For a distributed service of this sort to spring up ‘naturally’ would require not just a threat model that requires it, but a critical mass of people who care sufficiently about the threat.
For a distributed service of this sort to spring up ‘naturally’ would require not just a threat model that requires it, but a critical mass of people who care sufficiently about the threat.
And apparently they don’t exist. That’s a pretty good reason.
I once wrote an open source cryptographic system that would let casinos prove to their customers that the casinos weren’t fixing the random generation behind the wheel spins, dice and card deals.
There was no interest in it. Not from the casinos OR from the customers who were betting their money.
There’s probably an interesting bias behind whether people properly take into account threats that are low frequency but high penalty.
I think there’s probably not much overlap between the sort of people who would understand the meaning of an open source cryptographic system enough to trust it, and people who frequent casinos, except probably for card counting.
If anything they seem to overemphasize low frequency, high-penalty threats. Or at least low-frequency, high-drama ones. Consider gun murder, terrorism, and child kidnapping; versus car accidents or family sexual abuse.
Maybe it is just a black-and-white thinking from most people. Either you trust online casinos, or you don’t. If you don’t, you don’t use them. If you do, you don’t use special cryptography to prove that they don’t cheat.
And the few people who understand cryptography and want to use online casinos and have a healthy degree of suspicion… are not enough to create a profitable market.
You could create a software which is easy enough to use, and then it would be used both by people with the healthy degree of suspicion and people who don’t care about safety. But 99% of them would also use a software which is easy to use and not provably safe… which is much cheaper to develop.
There was no interest in it. Not from the casinos OR from the customers who were betting their money.
What’s interesting here is that this was, at least initially, the motivation for SatoshiDice: that you could prove their lottery was fair. It’s exploded in popularity far more than that seems to warrant. I’ve never used it, so I don’t know how convenient it is, but if it’s as convenient as it sounds (no need to register accounts or log in, just send bitcoins to addresses, AFAIK), that’s more evidence that convenience is Really Important.
But there is SatoshiDICE, which is designed along similar principles and seems to get some use.
I guess part of the problem is that people who play roulette are not very sophisticated about it, since it’s an expected loss anyway. I could imagine poker players being interested, but this protocol doesn’t really fit: it reveals what the deck was at the end of the round (players who folded do not want other players to know what their hand was). I think that the attack that online poker places worry the most about is colluding players, and P2P cryptography doesn’t help there.
My immediate thought is: because it is easier
For a distributed service of this sort to spring up ‘naturally’ would require not just a threat model that requires it, but a critical mass of people who care sufficiently about the threat.
Crypt21 Cryptographic Library—“This ain’t your daddy’s crypto!”
And apparently they don’t exist. That’s a pretty good reason.
sighs Yes, you’re right.
I once wrote an open source cryptographic system that would let casinos prove to their customers that the casinos weren’t fixing the random generation behind the wheel spins, dice and card deals.
There was no interest in it. Not from the casinos OR from the customers who were betting their money.
There’s probably an interesting bias behind whether people properly take into account threats that are low frequency but high penalty.
I think there’s probably not much overlap between the sort of people who would understand the meaning of an open source cryptographic system enough to trust it, and people who frequent casinos, except probably for card counting.
If anything they seem to overemphasize low frequency, high-penalty threats. Or at least low-frequency, high-drama ones. Consider gun murder, terrorism, and child kidnapping; versus car accidents or family sexual abuse.
Maybe it is just a black-and-white thinking from most people. Either you trust online casinos, or you don’t. If you don’t, you don’t use them. If you do, you don’t use special cryptography to prove that they don’t cheat.
And the few people who understand cryptography and want to use online casinos and have a healthy degree of suspicion… are not enough to create a profitable market.
You could create a software which is easy enough to use, and then it would be used both by people with the healthy degree of suspicion and people who don’t care about safety. But 99% of them would also use a software which is easy to use and not provably safe… which is much cheaper to develop.
What’s interesting here is that this was, at least initially, the motivation for SatoshiDice: that you could prove their lottery was fair. It’s exploded in popularity far more than that seems to warrant. I’ve never used it, so I don’t know how convenient it is, but if it’s as convenient as it sounds (no need to register accounts or log in, just send bitcoins to addresses, AFAIK), that’s more evidence that convenience is Really Important.
Maybe poker players. Also how practical is your system, e.g., how long would it take to shuffle a deck of cards with it?
But there is SatoshiDICE, which is designed along similar principles and seems to get some use.
I guess part of the problem is that people who play roulette are not very sophisticated about it, since it’s an expected loss anyway. I could imagine poker players being interested, but this protocol doesn’t really fit: it reveals what the deck was at the end of the round (players who folded do not want other players to know what their hand was). I think that the attack that online poker places worry the most about is colluding players, and P2P cryptography doesn’t help there.