Beware bitZino shuffling algorithm leaves much to be desired... - page 2.

vuce

sr. member

Activity: 476

Merit: 250

Quote from: Boussac on June 30, 2012, 03:38:54 PM

Bravo for spotting the weakness in their claim of provability.
Can you tell us more about your protocol ?
Is it implemented on a poker site ?

http://www.dc.uba.ar/inv/tesis/licenciatura/2010/lerner

this is... wow.

Boussac

legendary

Activity: 1221

Merit: 1025

e-ducat.fr

Bravo for spotting the weakness in their claim of provability.
Can you tell us more about your protocol ?
Is it implemented on a poker site ?

Sergio_Demian_Lerner

hero member

Activity: 555

Merit: 654

The supposed "Provably Fair Shuffling Through Cryptography" https://techblog.bitzino.com/2012-06-30-provably-fair-shuffling-through-cryptography.html leaves much to be desired to be called "Provably fair".

These are only a few reasons:

(1) Client_seed is not big enough (32 bits) to assure a fair statistical distribution. The server can try each possibility in advance...

(2) The server knows the shuffled deck (every card) BEFORE the user, so the server can abort the game (showing any strange error message) if the deck is too good for the user.

(3) Last but not least, the site is HTML5 only (no open source client application), so there is no way to know if the client-side javaScript code is actually verifying anything !!!

(4) Where is the "proof" for the "Provably Fair" algorithm?

The only way to implement secure card games on the Internet is by using Mental Poker protocols (crypto newbies, check it on Wikipedia). And it happens that I designed the fastest MP protocol so far... humbly

Best regards,
Sergio.

Topic: Beware bitZino shuffling algorithm leaves much to be desired... - page 2. (Read 8641 times)