FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Secure communications

 
Post new topic   Reply to topic     Forum Index -> dnet
View previous topic :: View next topic  

Do you need security facilities?
What's that? :?
0%
 0%  [ 0 ]
Yes, I do need
50%
 50%  [ 2 ]
No, I'd rather implemented it myself
50%
 50%  [ 2 ]
Total Votes : 4

Author Message
Dima-san



Joined: 25 Mar 2007
Posts: 33
Location: Almaty, Kazakhstan

PostPosted: Wed Jul 04, 2007 11:24 am    Post subject: Secure communications Reply with quote

After taking a glimpse at Game Programming Gems' 3 article called 'Secure sockets', a question came up to my mutinous mind: should dnet provide security facilities, such as packet encryption?
Back to top
View user's profile Send private message
bane



Joined: 01 May 2007
Posts: 41
Location: Pancevo, Serbia

PostPosted: Fri Jul 06, 2007 8:34 am    Post subject: Debate... Reply with quote

A few questions:
(How much) encryption would slow down dnet?
Will there be data requiring encryption sent over network?
_________________
"I apologize only for my spelling" - a quote shamelessly stolen from some guy at unknown forum.
Back to top
View user's profile Send private message
Dima-san



Joined: 25 Mar 2007
Posts: 33
Location: Almaty, Kazakhstan

PostPosted: Tue Jul 31, 2007 12:21 pm    Post subject: Reply with quote

Quote:
(How much) encryption would slow down dnet?

Encryption is slow yet not that slow to become inaffordable.
Code:

payload size (bytes) | decrypt (ms)
64                   |     1.07
128                  |     0.57
256                  |     0.34
512                  |     0.23
1024                 |     0.16

Tests were run on PIII 866 MHz Win2000
Taken from "Game Programming Gems 3". Not sure I can place it here.

Quote:
Will there be data requiring encryption sent over network?

Any data that is vital for fair gameplay should be encrypted.
Like, a third-party proxy program can read server packets and then modify your packets to give you unfair advantage. That's how the famous aimbot works.

PS: Uhh... sorry for kinda late post Embarassed
Back to top
View user's profile Send private message
bane



Joined: 01 May 2007
Posts: 41
Location: Pancevo, Serbia

PostPosted: Fri Aug 03, 2007 7:33 am    Post subject: Reply with quote

You got me.
Secure line would be appreciated.

From a point of user, it would be nice to have on/off switch so user can chose slowwer and securer or unencrypted but faster connection.

From a point of developer in this project, please let us make it as simple and clean as possible and integrate it in code as modular part. I like it simple Smile Easier to understand and maintain.
_________________
"I apologize only for my spelling" - a quote shamelessly stolen from some guy at unknown forum.
Back to top
View user's profile Send private message
Dima-san



Joined: 25 Mar 2007
Posts: 33
Location: Almaty, Kazakhstan

PostPosted: Fri Aug 03, 2007 11:25 am    Post subject: Reply with quote

"Simple and clean" -- that's my motto Cool
Back to top
View user's profile Send private message
h3r3tic



Joined: 30 Mar 2004
Posts: 261
Location: Torun, Poland

PostPosted: Sat Aug 04, 2007 11:35 am    Post subject: Reply with quote

Dima-san wrote:
Like, a third-party proxy program can read server packets and then modify your packets to give you unfair advantage. That's how the famous aimbot works.


Couldn't aimbots simply monitor the memory of a process and see all that data as it's decrypted? If so, encryption wouldn't help a lot... I believe this is how the MSXSecurity folks do their hacks.
Back to top
View user's profile Send private message MSN Messenger
Dima-san



Joined: 25 Mar 2007
Posts: 33
Location: Almaty, Kazakhstan

PostPosted: Sat Aug 04, 2007 12:04 pm    Post subject: Reply with quote

Quote:
Couldn't aimbots simply monitor the memory of a process and see all that data as it's decrypted?

They could, but that'd be very advanced aimbots.
You cannot prevent hacking, but you can make it extremely hard. Like, you can do the following:
1. make your engine as dynamic as possible
2. encrypt values in memory
3. never modify object's fields outside it's class hierarchy
Packet encryption will help to keep foreign programs off your game. The game developer should care about things mentioned above, not me. Smile
Back to top
View user's profile Send private message
h3r3tic



Joined: 30 Mar 2004
Posts: 261
Location: Torun, Poland

PostPosted: Sat Aug 04, 2007 2:48 pm    Post subject: Reply with quote

Dima-san wrote:
They could, but that'd be very advanced aimbots.
You cannot prevent hacking, but you can make it extremely hard.

Ok... if you say so Wink I shall vote for encryption support Very Happy After all, it could be a per-server option Smile

Quote:
Like, you can do the following:
1. make your engine as dynamic as possible

Re-allocating objects to confuse hacks? Interesting...

Quote:
2. encrypt values in memory
3. never modify object's fields outside it's class hierarchy

Hmm.. could you elaborate? I don't think I get how this would help.

Quote:
Packet encryption will help to keep foreign programs off your game. The game developer should care about things mentioned above, not me. Smile

Aye!
Back to top
View user's profile Send private message MSN Messenger
Dima-san



Joined: 25 Mar 2007
Posts: 33
Location: Almaty, Kazakhstan

PostPosted: Sun Aug 05, 2007 12:20 pm    Post subject: Reply with quote

Quote:
I don't think I get how this would help.

Code:

void GameResource::SetResource(int Resource_Num, int Resource_Amount)
{
    GameResourceAmount[ResourceNum] = Resource_Amount ^ EncryptValue[ResourceNum];
}
int GameResouce::GetResource(int Resource_Num)
{
    return( GameResourceAmount[ResourceNum] ^ EncryptValue[ResourceNum] );
}
//and more specific functions...
void GameResource::SetWood(int Wood_Amount)
{
    GameResourceAmount[RESOURCE_WOOD] = Wood_Amount ^ EncryptValue[RESOURCE_WOOD];
}
int GameResource::GetWood(void)
{
    return( GameResourceAmount[RESOURCE_WOOD] ^ EncryptValue[RESOURCE_WOOD] );
}

Taken from this nice article.
Back to top
View user's profile Send private message
h3r3tic



Joined: 30 Mar 2004
Posts: 261
Location: Torun, Poland

PostPosted: Sun Aug 05, 2007 3:32 pm    Post subject: Reply with quote

Thanks! That's definitely something to think about Smile
Back to top
View user's profile Send private message MSN Messenger
Dima-san



Joined: 25 Mar 2007
Posts: 33
Location: Almaty, Kazakhstan

PostPosted: Mon Aug 06, 2007 11:40 am    Post subject: Reply with quote

h3r3tic wrote:
Thanks! That's definitely something to think about Smile

You're welcome Smile
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic     Forum Index -> dnet All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group