Author: Anthony Cozzie
Date: 08:19:16 09/09/04
Go up one level in this thread
On September 09, 2004 at 00:44:57, Sam S wrote: > >>It's a yawn in that the weaknesses have been known for a long time. There are >>solutions to much of the problem, using the sort of challenge-response stuff >>used in ssh (secure shell) access. But artificial lag is simply impossible to >>get rid of... > >How about this idea: at the beginning of each game, the server generates a >one-time executable code and sends it to the client, and for each move this >executable code would send back to the server a signature created from (current >move, current move number, time spent on making this move) along with the move >and time-spent data, so that the server can authenticate this signature for each >move. >It'd be possible to break each specific one-time executable code that the server >sent by finding out how it encrypts the signatures, but if the server generates >new executable codes that are completely different from one another for each >game before the game starts, it'd be too hard to break in such short amounts of >time... Correct me if I am wrong, but this sounds like an impossible problem. The server simply has no way to know when the client received the data. As long as you are willing to disassemble the code and play God, it seems that you will always be able to fool timestamp. ICC's only hope is to make the code as complicated (hopefully self modifying!) as possible. anthony
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.