[MUD-Dev] Trusting the client, encrypting data

Amanda Walker amanda at alfar.com
Sat Dec 13 11:45:24 New Zealand Daylight Time 2003

On Dec 11, 2003, at 5:20 AM, ceo wrote:
> Jessica Mulligan wrote:

>> I don't think any kind of encryption scheme for client data is
>> going to survive for long.

> Since one of the standard requirements for any encryption scheme
> is that 100% knowledge of the algorithm + process + etc provides
> 0% advantage in decrypting it, this shouldn't be an issue.

The problem isn't the cipher algorithm--nobody hacks games by using
cryptanalysis.  The problem is key management and data flow.  If the
client code is running on a PC, it's running in a wide-open
environment.  Using Windows as the canonical example, someone with
good SoftICE chops can and will crack open your client and feed in
(or siphon off) any data they want on the cleartext side of your
cipher algorithm.  They're not trying to reverse engineer your data
stream until after they've reverse engineered your code, at which
point they can leave the encryption stage as a black box.

This, BTW, is one of the great strengths of the Xbox and the PS2 as
game deployment platforms.  The number of people who can run your
game under a good debugger is orders of magnitude lower (though not

> I know there's a lot of smart people who've been working on
> security between untrustworthy clients (e.g. stuff like the
> cocaine auction etc), and I imagine a general-purpose scheme for
> working with a vast number of untrustable clients in real time
> would be rather desirable!

The most prevalent solution to this is "the trusted third party"
(banks, for example).

Amanda Walker
MUD-Dev mailing list
MUD-Dev at kanga.nu

More information about the MUD-Dev mailing list