1. Introduction

Immersive technologies, an integral component of the metaverse [1], serve as the foundation for creating interactive and multisensory experiences, blurring the boundaries between real and virtual worlds. By enabling users to feel immersed in virtual or augmented environments, these technologies create rich interactions and a sense of presence that make users feel like active participants in digital or augmented spaces [2,3]. Immersive environments, facilitated by technologies such as virtual reality (VR), augmented reality (AR), and mixed reality (MR), are developing quickly and have the potential to transform how people interact with digital contents and their physical surroundings [4]. The quality of the interaction produces a sense of presence. These environments allow users to engage with three-dimensional objects, often referred to as virtual assets, in ways that mimic real-life interactions [5].

These virtual assets are central to immersive environments and contribute greatly to the experience and presence. In our study, we defined virtual assets as digital objects within immersive environments that hold functional, social, or experiential value to users. These assets include custom avatars, virtual real estate, digital artwork, in-game items, and other interactive objects [6]. Unlike financial assets that are typically traded or exchanged, virtual assets in immersive environments may represent ownership, identity, creativity, or social status, making them essential to user experiences and the ecosystems of immersive platforms [7].

Through VR controllers and other input mechanisms, users can interact with virtual assets by performing actions such as picking up, manipulating, or even trading these items [8,9]. As immersive environments develop into more complex ecosystems, these assets can gain personal or commercial value. Examples include 3D content used in education, virtual properties in metaverses, or unique digital creations like NFTs (non-fungible tokens), which may also hold value beyond the virtual world [10,11].

However, the growing importance of virtual assets introduces critical challenges related to security and trust in these environments [6]. For instance, scams in virtual spaces have resulted in several investors including a nurse in rural Maine, a fitness trainer in Colorado, and a venture capitalist in Florida all losing their investments [12], highlighting the need for robust security mechanisms [13]. Malicious actors may attempt to tamper with, duplicate, or forge virtual assets, leading to unauthorized modifications, counterfeiting, or fraud. Such risks threaten intellectual property, undermine user confidence, and disrupt immersive ecosystems [14,15].

While existing literature places greater emphasis on enhancing the sense of presence in immersive worlds [16], issues related to authenticity and integrity and overall security of virtual assets remain underexplored. Alternative security solutions such as cybersecurity and digital property insurance have been proposed to safeguard virtual assets [17]. However, while these approaches may be feasible for large organizations, they are excessively costly and complex for individual VR users seeking to protect their identities and assets.

In addition, several studies have explored the use of blockchain for authentication and identity protection in the virtual world [1]. Although blockchain offers the benefits of decentralization, it also introduces new vulnerabilities [18]. For instance, digital wallets that store NFTs and cryptocurrencies have become prime targets for malware, resulting in the theft of both NFTs and crypto-assets [19]. This vulnerability has led major industry players, such as Microsoft’s Minecraft, a prominent metaverse platform, to express reservations about integrating NFTs and blockchain technologies [20]. There is a clear need for user-centric tools that supplement existing security solutions such as encryption protocols and intrusion detection systems to enable individuals to protect their virtual assets and prove their authenticity in a virtual world.

Proving authenticity might be more straightforward in the physical world than in the virtual world. In traditional real-world business models, entities participating in a transaction must prove the validity and authenticity of the transaction using a physical signature. Thus, in the physical world, a written signature or seal has the authority to certify, ratify, and formalize documents, clearly defining the obligations of the parties involved in a contract. However, on the internet, the authenticity and integrity of transactions are ensured through cryptographic signatures [21]. Hashing and public key algorithms are the two techniques that are combined together in digital signatures [22], as approved by NIST [23]. The application of cryptographic hashing and digital signatures are well established in cybersecurity [24] and can be adapted to immersive contexts to verify the integrity of virtual assets in real time.

In the context of immersive spaces, maintaining the authenticity and integrity of virtual assets involves ensuring that these assets have not been modified without authorization and that their origin and ownership can be trusted [9]. The concept of authenticity applies digital signatures to verifying that an object is genuine while employing hash function algorithms to ensure that the integrity of an item is assured [25]. Whilst a digital signature is a type of electronic signature that utilizes cryptographic algorithms and keys to signing a document [26], the hashing algorithm creates a message digest of the data, which is used to verify the integrity of the data [27]. Given the same input, a hash function will always generate the same output (message digest) and it remains computationally infeasible to reverse the process to retrieve the original input from the hash [28]. Digital signatures are the basic building component for guaranteeing the authenticity and integrity of contents delivered over the internet [29]. While these concepts maintain trust and reliability, they must not introduce complexities that should undermine the user experience that the immersive environment promises. The cryptographic integration into the immersive world space should be interactive, user-friendly, and seamlessly woven into it.

While digital signatures have long been applied in traditional IT systems such as proposed by Anastasia Khrykova et al. [30], they employed digital signature technology to improve information handling across industries. Building on this, Selvaraj and Sundari [25] proposed a mechanism that combines digital signatures with hash algorithms to validate authenticity and ensure data integrity as it transitions from virtual machines to the cloud. Similarly, the blockchain-based metaverse applies digital signatures but often emphasizes decentralized financial transactions. However, the direct application of these techniques to virtual assets in immersive environments remains unexplored.

Digital signatures offer a straightforward and lightweight solution for verifying that assets have not been tampered with while also proving the signer’s identity [6]. This makes them particularly suitable for systems requiring simple, verifiable proof of authenticity without the need for extensive additional infrastructure. When applied to immersive environments, digital signatures present a promising approach to addressing security challenges.

The study aims to bridge this gap by investigating how digital signatures and hash algorithms can be integrated into immersive systems to enhance asset security effectively. To the best of our knowledge, this is one of the first studies to focus on applying digital signatures in immersive spaces to address both usability and security challenges. This research made the following contributions to the field of security in immersive environments:

1. Design and implementation of a digital signature into VR space: We integrated cryptographic methods into the VR space, allowing users to sign virtual assets and verify their authenticity in real time;

2. Usable security design: Based on the foundational concept of usable security [31], our implementation demonstrates user-friendly security in immersive environments by integrating signature signing and verification with standard controller-based interactions. By binding these actions to controller buttons, the security features remain intuitive and non-disruptive to the immersive experience;

3. Interdisciplinary integration: This study closes the gap between cybersecurity and immersive technology. It incorporates principles from cryptography, computer graphics, and human–computer interaction, adding to multidisciplinary knowledge and opening the way for future study in secure immersive technology;

4. User-centric security: Our study provides a user-centric approach to security by empowering end-users in immersive environments with security methods to protect their assets;

5. Digital signatures: Our study also proposed different potential VR areas where digital signatures can be applied to ensure the integrity and authenticity of virtual assets.

This study is structured as follows: Section 2 reviews the related work on cryptographic signatures for authenticity and integrity. Section 3 provides potential areas where digital signatures and hash algorithms can be applied in different VR environments. Section 4 discusses the methods and architecture of the proposed system, followed by a detailed presentation of the proposed scheme in Section 5. The evaluations and the discussion of the results are covered in Section 6 and Section 7, respectively. Finally, Section 8 concludes the study and outline directions for the future.

