Preventing cheating in future ICGA Events.

[bob]

My proposal:

"Any contestant shall provide the ICGA with the sources of his engine. These sources are to remain secret and undisclosed, except for one purpose:
- in case of doubt on the originality of the program, a majority of two thirds of the ICGA's board can vote to examine those sources to investigate the issue. The board shall be at least 10 persons large and the required number of members approving the examination of the sources will be rounded up to the immediate higher number (for instance, a positive vote of 7 out of 10 members are required to authorize the consulting of the sources). During such an investigation it will be the responsibility of the ICGA to prevent any leak or accidental disclosure of these sources, that will be kept secret but for the investigation panel. Only limited and illustrative parts of the sources can get published in the final public report."

This sounds extremely reasonable. Even when I was working on a private engine, and extremely reticent to share executables let alone source, I would have agreed to this.

-Sam

What single person can you find to collect the sources that (a) is completely honest and (b) trusted to be honest by all participants, perticularly commercial ones that have much to lose if trade secrets are exposed?

It sounds simple in theory, but the practical implementation is a _real_ bitch to do.

It would be feasable that the programmer is given a tool for encrypting the source as well as 10 different keys one for each panel member. There would be ways to enable a decryption only with 7/10 keys available.

That's a step in the right direction, IMHO.

Although I am not quite sure how you can do that as encryption usually requires the entire key. And having a bunch of different files, one for each combination of 7 encryption keys would be a zoo to manage.

[bob]

My proposal:

"Any contestant shall provide the ICGA with the sources of his engine. These sources are to remain secret and undisclosed, except for one purpose:
- in case of doubt on the originality of the program, a majority of two thirds of the ICGA's board can vote to examine those sources to investigate the issue. The board shall be at least 10 persons large and the required number of members approving the examination of the sources will be rounded up to the immediate higher number (for instance, a positive vote of 7 out of 10 members are required to authorize the consulting of the sources). During such an investigation it will be the responsibility of the ICGA to prevent any leak or accidental disclosure of these sources, that will be kept secret but for the investigation panel. Only limited and illustrative parts of the sources can get published in the final public report."

I find the phrasing of "require to authorize the consulting of the sources" way to vague. If I were to hand over sources of a commercial piece of software I would be more than interested in the process of "consulting" beforehand. Who gets to see the sources? Has the author any influence? I would propose as an optional alternative to the named procedure above, the author himself may chose 3 people well respected by the community, hand over the sources to them and have them vouch for security.

An obvious problem would be that if the accused gets to choose the only witnesses for the prosecution, he always will walk away scott free.

[sje]

It would be feasable that the programmer is given a tool for encrypting the source as well as 10 different keys one for each panel member. There would be ways to enable a decryption only with 7/10 keys available.

Although I am not quite sure how you can do that as encryption usually requires the entire key. And having a bunch of different files, one for each combination of 7 encryption keys would be a zoo to manage.

There is software for managing this. It it possible to create multiple partial keys and also to have keys made with differing decryption voting power. Similar schemes are in use for corporations that allow predesignated subsets of a group to authorize payments or purchases.

[Edmund]

My proposal:

"Any contestant shall provide the ICGA with the sources of his engine. These sources are to remain secret and undisclosed, except for one purpose:
- in case of doubt on the originality of the program, a majority of two thirds of the ICGA's board can vote to examine those sources to investigate the issue. The board shall be at least 10 persons large and the required number of members approving the examination of the sources will be rounded up to the immediate higher number (for instance, a positive vote of 7 out of 10 members are required to authorize the consulting of the sources). During such an investigation it will be the responsibility of the ICGA to prevent any leak or accidental disclosure of these sources, that will be kept secret but for the investigation panel. Only limited and illustrative parts of the sources can get published in the final public report."

This sounds extremely reasonable. Even when I was working on a private engine, and extremely reticent to share executables let alone source, I would have agreed to this.

-Sam

What single person can you find to collect the sources that (a) is completely honest and (b) trusted to be honest by all participants, perticularly commercial ones that have much to lose if trade secrets are exposed?

It sounds simple in theory, but the practical implementation is a _real_ bitch to do.

It would be feasable that the programmer is given a tool for encrypting the source as well as 10 different keys one for each panel member. There would be ways to enable a decryption only with 7/10 keys available.

That's a step in the right direction, IMHO.

Although I am not quite sure how you can do that as encryption usually requires the entire key. And having a bunch of different files, one for each combination of 7 encryption keys would be a zoo to manage.

see http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing as a possible solution to the problem. Shouldn't be too hard to implement.

[Mike S.]

I don't think this is realistic. It would virtually limit the ICGA chess events to non-commercial engines without commercial perspective in the near future.

Also, the ICGA board is only four persons. I think you mean a panel comparable to the clone investigation panel. This is difficult too. It was and is not a good idea that commercial competitors judge(d) upon each other. I was surprised when I read that list of names. IMO it shows a big lack of instinct, even if none of them is a lawyer.

Same for participants in the same WCCC event. By normal common sense, active players can't at the same time be arbiters.

This is not because anyone of them is necessarily unfair, but just because there is a conflict of interests, like an judicial incompatibility (or bias, even if it's only theoretical). It is a very clear requirement NOT to have such persons on a panel deciding such things, for a reasonable procedure.

If a group with many "incompatible" persons has made a decision, I would expect that if such a case goes to any civilised, regular court, it must recuse (reject) it due to obvious bias.

