Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Signature Protocol for Peer-to- peer Massively Multiplayer Online Games Speaker: Shu-Fen Chiou ( 邱淑芬 )

Published byAgatha Cummings Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Signature Protocol for Peer-to- peer Massively Multiplayer Online Games Speaker: Shu-Fen Chiou ( 邱淑芬 )"— Presentation transcript:

1 1 Signature Protocol for Peer-to- peer Massively Multiplayer Online Games Speaker: Shu-Fen Chiou ( 邱淑芬 )

2 2 Introduction- MMOGs Massively multiplayer online games (MMOGs) Server player1player2player3 ‧‧ ‧ player1player2player3 ‧‧ ‧ Client-server server Server-cluster

3 3 Introduction- MMOGs In client-server and server-cluster Server maintains game states. Users send event to server. Server sends information to users. Server player1player2player3 ‧‧ ‧ time round

4 4 Introduction-P2P virtual environment Game state is maintained by peers in P2P environments. Some players may gain advantages unfairly. B A C CA A B C

5 5 Protocols NEO (New-Event Ordering) protocol (GauthierDickey et al., 2004) SEA (Secure Event Agreement) protocol (Corman et al., 2006) EASES (Efficient And Secure Event Signature) protocol (Chan et al., 2008)

6 6 Requirements Security Prevent cheats Fixed-delay Cheat (NEO, SEA) Timestamp Cheat (NEO, SEA) Suppressed Update Cheat (NEO, SEA) Inconsistency Cheat (SEA) Collusion Cheat (NEO, SEA)

7 7 Requirements Replay attack (SEA) Spoofing attack (SEA) Unforgeability (EASES) Verifiability (EASES) Communication All connect communication Performance Low computation (NEO, SEA, EASES) B A C

8 8 NEO (New-Event Ordering) protocol A B C Round 1: M 1 A =E(S A (U 1 A, t)) Round 2: M 2 A =E(S A (U 2 A, t)), K A 1, S A (V A 1 ), V A 1 = 1,1,1 M r A =E(S A (U r A )), K A r-1, S A (V A r-1 ) r: The rth round E(): Encrypt key S A : A ’ s signature U r A : Update message K A r-1 : previous round ’ s key V A r-1 : previous round ’ s vote vector

9 9 Attacks for NEO protocol Corman et al. claim the NEO has three attacks: Replay attack Spoofing attack A B C Round 1: M 1 A =E(S A (U 1 A, t)) Round 2: M 2 A =E(S A (U 2 A, t)), K A 1, S A (V A 1 ), V A 1 = 1,1,1 Round 3: M 3 A=E(S A (U 3 A, t)), K A 2, S A (V A 2 ), V A 2 = 1,1,1 Attacker: M 3 A=E(S A (U 2 A, t)), K A 2, S A (V A 2 ), V A 2 = 0,0,0

10 10 SEA (Secure Event Agreement) protocol A B C Commit r A =H(U r A, n r, SessID, ID A ) M r A =S A (Commit r A, U A r-1, Vh r-1 A, n r-1, r) r: The rth round H(): Encrypt hash function U r A : Update message n r : A nouce SessID: Session ID ID A : A ’ s ID S A : A’s signature Vh r-1 A : vote vector with hash function Round 1: Commit 1 A =H(U 1 A, n 1, N 1, ID A ) M 1 A =S A (Commit 1 A, 1) Round 2: Commit 2 A=H(U 2 A, n 2, N2, ID A ) M 2 A =S A (Commit 2 A, U 1 A, Vh 1 A, N 1, 2)

11 11 EASES – Initialization phase Use a random number as the master key MK i Generate one-time signature keys EX: K A 10 =H(MK A ) K A 9 =H(K A 10 ) K A 8 =H(K A 9 ) K A 7 =H(K A 8 ) ‧ K A 2 =H(K A 3 ) K A 1 =H(K A 2 ) K A 0 =H(K A 1 ) △ A =S sk (K A 0 )

12 12 EASES – Signing phase EX: M A 1 = H(K A 1 |U A 1 ), △ A, K A 0 M A 2 = H(K A 2 |U A 2 ), K A 1, U A 1 M A 3 = H(K A 3 |U A 3 ), K A 2, U A 2 ‧ M A 9 = H(K A 9 |U A 9 ), U A 8, K A 8 M A 10 = H(K A 10 |U A 10 ), U A 9, K A 9 M i 1 = H(K i 1 |U i 1 ), △ i, K i 0 M i n = H(K i n |U i n ), U i n-1, K i n-1 first round subsequent round A B C

13 13 EASES – Verification phase In first round Decrypts △ i =S sk (K i 0 ), with player i ’ s public- key and Verifies In subsequent round K i n-2 =H(K i n-1 ) ? M i n-1 =H(K i n-1 |U i n-1 ) ? B uses A’s pk to decrypt △ A verity K A 0 legitimate? AB M A 1 = H(K A 1 |U A 1 ), △ A, K A 0 M A 2 = H(K A 2 |U A 2 ), K A 1, U A 1 1 st 2 nd B computes Hash(K A 1 )=K A 0 Hash(K A 1 |U A 1 ) = M A 1 not tamper?

