Security: Protecting your game from hackers and pirates
by Jason Swearingen · in Game Design and Creative Issues · 07/07/2005 (3:25 pm) · 27 replies
A very important area of software is security.
Game specific issues are:
Making it difficult to pirate your game
Making it difficult to steal your game's source code / graphics
Making it difficult for hackers to cheat in online games
Catching hackers who cheat in online games
There are various ways of mitigating these issues (social or technical)
A social mitigation is to protect your Intelectual property legally, with copyrights, patents, etc
A technical mitigation is to use obfuscation, software unlocking, server-side variables, etc.
What are some ways you have (or tried to) resolve these types of issues in your game development?
Game specific issues are:
Making it difficult to pirate your game
Making it difficult to steal your game's source code / graphics
Making it difficult for hackers to cheat in online games
Catching hackers who cheat in online games
There are various ways of mitigating these issues (social or technical)
A social mitigation is to protect your Intelectual property legally, with copyrights, patents, etc
A technical mitigation is to use obfuscation, software unlocking, server-side variables, etc.
What are some ways you have (or tried to) resolve these types of issues in your game development?
#22
I've actually been toying with ideas on implementing curviture in polygons, does that help?! ;)
The code that generated it... you want my brain? As for the code that unwraps it, it's up there, like I've already said, in the top two lines of the code, it's just an encrypted methodology for unwrapping it. Here's the solution breaker for you:
1A3
204
Now, you should be able to assemble the key easier. It's actually quite simple, but it can be made extremely complex with the amount of randomizations and structure assemblies.
There's one more step for the key that I'm leaving out, but if you figure it out I bet you'll agree with the level of randomized code present.
- Ronixus
07/24/2005 (1:30 pm)
@ Jason -Quote:
If you do, or maybe if you can write an Eliptic curve implementation yourself, then fine, write an algorithm.
I've actually been toying with ideas on implementing curviture in polygons, does that help?! ;)
Quote:
...give me either the code that generated it, or the code that is supposed to unwrap it, and I bet it is definatly not "unhackable" anymore.
The code that generated it... you want my brain? As for the code that unwraps it, it's up there, like I've already said, in the top two lines of the code, it's just an encrypted methodology for unwrapping it. Here's the solution breaker for you:
1A3
204
Now, you should be able to assemble the key easier. It's actually quite simple, but it can be made extremely complex with the amount of randomizations and structure assemblies.
There's one more step for the key that I'm leaving out, but if you figure it out I bet you'll agree with the level of randomized code present.
- Ronixus
#23
You aren't going to write an unbreakable crypto scheme. You aren't going to somehow revolutionize DRM. And you aren't smarter than thousands of people who work on this shit every day as their job/area of research.
07/24/2005 (1:53 pm)
Chris, I'm not sure how to say, "You are wasting your time and everyone elses," nicely. So I'll just say it bluntly.You aren't going to write an unbreakable crypto scheme. You aren't going to somehow revolutionize DRM. And you aren't smarter than thousands of people who work on this shit every day as their job/area of research.
#24
Assuming you wrote that code to be more than just a brain exercise, you'll have to write some piece of code that will assemble and/or disassemble your cryptographic code.
If you never have to give out your algorithm code, then yes, your code is nearly unbreakable (though a one-time-pad is still more secure)
But once you have to let people know your algorithm, that's when things become tough to keep secure.
I'm not saying that I am a master code breaker. Indeed, I am not a code breaker at all. I just follow the security trends and think i know good ideas in this space apart from the bad ones...
and FYI, "Elliptic curve" is a fairly new (and very,very strong) public key cryptography algorithm. If you dont know what it, or a "one time pad" is I suggest you understand them well (conceptually) before continuing.
A good place to get your feet wet is wikipedia.
Elliptic Curve Cryptography
But before looking into elliptic curves, you should first know what public key cryptography is.
Also, the most secure form of cryptography is still the very simple One Time Pad
And for those of you who are not very sure what "cryptography" really means, This is a good introduction for you.
-Jason
07/24/2005 (2:10 pm)
@Chris, I dont think you get my point.Assuming you wrote that code to be more than just a brain exercise, you'll have to write some piece of code that will assemble and/or disassemble your cryptographic code.
If you never have to give out your algorithm code, then yes, your code is nearly unbreakable (though a one-time-pad is still more secure)
But once you have to let people know your algorithm, that's when things become tough to keep secure.
I'm not saying that I am a master code breaker. Indeed, I am not a code breaker at all. I just follow the security trends and think i know good ideas in this space apart from the bad ones...
and FYI, "Elliptic curve" is a fairly new (and very,very strong) public key cryptography algorithm. If you dont know what it, or a "one time pad" is I suggest you understand them well (conceptually) before continuing.
A good place to get your feet wet is wikipedia.
Elliptic Curve Cryptography
But before looking into elliptic curves, you should first know what public key cryptography is.
Also, the most secure form of cryptography is still the very simple One Time Pad
And for those of you who are not very sure what "cryptography" really means, This is a good introduction for you.
