# Cheat Proof Online Poker Encryption Algorithm

This is similar to what @DimitriosPanagopoulos proposed. But with the inability for clients to see what cards other clients have.

Each client produces a random number. They encrypt it, and send it to the server. (Thereby locking in their choices.) The server then sends everyone the encrypted version. Then the clients each send their key to the server.

Now the server unencrypts the numbers, and adds them up modulo `2^19937−1` and uses that as the seed to https://en.wikipedia.org/wiki/Mersenne_Twister. The server then tells each client what cards they get following a standard order of decisions, using that pseudorandom number generator.

Once all cards have been dealt, the server sends the keys and all clients can verify that all cards were dealt fairly from the numbers chosen by the clients. (Remembering that as long as any client trusts its own random number generator, the combined result cannot have been forced by any other client.) Until that point, there is no way that any client can guess what hole cards any other client had.

If https://en.wikipedia.org/wiki/Indistinguishability_obfuscation is ever achieved, then it would be possible to eliminate the trusted server from the mix.

One problem. Since the server has the unencrypted keys, you have to trust that it isn’t sharing them to the clients. We can even eliminate that problem with the following change.

Each client chooses its seed, and sends that encrypted to the server. The server shares the encrypted seeds. Then for each random number generated by the server, it asks each client for a random number from 0 to 1, the server adds the random numbers up mod 1, then uses that for its decision. Once the cards are all revealed, everyone sends their keys to the server, and the server the keys and a log of what random numbers it got from each client. If the server does not think any client should have sent the numbers that they did, the game is invalid. And every client can verify that the game was fair.

Now the server cannot prematurely reveal information that it does not have. No client can alter their choices. And even if a client tried to collude with the server, without the information that your client has kept, you would have no way to know what response it has to send to get any particular desired result.

You can even save the two messages from the server to a file, and ship an open source program to validate the game. A program that can easily be reviewed by anyone which serves as public proof. And have a test suite for it for anyone who doesn’t trust your client and wishes to build their own to use with your server.

April 11, 2021
0 2
April 10, 2021
0 5
April 9, 2021
0 11