You'd need to find really independant persons, e.g. non-chess programmers only, but also such a panel should be a permanent one. Not one established "ad hoc" in case of emergency.

I don't think that the ICGA can provide that.

(Also, I don't think that "technical" ideas like encryption will help in this matter, but that's just my intuition.)

[Nelson Hernandez]

My suggestion is not that they stop holding the tournaments, but that the entire organization be dissolved.

[mjlef]

My proposal:

"Any contestant shall provide the ICGA with the sources of his engine. These sources are to remain secret and undisclosed, except for one purpose:
- in case of doubt on the originality of the program, a majority of two thirds of the ICGA's board can vote to examine those sources to investigate the issue. The board shall be at least 10 persons large and the required number of members approving the examination of the sources will be rounded up to the immediate higher number (for instance, a positive vote of 7 out of 10 members are required to authorize the consulting of the sources). During such an investigation it will be the responsibility of the ICGA to prevent any leak or accidental disclosure of these sources, that will be kept secret but for the investigation panel. Only limited and illustrative parts of the sources can get published in the final public report."

This sounds extremely reasonable. Even when I was working on a private engine, and extremely reticent to share executables let alone source, I would have agreed to this.

-Sam

What single person can you find to collect the sources that (a) is completely honest and (b) trusted to be honest by all participants, perticularly commercial ones that have much to lose if trade secrets are exposed?

It sounds simple in theory, but the practical implementation is a _real_ bitch to do.

It would be feasable that the programmer is given a tool for encrypting the source as well as 10 different keys one for each panel member. There would be ways to enable a decryption only with 7/10 keys available.

That's a step in the right direction, IMHO.

Although I am not quite sure how you can do that as encryption usually requires the entire key. And having a bunch of different files, one for each combination of 7 encryption keys would be a zoo to manage.

see http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing as a possible solution to the problem. Shouldn't be too hard to implement.

Clever if it can be made to work. One implementation issue is what keeps a programmer from encrypting something that is NOT his program and giving that to the ICGA? Since they would likely never open it he/she might get away with this. Granted if enough were suspicious it wold be unlocked and this discovered and then people assume guilt I guess. Some method of knowing at the tournament that code A vield executable B would be very useful. Any ideas?

[bob]

My proposal:

"Any contestant shall provide the ICGA with the sources of his engine. These sources are to remain secret and undisclosed, except for one purpose:
- in case of doubt on the originality of the program, a majority of two thirds of the ICGA's board can vote to examine those sources to investigate the issue. The board shall be at least 10 persons large and the required number of members approving the examination of the sources will be rounded up to the immediate higher number (for instance, a positive vote of 7 out of 10 members are required to authorize the consulting of the sources). During such an investigation it will be the responsibility of the ICGA to prevent any leak or accidental disclosure of these sources, that will be kept secret but for the investigation panel. Only limited and illustrative parts of the sources can get published in the final public report."

This sounds extremely reasonable. Even when I was working on a private engine, and extremely reticent to share executables let alone source, I would have agreed to this.

-Sam

What single person can you find to collect the sources that (a) is completely honest and (b) trusted to be honest by all participants, perticularly commercial ones that have much to lose if trade secrets are exposed?

It sounds simple in theory, but the practical implementation is a _real_ bitch to do.

It would be feasable that the programmer is given a tool for encrypting the source as well as 10 different keys one for each panel member. There would be ways to enable a decryption only with 7/10 keys available.

That's a step in the right direction, IMHO.

Although I am not quite sure how you can do that as encryption usually requires the entire key. And having a bunch of different files, one for each combination of 7 encryption keys would be a zoo to manage.

see http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing as a possible solution to the problem. Shouldn't be too hard to implement.

Clever if it can be made to work. One implementation issue is what keeps a programmer from encrypting something that is NOT his program and giving that to the ICGA? Since they would likely never open it he/she might get away with this. Granted if enough were suspicious it wold be unlocked and this discovered and then people assume guilt I guess. Some method of knowing at the tournament that code A vield executable B would be very useful. Any ideas?

This needs a comprehensive solution.

1. source must be submitted. When it is submitted, with the author present, the source is compiled and the binary tucked away. Then the source is encrypted using the cute multi-part encryption key idea.

2. Programs _must_ provide a log-file after each game, we probably need to specify the minimum information needed, but the usual stuff is obvious, like scores, times, PVs, target time limits, fail low/high indications, the clock values for each side (as the program understands them) and so forth.

3. The binary compiled at the beginning of this is used to verify some of the logs to see if scores and such agree. If we do a reasonable job of specifying the log file format, this could be automated so that a program eats the log file, and sends moves to the engine, and compares the resulting output.

A usable log file will take some effort, as we can't even get reliable kibitzing at the CCT/ACCA online events... Then there is the effort required to validate the source/executable to be certain that is what is actually playing.

[K I Hyams]

My suggestion is not that they stop holding the tournaments, but that the entire organization be dissolved.

Hi Nelson,
Nice to see you posting on this site. You don’t need to bounce your ideas off of Graham in order to air them because we already have George Speight, a man with greater clarity of thought and understanding of the salient features of the case than almost anyone on the Rybka forum, doing that for you.

You may be further reassured by the possibility that Rolf Tueschen, who I understand is Rajlich’s self-appointed official representative, will come back and support your position as soon as he realises that his services are required.

[CatPower]

My suggestion is not that they stop holding the tournaments, but that the entire organization be dissolved.

Amen!