-Jason
#25
I'm not getting into an estranged debate with you over wether I am wasting my time or not, or even the fact that I persue many things which would boggle the intelligence of many.
I will continue to persue this coding structure I've devised though, because it has merit on so many levels of application.
For you to try to shut me down is quite a low blow when I'm asking for help to construct the program to at least test the code on an active level.
@ Jason -
I will check those out, thanks for the links.
General Question -
What I need in order to work this into program is information on syntax dealing with string manipulation in C++ or TScript. Any help would be appreciated greatly.
For the record, I'm not trying to oust anyone here, just trying to further development for the indie community with a homemade security procedure. I'm not one to claim to be smarter, though in most cases it proves to be true in anything I do. I hate being so intelligent, believe me, it's quite a burden and seems it always will be. If it helps you, know I never wish to make it to the next day.
On terms of this code, I need it for the main application of securing client-server data for use in the MMOG architecture I plan to research. If this proves worthy, indies will have a much easier time assembling a server architecture for a large player base without needing a high server budget.
Baby steps, of sorts.
- Ronixus
(Honestly, sometimes I do feel I'm wasting my time...)
07/25/2005 (8:54 am)
@ Pat -I'm not getting into an estranged debate with you over wether I am wasting my time or not, or even the fact that I persue many things which would boggle the intelligence of many.
I will continue to persue this coding structure I've devised though, because it has merit on so many levels of application.
For you to try to shut me down is quite a low blow when I'm asking for help to construct the program to at least test the code on an active level.
@ Jason -
I will check those out, thanks for the links.
General Question -
What I need in order to work this into program is information on syntax dealing with string manipulation in C++ or TScript. Any help would be appreciated greatly.
For the record, I'm not trying to oust anyone here, just trying to further development for the indie community with a homemade security procedure. I'm not one to claim to be smarter, though in most cases it proves to be true in anything I do. I hate being so intelligent, believe me, it's quite a burden and seems it always will be. If it helps you, know I never wish to make it to the next day.
On terms of this code, I need it for the main application of securing client-server data for use in the MMOG architecture I plan to research. If this proves worthy, indies will have a much easier time assembling a server architecture for a large player base without needing a high server budget.
Baby steps, of sorts.
- Ronixus
(Honestly, sometimes I do feel I'm wasting my time...)
#26
That paper is the description of the how's & why's of the Rijindael algorithm. Rijindael was the original name of the current Advanced Encription Standard (AES), which the US gubmint has enshirened as their standard crypto. It is therefore Very Strong, and likely to remain so until (as someone pointed out above) Quantum Computers come along and blast the snot out modern computer security. Here's an article explaining why in laymans terms (ones that I understand).
Enjoy, and good luck.
Oh, and I'd think anyone with a packet sniffer (or a hacked SSL library) could grab your proposed decription method and hack your app to skip the "rescramble" part without too much trouble. Then they've got your decrypted binary to do with as they wish (ie: post to the warez sites). Adding a network connection just (slightly) changes the set of skills a cracker needs, it doesn't really stop them. You've still got to execute your code on their hardware and will therefore eventually loose, it's just a matter of time. Secure computing is impossible until DRM in hardware comes along, then they'll just need to beat the hardware first. It'll happen, but the number of people with cracked DRM hardware will be much smaller than the group of people who use warez sites now, so it'll just reduce the numbers rather than remove the problem entirely (no matter what the DRM marketing types tell you). Sad fact of life.
It seems to me that the only secure method that has a Good Shot at working these days is with network games that require a log-on. You build some cryptographically secure key code and send one along with every purchase... but that still doesn't stop people from creating cheats. And heaven help you if someone manages to get their mitts on a key generator...
I don't mean to shoot you down, but these are the sad facts of life in computer game security: "You've already lost."
On the other hand, things like "PunkBuster" seem like they have a good shot at keeping the cheaters jumping... a given crack will only work for so long, until your cheat-catching library incorporates that new cheat into their detection system. Of course they can crack your cheat-catching library too. *sigh* Pretty depressing really.
--Mark
07/25/2005 (10:01 am)
@Chris: If the links Jason provided you are going to be informative, then anything you've done to date is probably not worth very much. I recommend you study up on crypto and then re-evaluate your work. I figure if you can make it through THIS PAPER then you're up to speed on just about everything you need to know to build your own strong crypto. It's all greek to me, but if you're half as smart as you say you are, you shouldn't have too much trouble getting up to speed.That paper is the description of the how's & why's of the Rijindael algorithm. Rijindael was the original name of the current Advanced Encription Standard (AES), which the US gubmint has enshirened as their standard crypto. It is therefore Very Strong, and likely to remain so until (as someone pointed out above) Quantum Computers come along and blast the snot out modern computer security. Here's an article explaining why in laymans terms (ones that I understand).
Enjoy, and good luck.