2. Related Studies

This section presents the current literature where digital signatures and the hash function algorithm have been applied to provide authenticity or integrity.

In their study, Tianhuang and Xiaoguang [21] examine security challenges in e-commerce, using the digital signature approach. They begin by discussing the inherent security vulnerabilities in modern e-commerce systems. Given the critical importance of ensuring data integrity and authenticity in e-commerce transactions, the researchers explored the Digital Signature Algorithm (DSA) and assessed its effectiveness in addressing these concerns. Through a simulation-based approach, they demonstrated the practical application of the DSA in real-world e-commerce scenarios. Their findings indicate that the DSA is an effective solution for achieving both authenticity and integrity in e-commerce. However, their study also emphasizes the necessity for further research to improve the security mechanism of the DSA.

Singh et al. [32] developed a digital signature verification scheme that authenticates images. Their system is developed to support lossy JPEG compression and allows a certain degree of tolerance for data variation. When a signed image is transmitted to the receiver, upon decryption, the image’s hash is compared with the original to prove its authenticity and integrity. If a mismatch occurs, the extent of the difference is measured. As part of their approach, they introduced a threshold level to account for tolerable discrepancies between the original and the received images. The experimental results show that the proposed method effectively detects tampering in images, making sure that the integrity of the transmitted images is preserved.

Several studies have proposed the use of blockchain technology in immersive environments to provide security and trust [33]. In their study, Connavo and Lamberti [34] explore the opportunities blockchain offers in immersive environments, particularly in improving security and trust. They emphasized how integrating blockchain with XR can enhance the authenticity of virtual content. However, while blockchain presents promising security solutions for VR, it also introduces complexities [35]. Its decentralized nature, which relies on distributed ledgers, consensus mechanisms, and potentially smart contracts which may not fit well with small-scale VR architecture that requires a centralized control operating in high-throughput environments like real-time VR. Moreover, managing private keys and interacting with blockchain systems can be challenging for everyday users, potentially disrupting the flow of the user experiences. It is, rather, ideal for a decentralized VR environment where trust is distributed with future advanced architectures with low latency.

Gul and Ozturk [36], in their study, introduced a fragile watermarking method based on the SHA-256 hash function to increase image integrity and to facilitate tamper detection. With their method, the image is divided into four 16 × 16 sub-blocks after being divided into 32 × 32 non-overlapping blocks. Three of these sub-blocks’ total hash value is utilized as a watermark. After testing their method on many systems, the outcome demonstrates a reliable tamper detection across several image types. The main contribution of their study is employing the block-based technique; it allowed for the fourth part of the non-overlapped blocks to be used for the watermark embedding region. Their research indicates the proposed method is effective for maintaining image quality while providing ways to detect tampering.

The reviewed literature underlines the effectiveness of digital signatures and hash algorithms in securing digital content across various domains. However, there is a notice-able gap in applying these techniques specifically within VR environments to protect virtual assets. This research aims to fill this gap by proposing a framework that leverages digital signatures and hash algorithms to ensure the authenticity and integrity of virtual assets in VR space.

3. Potential Areas Where Digital Signatures and Hash Algorithms Can Be Applied in Immersive Spaces for Trust and Ownership

Trust is vital for any social interaction in the real world [37]. There are a lot of avenues to ensure trust in a real-world setting. However, when real-world experiences are replicated in the virtual world, ensuring trust becomes challenging. Digital signatures have proven to provide trust in internet communications. The same cybersecurity solution can be replicated within VR space in real time to ensure trust. Trusting the entities you meet in a virtual world could be overwhelming, and you should know the avatars you are dealing with are controlled by the rightful owners [38]. There is a possibility for avatar takeover by threat actors [39]. Users may fall victim to deepfakes which will introduce difficulty in distinguishing legitimate virtual subjects or avatars from other representations designed to fool them [13]. By associating avatars with a digital signature, they can sign metadata relating to the avatar with their private keys and other participants can verify the authenticity of the avatar and the identity of the avatar controller.

Trust can also be achieved between asset providers and VR developers by using cryptographic digital signatures and hash algorithms. For instance, many VR developers rely on assets from asset providers for their application. Introducing digital assets in the Unity asset store [40] for instance will enable assets to be verified for authenticity and integrity to ensure that no malicious or tampered files are included in the final product. Malicious users may tamper assets to host malware to have access to VR applications to control them. Developers can verify assets for authenticity and integrity, protecting against tampered or malicious files and thereby increasing reliability [41].

Another area of application is in a collaborative VR environment where users interact with shared contents such as 3D models, documents, and training modules [3]. It is of relevance for users to verify the authenticity and the integrity of the contents directly within the VR environment in order to maintain trust and security during real-time interactions. Ensuring the integrity of shared content in real time, such as 3D models and documents, helps maintain trust and security in collaborative experiences.

Moreover, integrating digital signatures in real estate can allow property owners to digitally sign 3D models of properties, confirming that the versions viewed by clients are the original and authenticated representations of the actual physical spaces. When a transaction happens, the public key can be used to verify ownership of properties so that users do not fall victim to phishing scams. Furthermore, unique identifiers of virtual properties can be created using hashing algorithms to monitor any changes that could take place. The same concept can be applied to digital arts in immersive spaces.

As part of our contribution, this section proposes potential areas where the theme of our study can be applied. The integration of digital signatures and hash algorithms in immersive spaces for real estate, avatars, assets in the asset store, and digital arts enhances trust, security, and traceability. In all these fields, authenticity, ownership, integrity, and fraud prevention are major concerns that can be effectively addressed by cryptographic methods. Given the assurance of integrity and authenticity, the originality of people’s assets is also protected and secured.

4. Methods and System Architecture

The developed system is to demonstrate how we can introduce digital signatures for authentication and integrity in immersive spaces. We discuss below the tools and software that were used in our development. This section as part of our contribution provides the detailed process and the methodologies to introduce digital signatures into the VR world.

4.1. Unity 3D

Unity 3D is a game engine for development. It has robust support for VR hardware, comprehensive toolsets, and integration with VR-specific libraries like the XR Interaction Toolkit. With the XR Interaction Toolkit, we implemented the system for user interactions such as grabbing, picking up, and manipulating objects in the virtual world. This was critical for allowing players to interact with the virtual assets they sign. Unity provides native support for Oculus SDK, OpenXR, and others, allowing smooth integration with hand-tracking, gestures, and VR controllers. Unity also offers extensive support for 3D environments, physics simulations, and custom shaders, all of which are essential for building immersive VR experiences. In our system, the XR Interaction Toolkit manages how players interact with objects, allowing users to sign or verify items through the controller buttons (A and B). Our developed VR application was based on the Unity 3D multiplayer template [42], which creates a world space where users can interact with various objects.

