this post was submitted on 17 May 2024
53 points (94.9% liked)

Asklemmy

43945 readers
638 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
Cloak@lemmy.ml
mekhos@lemmy.ml
tmpod@lemmy.pt
14specks@lemmy.ml
53
Is it possible for devices on an online group chat to toss a coin without trusting each other and the server? (discuss.tchncs.de)
submitted 6 months ago by smileyhead@discuss.tchncs.de to c/asklemmy@lemmy.ml
42 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] Tyoda@lemm.ee 2 points 6 months ago (1 children)

If the clients only communicate through the server, then without prior knowledge of one another, such as gpg keys, no.

Otherwise, maybe they could both generate an RSA key. Then they would both encrypt a string of this format "<RANDOM_STRING>_<RSA_PRIVATE>", and send that to the other. After receiving the other's package, each one sends over their own private key. They can use this to decrypt the string, which both of them had chosen before knowing what the other had. They can use the string to decide who won based on predetermined rules.

I put the private key in the package because this way clients can check that it was in fact the key used to encrypt it in the first place. Faking that would require infinite computing power or quantum shenanigans, I suspect.

Also this is probably way overkill and has flaws I didn't think of.

[โ€“] lluki@feddit.de 2 points 6 months ago

This! The prior knowledge is even fairly small, everyone can toss in a random string + key. The only drawback is that all participants need to have synchronized rounds (one for collecting the random values, one for the decryption keys), and the whole protocol fails if someone decides not send timely their decryption key