Re: Online poker RNG...

Gerry wrote:

I do appreciate the answers. (I appreciate the advice about colllusion,
too, btw, although, as a professional player, I already am aware of it
as a possibility online and in B&M casinos -- actually more in the
latter, for many reasons -- and happen to agree with Bill's (If I'm
right, Henry quoted Bill's blog.) assessment.)

I still don't understand this, though: what, specifically, has changed
since the publication of the 1999 article? From a mathemetical
perspective, I mean. (That's why I posted here.) I know I'm asking for
expert advice in lay terms, which is a tough nut to crack, but if one
you can do that, I'd appreciate it. BTW: For sale online are the hand
histories of almost every player at almost every site. A cheater would
have access to these hand histories in order to seed a database with
millions of hands in an effort to reverse-compile the algorithm, no?
....

The vulnerabilities mentioned in that article were (1) the
simple shuffling algorithm was public, and (2) the number of
possible seeds a cracker needed to test was small (a few tens
or hundreds of thousands) due to time-based seeding. The
simplicity of the algorithm also was mentioned, and the 2^32
period of the rand function they used. But the commonly
available rand() has been deprecated [eg, see some refs in
http://www.google.com/search?q=rand+deprecated ] in favor
of random(), which has a period of around 2^35, per linux
"man random".[1]

In richard.blankman's claim that "the slightest tweaking of
a simple algorithm to convert a random number to a playing card
would make for reverse-discovery of either the algorithm or the
seed utterly impossible" I'd replace the word "utterly" by
"nearly", but it certainly is the case that minor algorithm
changes will totally defeat the easy-pickings approach described
in the 1999 article. There also are some slightly more involved
changes that can contradict his statement that "Knowing the
seed and the algorithm will indeed tell you the next card..."
For example, if the poker site maintains a running sum s of the
IP numbers of people logging in, and during a deal takes and
discards s%p extra random numbers between random numbers it uses,
(where p is a small prime that changes every few minutes) a lot
of knowledge is required besides seed and algorithm.
-jiw

[1] random() uses a 1016-bit state table so I don't see why
its period is so short. AFAIK, two machines can reproduce
the same random sequences only if they start with and maintain
the same state in the table. Note, on linux systems, the random
device [http://linux.about.com/library/cmd/blcmdl4_urandom.htm
] can produce a few bits of secret, machine-specific state from
time to time.
.

Relevant Pages

  • Re: Online poker RNG...
    ... too, btw, although, as a professional player, I already am aware of it ... BTW: For sale online are the hand ... Knowing the seed and the algorithm will indeed tell you the next ...
    (sci.math)
  • Re: famous literature
    ... Before I describe the algorithm, ... there is an important mathematical function - xor - that has an ... will generate random seeds. ... the run length random number generator. ...
    (sci.crypt)
  • Re: Online poker and RNG...
    ... Second, as soon as the hole cards are dealt, ... of those five cards, what seeds are possible. ... site publishes its algorithm, in which case the missing ingredient is ... it is difficult to keep these algorithms totally secret -- ...
    (sci.crypt)
  • Re: Atlantic Coast Regionals
    ... algorithm that troubles me is that the seedings it provides are not ... seeds would be unstable because the algorithm would reverse the order ... even though ACB has two local instabilities. ...
    (rec.sport.disc)
  • Re: Atlantic Coast Regionals
    ... algorithm that troubles me is that the seedings it provides are not ... seeds would be unstable because the algorithm would reverse the order ... teams and losses against the 6 bottom teams. ... other two seeding sets have the potential of getting C's seed wrong by ...
    (rec.sport.disc)