Creating randomness with games
Tutkimustuotos › › vertaisarvioitu
|Julkaisu||Acta Polytechnica Hungarica|
|DOI - pysyväislinkit|
|Tila||Julkaistu - 2019|
In our increasingly connected and open World, randomness has become an endangered species. We may soon not have anything private, all out communication, interaction with others becomes publicly available. The only method to secure (temporarily) communication is mixing it with randomness – encoding it with random keys. But massive reuse of the same sources of randomness and rapid development of technology often reveals that used sources were not perfectly random. The Internet security is topdown, based on higher-level certificates, but we can never be quite certain with 'given from above' products in their quality – in order to beat each other producers are 'cutting corners' and even the high-level security certificates are available on Internet dark markets. This clearly shows in tremendous increase of all kind of security accidents, so there is an urgent need for new, independent sources of randomness. Mathematical treatment of randomness is based on infinite concepts, thus useless in practice with devices with finite memory (humans, computers, Internet Of Things). Here is introduced a definition for randomness based on devices with finite memory – k-randomness; it is shown, how this allows to create new randomness in computer games; numerous tests show, that this source is quite on par with established sources of randomness. Besides algorithmically-generated randomness is in computer games present also human-generated randomness-when competing players try to beat each other they invent new moves and tactics, i.e. introduce new randomness. This randomness appears in the sequence of players moves and when combined with the sequences of moves of other players can be used for generating secret keys for symmetric encryption in multi-player game communication system. The method does not use public-key step for creation of shared secret (the key), thus the encryption system does not need any upper-level security authorities.