Re: Online poker and RNG...

Gerry wrote:

And there seems to be a set of horns of the dilemma, here: either a
site publishes its algorithm, in which case the missing ingredient is
the seed (which can be determined, yes?), or the site refuses to do so,
likely because its PRNG relies on the "secrecy" of the algorithm,
which, from what I understand, makes the whole thing weak!

No, there is middle ground. If the site has a good algorithm, and implements it correctly, then there may be no avenue for attack. What I said in my original reply was meant to be specific to the poker site cited by the article you linked to (PlanetPoker). Sorry if that wasn't clear. For instance, while the shuffling algorithm descibed at isn't fully specified, there's no a priori reason to think that their games could be beaten from a cryptological standpoint (c.f. PlanetPoker, where even a brief description would lead one to think an attack would be possible).


Relevant Pages

  • Re: what should "k-bit security" mean?
    ... What is the time t of an attack? ... algorithm to end of execution of the algorithm. ... Suppose the problem is inverting SHA1. ...
  • Re: yet another hash algorithm
    ... quality hash in much less than 64 rounds, as an attacker could attack ... used the novel techniques first" in this thread. ...  Rightward information flow is the ... blocks that, when hashed using that algorithm, produce hashes that are ...
  • Re: what should "k-bit security" mean?
    ... |>An algorithm that provides X bits of strength would, on average, take ... And this is the measure that we used in the NTRU paper ... because some keys take so much less time than others to attack ... Comment: Using GnuPG with Mozilla - ...
  • Re: Simple block cypher for 8-bit microcontrollers
    ... I do have specific applications in mind, but until I can be sure that the algorithm is correct, I'll be using other well known algorithms in my specific applications;) ... block ciphers. ... There are many variations on the basic slide attack. ...
  • Re: Algorithm Strength Scale
    ... therefore rendering it useless for serious purposes. ... It is arguable that this delivers an equivalent key in an equivalent algorithm, but it certainly does not recover the "functional key" of the original algorithm, and may not necessarily be possible to convert to the key itself. ... Admittedly, this is a significantly unusual form of attack, but it certainly violates the statement that there are "only ... ... It has no relation to reality, only serves to provide an appearance of thoughtfulness. ...