[MUD-Dev] Guest Voices #2: Griefing in Online Games

Mike Shaver mike.shaver at gmail.com
Thu May 19 03:00:06 New Zealand Standard Time 2005


On 5/17/05, Paul Schwanz <pschwanz at bellsouth.net> wrote:
> J C Lawrence wrote:

>> PK crypto is a frequent suggestion for such problems but suffers
>> from two central problems:

>>   There is significant reward for an inimical player to ensure
>>   that their private keys are shared, and shared in a way which
>>   makes accurate detection and handling exceedingly
>>   difficult/expensive.

> What if we were able to work something into the private key that
> gave the player a strong incentive not to share it?  Like, for
> instance, the credit card information against which the account is
> paid must be present along with the key in order for it to be
> usable?  Of course, this move beyond simple PK crypto, but I'm
> just thinking out loud.

Stefan Brands and others (probably David Chaum as well, but I
couldn't cite anything there) have done work on "private
certificates" which can be tested blindly and can contain such
sharing-disincentive elements, or other fraud-detection/prevention
mechanisms.

  http://osiris.978.org/~brianr/crypto-research/anon/www.freedom.net/products/whitepapers/credsnew.pdf

My almost-5-year-old memory tells me that these can be
computationally expensive to manipulate, but some of that depends on
the operations in question.  Just using the credit card number as
the passphrase when generating the key bundle might be disincentive
enough, of course.

Mike
_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://kanga.nu/lists/listinfo/mud-dev


More information about the MUD-Dev mailing list