homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam

The Geek Culture Forums


Post New Topic  New Poll  Post A Reply
my profile | directory login | | search | faq | forum home
  next oldest topic   next newest topic
» The Geek Culture Forums   » Other Geeky Stuff   » Ask a Geek!   » Security, encryption, programming and stuff

 - UBBFriend: Email this page to someone!    
Author Topic: Security, encryption, programming and stuff
maximile

SuperFan!
Member # 3446

Member Rated:
5
Icon 1 posted June 01, 2006 02:28      Profile for maximile   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
I was thinking about making a game, to exercise my programming skills. I got stuck at the following problem: how do you implement an online (universal) high score system?

I mean, it'd be insanely easy to have the app send a POST or something containing the score and a username. But how can we stop it from being cheated? Presumably some sort of encryption is necessary. And how about protecting the variable when it's in memory?

Do any of you have any ideas?

Posts: 1085 | From: London, UK (Powys, UK in hols) | Registered: Feb 2005  |  IP: Logged
drunkennewfiemidget
BlabberMouth, a Blabber Odyssey
Member # 2814

Member Rated:
4
Icon 1 posted June 01, 2006 05:50      Profile for drunkennewfiemidget     Send New Private Message       Edit/Delete Post   Reply With Quote 
First thing that comes to mind is two-way encryption using some sort of public/private key.

The public key takes your score and encrypts it in memory, then it connects to the server, and sends the encrypted packet.

Using the private key, the server unencrypts it, matches against a checksum, and updates.

As for fucking with it in memory, I'm not entirely sure there's much you can do about that other than some weird logic to store it that makes it non-obvious, but anyone good enough will be able to get around that, too.

Posts: 4897 | From: Cambridge, ON, Canada | Registered: Jun 2004  |  IP: Logged
quantumfluff
BlabberMouth, a Blabber Odyssey
Member # 450

Member Rated:
5
Icon 1 posted June 01, 2006 06:30      Profile for quantumfluff     Send New Private Message       Edit/Delete Post   Reply With Quote 
Plain old HTTPS would be just as good as anything else in this case.

As DNFM said, the thing you can't protect against is someone decompiling the game, finding where the score is sent and then spoofing a message. If they can do that, they are going to find any keys you have stashed in the code anyway.

Posts: 2902 | From: 5 to 15 meters above sea level | Registered: Jun 2000  |  IP: Logged
drunkennewfiemidget
BlabberMouth, a Blabber Odyssey
Member # 2814

Member Rated:
4
Icon 1 posted June 01, 2006 07:24      Profile for drunkennewfiemidget     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by quantumfluff:
Plain old HTTPS would be just as good as anything else in this case.

Still, all it would take in that particular scenario is for someone to figure out the schema of the HTTPS packets before encryption, and they can start uploading their own scores.
Posts: 4897 | From: Cambridge, ON, Canada | Registered: Jun 2004  |  IP: Logged
quantumfluff
BlabberMouth, a Blabber Odyssey
Member # 450

Member Rated:
5
Icon 1 posted June 01, 2006 19:34      Profile for quantumfluff     Send New Private Message       Edit/Delete Post   Reply With Quote 
Yes, but they can't do that unless they decompile the program and figure it out. If they are smart enough to do that, then they can spend the extra few minutes figuring out where you encrypt with the private key. It's false security believing that more interesting encryption helps against someone maliciously decompling your program.
Posts: 2902 | From: 5 to 15 meters above sea level | Registered: Jun 2000  |  IP: Logged
Metasquares
Highlie
Member # 4441

Member Rated:
5
Icon 1 posted June 01, 2006 21:50      Profile for Metasquares   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Assuming it's a multiplayer game, have the opponent's client verify it independently, of course. That's what I did.

It can still be exploited, but now you need two people to collude. I also have the client sending every move made in the game to the server (users can play back old games), so any inconsistencies can easily be rooted out. Depending on the game, that may or may not be possible.

You can't entirely stop someone from exploiting a high score list. You can, however, set a whole bunch of server-side traps for cheaters to fall into.

Posts: 664 | From: Morganville, NJ | Registered: Oct 2005  |  IP: Logged
maximile

SuperFan!
Member # 3446

Member Rated:
5
Icon 1 posted June 02, 2006 05:24      Profile for maximile   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Well, it'd be a very simple game, so I guess I could use some server side things like that. I was planning to make it only multiplayer over a LAN, but maybe not.

Wouldn't public key be a bit of a risk? I mean, someone would know the score, and see the encrypted result... does that make it easy to work out the key? I admit, I don't really understand PSK.

BTW, what game did you make, Metasquares? Can we play it?

