1 / 21

Signature Protocol for Peer-to-peer Massively Multiplayer Online Games

Signature Protocol for Peer-to-peer Massively Multiplayer Online Games. Speaker: Shu-Fen Chiou ( 邱淑芬 ). Server. player1. player2. player3. ‧‧ ‧. Introduction- MMOGs. Massively multiplayer online games (MMOGs). server. server. server. player1. player2. player3. ‧‧ ‧. Client-server.

lucia
Télécharger la présentation

Signature Protocol for Peer-to-peer Massively Multiplayer Online Games

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Signature Protocol for Peer-to-peer Massively Multiplayer Online Games Speaker: Shu-Fen Chiou (邱淑芬)

  2. Server player1 player2 player3 ‧‧ ‧ Introduction-MMOGs • Massively multiplayer online games (MMOGs) server server server player1 player2 player3 ‧‧ ‧ Client-server Server-cluster

  3. Server player1 player2 player3 ‧‧ ‧ Introduction-MMOGs • In client-server and server-cluster • Server maintains game states. • Users send event to server. • Server sends information to users. round time

  4. Introduction-P2P virtual environment • Game state is maintained by peers in P2P environments. • Some players may gain advantages unfairly. A CA B C A C B

  5. Protocols • NEO (New-Event Ordering) protocol (GauthierDickey et al., 2004) • SEA (Secure Event Agreement) protocol (Corman et al., 2006) • EASES (Efficient And Secure Event Signature) protocol (Chan et al., 2008)

  6. Requirements • Security • Prevent cheats • Fixed-delay Cheat (NEO, SEA) • Timestamp Cheat (NEO, SEA) • Suppressed Update Cheat (NEO, SEA) • Inconsistency Cheat (SEA) • Collusion Cheat (NEO, SEA)

  7. A B C Requirements • Replay attack (SEA) • Spoofing attack (SEA) • Unforgeability (EASES) • Verifiability (EASES) • Communication • All connect communication • Performance • Low computation (NEO, SEA, EASES)

  8. NEO (New-Event Ordering) protocol MrA=E(SA(UrA)), KAr-1, SA(VAr-1) r: The rth round E(): Encrypt key SA: A’s signature UrA: Update message KAr-1: previous round’s key VAr-1: previous round’s vote vector B Round 1: M1A=E(SA(U1A, t)) Round 2: M2A=E(SA(U2A, t)), KA1, SA(VA1) , VA1= 1,1,1 A C

  9. B A C Attacks for NEO protocol • Corman et al. claim the NEO has three attacks: • Replay attack • Spoofing attack Round 1: M1A=E(SA(U1A, t)) Round 2: M2A=E(SA(U2A, t)), KA1, SA(VA1) , VA1= 1,1,1 Round 3: M3A=E(SA(U3A, t)), KA2, SA(VA2) , VA2= 1,1,1 Attacker: M3A=E(SA(U2A, t)), KA2, SA(VA2) , VA2= 0,0,0

  10. B A C SEA (Secure Event Agreement) protocol CommitrA=H(UrA, nr, SessID, IDA) MrA=SA(CommitrA, UAr-1, Vhr-1A, nr-1, r) r: The rth round H(): Encrypt hash function UrA: Update message nr: A nouce SessID: Session ID IDA: A’s ID SA: A’s signature Vhr-1A: vote vector with hash function Round 1: Commit1A=H(U1A, n1, N1, IDA) M1A=SA(Commit1A, 1) Round 2: Commit2A=H(U2A, n2, N2, IDA) M2A=SA(Commit2A, U1A, Vh1A, N1, 2)

  11. EASES – Initialization phase • Use a random number as the master key MKi • Generate one-time signature keys EX: KA10=H(MKA) KA9=H(KA10) KA8=H(KA9) KA7=H(KA8) ‧ ‧ ‧ KA2=H(KA3) KA1=H(KA2) KA0=H(KA1) △A=Ssk(KA0)

  12. B A C EASES – Signing phase • Mi1 = H(Ki1|Ui1), △i, Ki0 • Min = H(Kin|Uin), Uin-1, Kin-1 first round subsequent round EX: MA1 = H(KA1|UA1), △A, KA0 MA2 = H(KA2|UA2), KA1, UA1 MA3 = H(KA3|UA3), KA2,UA2 ‧ ‧ ‧ MA9 = H(KA9|UA9), UA8, KA8 MA10 = H(KA10|UA10), UA9, KA9

  13. In first round Decrypts △i=Ssk(Ki0), with playeri’s public-key and Verifies In subsequent round Kin-2=H(Kin-1) ? Min-1=H(Kin-1|Uin-1) ? MA1 = H(KA1|UA1), △A, KA0 1st A B 2nd MA2 = H(KA2|UA2), KA1, UA1 EASES – Verification phase B uses A’s pk to decrypt △A verity KA0 legitimate? B computes Hash(KA1)=KA0 Hash(KA1|UA1) = MA1 not tamper?

  14. 10th: MA10=H(KA10|UA10|NewKA0), UA9, KA9 11th: MA11=H(NewKA1|UA11), UA10, KA10, NewKA0 A B 12th: MKA EASES – Re-initialization phase • IN n round, re-generated new one-time signature NewKi0, NewKi1, ‧‧‧‧‧NewKim 11th: B computes Hash(KA10|UA10|NewKA0) = MA10, authenticate NewKA0 ? 12th: B computes Hash(MKA) = KA10 ? MnewA1=H(NewKA1|UA12), △NewA, NewKA0 MnewA2=H(NewKA2|UA13), UA12, NewKA1 MnewA3=H(NewKA3|UA14), UA13, NewKA2 ‧ ‧ New rounds

  15. Join in 2nd C 3rd MA3 = H(KA3|UA3), KA2, UA2 EASES –Late joining △A=Ssk(KA0), KA0, KA1 MA2 = H(KA2|UA2) Authenticate Key 1st MA1 = H(KA1|UA1), △A, KA0 A B 2nd MA2 = H(KA2|UA2), KA1, UA1

  16. Dynamic EASES –Signing phase • Like EASES-based authentication • Don’t prepare generation hash-chain keys 1st: Ssk(H(UA1|KA1) 2nd: Ssk(H(UA2|KA2|KA1)) 3rd: H(UA3|KA3|KA2)), KA1, UA1 4th: H(UA4|KA4|KA3)), KA2, UA2 ‧ ‧ ‧ nth: H(UAn|KAn|KAn-1), KAn-2, UAn-2

  17. Dynamic EASES –Verification phase • In 1st & 2nd , B verifies the signatures • In 3rd, authenticity H(UA1|KA1) • In subsequent, authenticity H(UAn-2|KAn-2|KAn-3) 1st:Ssk(H(UA1|KA1))& 2nd: Ssk(H(UA2|KA2|KA1)) 1st & 2nd: decrypts and stores A B 3rd: H(UA3|KA3|KA2)), KA1, UA1 4th: H(UA4|KA4|KA3)), KA2, UA2 Subsequent round: verifies the message of (n-2) round In n round

  18. Comparison

  19. B A C Comment – Signing phase • Add timestamp t, and user’s id • Mi1 = H(Ki1|Ui1|t), △i, Ki0, IDi • Min = H(Kin|Uin|t), Uin-1, Kin-1, first round subsequent round EX: MA1 = H(KA1|UA1|t), △A, KA0, IDA MA2 = H(KA2|UA2|t), KA1, UA1 MA3 = H(KA3|UA3|t), KA2,UA2 ‧ ‧ ‧ MA9 = H(KA9|UA9|t), UA8, KA8 MA10 = H(KA10|UA10|t), UA9, KA9

  20. Communication method • Broadcast communication C A B E G D F

  21. Reference • C. Dickey, D. Zappala, V. Lo, J. Marr, Low latency and cheat-proof event ordering for peer-to-peer games, in: Proceedings of the ACM International Workshop on Network and Operating System Support for Digital Audio and Video (NOSSDAV), Kinsale, County Cork, Ireland, 2004, pp. 134–139. • A. Corman, S. Douglas, P. Schachte, V. Teague, A secure event agreement (SEA) protocol for peer-to-peer games, in: Proceedings of the First International Conference on Availability, Reliability and Security, 2006. • M. C. Chan, S. Y. Hu, and J. R. Jiang, An efficient and secure event signature (EASES) protocol for peer-to-peer massively multiplayer online games, Computer Networks, vol. 52, pp. 1838–1845, 2008.

More Related