4.2. Networking with Unity Netcode for Multiplayer

At a point in game development, games needed to move from the standalone desktop to online with multiplayer functionality [15]. Such games are called multiplayer or online games [43]. In multiplayer developments, clients and servers exchange data by transmitting packets over a network [44]. The transport layer is in charge of transmitting and receiving packets across the network in the multiplayer environment [45]. In multiplayer VR, two or more parties participate by joining the shared space with their own devices [43]. Unity Netcode is a high-level networking library built for Unity to enable sending GameObjects and data across a networking session. The Unity Transport Package is a netcode-independent library that offers a low-level network layer with an emphasis on performance and dependability. Scenes and GameObjects data can be synchronized across multiple platforms and clients using client- or server-authoritative models [46].

To enable the signing and verifying of virtual assets in a multiplayer VR environment, users used Unity’s Netcode for GameObjects (UNGO) [47]. This networking solution enables multiple players to connect to the same VR session and interact with shared objects, and it ensures that changes (such as signatures) are propagated to all clients. It supports a server-authoritative model where important actions are securely handled by the server. It ensures that the state of objects is synchronized across all clients, keeping the virtual world consistent.

4.3. Cryptographic Security with (Rivest–Shamir–Adleman) RSA

Having been around since the 1970s, RSA is one of the most well-studied and understood cryptographic algorithms. Several cryptographic libraries, protocols (including TLS/SSL), and hardware implementations widely support RSA. RSA is an asymmetric encryption algorithm that is used for encryption, digital signatures, and key exchange. RSA requires a larger key size of 2048 than other algorithms like elliptic curve, which is 256-bit [48]. Aside from RSA using a secured key size length [49], it is well established in the .Net framework that is used in Unity. The C# cryptography library (System.Security.Cryptography) was integrated into the system, using RSA to generate the following key pair: private and public keys, with a key size of 2048 bits. Additionally, we incorporated the SHA-256 hash function [50] to generate unique values for the assets to be hashed. Figure 1 illustrates the process of generating and verifying a digital signature, from the sender to the receiver.

4.4. System Architecture

The architecture of the proposed system consists of key components and interactions that are discussed in this section. The architecture is designed to enable secure interactions, real-time feedback, and efficient cryptographic operations in a shared virtual space. The key components consist of the interaction model, users, virtual assets, feedback interface, signing module, and verification module. Figure 2 illustrates the layered architecture flow describing the system interactions with key components.

4.4.1. User Interaction Layer

This layer handles the users’ direct interaction with virtual assets. These users are the participants in the VR environment who participate in immersive activities and can sign or verify virtual assets. The virtual assets are in the form of 3D models, digital documents, or avatars, that users interact with. They serve as the objects of signing and verification which carry metadata. The layer serves as the interface between the user and the system, usually through controllers, facilitating interaction, captures user inputs, and sends them to the underlying layers for processing.

The interaction model and the user flow are based on Unity’s Input System, which provides a modern approach to controller input, allowing users to easily detect button presses and trigger-associated actions. The illustration of the controller input bindings is shown in Figure 3. For the signing action, the primary button—A on the Oculus Quest 2 VR controller—is used to sign virtual items. Once pressed, the system captures the player’s identity and signs the selected item with their name. Meanwhile, for the verification action, the secondary button—B—allows any player to verify the signature of the item, ensuring that the signature is valid and the item has not been tampered with. This contributes to usable security where no button interface is created. The input system was chosen to provide seamless interaction and also for the following reasons:

• The input system abstracts complex controller input management into simple actions, allowing quick setup for different devices;

• It supports a range of VR hardware, making the system adaptable to various input mechanisms (hand controllers, motion controllers, etc.).

4.4.2. Application Layer

This is the core logic layer of the system that manages operations like signing and verification. The signing module includes the component that handles the creation of cryptographic signatures. It uses SHA-256 to hash the asset data and RSA with the user’s private key to sign the hashed data, after which the signature and user identity are embedded into the asset for broadcasting. Secondary to the signing module is the verification module, including a component that validates the signatures attached to virtual assets. It computes a hash of the asset’s data for comparison and verifies the cryptographic signature using the public key of the signer. Then, the feedback interface provides feedback to the user based on the system’s operations. It displays messages such as “Signature is valid” or “Signature is invalid” with the identity of the user who signed the asset and other related information.

4.4.3. Network Communication Layer

This layer manages synchronization and broadcasting across the system’s components. It uses Unity Netcode for enabling a smooth transmission of GameObjects and data across a networking session allowing scenes and GameObjects data to be synchronized across multiple platforms and clients using client- or server-authoritative models. Leveraging the Remote Procedure Call of Netcode [ClientRPC], this layer provides distribution of the corresponding public key to all users in the world space. The key function of the communication layer is to handle communication between the user interface and the back-end logic. It further ensures messages, updates, or changes of asset states are properly synchronized across distributed or network systems.

4.4.4. Cryptographic Layer

The cryptographic layer performs the cryptographic operations necessary for securing data. This layer is built on the Public Key Infrastructure (PKI) using the RSA algorithm to digitally sign an asset. It employs public–private key pairs for signing and verifying assets to ensure integrity and authenticity. With the SHA-256 hash algorithm, this layer hashes the data to be sent creating a unique data fingerprint for security and integrity verification. Therefore, this layer provides the cryptographic foundation that ensures the security and reliability of the system.

Figure 4 illustrates the proposed architecture, including a cryptographic signing and verification process in the context of a VR environment. It presents the key components’ actions and the participants of the proposed scheme. The key components include the following:

• VR participant (blue): A user who generates a key pair and signs the asset;

• VR participant (green): A user in the VR environment who verifies the integrity of an asset;

• Key pair (public and private keys): The cryptographic keys used for signing and verifying the asset;

• Asset: The object or data being shared in the VR environment;

• Signature file: A file generated after signing the asset using the private key;

• A threat actor with malicious intent.

5. The Proposed Scheme

The proposed digital signature-based scheme integrates cryptographic techniques with real-time user interactions. The scheme consists of three main phases: initialization, signing, and verification. This section discusses the phases and the pseudocode that outlines the processes of signing and verifying virtual items in a VR environment using cryptographic digital signatures. The pseudocode encapsulates the critical steps of the proposed method to ensure the authenticity and integrity of virtual assets.

5.1. Initialization Phase

In the initialization phase, each user generates an RSA key pair comprising a private key and a public key. The private key is stored securely on the user’s device and used exclusively for signing operations. The corresponding public key is distributed to all participants in the VR environment to enable signature verification. A trusted hashing algorithm, SHA-256, is selected to create unique, fixed-length hashes for all virtual assets. This hash serves as the basis for signing and verifying asset authenticity.

5.2. The Signing Phase

When a user interacts with a virtual asset in the VR environment (e.g., picks up an object with their controller), the system retrieves the data associated with the asset. These data are then hashed using SHA-256, producing a unique fingerprint for the asset. The private key is used to sign the hash, creating a cryptographic signature. The user’s identity (e.g., their username) is attached to the signature to indicate who signed the asset. The signature and identity are then broadcasted to all participants in the VR space for later verification. Figure 5 illustrates the logs that are saved during the signing phase.

