[RC5] Do not forget about the cheaters :)
rawkiw at cix.co.uk
Wed Jan 7 18:21:27 EST 2004
I suggested something like this to Bovine in an email Tue 18/07/2000
Slightly more succinct than the Stanford paper IMHO :-)
(Clearly it doesn't cvoer quite as much ground.)
One slight problem with a secondary plaintext for inline testing is choice
of a single solution in a block would still allow a stats inflator to work
at (on average) double speed, discarding any keys after the inline block.
Two solutions are provision of multiple plaintexts (requiring 1-1/(2^n) of
the work to be done), and statistically providing plaintexts which may or
may not be in the text . Combining the two approaches would provide rapid
identification of bogus clients.
Plaintext (Public) Position (private)
p2 Does not exist
p4 Does not exist.
I can see no way of a client providing the private information back to the
server without either completing the block, or substantially completing and
guessing the remaining keys do not exist.
Even a single "maybe" plaintext is very powerful over the course of a small
number of blocks.
Hope this is of use.
From: Decio Luiz Gazzoni Filho [SMTP:decio at revistapcs.com.br]
Sent: 07 January 2004 21:43
To: D.net Discussion
Subject: Re: [RC5] Do not forget about the cheaters :)
It needn't be that way. Some Stanford researchers published a paper at the
Conference 2001 (which, by the way, was already noticed by the guy who
released the hacked client back then). It's available at
for anyone who cares about the gory details. For those who don't, in short,
it's possible to detect cheaters with very high probability and minimal
overhead. And it's easy to implement too, particularly considering the
that is currently in place.
This mail has been checked for viruses, by Richard, but you should ensure
your system check all incoming mail itself.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.532 / Virus Database: 326 - Release Date: 27/10/2003
More information about the rc5