Step 1

Harry, in his office in America, writes down on a piece of paper either the number 1 or the number 0.

Step 2

Harry sends Pete an email to say he has done so.

Step 3

Pete sends Harry an email containing Pete's guess of either 1 or 0.

Step 4

Harry combines the two inputs as follows:
toss = ( Harry's Input + Pete's Input ) modulo 2
interpreting a 0 as a Tail and a 1 as a Head
thus:

Harry's Input	Pete's Input	Output
0	0	0
0	1	1
1	0	1
1	1	0

Step 5

Harry sends Pete an email saying whether Pete has won or lost.

• From    : Harry <h.fituright@mit.edu> 
  To      : Pete <p.bloggs@ox.ac.uk>
  Subject : Asteroid A - Step 2
  Date    : Jan 1
  
  Hi Pete,
  
  Ok, I've written my input down.  Go ahead and send me yours.
  
  Harry.
  

• From    : Pete <p.bloggs@ox.ac.uk> 
  To      : Harry <h.fituright@mit.edu>
  Subject : Asteroid A - Step 3
  Date    : Jan 2
  
  Hi Harry,
  
  My input is "0".
  
  Pete.
  

• From    : Harry <h.fituright@mit.edu> 
  To      : Pete <p.bloggs@ox.ac.uk>
  Subject : Asteroid A - Step 5
  Date    : Jan 1st
  
  Hi Pete,
  
  Sorry to tell you, but you lose.
  
  My input was "1".  Which combined with your "0" gives us
  an output of "1", which we agreed meant "Heads" and a win
  for me.  The new name of Asteroid A is now officially 
  
          ***  HarryFituright1  *** 
  
  Harry.
  

Asteroid C

Step 1

Harry, Pete and Richard all generate their inputs (now one of six numbers: 0,1,2,3,4 or 5) and write them down: I(harry), I(pete), I(richard)

Step 2

Harry, Pete and Richard then all calculate the digest of their own input: D(harry), D(pete), D(richard)

Step 3

Harry, who as the middleman who knows the email addresses of both Pete and Richard, has agreed to be the host, and he sends an email to the others saying he is ready for them to send him their digests.

Step 4

P --> H : D(pete)

R --> H : D(richard)

Step 5

H --> P : D(harry)

H --> P : D(richard)

H --> R : D(harry)

H --> R : D(pete)

Step 6

Now that everyone has everyone else's digests, they can all reveal their actual inputs:

P --> H : I(pete)

R --> H : I(richard)

Step 7

H --> P : I(harry)

H --> P : I(richard)

H --> R : I(harry)

H --> R : I(pete)

Step 8

Now all three of them have all the inputs, they can each work out the outcome:
outcome = ( I(harry) + I(pete) + I(richard) ) modulo 6

• 0 == I(Harry)
• 4 == I(Pete)
• 3 == I(Richard)

Pete however gets a little suspicious. He agreed to provide a digest of his guess, because otherwise Richard would have been in the same situation as Pete had been with Harry over the Asteroid A. But how does he know the hash is secure? He trusts that once Harry has produced his digest, Harry can't change his input. But what if Harry could work out Pete's input from Pete's digest? If he could do that, he could fix the result because Harry doesn't supply his digest (and so isn't forced to choose his input) until after he gets Pete's.

The security of a digest depends on the size of the plaintext (the message) that is fed to it. If there are only 6 possible plaintexts then there are only 6 possible digests, and you can easily create a lookup table to map from digest to plaintext.

However a balance is needed. You don't want to have to generate too many random bits each time, as it is an expensive operation. They agreed on changing from:

plaintext = input

plaintext = sharedtext + usertext

sharedtext = hostid : gameid : timeid :

( usertext ) modulo numberOfOutcomes = input

0 <= usertext <= ( ( 2 ^ 64 ) - 1 )

Asteroid D

Definitions

• M is the number of distinct outcomes to be selected between
  M = 6
• Participant 0 is the host
  P0 = Harry
• N is the number of users (not including the host)
  N = 2
• Participants 1..N are Users 1..N
  P1 = Pete
  P2 = Richard
• Ix is Px's input
• Ux is Px's usertext
• Dx is Px's digest

Steps

Step 1

P0 --> Px : sharedtext

This signifies the game is open

Step 2

Px --> P0 : Dx

This signifies a user wishes to join the game

Step 3

P0 --> Px : You are player X

This signifies the digest was accepted

Step 4

P0 --> Px : N

This signifies the game is now closed to additional users

Step 5

Px --> P0 : request D0..N

This can be repeated to allow for failed transmisisons

Step 6

P0 --> Px : D0

P0 --> Px : D1

P0 --> Px : D2

Response to the previous stage

Step 7

Px --> P0 : Ux

The user is happy they have enough digests

Step 8

P0 --> Px : outcome

Step 9

Px --> P0 : request U0..N

This can be repeated to allow for failed transmisisons

Step 10

P0 --> Px : U0

P0 --> Px : U1

P0 --> Px : U2

Response to the previous stage

Step 11

Px --> P0 : no more requests

Game is over / outcome verified.

Result

• sharedtext = "Harry <h.fituright@mit.edu> : 6 / Asteroid D : 1999-04-17 09.30.00 :"
• U0 = 12345
• U1 = 23456
• U2 = 34567
• I0 = U0 mod M = 12345 mod 6 = 3
• I1 = U1 mod M = 23456 mod 6 = 2
• I2 = U2 mod M = 34567 mod 6 = 1
• outcome = ( I0 + I1 + I2 ) mod M = ( 3 + 2 + 1 ) mod 6 = 0
• The asteroid was named PeteBloggs2