Author: Mathieu Pagé
Date: 06:09:24 09/09/04
Go up one level in this thread
On September 09, 2004 at 00:44:57, Sam S wrote: > >>It's a yawn in that the weaknesses have been known for a long time. There are >>solutions to much of the problem, using the sort of challenge-response stuff >>used in ssh (secure shell) access. But artificial lag is simply impossible to >>get rid of... > >How about this idea: at the beginning of each game, the server generates a >one-time executable code and sends it to the client, and for each move this >executable code would send back to the server a signature created from (current >move, current move number, time spent on making this move) along with the move >and time-spent data, so that the server can authenticate this signature for each >move. >It'd be possible to break each specific one-time executable code that the server >sent by finding out how it encrypts the signatures, but if the server generates >new executable codes that are completely different from one another for each >game before the game starts, it'd be too hard to break in such short amounts of >time... I'm not interested to see a server send executable code to my computer. What if they are compromised ? It would be a really good trap for malicious code. I will never allow this to happen of one of my boxes. Mathieu P.
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.