysis, Monitoring, Improvement, and Applications
Y2 - 22 September 2019 through 25 September 2019
ER -