Algorithm 1 describes the steps for digitally signing a virtual item in VR. It has inputs as itemData which are unique data associated with the virtual item (e.g., its ID or attributes) and playerName which is the name of the user signing the item. The system generates a hash of the itemData using the SHA-256 algorithm [50]. This creates a unique and fixed-size representation of the item data, ensuring that even a small change to the item will produce a different hash. The generated hash is signed using the user’s private key, producing a cryptographic signature that ties the hash to the signer. Then, the user’s name (playerName) is attached to the signature for identification purposes. Afterwards, the signature and signer information are distributed to all participants in the VR environment, ensuring all users have access to the updated information, updating the VR interface to display the signature and signer’s name.

5.3. Verification Phase

In the verification phase, a participant can validate the authenticity of a signed item by interacting with it (e.g., pressing the “B” button on their controller). The system retrieves the item’s data and computes a new hash using SHA-256. This hash is compared against the original signature using the signer’s public key. If the signature matches, the system confirms that the asset is authentic and displays the message “Signature is valid. Signed by [Username]”. If the verification fails, it indicates tampering, and the system notifies the user with the message “Signature is invalid”. In Figure 6, the user’s action during the verification process is logged whilst Figure 7 displays the validity response inside the virtual room during verification.

Algorithm 2 details the verification process when a user attempts to validate the authenticity of a signed item. The inputs include itemData—the data of the virtual item to be verified, and the receivedSignature—the cryptographic signature associated with the item and the PublicKey—used to verify the signature. The process is such that the system generates a hash of the itemData using SHA-256 to ensure the verification is based on the exact data that were signed. Then, a public key verifies the signature matches the generated hash [36]. This confirms both the integrity of the item (it has not been modified) and the authenticity of the signer. If the verification is successful, the system displays a message stating that the signature is valid and shows the name of the signer. If the verification fails, the system alerts the user that the signature is invalid. In Figure 7, we demonstrate the feedback interface of verifying an asset.

Algorithm 3 defines the user interaction flow in the VR system, connecting signing and verification to user actions. The inputs include inputAction, which consist of the user’s action, itemData, and playerName passed based on the action being performed. For the processes, if the user selects the “SIGN” action, the system calls the SignItem algorithm, signing the asset and broadcasting the signature, while when the “VERIFY” action is selected, this allows the system to call the VerifyItem algorithm to validate the asset’s integrity. Based on the user’s input, the system executes the appropriate signing or verification logic. Figure 8 presents the script configuration, which references the input actions and corresponding feedback texts.

6. Evaluation

The evaluation of the proposed digital signature system for ensuring authenticity and integrity in immersive environments generated consistent and insightful performance metrics. We evaluated the system’s ability and effectiveness to detect tampering and forgery. We also assessed the performance based on signing time, memory usage, and verification speed. This section discusses the evaluation and their results.

6.1. Tampering Detection

To evaluate the system’s ability to detect tampering, multiple scenarios were tested where an item’s metadata were altered after it had been signed and was still running. During verification, the system computed a hash of the modified item and compared it to the hash stored in the original signature. In all cases, the system successfully flagged tampered data as invalid. Feedback was displayed to the user: “Data have been modified! Unauthorized change detected”, as illustrated in Figure 9. The system also logged detailed messages in the console, providing traceability for the detected tampering illustrated in Figure 10. These results confirm the system’s robustness in detecting unauthorized modifications, ensuring that the integrity of virtual assets is maintained in real-time VR environments.

Considering Figure 10, the hash value underlined with yellow demonstrates the hash of the original item compared with the signature for verification, whilst the hash value with the underlined orange color is the hash of the modified item. The mismatch renders the signature invalid, detecting the asset has been tampered with.

6.2. Forgery Detection

Forgery detection was tested by simulating scenarios where a valid signature from an item was reused with tampered or unrelated data in an attempt to claim ownership of the asset. The unrelated or tampered data were hashed and the system was tasked with verifying the hash using the captured signature, ensuring it matched the provided item data. In all cases, the system successfully identified the forgery. The verification failed because the captured signature did not correspond to the new data because the mismatch between the tampered or unrelated data’s hash and the original data’s signature was detected. Feedback was displayed to the user: “Forgery detected!” Detailed logs in the console are illustrated in Figure 11.

6.3. Performance Analysis

The performance assessment was based on the signature signing time, verification time, and memory usage. These metrics were measured across multiple trials, including simulated asset modification and forgery attacks. This section discusses the results of the performance analysis.

6.3.1. Signing and Verification Time Analysis

The signing operation was tested across ten (10) trials to measure execution time and consistency. The recorded signing times were 19 ms, 19 ms, 17 ms, 17 ms, 17 ms, 18 ms, 18 ms, 16 ms, 16 ms, and 16 ms. From these trials the following metrics were calculated:

1. Average signing time

$\mathrm{Average}={\displaystyle \frac{\mathrm{Sum} \mathrm{of} \mathrm{Signing} \mathrm{Times}}{\mathrm{Number} \mathrm{of} \mathrm{Trials}}}=17.3 \mathrm{ms}$

• Range:

Range = maximum − minimum = 19 ms − 16 ms = 3 ms

• Standard deviation, measuring the deviations in the variation in signing times:

$\sigma =\sqrt{{\displaystyle \frac{\sum {{(x}_i-\overline{x})}^2}{n}}}$

Standard deviation = √1.21 = 1.1 ms.

These results indicate that the signing operation is both consistent and efficient, with low variation in execution time.

• 2.. Verification process time

The verification process was observed to take either 1 ms or 0 ms, indicating extremely low latency. This fast verification time ensures immediate feedback to users, which is crucial for maintaining immersion and responsiveness in VR environments. Figure 12 demonstrates a recorded verification time in milliseconds.

6.3.2. Memory Usage During Signing and Verification

1. Signing process memory allocation

The memory usage was measured before and after the signing process:

• Memory before signing: 835,911,680 bytes;

• Memory after Signing: 835,915,776 bytes;

• Memory used = memory after signing − memory before signing = 4096 bytes = 4 KB.

This low memory footprint demonstrates the system’s lightweight design, ensuring it does not introduce significant overhead in a resource-constrained VR environment.

• 2.. Verification process memory allocation

In most trials, the verification process showed no significant difference between memory before and after the operation. This indicates that verification requires negligible memory, further solidifying its efficiency.

• 3.. Comparative analysis

We compare the performance metrics of our method against baseline methods in Table 1. The baseline methods originally report time in seconds, which we converted to milliseconds for consistency. To ensure a fair comparison, we also converted the recorded time of our proposed method to seconds. Both units are presented in the table for clarity.

7. Discussion

The integration of digital signatures into VR environments for ensuring the authenticity and integrity of virtual assets represents a novel approach to tackling security concerns in immersive digital worlds. This section discusses the results of the study.

7.1. Guaranteeing Authenticity

Ensuring authenticity is critical in building trust within VR environments. Authenticity is achieved when an asset or signature is verifiably tied to its rightful owner and the specific data it represents. The proposed system leverages cryptographic digital signatures to enforce authenticity by using a public–private key pair. This ensures that only the legitimate private key owner can generate a valid signature for an item. During verification, the public key validates the signature against the item’s data. If an attacker attempts to reuse or fake a signature, the mismatch between the signature and the hash of the data prevents validation, exposing forgery attempts. This mechanism ensures that the signature is not just tied to the private key but also to the specific data that were signed. For instance, in a forgery simulation, a valid signature was captured and applied to tampered data. The system correctly identified the forgery, ensuring that only the original data and their signer were authenticated. This method directly addresses the authenticity challenge by ensuring that any changes made to a virtual item can be traced back to the identity of the user who signed it, ensuring non-repudiation [55].

The forgery detection validated the system’s ability to authenticate the source of a signature. By tying signatures to specific data, the system prevents attackers from reusing a captured signature on different data. This ensures that even if a signature is intercepted, it cannot be exploited to falsely authenticate other assets. The use of the SHA-256 algorithm in our implementation further strengthens this mechanism by providing collision avoidance, ensuring that no two distinct data sets can produce the same hash [56].

This approach builds a cryptographically secure link between the signer (private key owner), the data, and the signature, ensuring authenticity in VR environments. The significance of this approach is particularly relevant for future applications where virtual assets hold real-world value, such as virtual real estate, digital artwork, or even non-fungible tokens (NFTs) [10] within VR. In these cases, ensuring that the virtual item is genuinely the one signed or certified by a particular entity becomes critical to maintaining trust in the environment [49].

7.2. Guaranteeing Integrity

Ensuring the integrity of virtual assets in VR environments is vital for maintaining trust and reliability, particularly in collaborative and immersive scenarios. Integrity is achieved when a virtual asset can be verified as unaltered since its last signed state [41]. The proposed system guarantees integrity by leveraging cryptographic hash functions and digital signatures [57].

The system uses the SHA-256 hash function to create a unique, fixed-size hash of the item’s data. This hash serves as a digital fingerprint for the asset. Any unauthorized modification to the asset whether intentional or accidental results in a different hash. During the verification process, the system computes the hash of the current item data and compares it with the hash stored at the time of signing. If the hashes do not match, the system detects tampering and invalidates the signature.

For example, during a tampering simulation, the item’s metadata (such as its name or description) were altered after signing. The system flagged the modification as unauthorized, displaying the following feedback to the user: “Data have been modified! Unauthorized change detected”. This capability ensures that even minor changes to an asset are detected, guaranteeing that the item remains in its intended state.

The integrity guarantee is strengthened by binding the hash of the data to the digital signature. When an item is signed, the hash of its data is included in the signature process. During verification, the public key not only authenticates the signature but also ensures that the hash has not been altered. This dual mechanism prevents attackers from generating new hashes for tampered data and associating them with valid signatures. This mechanism not only safeguards the integrity of individual assets but also enhances the overall security of the VR environment by deterring tampering attempts.

7.3. User-Centric Security

The proposed system places users at the center of security operations, empowering them to actively verify the authenticity of the VR experiences they engage with. This approach enhances trust by shifting away from passive security measures commonly employed in non-interactive media, signaling a significant advancement towards user empowerment in immersive environments.

A key benefit of this research is its focus on user-friendly interactions while maintaining high levels of security. In a VR environment, users can sign an item by just grabbing it and press the primary button such as “A” on the Quest 2 controller. Behind the scenes, the system securely handles complex cryptographic operations, such as hashing and digital signature generation. This abstraction of complexity enables non-technical users to engage with secure systems effortlessly, without requiring in-depth knowledge of cryptography or security protocols.

The system also ensures transparency through visible feedback, such as displaying the signature and the name of the user who signed the asset. During verification, real-time feedback alerts users if a signature is invalid, forged, or tied to tampered data. This guarantees that authenticity and integrity checks are not only cryptographically secure but also intuitive and transparent. Users are informed about the status of the items they interact with in real time, fostering a sense of trust and security in the virtual space.

As immersive environments evolve into marketplaces, educational platforms, and collaborative spaces, this trust will be essential for seamless interactions between users. The user-centric security approach demonstrated by this system serves as a foundation for future immersive applications, ensuring that trust and security remain at the forefront of VR innovation.

7.4. Performance Efficiency

One of the key concerns in immersive VR environments is the need for efficiency in computations to ensure a seamless experience for users. While RSA is widely regarded as secure, it is resource intensive [58]. The speed of signing and verifying RSA signatures may depend on various factors such as the computing capacity and system architecture.

The comparative analysis demonstrates that our system achieves remarkable performance improvements over baseline RSA implementations by optimizing the signing and verification process for smaller data sizes typical of VR assets. Even though baseline methods may operate on larger files and with smaller keys (1024 bits), our approach delivers faster signing times (17.3 ms on average), immediate verification (0–1 ms), and a significantly lower memory footprint (4 KB) despite the larger key size of 2048 used. This makes our solution particularly attractive for secure, real-time interactions in immersive environments.

About 20 milliseconds has been found to be a meaningful latency threshold for maintaining immersion in VR [59]. The system’s signing time of 17.3 ms falls well within this range, demonstrating its ability to perform cryptographic signing operations swiftly and seamlessly without introducing perceptible latency for users. The low variability in signing times, as evidenced by a standard deviation of 1.1 ms, highlights the system’s reliability in maintaining consistent performance.

For memory utilization, the signing process used only 4 KB of memory, while the verification process typically incurred negligible or no additional memory usage, which is substantially lower than the baseline methods (ranging from ~169 KB to 91,814 KB). This lightweight memory usage makes the system scalable for VR applications with multiple users and assets.

The performance evaluation demonstrates that the proposed system is highly efficient in both signing and verification operations. With an average signing time of 17.3 ms, negligible verification delays, and a memory footprint of only 4 KB, the system offers a lightweight and reliable solution for ensuring authenticity and integrity in VR environments. These results validate the system’s suitability for real-time applications and its scalability for future extensions.

7.5. Future Scalability and Crypto-Agility

Although our current implementation uses RSA-2048 for digital signature operations, which provides solid security under existing computational models, we recognize that RSA is potentially vulnerable in the face of sophisticated quantum computing assaults [60]. Instead of viewing this as a limitation, our modular system is designed with future scalability, making it inherently crypto-agile.

This crypto-agile architecture means that our system’s cryptographic components are decoupled from the core application logic, allowing us to effortlessly integrate quantum-resistant algorithms, such as lattice-based or hash-based signatures, as these technologies mature. This flexibility ensures that our solution can evolve alongside emerging threats, maintaining the authenticity and integrity of virtual assets even in quantum-enabled environments. This scalable design ensures that as the cryptographic landscape changes, our framework can be readily updated, thereby sustaining strong security and trust in immersive applications.

8. Conclusions

Immersive virtual worlds are evolving and intersecting with real-world economies, introducing dynamics in work outputs, social interactions, commerce, education, and several other domains [14]. The quality of interaction with virtual assets within the immersive space directly influences both presence and immersion [1]. Virtual assets for interaction are integral to the immersive experience [61]. While these assets stand at a chance of unauthorized modifications and theft, ensuring their trustworthiness within these spaces will be essential for the growth and adoption of immersive technologies.