14 14 EASES – Re-initialization phase 11 th : B computes Hash(K A 10 |U A 10 |NewK A 0 ) = M A 10, authenticate NewK A 0 ? 12 th : B computes Hash(MK A ) = K A 10 ? M newA 1 =H(NewK A 1 |U A 12 ), △ NewA, NewK A 0 M newA 2 =H(NewK A 2 |U A 13 ), U A 12, NewK A 1 M newA 3 =H(NewK A 3 |U A 14 ), U A 13, NewK A 2 ‧ IN n round, re-generated new one-time signature NewK i 0, NewK i 1, ‧ ‧ ‧ ‧ ‧ NewK i m 10 th : M A 10 =H(K A 10 |U A 10 |NewK A 0 ), U A 9, K A 9 A B 12 th : MK A 11 th : M A 11 =H(NewK A 1 |U A 11 ), U A 10, K A 10, NewK A 0 New rounds

15 15 EASES – Late joining M A 1 = H(K A 1 |U A 1 ), △ A, K A 0 M A 2 = H(K A 2 |U A 2 ), K A 1, U A 1 AB 1 st 2 nd C Join in 2 nd △ A =S sk (K A 0 ), K A 0, K A 1 M A 2 = H(K A 2 |U A 2 ) Authenticate Key 3rd M A 3 = H(K A 3 |U A 3 ), K A 2, U A 2

16 16 Dynamic EASES – Signing phase 1 st : S sk (H(U A 1 |K A 1 ) 2 nd : S sk (H(U A 2 |K A 2 |K A 1 )) 3 rd : H(U A 3 |K A 3 |K A 2 )), K A 1, U A 1 4 th : H(U A 4 |K A 4 |K A 3 )), K A 2, U A 2 ‧ n th : H(U A n |K A n |K A n-1 ), K A n-2, U A n-2 Like EASES-based authentication Don ’ t prepare generation hash-chain keys

17 17 Dynamic EASES – Verification phase In 1 st & 2 nd, B verifies the signatures In 3 rd, authenticity H(U A 1 |K A 1 ) In subsequent, authenticity H(U A n-2 |K A n- 2 |K A n-3 ) AB 1 st : S sk (H(U A 1 |K A 1 )) & 2 nd : S sk (H(U A 2 |K A 2 |K A 1 ))1 st & 2 nd : decrypts and stores 3 rd : H(U A 3 |K A 3 |K A 2 )), K A 1, U A 1 4 th : H(U A 4 |K A 4 |K A 3 )), K A 2, U A 2 Subsequent round: verifies the message of (n-2) round In n round

18 18 Comparison

19 19 Comment – Signing phase EX: M A 1 = H(K A 1 |U A 1 |t), △ A, K A 0, ID A M A 2 = H(K A 2 |U A 2 |t), K A 1, U A 1 M A 3 = H(K A 3 |U A 3 |t), K A 2, U A 2 ‧ M A 9 = H(K A 9 |U A 9 |t), U A 8, K A 8 M A 10 = H(K A 10 |U A 10 |t), U A 9, K A 9 Add timestamp t, and user ’ s id M i 1 = H(K i 1 |U i 1 |t), △ i, K i 0, ID i M i n = H(K i n |U i n |t), U i n-1, K i n-1, first round subsequent round A B C

20 20 Communication method Broadcast communication AB G D C E F

21 21 Reference C. Dickey, D. Zappala, V. Lo, J. Marr, Low latency and cheat- proof event ordering for peer-to-peer games, in: Proceedings of the ACM International Workshop on Network and Operating System Support for Digital Audio and Video (NOSSDAV), Kinsale, County Cork, Ireland, 2004, pp. 134 – 139. A. Corman, S. Douglas, P. Schachte, V. Teague, A secure event agreement (SEA) protocol for peer-to-peer games, in: Proceedings of the First International Conference on Availability, Reliability and Security, 2006. M. C. Chan, S. Y. Hu, and J. R. Jiang, An efficient and secure event signature (EASES) protocol for peer-to-peer massively multiplayer online games, Computer Networks, vol. 52, pp. 1838 – 1845, 2008.

Download ppt "1 Signature Protocol for Peer-to- peer Massively Multiplayer Online Games Speaker: Shu-Fen Chiou ( 邱淑芬 )"

Similar presentations

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
11 Efficient and Secure Certificateless Authentication and Key Agreement Protocol for Hybrid P2P Network Authors: Z. B. Xu and Z. W. Li Source: The 2nd.

11 Efficient and Secure Certificateless Authentication and Key Agreement Protocol for Hybrid P2P Network Authors: Z. B. Xu and Z. W. Li Source: The 2nd.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
Cheat-Proofing P2P Online-gaming Albert Lee Spring 2008 Comp 424.

Cheat-Proofing P2P Online-gaming Albert Lee Spring 2008 Comp 424.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
A Secure Fault-Tolerant Conference- Key Agreement Protocol Wen-Guey Tzeng Source : IEEE Transactions on computers Speaker : LIN, KENG-CHU.

A Secure Fault-Tolerant Conference- Key Agreement Protocol Wen-Guey Tzeng Source : IEEE Transactions on computers Speaker : LIN, KENG-CHU.
A password authentication scheme with secure password updating SEC 期末報告 學號: 89321037 姓名:翁玉芬.

A password authentication scheme with secure password updating SEC 期末報告 學號: 姓名:翁玉芬.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
90321011 孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : 2003.11.26 in Computers & Security.

孫國偉 Efficient Password authenticated key agreement using smart cards Author : Wen-Shenq Juang* Date : in Computers & Security.
More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.

Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.
A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

Similar presentations

Ads by Google