Oh, and I'd think anyone with a packet sniffer (or a hacked SSL library) could grab your proposed decription method and hack your app to skip the "rescramble" part without too much trouble. Then they've got your decrypted binary to do with as they wish (ie: post to the warez sites). Adding a network connection just (slightly) changes the set of skills a cracker needs, it doesn't really stop them. You've still got to execute your code on their hardware and will therefore eventually loose, it's just a matter of time. Secure computing is impossible until DRM in hardware comes along, then they'll just need to beat the hardware first. It'll happen, but the number of people with cracked DRM hardware will be much smaller than the group of people who use warez sites now, so it'll just reduce the numbers rather than remove the problem entirely (no matter what the DRM marketing types tell you). Sad fact of life.
It seems to me that the only secure method that has a Good Shot at working these days is with network games that require a log-on. You build some cryptographically secure key code and send one along with every purchase... but that still doesn't stop people from creating cheats. And heaven help you if someone manages to get their mitts on a key generator...
I don't mean to shoot you down, but these are the sad facts of life in computer game security: "You've already lost."
On the other hand, things like "PunkBuster" seem like they have a good shot at keeping the cheaters jumping... a given crack will only work for so long, until your cheat-catching library incorporates that new cheat into their detection system. Of course they can crack your cheat-catching library too. *sigh* Pretty depressing really.
--Mark
#27
What you are posting here clearly shows your complete inexperience in this area.
To give you a bench mark: Pat's system uses very strong encryption that has been tested by thousands of people with a hell of a lot more experience then you have. His system is very well thought out. Despite all that, it took me 5 hours to analyse it and produce a program that decrypts any assets protected by it. The weaknesses I found have since been fixed, but it would still be only a matter of days for a skilled attacker to break. I am not a cracker, just an experienced programmer with knowledge of compilers and assembly language and some experience of security testing my own software.
Your system appears to completely ignore the weak points. Posting random bits of ciphertext on a forum and saying "break this!" is not constructive and is an indication of lack of the knowledge and experience that is essential to produce a decent system. If you want a fair test of your system you must produce a build that uses it, including the executable. However cryptographically strong your system is does not matter a toss. No cracker will bother attempting to break it. They will just go straight for your executable and either crack it directly or copy/paste your decryption code straight out of their disassembly, depending on what is most appropriate.
That is basically what Pat was saying, except he decided not to waste wear and tear on his keyboard. If you really want to persist with this, you would do extremely well to follow the advice of Jason and Mark. However, I agree with Pat, you are wasting your time with this. You do not posess the neccessary skills or experience to pull this off effectively.
Sorry if this post sounds rude, it was not meant to be.
Tom.
07/25/2005 (10:26 am)
@Christopher,What you are posting here clearly shows your complete inexperience in this area.
To give you a bench mark: Pat's system uses very strong encryption that has been tested by thousands of people with a hell of a lot more experience then you have. His system is very well thought out. Despite all that, it took me 5 hours to analyse it and produce a program that decrypts any assets protected by it. The weaknesses I found have since been fixed, but it would still be only a matter of days for a skilled attacker to break. I am not a cracker, just an experienced programmer with knowledge of compilers and assembly language and some experience of security testing my own software.
Your system appears to completely ignore the weak points. Posting random bits of ciphertext on a forum and saying "break this!" is not constructive and is an indication of lack of the knowledge and experience that is essential to produce a decent system. If you want a fair test of your system you must produce a build that uses it, including the executable. However cryptographically strong your system is does not matter a toss. No cracker will bother attempting to break it. They will just go straight for your executable and either crack it directly or copy/paste your decryption code straight out of their disassembly, depending on what is most appropriate.
That is basically what Pat was saying, except he decided not to waste wear and tear on his keyboard. If you really want to persist with this, you would do extremely well to follow the advice of Jason and Mark. However, I agree with Pat, you are wasting your time with this. You do not posess the neccessary skills or experience to pull this off effectively.
Sorry if this post sounds rude, it was not meant to be.
Tom.
Torque Owner Jason Swearingen
Do you have a team of Nobel Lauriate Research Scientists helping you write your cryptographic algorithm?
If you do, or maybe if you can write an Eliptic curve implementation yourself, then fine, write an algorithm.
If you do NOT, then DO NOT WRITE YOUR OWN CRYPTOGRAPHIC ALGORITHM.
There are "real" professionals out there who write this stuff, all you need to do is copy/paste the code, or include the libraries, or what-not.
There is no reason to re-write this. Anything you write is going to be orders of magnitude less secure than what is freely available out there.
now to reply directly....
@Chris: Sure, maybe your code is "unhackable"... but give me either the code that generated it, or the code that is supposed to unwrap it, and I bet it is definatly not "unhackable" anymore.
That is the difference between hobbiest and professional cryptographic algorithms. Breaking a world-class algorithm is mathamatically proven to be algorithm independant. And indeed anything of secure lengths are mathamatically proven to be unbreakable even by Government military organizations (at least until quantum computing is accessable)
A good analogy to your posting of the 'encrypted blob' is me posting my encrypted blob:
"ij"
Now, can you guess what that decrypts to? It's just "hi" shifted by one letter. but now that you know my algorithm, it is very easy to decrypt *ANYTHING* I give you.
OK, i'm done with my rant. If anyone is currious, i can post a blurb on relative key strenghts of various algorithms....