Lockstep protocol Lockstep protocol

a1 = Rock p1 p2 a2 = Scissors
1. Announce a commitment to an action.
™ commitment can be easily calculated from the action but the action
action
c1 = H(a1) = 4736 c2 = H(a2) = 1832
cannot be inferred from the commitment
™ formed with a one-
one-way function (e.g., hash)
c2 = 1832 c1 = 4736
2. When everybody has announced their commitments for the
turn, announce the action. a1 = Rock
™ everybody knows what everybody else has promised to do
3. Verify that the actions correspond to the commitments. a1 = Rock
™ if not, then somebody is cheating…
a2 = Paper

a2 = Paper
H(a2) = 5383 ≠ c2

Loosening the synchronization 1(2) Loosening the synchronization 2(2)

‹ the slowest player dictates the speed ‹ pipelined lockstep protocol
™ short turns ™ player can send several commitments which are pipelined
™ time limits for the announcements ™ drawback: look-
look-ahead cheating if a player announces
‹ asynchronous lockstep protocol
action earlier than required
™ sphere of influence: synchronization is needed only when ‹ adaptive pipeline protocol
the players can affect each other in the next turn(s) ™ measure the actual latencies between the players
™ otherwise, the players can proceed asynchronously ™ grow or shrink the pipeline size accordingly

Drawbacks of the lockstep protocol Idea #1: Let’s get rid of the repeat!
‹ requires two separate message transmissions ‹ send only a single message
™ commitment and action are sent separately ™ but how can we be sure that the opponent cannot learn the action
before annoucing its own action?
™ slows down the communication
‹ the message is an active object, a delegate
‹ requires a synchronization step
™ program code to be run by the receiver (host)
™ the slowest player dictates the pace ™ delegate’s behaviour cannot be worked out by analytical methods alone
~ improvements: asynchronous lockstep, pipelined lockstep, adaptive
adaptive ™ guarantees the message exchange on a possibly hostile environment
environment
pipeline lockstep
‹ delegate provides the action once the host has sent its own
‹ does not solve the inconsistency problem! action using the delegate

1
 Example with two players Threats
‹ what if the host delays or prevents the delegate’s message
from getting to its originator?
Ap Ar ™ the host will not receive the next delegate until the message is sent
‹ what if the originator is malicious and the delegate spies or
wastes the host’s resources?
cr(ccpp(a(apapp))) cr(ccpp(a(apapp))) ddpp ™ sandbox: the host restricts the resources available to the delegate
delegate
‹ how can the delegate be sure that it is sending messages to its
D
Drr originator?
™ communication check-
check-up

D
Dpp
ddrr cp(crc(ar(arar)r)) cp(crc(ar(arar)r))

Communication check-
check-up Idea #2: Peer pressure
‹ the delegate sends a unique ‹ players gossip the other players’ actions from the previous
identification to its originator turn(s)
™ static and dynamic information
‹ compare gossip and recorded actions; if there are
‹ the delegate waits until the originator Ap Ar inconsistencies, ban the player
has responded correctly
™ cheating is detected only afterwards
‹ check-
check-ups are done randomly D
Drr ™ gossiping imposes a threat of getting caught
™ probability can be quite low D
Dpp
™ host cannot know whether the ‹ gossip is piggybacked in the ordinary messages
transmission is the actual message or just ™ no extra transmissions are required
a check-
check-up
‹ how to be sure that the gossip is not forged?
™ rechecking with randomly selected players

How much is enough? Message

‹ example: 10 players, 60 turns, 1 cheater who forges 10% of ‹ action for the current turn t
messages, gossip from one previous turn
™ 1% gossip: P(cheater gets caught) = 0.44 ‹ delegate for the next turn t + 1
™ 5% gossip: P(cheater gets caught) = 0.91 ‹ set of actions (i.e., gossip) from the previous turn t − 1
™ 10% gossip: P(cheater gets caught) = 0.98
‹ example: 100 players, 60 turns, 1 cheater who forges 10% of
messages
™ 1% gossip: P(cheater gets caught) = 0.98
‹ example: 10 players, 360 turns, 1 cheater who forges 10% of
messages
™ 1% gossip: P(cheater gets caught) = 0.97

Dpptt++11 Gpt − 1 aaiitt−−11

mpt aapptt D aajjtt−− 11

2
 Collusion Analysing collusion
‹ imperfect information games ‹ tracking
™ infer the hidden information ™ determine who the players are
™ outwit the opponents ™ but physical identity does not reflect who is actually playing the
the game
‹ collusion = two or more players play together without ‹ styling
™ analyse how the players play the game
informing the other participants
™ requires a sufficient amount of game data
‹ how to detect collusion in online game? ™ collusion can be detected only afterwards
™ players can communicate through other media → no pre-
pre-emptive nor real-
real-time counter-
counter-measures
™ one player can have several avatars

Collusion types Offending other players

‹ active collusion ‹ acting against the ‘spirit’ of the game
™ cheaters play more aggressively than they normally would ™ problematic: is camping in a first-
first-person shooter cheating or just a
good tactic?
™ can be detected with styling
™ some rules are ‘gentlemen’s agreements’
‹ passive collusion ‹ examples
™ cheaters play more cautiously than they normally would ™ killing and stealing from inexperiened and ill-
ill-equipped players
™ practically undetectable ™ gangs and ghettoization of the game world
™ blocking exits, interfering fights, verbal abuse

Upholding justice Recapitulation: Outline of the course

‹ players handle the policing themselves
™ theory: players take the law into their own hands (e.g., militia)
militia)
™ reality: gangs shall inherit the game world 8. Communication layers ‹ dead reckoning
‹ systems records misconducts and brands offenders as ‹ physical platform ‹ local perception filters
criminals ‹ logical platform ‹ synchronized simulation
™ theory: bounties and penalties prevent crimes ‹ area-
area-of-
of-interest filtering
‹ networked application
™ reality: throw-
throw-away avatars commit the crimes
‹ players decide whether they can offend/be offended 9. Compensating resourse 10.Cheating
10.Cheating prevention
™ theory: players know what kind of game world they want limitations ‹ technical exploitations
™ reality: how to offend you? let me count the ways… ‹ aspects of compensation ‹ rule violations
‹ protocol optimization

3
 Examinations 1 (2) Examinations 2 (2)
‹ examination dates ‹ questions
1. January 16, 2006 ™ based on both lectures and lecture notes
2. February 13, 2006 ™ two questions, à 5 points
3. March 2, 2006 ™ to pass the examination, at least 5 points (50%) are required
‹ check the exact times and places at ™ grade: g = ⎡p − 5⎤
5⎤
http://www.it.utu.fi/opetus/tentit/ ™ questions are in English, but you can answer in English or in Finnish
Finnish
‹ if you are not a student of University of Turku, you must ‹ remember to enrol in time!
register to receive the credits
™ further instructions are available at
http://http://www.tucs.fi/education/
courses/participating_courses.php