An Efficient and Secure Event Signature
(EASES) Protocol for Peer-to-Peer Massively
Multiplayer Online Games
Mo-Che Chan, Shun-Yun Hu and Jehn-Ruey Jiang
Adaptive Computing and Networking Lab.
National Central University
1
Outline
• Background
• Related work
– NEO
– SEA
• The proposed scheme
– EASES
• Evaluation
• Conclusion
2
Background - MMOG
• Multiplayer online game
• Massively multiplayer online game (MMOG)
3
Background - architectures
• Client-server
4
Background - architectures
• Server-cluster
5
Background - architectures
• Peer-to-peer (P2P) network
• Efficiently maintain the topology
– Virtual environment
6
Background – game logic
• In client-server and server-cluster
– Server maintains game states
– Users send event to server
– Server sends information to player
round
time
7
Background – cheat problem
• Game logic is maintained by peers in P2P
environments.
• Some players may gain advantages unfairly.
8
Background - commitment
• Play the paper, scissors, rock game remotely
without arbiter
9
Background – hash function
• Cryptographic hash function
• Strength depends on the following
infeasibilities
– For any given hashed value, to find M or M’
– For any given message M, to find H(M) = H(M’)
– To find any pair (M, M’) such that H(M) = H(M’)
Hash
function
010101110100
10
Background - commitment
• No one can get unfair advantages if the hash
function is secure.
H(Choice | Random)
Choice | Random
H(Choice | Random)
Choice | Random
First send H(Choice | Random)
Then send (Choice | Random)
11
Background – digital signature
• Concept
010101000111010011001011
010011100110101000110101
011010111000110101010100
110100011010101010101001
010101010010101010101010
……..
A document
Signature
algorithm
To sign it
101001110100110010110110
101100110101000110101010
010111001011010101010011
010010110101010101010010
110110010101010101010111
……..
A digital signature
•No one can forge
•Signer can’t repudiate that he executed the algorithm
for this document
•Authenticity of the document
12
Background – digital signature
• To sign a message
To sign by sender’s
private key
Hash function
message
0101…101
message
1011…110
1011…110
13
Background – digital signature
• To verify a signature
message
1011…110
To inverse the signature
by signer’s public key
Hash function
0101…101
?
0101…101
To check they are the same or not
14
Related work - NEO
• Every updating message
• Signing event updating message
• Encrypting the signed message
• After, send decrypting key
M  {S A (U )}K r , K
r
A
r
A
A
r 1
A
, S A (V
r 1
A
)
Player i
15
Related work - SEA
• Every updating message
• Signed hash value of event updating
message
• After, send the plain message
Commit  H (U , n , SessID, IDA )
r
A
r
A
r
M  S A (Commit ,U
r
A
r
A
r 1
A
r 1
A
r 1
,Vh , n , r )
Player i
16
The problem that we observed
• Digital signature algorithms are too slow.
To sign the
message digest
Single
Document
Hash
algorithm
Original message
To produce the
message digest
Signature
algorithm
Signature
17
The objective
• To efficiently sign many discrete messages
Message 1
Message 2
……
Message n
18
The proposed EASES
• Initialization phase
– Every player prepares the keys for signing.
• Signing phase
– Every player signs his messages.
• Verification phase
– Every receiver verifies the authenticity.
• Re-initialization phase
– Re-generate new signing keys.
19
EASES – initialization phase
……..
1011…110
20
EASES – signing & verification
j-2
j-2
j-3
j-1
j-1
j-2
j
Send
out
j
j-2
…….
j
j-1
j
j-3
j+1
j+2
j-1
j+1
j+2
21
EASES – re-initialization phase
……..
• Re-execute initialization phase
• A more efficient way
– Reserve the last two keys
……..
1011…110
22
Evaluation - performance
• Computational cost
– Hash replaces signature function
• Memory consumption
– 1,000 * 192 bits = 24,000 bytes, when n = 1,000
• Bandwidth consumption
– Length of Hash value is short than signature’s
EASES
Computation
Better
Memory
Bandwidth
Traditional Signature
Better
Better
23
Evaluation - security
• Unforgeability
– No one can claim that he signed M, unless he
show the OSK of M.
– This requirement is secure if adopted
cryptographic hash function is secure.
• Verifiability
– Hash function is public.
24
Conclusion and discussion
• EASES is proposed to sign many discrete
messages at once efficiently
• Security of EASES is as strong as those of
traditional signature schemes
• ESAES implies the commitment property
25