Posts: 1085 | From: London, UK (Powys, UK in hols) | Registered: Feb 2005  |  IP: Logged
drunkennewfiemidget
BlabberMouth, a Blabber Odyssey
Member # 2814

Member Rated:
4
Icon 1 posted June 02, 2006 06:33      Profile for drunkennewfiemidget     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by maximile:
Wouldn't public key be a bit of a risk? I mean, someone would know the score, and see the encrypted result... does that make it easy to work out the key? I admit, I don't really understand PSK.

If that were the case, then ssh would be useless. [Wink]
Posts: 4897 | From: Cambridge, ON, Canada | Registered: Jun 2004  |  IP: Logged
Stereo

Solid Nitrozanium SuperFan!
Member # 748

Member Rated:
5
Icon 1 posted June 02, 2006 08:29      Profile for Stereo     Send New Private Message       Edit/Delete Post   Reply With Quote 
Ok, it might not help (I'm no security specialist), but if you had the client send a first message "ready to upload score", then the server answer "ready to receive" along with an authorisation key to be included in the score message, plus allot a specific timeframe to actually receive the score, that should make things harder for a hacker. Right or wrong?

--------------------
Eppur, si muove!

Galileo Galilei

Posts: 2289 | From: Gatineau, Quebec, Canada | Registered: Apr 2001  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted June 02, 2006 08:32      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
How's that any different from a rogue client sending the "Ready to upload?"

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
Stereo

Solid Nitrozanium SuperFan!
Member # 748

Member Rated:
5
Icon 1 posted June 02, 2006 11:48      Profile for Stereo     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by dragonman97:
How's that any different from a rogue client sending the "Ready to upload?"

There isn't, there's just the need to create a client to receive, interpret, and send the correct answer within the alloted time, rather than just construct a single message "this is my high score".

--------------------
Eppur, si muove!

Galileo Galilei

Posts: 2289 | From: Gatineau, Quebec, Canada | Registered: Apr 2001  |  IP: Logged
maximile

SuperFan!
Member # 3446

Member Rated:
5
Icon 1 posted June 02, 2006 16:50      Profile for maximile   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by drunkennewfiemidget:
quote:
Originally posted by maximile:
Wouldn't public key be a bit of a risk? I mean, someone would know the score, and see the encrypted result... does that make it easy to work out the key? I admit, I don't really understand PSK.

If that were the case, then ssh would be useless. [Wink]
[blush] Oops...
Posts: 1085 | From: London, UK (Powys, UK in hols) | Registered: Feb 2005  |  IP: Logged
Sirius
Maximum Newbie
Member # 5184

Member Rated:
5
Icon 3 posted June 23, 2006 10:25      Profile for Sirius     Send New Private Message       Edit/Delete Post   Reply With Quote 
There's not much you can go against someone that decompiles the client application but a suggestion would be to authenticate the client itself when it's submitting the score.

ie
Client requests to submit a score
Server sends back a random value (possibly a timestamp)
The client generates a digital signature using the timestamp and itself. You could use DSA here but hard code the private key into the client and keep what would usually be public known only to the server (including the public key)
The client then encrypts this signature and new score with the servers public key and sends it to the server.
Server verifies signature blah blah..

So the only way someone could create a valid signature would be to decompile the client to get it's private key and the use of a random value prevents the use of precomputed signatures.

of course given that the client's private key is found out, a rogue client could generate the signature based on a valid client and the random value.

there's probably a better way to go about it all but it's past my bedtime [ohwell]

Posts: 16 | From: Perth | Registered: May 2006  |  IP: Logged
alfrin
Uber Geek
Member # 3836

Member Rated:
4
Icon 1 posted June 23, 2006 10:58      Profile for alfrin     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by quantumfluff:
Yes, but they can't do that unless they decompile the program and figure it out. If they are smart enough to do that, then they can spend the extra few minutes figuring out where you encrypt with the private key. It's false security believing that more interesting encryption helps against someone maliciously decompling your program.

But then you do have to think to yourself at one point, "Would someone really go through that much effort to have a really high score". What is your intended audience? It really all comes down to dedication. I know there is that whole "Someone out there would" type of thinking but you have to think of the likelyhood that your high score system is s/he/its next target. I think dnfm's solution should work just fine, if someone is dedicated enough to mess with that to put false scores, by all means I think they deserve that score.

--------------------
Art is Resistance / Resistance is Art

Posts: 813 | From: Nevada, USA | Registered: Apr 2005  |  IP: Logged


All times are Eastern Time  
Post New Topic  New Poll  Post A Reply Close Topic    Move Topic    Delete Topic next oldest topic   next newest topic
 - Printer-friendly view of this topic
Hop To:

Contact Us | Geek Culture Home Page

2015 Geek Culture

Powered by Infopop Corporation
UBB.classicTM 6.4.0



homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam