[MUD-Dev] Trusting the client, encrypting data
shaver at off.net
Thu Dec 18 10:06:20 New Zealand Daylight Time 2003
On Dec 16, Sean Middleditch wrote:
> It isn't necessary to break any keys. The key and decryption
> method are sitting right on the user's hard-disk, in the game
Don't give them the key until they're allowed to see the content.
Send large world-state updates ahead of time, possibly via a
cheaper, high-latency link, and encrypt them in chunks. As the
player comes over the ridge/solves the puzzle/convinces the NPC to
tattle, send a tiny little key that they can use to unlock a chunk
of the content that they got before.
There are a variety of encryption techniques and policies designed
to prevent people from sharing credentials, as well, though they
tend to be oriented towards much smaller payloads. Stefan Brands'
work is that with which I'm most familiar, but I think David Chaum
had other work in this field as well.
MUD-Dev mailing list
MUD-Dev at kanga.nu
More information about the MUD-Dev