BBO Discussion Forums: What I did on my summer vacation - BBO Discussion Forums

Jump to content

  • 2 Pages +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

What I did on my summer vacation

#21 User is offline   barmar 

  • PipPipPipPipPipPipPipPipPipPipPipPip
  • Group: Admin
  • Posts: 21,594
  • Joined: 2004-August-21
  • Gender:Male

Posted 2016-September-16, 09:36

 aawk, on 2016-September-15, 21:43, said:

If a safe cracker cannot open a safe he will take it home where he or she has more time. So making it harder to crack the safe is no solution because the can download the shuffling program and crack all the barriers you put in place at home.

He has to be able to move the safe.

Similarly, if you can crack the hand records at home, that's not much help because the event where those hands are being used will be over. Consider the scenario Nicholas described: you go to the restroom after the first round, somehow manage to send all 3 hands (with every spot card correctly specified) to your computer at home in the minute or so you have between rounds, then go back to the restroom an hour later to download the hand records for the remaining boards.

I think this crack is more theoretical than practical. On the other hand, it's so easy for ACBL to switch to Big Deal, there's no reason not to do it, to remove all concerns.

#22 User is offline   shyams 

  • PipPipPipPipPipPip
  • Group: Advanced Members
  • Posts: 1,666
  • Joined: 2009-August-02
  • Gender:Male
  • Location:London, UK

Posted 2016-September-16, 09:58

 barmar, on 2016-September-16, 09:36, said:

Consider the scenario Nicholas described: you go to the restroom after the first round, somehow manage to send all 3 hands (with every spot card correctly specified) to your computer at home in the minute or so you have between rounds, then go back to the restroom an hour later to download the hand records for the remaining boards.


There was a practical & quite scary application to Nicholas's scenario which he discovered.

USBF tournaments involve 4, 6 or 8 sessions of 15 boards each -- these are numbered 1-30. If the sit-out pair inputs boards 1-3 of session 1 and uses the code to crack it, they will know all remaining boards not only of session 1 (boards 1-15) but also of session 2 (16-30)! This can be done every time (take boards 1-3 of session 3 to get full knowledge of every card in session 4).

There may have been other scenarios where one set of boards spills over two or more sessions.
0

#23 User is offline   Vampyr 

  • PipPipPipPipPipPipPipPipPipPip
  • Group: Advanced Members
  • Posts: 10,611
  • Joined: 2009-September-15
  • Gender:Female
  • Location:London

Posted 2016-September-16, 11:31

Can someone explain to me exactly how boards can be predicted? If you have the seed, how exactly does one board relate to the next?
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones -- Albert Einstein
0

#24 User is offline   hrothgar 

  • PipPipPipPipPipPipPipPipPipPipPip
  • Group: Advanced Members
  • Posts: 15,488
  • Joined: 2003-February-13
  • Gender:Male
  • Location:Natick, MA
  • Interests:Travel
    Cooking
    Brewing
    Hiking

Posted 2016-September-16, 12:17

 barmar, on 2016-September-16, 09:36, said:

He has to be able to move the safe.

Similarly, if you can crack the hand records at home, that's not much help because the event where those hands are being used will be over. Consider the scenario Nicholas described: you go to the restroom after the first round, somehow manage to send all 3 hands (with every spot card correctly specified) to your computer at home in the minute or so you have between rounds, then go back to the restroom an hour later to download the hand records for the remaining boards.

I think this crack is more theoretical than practical. On the other hand, it's so easy for ACBL to switch to Big Deal, there's no reason not to do it, to remove all concerns.


Barry, the problem is trivial to parallelize.

If I am willing to spend enough on AWS, I can crack the boards in a matter of minutes.

In turn, this means that when I go to the bathroom after playing board 4 in the USBF team trials, I can get all the rest of the boards for this round
Alderaan delenda est
0

#25 User is offline   hrothgar 

  • PipPipPipPipPipPipPipPipPipPipPip
  • Group: Advanced Members
  • Posts: 15,488
  • Joined: 2003-February-13
  • Gender:Male
  • Location:Natick, MA
  • Interests:Travel
    Cooking
    Brewing
    Hiking

Posted 2016-September-16, 12:22

 Vampyr, on 2016-September-16, 11:31, said:

Can someone explain to me exactly how boards can be predicted? If you have the seed, how exactly does one board relate to the next?


There are at least two ways to implement this attack.

First of all, given modern computer resources, the search space is relative small.

The simplest attack is for me to enumerate the output of the hand generator for every possible seed.
I build a rainbow table and we're off to the races.