In this study, we explored the integration of cryptographic digital signatures leveraging RSA-2048 and SHA-256 to ensure the authenticity and integrity of virtual assets in immersive environments. As immersive technologies continue to grow in both scale and significance, securing virtual assets such as custom avatars, digital artwork, and virtual real estate becomes critical, especially in collaborative and immersive spaces. By implementing a digital signature into a VR system, the research demonstrates how advanced cryptographic techniques could be applied to real-time immersive environments, introducing a user-centric model for enhancing trust and security in virtual interactions.

Our implementation leverages the inbuilt RSA cryptography in C# with Unity 3D to generate key pairs for signing and verifying virtual items in VR world space, ensuring that any modifications to these assets are immediately detectable. We integrated Unity’s Netcode to facilitate signature broadcasting and managing item states, providing a scalable solution for maintaining trust and authenticity in virtual environments. Users interact with the system intuitively, pressing button A to sign an asset and button B to verify its integrity. This seamless interaction promotes both usability and security, two essential components for future immersive applications.

Performance evaluations show that the system average signing time of 17.3 ms, with negligible verification delays, aligns with the low-latency requirements of VR [59]. Memory usage is minimal, with signing consuming only 4 KB, ensuring scalability for environments involving multiple users and assets. Additionally, we tested the system’s resilience against tampering and forgery attacks, demonstrating its ability to detect modifications and maintain both integrity and authenticity.

Our research sets the stage for further developments in securing virtual assets through cryptographic technologies promoting trust and preventing malicious activities. While the focus of our study is on non-financial virtual assets, the proposed solution also extends to financial virtual assets aligning with anti-money laundering (AML) and counter-terrorist financing (CFT) principles [62]. By tying a digital signature to an avatar for authenticity or to a virtual asset for integrity, the system also demonstrates its potential to a forward-looking framework for regulatory compliance in financial ecosystems.

Future research could explore extending this system to handle more complex interactions and asset types. Additional considerations might include integrating more advanced cryptographic algorithms and introducing a centralized certificate authority, as well as exploring quantum-resistant cryptographic techniques such as lattice-based cryptography. Furthermore, enhancing user interfaces for a more seamless and intuitive interaction will be key for improving user experience.

Footnotes

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Enlarge this image.

Figure 1. Cryptographic signature process.

Enlarge this image.

Figure 2. Layered architecture diagram of the proposed system.

Enlarge this image.

Figure 3. Player input binding SignItem and VerifyItem to controller’s primary and secondary buttons, respectively.

Enlarge this image.

Figure 4. The main architecture of the proposed system.

Enlarge this image.

Figure 5. Logs of the user’s actions during the signing process.

Enlarge this image.

Figure 6. Logs of user’s actions during the verification process.

Enlarge this image.

Figure 7. In the virtual room, when the asset is verified by a user, feedback is displayed on the board with the name of the signer and the validity message. The signature is just displayed for research purposes.

Enlarge this image.

Figure 8. Asset configuration settings in the inspector referencing the feedback interface and the controller input actions.

Enlarge this image.

Figure 9. Feedback to the user interface when tampering is detected.

Enlarge this image.

Figure 10. Console logs displaying the comparison in the hash of the original data and the modified data to provide traceability to tampering detection.

Enlarge this image.

Figure 11. Forgery detection logged in the console.

Enlarge this image.

Figure 12. Time it took to verify an asset’s validity.

References

1. Truong, V.T.; Le, L.; Niyato, D. Blockchain Meets Metaverse and Digital Asset Management: A Comprehensive Survey. IEEE Access; 2023; 11, pp. 26258-26288. [DOI: https://dx.doi.org/10.1109/ACCESS.2023.3257029]

2. Paes, D.; Arantes, E.; Irizarry, J. Immersive environment for improving the understanding of architectural 3D models: Comparing user spatial perception between immersive and traditional virtual reality systems. Autom. Constr.; 2017; 84, pp. 292-303. [DOI: https://dx.doi.org/10.1016/j.autcon.2017.09.016]

3. Rubio-Tamayo, J.; Gertrudix Barrio, M.; García García, F. Immersive Environments and Virtual Reality: Systematic Review and Advances in Communication, Interaction and Simulation. Multimodal Technol. Interact.; 2017; 1, 21. [DOI: https://dx.doi.org/10.3390/mti1040021]

4. Hamad, A.; Jia, B. How Virtual Reality Technology Has Changed Our Lives: An Overview of the Current and Potential Applications and Limitations. Int. J. Environ. Res. Public. Health; 2022; 19, 11278. [DOI: https://dx.doi.org/10.3390/ijerph191811278] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/36141551]

5. Sukaridhoto, S.; Haz, A.; Fajrianti, E.; Budiarti, R.P.N. Comparative Study of 3D Assets Optimization of Virtual Reality Application on VR Standalone Device. Int. J. Adv. Sci. Eng. Inf. Technol.; 2023; 13, 999. [DOI: https://dx.doi.org/10.18517/ijaseit.13.3.18375]

6. Metaverse Security Considerations—Identity Management Institute^®. Available online: https://identitymanagementinstitute.org/metaverse-security-considerations/ (accessed on 26 January 2025).

7. Lehdonvirta, V. Real-Money Trade of Virtual Assets: New Strategies for Virtual World Operators; Icfai University Press: Hyderabad, India, 2008.

8. Qamar, S.; Anwar, Z.; Afzal, M. A systematic threat analysis and defense strategies for the metaverse and extended reality systems. Comput. Secur.; 2023; 128, 103127. [DOI: https://dx.doi.org/10.1016/j.cose.2023.103127]

9. Tukur, M.; Schneider, J.; Househ, M.; Dokoro, A.H.; Ismail, U.I.; Dawaki, M.; Agus, M. The Metaverse digital environments: A scoping review of the techniques, technologies, and applications. J. King Saud Univ.-Comput. Inf. Sci.; 2024; 36, 101967. [DOI: https://dx.doi.org/10.1016/j.jksuci.2024.101967]

10. Kürtünlüoğlu, P.; Akdik, B.; Karaarslan, E. Security of Virtual Reality Authentication Methods in Metaverse: An Overview. arXiv; 2022; Available online: http://arxiv.org/abs/2209.06447 (accessed on 4 June 2024). arXiv: 2209.06447

11. Dilla, W.; Harrison, A.; Mennecke, B.; Janvrin, D. The Assets Are Virtual but the Behavior Is Real: An Analysis of Fraud in Virtual Worlds and Its Implications for the Real World. J. Inf. Syst.; 2013; 27, pp. 131-158. [DOI: https://dx.doi.org/10.2308/isys-50571]

12. Javers, E.; Zamost, S.; Tortorelli, P. Cybercriminals Target Metaverse Investors with Phishing Scams. Available online: https://www.cnbc.com/2022/05/26/cybercriminals-target-metaverse-investors-with-phishing-scams.html (accessed on 19 September 2024).

