What is proof of integrity?
Lotteries must understand proof of integrity and why it is so important in the industry.
“Randomness” is hard to see and most systems do not provide a way of verifying randomness. In other words, the intrinsic problem with most systems that lotteries use to generate random numbers is that they don’t allow lotteries to prove without a doubt that the numbers were randomly chosen and that they occurred without any errors or fraud. The lottery or an independent auditor can only review the logs or traces provided on the systems and confirm that they do not indicate a problem. However, that does not prove that there was no hidden problem. Hence, there is a justified concern that an RNG system may have been defrauded or had an error that went unnoticed.
Traditionally, there are two types of methods of addressing these concerns – preventive and detective:
Traditional draw systems use many preventive methods to circumvent problems – trying to stop all problems that one can think of before they occur. There are many preventive methods deployed such as, RNG code review, physical security, system hardening, separation of roles, and ensuring the RNG is certified etc.
There are also detective methods. These include verifying RNG hardware device status, verifying that the certified RNG code is deployed, verifying critical system logs, statistical analysis of generated data, use of forensic evidence to detect security issues, etc. Like preventive methods, these detective methods are useful to avoid problems but they are not fully conclusive.
What is necessary to create this proof of integrity?
Proof of integrity must fulfill certain conditions:
- The information that is created and used for verification is tamper evident – it cannot be fraudulently created or modified without a way to detect the changes.
- There cannot be a way to compromise this proof-of-integrity information.
- The solution cannot rely on proprietary information known by any one party, e.g. a vendor or operator, and furthermore, verification and generation methods cannot rely on secrecy of the algorithm.
- It cannot be taken on faith that the RNG seed was properly generated and that it was not produced by faulty hardware or manipulated. There must be a conclusive method for validating the integrity of the seed and the hardware used to generate it.
- There also needs to be a way to prove that the random numbers were generated at the correct time, within a defined time window, i.e., after ticket sales were closed.
- Every random number generated needs to be accounted for.
- It should also be possible to verify the game matrix.
If proof of integrity meets these conditions, and if it is verified on an independent system which recreated the same draw results and draw data, then the lottery has a guarantee that the results were correct. Otherwise a problem has been identified and it needs to be investigated.
There are various methods used that don’t meet these criteria and provide only partial protection – i.e. they do not provide proof of integrity for draws.
- Digital signatures are sometimes used to protect draw numbers after they are generated or after the RNG seed is generated. If the data is digitally signed after generation, this will allow the lottery to verify only that the draw numbers were not modified afterwards, when they were transferred or distributed to other systems.
- Using different types of encryption to transform draw data protects the draw results from being modified after the data was generated but does not guarantee it was generated properly.
- Encoding draw results in a barcode can facilitate their transfer to another system and make for simple verification of the data but it also does not guarantee it was generated properly.
These types of methods do not ensure that the random numbers were correctly generated – they do not protect against hardware problems that could affect the seed (source of the randomness) and they do not protect against code modifications or manipulation of the draw process before the numbers are generated.
Besides testing and certification, a reliable verification method needs to be used to guarantee the integrity of the electronic draw. More specifically, to prove the integrity of an electronic draw, a lottery needs to be able to guarantee (i) that there were no hardware or software errors and (ii) that there was no interference with the draw. To satisfy these requirements, the draw system must first fulfill some important design criteria, such as “only use a valid RNG seed and do not allow for the generation of outcomes from a corrupted seed or defective hardware”. Furthermore, the lottery must also be able to detect any intrusion to or manipulation of the draw system.
The solution we offer is to enforce the integrity of the RNG seed for each draw by using digital signature as the RNG seed. Digital signatures can be verified and allow creation of an immutable proof of integrity. This protects the draw process from the onset and allows verification on an independent system of the actual draw numbers, the RNG hardware, the draw time, the game matrix, etc. At the same time, no secret algorithm or any secret data known to any party, including the vendor, is required to generate the random numbers. This way the lottery is able to provide 100% assurance that each draw was correct, valid, and problem free.
For more information about the importance of independent verification, see our blog “Like Gaming Systems, Draw Systems need independent verification”.