A slightly more complicated attack is to take advantage of the flawed nature of the LCG being used to generate random numbers

"LCGs should not be used for applications where high-quality randomness is critical. For example, it is not suitable for a Monte Carlo simulation because of the serial correlation (among other things). They also must not be used for cryptographic applications; see cryptographically secure pseudo-random number generator for more suitable generators. If a linear congruential generator is seeded with a character and then iterated once, the result is a simple classical cipher called an affine cipher; this cipher is easily broken by standard frequency analysis.

LCGs tend to exhibit some severe defects. For instance, if an LCG is used to choose points in an n-dimensional space, the points will lie on, at most, (n!m)1/n hyperplanes (Marsaglia's Theorem, developed by George Marsaglia). This is due to serial correlation between successive values of the sequence Xn. The spectral test, which is a simple test of an LCG's quality, is based on this fact."
Alderaan delenda est
1

#26 User is offline   hrothgar 

  • PipPipPipPipPipPipPipPipPipPipPip
  • Group: Advanced Members
  • Posts: 15,488
  • Joined: 2003-February-13
  • Gender:Male
  • Location:Natick, MA
  • Interests:Travel
    Cooking
    Brewing
    Hiking

Posted 2016-September-16, 12:28

 aawk, on 2016-September-15, 21:43, said:

If a safe cracker cannot open a safe he will take it home where he or she has more time. So making it harder to crack the safe is no solution because the can download the shuffling program and crack all the barriers you put in place at home.

You said the need at least 3 boards to crack the code so if you restart the random generater after 2 boards are shuffled the problem must be solved.

If this does not solve the problem it means that the random generator used is not realy random and that is the problem which has to be fixed.


No offense, but I spend too much time at work dealing with amateurs who think that they understand security to waste my time with internet cranks...

(And oh, BTW, the day that you figure out how to crack the hand generator that the ACBL has been using to run every tournament for the last 20 years, I'll start paying attention to your opinion. Until then, perhaps you should listen to mine)
Alderaan delenda est
1

#27 User is offline   Stefan_O 

  • PipPipPipPip
  • Group: Full Members
  • Posts: 469
  • Joined: 2016-April-01

Posted 2016-September-17, 13:50

 aawk, on 2016-September-15, 21:43, said:

If a safe cracker cannot open a safe he will take it home where he or she has more time. So making it harder to crack the safe is no solution because the can download the shuffling program and crack all the barriers you put in place at home.

You said the need at least 3 boards to crack the code so if you restart the random generater after 2 boards are shuffled the problem must be solved.

If this does not solve the problem it means that the random generator used is not realy random and that is the problem which has to be fixed.


If you haven't read it already, this is a good point to start:

https://sater.home.xs4all.nl/doc.html

Quite clear and simple rundown of the issues involved.
1

#28 User is offline   barmar 

  • PipPipPipPipPipPipPipPipPipPipPipPip
  • Group: Admin
  • Posts: 21,594
  • Joined: 2004-August-21
  • Gender:Male

Posted 2016-September-17, 14:57

 hrothgar, on 2016-September-16, 12:17, said:

In turn, this means that when I go to the bathroom after playing board 4 in the USBF team trials, I can get all the rest of the boards for this round

In the late rounds of major team events, they don't allow players to leave the playing area unaccompanied.

#29 User is offline   hrothgar 

  • PipPipPipPipPipPipPipPipPipPipPip
  • Group: Advanced Members
  • Posts: 15,488
  • Joined: 2003-February-13
  • Gender:Male
  • Location:Natick, MA
  • Interests:Travel
    Cooking
    Brewing
    Hiking

Posted 2016-September-17, 15:08

 barmar, on 2016-September-17, 14:57, said:

In the late rounds of major team events, they don't allow players to leave the playing area unaccompanied.


Do they watch them when they are shitting?
Alderaan delenda est
0

#30 User is offline   barmar 

  • PipPipPipPipPipPipPipPipPipPipPipPip
  • Group: Admin
  • Posts: 21,594
  • Joined: 2004-August-21
  • Gender:Male

Posted 2016-September-17, 15:20

 hrothgar, on 2016-September-17, 15:08, said:

Do they watch them when they are shitting?

No, but you're also not allowed to have a cellphone on your person during the event. If they bring a cellphone with them into the playing area, they're required to give it to the Vugraph operator during the session.

But I've never seen anyone pat a player down to make sure they've followed this rule.

  • 2 Pages +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

3 User(s) are reading this topic
0 members, 3 guests, 0 anonymous users