Les protocoles auto-appliqués, la panacée ? Self-enforcing protocols, solution to everything ?

21/09/2009

Comme chaque mois, j’ai reçu avec plaisir et impatience le Crypto Gram de Bruce Schneier (que je ne cesserai de paraphraser, soyez-en sûr) et un article m’a particulièrement titillé : Les protocoles auto-appliqués (Vous pardonnerez la traduction plus ou moins littérale, je n’ai aucune idée de la locution exacte dans notre belle langue). En un mot commençant, les protocoles auto-appliqués forment une catégorie de protocoles pour lesquels un tiers n’est pas nécessaire pour garantir le bon déroulement de celui-ci.

En effet, plus le temps passe et plus notre société [individualiste] forge des protocoles nécessitant une tierce personne pour assurer les deux parties que tout s’est déroulé normalement [du moins justement]. Aujourd’hui la parole donnée n’a probablement plus la valeur qu’elle pouvait avoir il y a quelques siècles et qui aujourd’hui irait acheter sur ebay un quelconque bien en faisant totallement confiance à un inconnu plus ou moins immatériel ?

Et ces protocoles à 3 parties sont certes relativement efficaces mais coûteux et en général la tierce personne n’intervient qu’en cas de litige [quand les problèmes surviennent].

Though, there are ways to avoid this complexity [and troubles], that’s self-enforcing protocols, as Bruce mentionned, for example, how kids share a cake equally, the first one cut the takes in 2 parts and the second one decides which part he will take. So in this case, respecting the protocol [no cheating] is the only way to do not loose anything.

I thought about those examples a few minutes, and I was wondering if self-enforcing protocols are the solution to most of our issues, especially on the web. But as always, everything which shines is not gold, and as what we are talking about trust, behind the curtains, that’s probably not as nice as it looks like.

Why being pessimistic ? Just because if it looks too easy [secure & fair] there is probably something I did not look at, and especially in the case of a self-enforcing protocol, if something goes wrong, you’ll be alone. That’s something Bruce quickly mentioned in his post, for example, in the “cake sharing” case, who can forbid one part to knock down the other part and take the cake ? At the end I wonder if self-enforcing protocols really exist by nature or we try to find protocol which tend to be self-enforcing for a given context… but as the goal is to avoid one part to cheat, does this context has any relevance ? I serioulsy doubt…

So maybe that’s due to my latin heritage but I always be amazed of how creative humans can be in order to get profit/cheat…. That makes me think of a very interesting Gamasutra article called “How to Hurt the Hackers: The Scoop on Internet Cheating and How You Can Combat It” and one particular chapter :

The only thing that seems to bother them [The cheaters] is getting caught. Beyond that, no ethical dilemmas seem to concern

For sure, this particular topic [anti cheating strategies and cheater vs. ethics] will be subject to another post soon.

To end up with the primer topic, would you feel more confident & secure if someone promises you that his protocol can ensure bothy parties that the deal will takes place as it should be without the need of any third party ?

As I’m a practical guy (or not), here is a list of self-enforcing protocols :

  • Vote à main levée
  • Division des rôles : une partie s’occupe de la division l’autre de la distribution
  • Le procès verbal (technique du gendarme) : “Racontez moi votre histoire, après je vous dirai ce que nous en savons.” (en fait assez similaire à la technique des pirates décrite par Bruce qui revient à dire, soit honnête car si je détecte que tu triches tu perds tout)

Cependant, pour chacun de ces exemples, il n’est pas très difficile de trouver une “parade” ou un moyen de dénaturer le protocole…

Read more  :

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: