Hacker News new | past | comments | ask | show | jobs | submit login

I remember someone doing the same to an online poker site that had helpfully documented its PRNG in a laudable attempt at transparency.

(And the transparency got them an improvement in their security in the end.)




I'm surprised they don't use some form of hardware based RNG. I assume there's many good reasons

https://en.wikipedia.org/wiki/Hardware_random_number_generat...


They wanted to show that they didn't cheat.

In general, you can pick a random seed at the start of the day, commit to it somewhere (eg publish a hash of it on the bitcoin blockchain, or just on your website), then use that seed in a cryptographically secure PRNG on your website all day, and at the end of the day you publish the seed you already committed to.

This way people can check that you didn't cheat, but can't guess their opponents cards either.


Wouldn't the most obvious method of cheating be the site owner peeking at other player's hands and/or the deck? Which this doesn't (and cannot) prevent?

I guess I'm not sure what publicizing their PRNG is meant to prove. It shows they didn't cheat via a very specific type of cheating but there are several other potential cheating vectors.


> It shows they didn't cheat via a very specific type of cheating but there are several other potential cheating vectors.

Yes, and this is not the only anti-cheat method they had.


(The above was simplified. In a game of poker, you also want to make sure that when hands get folded, that no one learns what the cards were.)


> don't use some form of hardware based RNG

I've always wondered: why aren't ADCs (e.g. mic input) and temperature sensors considered a good source of entropy, particularly if the lower bits are taken?


If you just want any old entropy, and don't care about proving to someone else that your entropy is good, these are acceptable. But it's honestly really easy to get entropy on that grate, and thanks to modern cryptographically secure PRNG, you don't need a lot of 'real' entropy. You can stretch it out forever.

If you want/need to be able to argue to a third party that your entropy was good, you can spend a bit more.

How do you convince anyone that your mic input was actual real mic input, and not just a sequence of bits you made up to be convenient for you?



Or, if you don't want to trust the source, https://drand.love/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: