The truth about the RNG poker rooms

Introduction

In this article you will learn about one of the most important components of online poker - the random number generator (RNG). The “honesty” of the RNG of various poker rooms is regularly questioned and necessarily discussed at any resource dedicated to poker. Users constantly complain about a “spinning up” generator that allows a room to hold back stronger players so that the majority representing the category of “weaker players” remains a loyal room. Let's see if things are really that bad with randomness on poker sites.

You are all aware of what a random number generator is and how it is implemented on a computer, but for completeness of the article I will describe the basic concepts. If you wish, you can skip the next section.

Definitions

A random number generator (RNG) must generate an absolutely random sequence of numbers. Such a sequence can be obtained by using some physical natural processes, for example: physical noise, cosmic radiation, radiation background, etc. In computer systems, software and hardware RNGs are distinguished. The former are in fact a generator of pseudo-random numbers (PRNG) and are an algorithm that generates a sequence of numbers, the elements of which are almost independent of each other and obey a given distribution. Since the algorithm is predetermined, the sequence of the numbers obtained is also predetermined. It turns out if you know the PRNG algorithm, then you can get a "random" sequence.
')
Hardware RNG is a device that uses any of the external sources of entropy to obtain sequences.

Now RNG is usually implemented by combining PRNG and an external source of entropy. In computers, a processor clock count, sound card noise, or original methods, for example, “ RNG from WiFi noise, ” are used as such a source.

RNG in online poker

The generation of random sequences of cards along with their transfer from the server to the client is one of the fundamentals of the security of the poker room, so much attention is paid to them. For such an important system, it is unacceptable to use a pseudo-random number generator, because it can be hacked and get a sequence of numbers, and then decipher the cards of the players and the unopened table cards.

All poker rooms receive various certificates to prove the viability of their RNG and software. Cigital is one of the largest companies in this field, engaged in, among other things, certification of poker software and RNG. The certificate of this company is at the largest poker rooms Full Tilt Poker and PokerStars. The basis for testing any RNG is the NIST (National Institute of Standards and Technology) test suite, based on the FIPS 140-2 (Federal Information Processing Standard) USA. It includes various tests from the test for the ratio of 0 and 1 in the generated sequence, to the compression test by the LZO algorithm (a random sequence cannot be significantly compressed because it should not have many repeated sequences).

To generate random sequences, they use a system from one or more sources of entropy and the PRNG algorithm. For example, the largest poker room PokerStars uses data from users (mouse movements, reaction time to certain actions, etc.) as an accident factor and the RNG Quantis hardware certified by the Swiss Federal Bureau of Metrology. Quantis uses physical processes to generate number sequences. He picks up the photons and passes them through a translucent mirror. Two events: reflection and transmission of light are taken as 0 and 1. Quantis is available with different interfaces: USB, PCI, PCI-E with a random number stream of 4 Mbps. There is also a 16 Mbps modification for PCI devices. The price of such a device is € 890 - € 1165 for 4 Mbit / s stream and € 2000 for 16 Mbit / s. Also in PokerStars there are criteria for determining a sufficient degree of randomness. For example, if there is not enough data from users, then distribution will not start until sufficient random bits are generated by the RNG hardware. The actual conversion of a stream of random bits into numbers occurs as follows: if you need a number from 0 to 25, then 5 bits are selected and converted to a number from 0 to 31; if the number is greater than 25, the process is repeated. For shuffling the deck, the original deck and the empty deck are selected, a random card is selected from the first one and transferred to the second one. So, until all the cards are transferred to the initially empty deck.

In general, poker rooms use two types of deck shuffling: single and permanent. In a single deck is shuffled once before the distribution, and in constant shuffling the entire distribution continues. The second option introduces additional protection against hacking, because the next table map is unknown until the last moment. Permanent shuffling, for example, is used in the second largest poker room - FullTilt. The FullTilt RNG itself is built on the same principle as PokerStars, using 3 independent generators: a hardware RNG with a physical source of entropy and two independent PRNGs (ISAAC and OpenSSL). In general, this option of combining several random number generators is now used everywhere, but at the dawn of the development of online poker, things with RNG were much worse.

History of Planet Poker and ASF Software Inc.

Planet Poker is the first poker room in the world to offer its users to play for money on the Internet. It happened in January 1998. A little later, experts from Reliable Software Technologies (now Cigital) became interested in his security. The Planet Poker website opened the sources of their RNG algorithm (the algorithm itself was owned by ASF Sowtware Inc.). With this they wanted to show their honesty and reliability, but the source only helped the specialists to find gaps in it. Here is the shuffle function of maps from the published algorithm:

procedure TDeck . Shuffle ;
var
ctr : byte ;
tmp : byte ;

random_number : Byte ;
begin
{Fill the deck with unique cards}
for ctr : = 1 to 52 do
Card [ ctr ] : = ctr ;

{Generate a new seed based on the system clock}
randomize ;

{Randomly rearrange each card}
for ctr : = 1 to 52 do begin
random_number : = random ( 51 ) + 1 ;
tmp : = card [ random_number ] ;
card [ random_number ] : = card [ ctr ] ;
card [ ctr ] : = tmp ;
end ;

CurrentCard : = 1 ;
JustShuffled : = True ;
end ;

In short, an un-sorted deck of cards is taken and cards from 1 to 52 are swapped with any random card. To generate random numbers, the Pascal functions random, randomize are used, which use the system timer and the PRNG algorithm to obtain random numbers.

The first error of the algorithm lies in the random (n) function — it, unlike most Pascal functions, returns a value from 0 to n-1. Those. “Random (51) +1” gives us a number from 1 to 51 - the classic error off-by-one. It turns out the current card will never change places with the last 52nd card, which already gives a deviation from the randomness of the resulting deck.

Also, specialists of Reliable Software Tehnologies revealed the inconsistency of the algorithm itself, even if you correct the error off-by-one. To demonstrate this, they used the algorithm described above:

for ( i is 1 to n )
Swap i with random position between 1 and n

For ease of calculation, a deck of 3 cards was used. As a result, decks 231, 213 and 132 were encountered more often than 312, 321 and 123. It is clear that for a deck of 52 cards, some variants of shuffling the deck should have been encountered more often than others.

Another important omission was the number of possible decks in such a RNG. With a real shuffle of cards 52! = 8.06 * 1067 deck options are possible. Pascal functions generate random numbers based on the system clock. The basis for calculating a random number is the number of milliseconds since midnight. In a day, just 86,400,000 milliseconds, so we have only 86.4 million possible options for shuffling the deck, which is much less real possible.

And this is not all, the flaws found do not give a particular advantage to the players, but the following vulnerability made it possible to fully recognize the sequence of cards in the deck. All again because of the PRNG, or rather its predictability. The researchers wrote an exploit that could accurately show all the cards of the players and the remaining cards of the table after 3 cards laid out on the table. Thus, it was based on 5 well-known cards: 2 players and 3 on the table. Using the RNGS algorithm similar to Pascal and selecting a different number of milliseconds with a deviation from the current time (the generation time of the maps should have been close to the local time), the exploit found an exact match of 5 known maps and issued all the rest.

After this, the exploit additionally synchronized the local time with the server time, and the following iterations took less than one second.

For players, this story turned out well - the exploit was in good hands, and the specialists of Reliable Software Tehnologies immediately reported the vulnerabilities found in ASF Sowtware Inc. (their services besides Planet Poker also used purepoker.com, deltacasino.com) and later published their report . They estimated the damage if the program fell into bad hands, at $ 100,000 per day. Planet poker and in general online poker this story has caused serious damage, although it did not prevent the active development of this industry. And “Reliable Software Technologies” was renamed “Cigital” and is now a very reputable company for audit and certification programs.

Real Deal and Cut'N Shuffle Technology

We should also mention the Real Deal poker room with their innovative approach to the distribution of cards. The game for real money started on May 7, 2010. For shuffling, a real deck of cards and a special shuffle machine are used to mix them.



This patented machine is called Cut'N Shuffle. With it, you get a real mixing of a real deck of cards. In addition, the distributing player is invited to cut the deck (he may refuse), which introduces an additional element of randomness. Video recordings of each shuffle of the deck are stored on the server and any player can receive them if desired. This is a fairly young technology, let's see how it will be successful in the future.

Conclusion

In conclusion, I would like to speculate about possible fraud with RNG. The profit of the poker room comes from the rake (the part of the bank that the casino picks up for itself), so for them it doesn't matter who wins, only the amount of played rake is important for them. Hence the idea of ​​a profitable scam flows in: giving out more often good combinations to several players so that they try to play for all the money. Quite realizable, but all the secret someday becomes apparent, and the leak of such information is quite possible. And it is unlikely that a small increase in profits is worth huge losses, if such a deception is revealed. Therefore, if you play poker and you are fatally unlucky, you shouldn’t blame the “tweaked” RNG for everything, just wait out the losing streak and keep playing.

In practice, most often, the players try to shift their mistakes onto the strong shoulders of the RNG, blaming it for all their own failures. Always analyze your own actions and look for errors, before you throw the blame on software developers.

Article Pokeroff.ru specifically for Habrahabr