[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Crypto Games





I'd like to float a few ideas on this, generated by cutting right back
to fundamental objectives.

In his orignal posting, Kent Borg wrote:

 > It would be really nice if people had practical experiance *using*
 > cryptography in a friendly, innocent, and non-threatening way.
 >  
 > How to do this?  What about a multi-player game which requires
 > cryptography to implement the play? 

A lovely idea. I think that the `requires' above is fundamental, since
our objective is to raise awareness of crypto -- not only for the
obvious purposes of sending secret messages, but as a basic, useful,
and necessary tool for many other applications. Ideally, it should be
a game which simply cannot be reasonably played without the use of
crypto, a point Tim was driving towards earlier. Additionally, the
actual use of encrypted messages must be visible to all parties (and
outsiders) as Kent pointed out in his original posting.

Without intending to rain on anyone's parade, I think that the choice
of a card game is probably not the best vehicle, for a number of
reasons. Firstly, most card games are too close to realtime. While
that is no great problem technically given internet-connected
machines, it severely reduces the visibility of the underlying crypto
-- people will be too busy playing with cards to look at the messages,
and for the most part I suspect couldn't care if the messages were
sent unencrypted. Card games certainly have both popular appeal, and
(thanks to various `solitaire' programs) a good assosciation with
computers to their advantage.

However, I think we need a game that runs over a longer period, which
requires (or at least allows for) periods of thought and contemplation
between moves. Obvious examples are chess, or some of the play-by-mail
type games. Indeed, it may well be worthwhile wandering over into some
appropriate newsgroups and looking around, or asking a few questions
-- it may well be that there are keen games programmers and players
over there with a technical problem that could be solved with a bit of
crypto.

Since this is intended to be a political move, lets carefully look at
what our political objectives are, and then choose (or even design) a
game around them. Visibility of the usefulness of crypto, both to
players and onlookers, is a key point.

Ideally, then, a game that is played by posting an encrypted block to
a public place such as a newsgroup for all the world to see, and that
can be decoded by players to reveal (perhaps selective) information.
This text block can then be captured and fed into the game program --
perhaps not until version 2 does this happen automatically :) It would
be ideal if there were something from the game that could be
recommended to be put in someone's .sig, perhaps a player code public
key or something. This has great benefits for publicity, for instance
in the past I've had a reasonable number of queries from net denizens
asking `what is this PGP block stuff on the messages you post.. I keep
seeing that around more and more'.

It would be best if we can design the system to be distributed, and to
operate without a central server (or with only a very minimal one),
again to highlight the possibilities enabled by crypto. Perhaps
players form playing groups amongst themselves using the keys in their
.sigs and a group session key. Perhaps its a world-wide game that
anyone can join. Maybe a central server issues a `turn key' to every
player each week (or whatever play period) to enable them to make
their next move.

There's one sad consequence that will be hard to avoid.. while the
posted messages may be cryptographically secure, it will be hard to
come up with a solution whereby the game can be distributed in source
form and not be vulnerable to cheating by source modification in the
game-play parts of the code above the encryption. I think it is
important that the code be distributed in source form, not only for
practical reasons, but also to highlight that cryptography does *not*
depend on keeping the cryptographic algorithm secret or obscured in
any way. The game documentation can include detailed discussions of
the cryto techniques and issues involved.

The ability for the players to send encrypted messages to other
players as part of the basic gameplay is important too.

As has been pointed out, it is probably a good idea to keep the actual
subject matter non-threatening. I keep thinking about the pbm-style
empire-simulation games, perhaps because I've had some contact with
them in the past, but that scenario isn't all that interesting for
many people (including myself). Games of spies and secrecy and so on
suggest themselves naturally, but maybe that assosciation does not
need to be strengthened.

A game for children might be a very good idea. There is a lot of
activity currently in networking k12 schools to internet. One of the
important challengers for teachers is finding appropriate educational
uses for the technology. Foreign language students corresponding with
native speakers and so on.  For example, a game that lets students
around the globe cooperate in solving problems and ferreting out clues
may win wide appeal -- multiplayer distributed _Carmen_Sandiego_.. :)
All the better to snub ITAR if it's an innocent game for kids.

Should this game be written inside or outside the US? Any of you US
citizens planning a move outside soon, who, when the game becomes
wildly popular, can claim that the move was motivated by ITAR
restrictions? :)

 > The cards would not be suitable for distributing porn, bomb making
 > secrets, or drugs, yet would drive the ITAR police *crazy*.  What if a
 > deck of the these cards were to be illegally exported from the
 > country?!?!?  Try telling all those Regular Citizens who are getting
 > on the net and discover they can play cards that the cards are
 > dangerous munitions.  What a wonderful way to make the ITAR police
 > look completely silly.  Oh, and to be sure they *do* get upset, make
 > the cards just open enough that they *do* constitute something more
 > general-purpose.  (Make calls to PGP, or let others make calls to the
 > crypto functions in the digital cards--something like that.)

Hmm.. :)

 > Comments?  Suggestions for a game other than cards that would be
 > better or more suitable?  

See above for some generalised handwaving, at least. 

--
Dan.