13. Lee, L.-H.; Braud, T.; Zhou, P.; Wang, L.; Xu, D.; Lin, Z.; Kumar, A.; Bermejo, C.; Hui, P. All One Needs to Know about Metaverse: A Complete Survey on Technological Singularity, Virtual Ecosystem, and Research Agenda. arXiv; 2021; arXiv: 2110.05352[DOI: https://dx.doi.org/10.1561/1100000095]

14. Valluripally, S.; Gulhane, A.; Hoque, K.A.; Calyam, P. Modeling and Defense of Social Virtual Reality Attacks Inducing Cybersickness. IEEE Trans. Dependable Secure Comput.; 2022; 19, pp. 4127-4144. [DOI: https://dx.doi.org/10.1109/TDSC.2021.3121216]

15. Ibrahim, A. Guarding the Future of Gaming: The Imperative of Cybersecurity. Proceedings of the 2024 2nd International Conference on Cyber Resilience (ICCR); Dubai, United Arab Emirates, 26–28 February 2024; pp. 1-9. [DOI: https://dx.doi.org/10.1109/ICCR61006.2024.10532843]

16. Hameed, A.; Perkis, A. Authenticity and presence: Defining perceived quality in VR experiences. Front. Psychol.; 2024; 15, 1291650. [DOI: https://dx.doi.org/10.3389/fpsyg.2024.1291650] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/38708019]

17. Ways to Protect Your Digital Property and Virtual Real Estate—FortySeven. Available online: https://fortyseven47.com/blog/ways-to-protect-your-digital-property-and-virtual-real-estate/ (accessed on 20 February 2025).

18. Hasanova, H.; Baek, U.; Shin, M.; Cho, K.; Kim, M.-S. A survey on blockchain cybersecurity vulnerabilities and possible countermeasures. Int. J. Netw. Manag.; 2019; 29, e2060. [DOI: https://dx.doi.org/10.1002/nem.2060]

19. World Economic Forum. Here’s How to Prevent Crime in the Metaverse. Available online: https://www.weforum.org/stories/2022/08/crime-punishment-metaverse/ (accessed on 20 February 2025).

20. Minecraft.net. Minecraft and NFTs. Available online: https://www.minecraft.net/en-us/article/minecraft-and-nfts (accessed on 20 February 2025).

21. Tianhuang, C.; Xiaoguang, X. Digital Signature in the Application of e-Commerce Security. 2010 International Conference on E-Health Networking Digital Ecosystems and Technologies (EDT); IEEE: Piscataway, NJ, USA, 2010; 4.

22. Dhagat, R.; Joshi, P. New approach of user authentication using digital signature. Proceedings of the 2016 Symposium on Colossal Data Analysis and Networking (CDAN); Indore, India, 18–19 March 2016; pp. 1-3. [DOI: https://dx.doi.org/10.1109/CDAN.2016.7570947]

23. National Institute of Standards and Technology (US). Digital Signature Standard (DSS); National Institute of Standards and Technology (US): Washington, DC, USA, 2023; NIST FIPS 186-5. [DOI: https://dx.doi.org/10.6028/NIST.FIPS.186-5]

24. Abdelwahab Mohamed, I.S. Digital signature in E-Commerce security. Middle East J. Sci. Publ.; 2018; 1, 10.

25. Selvaraj, R.; Sundari, M.S. EAM: Enhanced authentication method to ensure the authenticity and integrity of the data in VM migration to the cloud environment. Sci. Temper; 2023; 14, pp. 227-232. [DOI: https://dx.doi.org/10.58414/SCIENTIFICTEMPER.2023.14.1.29]

26. Tulu, B.; Li, H.; Chatterjee, S.; Hilton, B.N.; Lafky, D.; Horan, T.A. Design and Implementation of a Digital Signature Solution for healthcare. Proceedings of the Tenth Americas Conference on Information Systems; New York, NY, USA, 6–8 August 2004; 9.

27. Kuppuswamy, P. A New Efficient Digital Signature Scheme Algorithm based on Block cipher. IOSR J. Comput. Eng.; 2012; 7, pp. 47-52. [DOI: https://dx.doi.org/10.9790/0661-0714752]

28. Menezes, A.J.; Van Oorschot, P.C.; Vanstone, S.A. Handbook Of Applied Cryptography; CRC press: Boca Raton, FL, USA, 1996; Available online: https://labit501.upct.es/~fburrull/docencia/SeguridadEnRedes/old/teoria/bibliography/HandbookOfAppliedCryptography_AMenezes.pdf (accessed on 20 September 2024).

29. Katsis, C.; Singla, A.; Bertino, E. Real-time Digital Signatures for Named Data Networking. Proceedings of the 7th ACM Conference on Information-Centric Networking; Virtual Event, MTL, Canada, 29 September–1 October 2020; pp. 149-151. [DOI: https://dx.doi.org/10.1145/3405656.3420227]

30. Khrykova, A.; Bolsunovskaya, M.; Shirokova, S.; Novopashenny, A. Implementation of digital signature technology to improve the interaction in company. E3S Web of Conferences 244; EDP Sciences: Les Ulis, France, 2021; 7. [DOI: https://dx.doi.org/10.1051/e3sconf/202124412023]

31. Lennartsson, M.; Kävrestad, J.; Nohlberg, M. Exploring the meaning of usable security—A literature review. Inf. Comput. Secur.; 2021; 29, pp. 647-663. [DOI: https://dx.doi.org/10.1108/ICS-10-2020-0167]

32. Singh, M.; Kaur, H.; Kakkar, A. Digital signature verification scheme for image authentication. Proceedings of the 2015 2nd International Conference on Recent Advances in Engineering & Computational Sciences (RAECS); Chandigarh, India, 21–22 December 2015; pp. 1-5. [DOI: https://dx.doi.org/10.1109/RAECS.2015.7453277]

33. French, A.; Risius, M.; Shim, J. The Interaction of Virtual Reality, Blockchain, and 5G New Radio: Disrupting Business and Society. Commun. Assoc. Inf. Syst.; 2020; 46, pp. 603-618. [DOI: https://dx.doi.org/10.17705/1CAIS.04625]

34. Cannavò, A.; Lamberti, F. How Blockchain, Virtual Reality, and Augmented Reality are Converging, and Why. IEEE Consum. Electron. Mag.; 2021; 10, pp. 6-13. [DOI: https://dx.doi.org/10.1109/MCE.2020.3025753]

35. Chen, X.; Nguyen, K.; Sekiya, H. On the Latency Performance in Private Blockchain Networks. IEEE Internet Things J.; 2022; 9, pp. 19246-19259. [DOI: https://dx.doi.org/10.1109/JIOT.2022.3165666]

36. Gul, E.; Ozturk, S. A novel hash function based fragile watermarking method for image integrity. Multimed. Tools Appl.; 2019; 78, pp. 17701-17718. [DOI: https://dx.doi.org/10.1007/s11042-018-7084-0]

37. Shin, D.-H. The effects of trust, security and privacy in social networking: A security-based approach to understand the pattern of adoption. Interact. Comput.; 2010; 22, pp. 428-438. [DOI: https://dx.doi.org/10.1016/j.intcom.2010.05.001]

38. Andersson, V.; Sobek, T. Virtual Avatars, Virtual Influencers and Aunthenticity. Master’s Thesis; University of Gothenburg: Gothenburg, Sweden, June 2020; Available online: https://gupea.ub.gu.se/bitstream/handle/2077/64928/gupea_2077_64928_1.pdf?sequence=1&isAllowed=y (accessed on 3 October 2024).

