[MUD-Dev] Trusting the client, encrypting data

Sean Middleditch elanthis at awesomeplay.com
Thu Dec 18 13:17:37 New Zealand Daylight Time 2003

On Thu, 2003-12-18 at 05:52, Ola Fosheim Grøstad wrote:
> Sean Middleditch <elanthis at awesomeplay.com> writes:

>> It isn't necessary to break any keys.  The key and decryption
>> method are sitting right on the user's hard-disk, in the game
>> binary.  And all the data is stored unencrypted somewhere (be it
>> on disk or in memory) since it has to actually be used.

> No, the user does not have access to the key when he receives the
> encrypted data. That's the point.

It doesn't work that way.  The information (code, and keys) needed
to decrypt the data are quite obviously somewhere accessible to the
user, be it in the game binary, installed data files, or data on the
CD.  The user might have to do some work to find the key/code, but
it's there. Otherwise, you're sending a bunch of data to a game
client that can't possibly use it.

Sean Middleditch <elanthis at awesomeplay.com>
AwesomePlay Productions, Inc.
MUD-Dev mailing list
MUD-Dev at kanga.nu

More information about the MUD-Dev mailing list