Okay, anybody want to play mental poker with me??? A protocol involving bit committment was posted to sci.crypt recently, which we can use to play. There is an RSA protocol, but a commutative encryption/decryption is required, which I don't think PGP provides. So here is the protocol: 1) A shuffles cards, creates a message M1 that lists the cards by number. A appends a random bit stream, and computes the hash (using MD5). A sends hash MD5(M1) to B. 2) B composes message M2 that lists the cards he chooses by number. B appends a random bit stream, and computes the hash. B sends the hash MD5(M2) to A. 3) A sends B M1 so B can get his cards. 4) B shuffles the remaining 47 cards, lists them by number, appends a random bit stream to create M3, and computes the hash. B sends hash MD5(M3) to A. 5) A chooses cards by number, appends a random bit stream to create M4, and computes hash. A sends MD5(M4) to B. 6) B sends A M3 so A get get her cards. A and B can catch cheating by comparing the various message and hashes. Getting extra cards can be left as further extensions, as can multiple players (3 or more). Any takers? By the way, the hash function implementation I have is the sigfetch routine contained in tripwire. It includes md5, md4, md2, snefru, crc, and crc32. So before a game starts the players should verify their respective hashers. /-----------------------------------\ | Karl L. Barrus | | barrus@tree.egr.uh.edu (NeXTMail) | | elee9sf@menudo.uh.edu | \-----------------------------------/