39. Cheong, B.C. Avatars in the metaverse: Potential legal issues and remedies. Int. Cybersecurity Law Rev.; 2022; 3, pp. 467-494. [DOI: https://dx.doi.org/10.1365/s43439-022-00056-9]

40. The Best Assets for Game Making Unity Asset Store. Available online: https://assetstore.unity.com/ (accessed on 3 October 2024).

41. Duranti, L. Trust & Authenticity in the Digital Environment: An Increasingly Cloudy Issue. Digital Records Forensics. Available online: www.digitalrecordsforensics.org (accessed on 6 April 2012).

42. VR Multiplayer Template Quick Start Guide VR Multiplayer 2.0.3. Available online: https://docs.unity3d.com/Packages/[email protected]/manual/index.html#networked-interactable-example (accessed on 3 October 2024).

43. Gehring, M.; Mosler, P.; Dokonal, W.; Rüppel, U. Designing and experiencing spaces together—A low-cost VR multiplayer approach in teaching. Envisioning Architectural Scales in the Analogue and Virtual Representation of Architecture: Proceedings of the 16th EAEA Conference; Royal Danish Academy-Architecture, Design, Conservation: København, Denmark, 2023.

44. Wang, Y. A Framework for Developing Network Based Games Using Unity and Ice. Ph.D. Thesis; Uniersidad Politechnica de Madrid: Madrid, Spain, June 2017; Available online: https://oa.upm.es/47086/1/TM_YONGJIAN_WANG.pdf (accessed on 5 August 2024).

45. Unity Realtime Multiplayer, Part 8: Exploring Ready-Made Networking Solutions HackerNoon. Available online: https://hackernoon.com/unity-realtime-multiplayer-part-8-exploring-ready-made-networking-solutions (accessed on 5 August 2024).

46. Networking & Netcode Software Solution Unity. Available online: https://unity.com/products/netcode (accessed on 6 August 2024).

47. About Netcode for GameObjects Unity Multiplayer. Available online: https://docs-multiplayer.unity3d.com/netcode/current/about/ (accessed on 3 October 2024).

48. Abobeah, R.M.; Ezz, M.M.; Harb, H.M. Public-Key Cryptography Techniques Evaluation. Int. J. Comput. Netw. Appl.; 2015; 2, 12.

49. Na, Z.; Xi, X.G. The Application of a Scheme of Digital Signature in Electronic Government. Proceedings of the 2008 International Conference on Computer Science and Software Engineering; Wuhan, China, 12–14 December 2008; IEEE Computer Society: Washington, DC, USA, 2008; 4. [DOI: https://dx.doi.org/10.1109/CSSE.2008.929]

50. Hashing Algorithm—An overview ScienceDirect Topics. Available online: https://www.sciencedirect.com/topics/computer-science/hashing-algorithm (accessed on 20 September 2024).

51. Seth, S.M.; Mishra, R. Comparative Analysis of Encryption Algorithms For Data Communication. Int. J. Comput. Sci. Technol.; 2024; 2, pp. 292-294.

52. Maheshwari, G.U.; Padma, J. Performance Analysis of DES, AES and RSA Algorithm along with LSB Substitution Technique. Int. J. Sci. Res. Eng. Manag.; 2021; 5, pp. 1-6.

53. Maqsood, F.; Ahmed, M.; Mumtaz, M.; Ali, M. Cryptography: A Comparative Analysis for Modern Techniques. Int. J. Adv. Comput. Sci. Appl.; 2017; 8, pp. 442-448. [DOI: https://dx.doi.org/10.14569/IJACSA.2017.080659]

54. Adeniyi, E.A.; Adeniyi, E.A.; Adeniyi, E.A.; Imoize, A.L.; Imoize, A.L.; Awotunde, J.B.; Lee, C.-C.; Lee, C.-C.; Falola, P.; Falola, P. et al. Performance Analysis of Two Famous Cryptographic Algorithms on Mixed Data. J. Comput. Sci.; 2023; 19, pp. 694-706. [DOI: https://dx.doi.org/10.3844/jcssp.2023.694.706]

55. Gashi, L.; Luma, A.; Apostolova, M.; Januzaj, Y. A Weighting Model of Cybersecurity Parameters Used for Service Placement. Int. J. Online Biomed. Eng. IJOE; 2023; 19, pp. 88-98. [DOI: https://dx.doi.org/10.3991/ijoe.v19i07.39285]

56. What Is the Existential Forgery Attack Against RSA Digital Signatures and How Does It Exploit the Construction of the RSA Digital Signature Scheme?—EITCA Academy. European Information Technologies Certification Academy—Attesting Your Professional Digital Skills. Available online: https://en.eitca.org/cybersecurity/eitc-is-acc-advanced-classical-cryptography/digital-signatures/elgamal-digital-signature/examination-review-elgamal-digital-signature/what-is-the-existential-forgery-attack-against-rsa-digital-signatures-and-how-does-it-exploit-the-construction-of-the-rsa-digital-signature-scheme/ (accessed on 6 January 2025).

57. Kaur, P.; Arora, N. A Comprehensive Study of Cryptography and Digital Signature. Int. J. Sci. Eng. Comput. Technol.; 2015; 5, pp. 1-5.

58. Verma, S.; Garg, D. RSA Variant with Efficient Memory Usage. Proceedings of the International Conference on Advances in Engineering and Technology (ICAET’2014); Singapore, 29–30 March 2014; [DOI: https://dx.doi.org/10.15242/IIE.E0314095]

59. Varjo. Latency in Virtual Reality (VR) and Mixed Reality (XR). Varjo.com. Available online: https://varjo.com/learning-hub/latency/ (accessed on 2 January 2025).

60. Shaheed Nehal, A.; Farhan, M.; Sunad, Y.S. Quantum Cryptography—Breaking RSA Encryption Using Quantum Computing with Shor’s Algorithm. Int. J. Technol. Res. Eng.; 2020; 8, 6.

61. Rizzo, A.A.; Schultheis, M.; Kerns, K.A.; Mateer, C. Analysis of assets for virtual reality applications in neuropsychology. Neuropsychol. Rehabil.; 2004; 14, pp. 207-239. [DOI: https://dx.doi.org/10.1080/09602010343000183]

62. FATF. Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers. 2019; Available online: https://www.fatf-gafi.org/content/dam/fatf-gafi/guidance/RBA-VA-VASPs.pdf.coredownload.inline.pdf (accessed on 26 January 2025).