Securely Reinforcing Synchronization for Embedded Online Contests

Abstract

When competing in eBay bidding, online games, or e-exams in embedded computing environments, people naturally face asynchronous starts from different computing devices, which is treated as a security risk of online contests. The security risks of online contests also include eavesdropping during data transmission without intended rights, and false starts by malicious competitors, which also means asynchrony in contests. Accordingly, online contests need security guarantees, especially on synchronization. In this article, for synchronic and secure starts in a contest, we update security requirements of confidentiality, anonymity, and synchrony, comparing the current work to our previous work. Based on the updated requirements, we propose a general framework for the Advanced Secure Synchronized Reading (ASSR) system, which can hold multiple contests simultaneously in the cloud. It is important to note that the system can ignore the impacts of heterogeneity among competitors. Considering the heterogeneity both on transmission and computing, we construct a novel Randomness-reused Identity Based Key Encapsulation Mechanism (RIBKEM) to support separable decapsulation, which can shorten both decryption delay and transmission delay with the best efforts. Finally, ASSR enhances synchronization achievement for contest starts with heterogeneous delays of competitors while satisfying other security requirements. As a complement, the analysis on the provable security of ASSR is given, as well as a further analysis on the achievement of synchronization.