Writing a secure client/server with open source

edA-qa mort-ora-y eda-qa at disemia.com
Sun Apr 20 09:12:27 UTC 2008


Andy wrote:
> The general consensus is "The attacker already knows the algorithm" thus
> revealing the source should not be a problem. Compilation is NOT a
> secure way of hiding something anyway.

I agree, but at least it prevents casual abuse of the server.  That is,
 a bit of obfuscation is likely enough to rid the game of the majority
of cheaters or abusers.  I agree it does nothing to deter the hardcore
attacker.

> Protect from whom? This is in fact one of the most important questions.
> If your just trying to protect a users login details then it's unlikely
> they are going to try to breach their own security (and it's their own
> fault if they do).

I can make this clearer, there are three "entities" involved:
1. The Server
2. The Client
3. The Player

The server has no problem with identity, it knows who it is.  The Player
will authenticate with a known safe protocol (HTTPS and MD5 password
possibly), and will be prompted for his password when he connects.

The question comes to the identity of the "Client".  Basically I want to
server an official client, let's call it "WhatNots".  Now, the source if
completely open, and I wish to encourage everybody to make their own
version of "WhatNots", but I don't want those copies to be able to
identify as the official client with the score server.

I know this problem in the commercial game world, basically the one of
preventing cheaters.  But that world has the advantage of using
obfuscation in their authentication algorithms.

> You should try to answer the following questions:
> What data needs to be secured?

The integrity of the scoring data on the server.  It wishes only to
accept scoring data from authorized clients (that is, the official game
clients).

> Where is that data is stored?

On the server.

> Where is that data is being transferred from/to?

Produced by the client, transferred to the server.

> Who is that data is being secured from?

People with unathorized clients attempting to give themselves inflated
scores.


-- 
edA-qa mort-ora-y
http://disemia.com/
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
The dis-Emi-A haXe Library -- all you'd ever need to make Flash games
http://wiki.disemia.com/The_dis-Emi-A_haXe_Library
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Sign: Please digitally sign your emails.
Encrypt: I'm also happy to receive encrypted mail.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20080420/824176a0/attachment.sig>


More information about the Discussion mailing list