[RC5] Do not forget about the cheaters :)

Elektron elektron_rc5 at yahoo.ca
Fri Jan 9 07:18:17 EST 2004


> maybe client should save timestamp at completed packet. something like 
> 12:34:56 started 12:43:65 finished and server can compare completion 
> time for this CPU with average time for this type of CPU

If a cheater can hack the client to skip most of the RC5 calculations, 
the client can probably also hack this as well.

...

> 87,462,090 keys/sec seems a bit unrealistic. Either you had an error,
> because you cancelled the benchmark, or you're using a new core, or
> and I hope that this is not the case, you're using a cracked client.

This is called 'proof of concept'. I was bored one day. The date on the 
file says aug 24. As I said, I don't submit results with that core.

Cancelling the benchmark will not print out the mkeys/sec.

...

> The simplest possible method of verifying the clients
> is making them report CMCcount for each block tested.

What's the CMCcount?

...

> There are just so many options with varying
> - client side cpu overhead
> - server side cpu overhead
> - server side database storage overhead
> - proxy storage overhead
> - reissuing keys overhead
> - chances of finding clueless cheater
> - chances of finding advanced cheater
> - implementation complexity
>
> I think the main problem here is that nobody's going
> to turn proposed solutions into code :o)
> That's why I'm trying to find the solution which is
> as simple to code as possible.

We can never prove that the result (a key exists or doesn't) without 
checking the block manually.

We can, however, make submitting false but otherwise valid results just 
as computationally expensive (of course, the client can skip the bit of 
checking whether it's a 'correct' key, but that wouldn't make it much 
faster). The cheater can always do this.

We just have to make it hard for the cheater to generate always-valid 
results (because if one block is wrong, the rest could also be) and 
check them with another client. Or a 32-bit XOR of the first few bits 
of the decrypted text could be used (as someone suggested), since 
results are resubmitted anyway, but that has the disadvantage that 
results have to be resubmitted.

And the overhead of weeding through cheaters is, IMO, big enough to 
make this actually worthwhile.

- Purr


More information about the rc5 mailing list