Jump to content

  • Log In with Google      Sign In   
  • Create Account


Game Save Data


Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.

  • You cannot reply to this topic
16 replies to this topic

#1 BahDragon   Members   -  Reputation: 125

Like
0Likes
Like

Posted 02 March 2012 - 12:01 PM

How do I save game data at like a save point? I know how to use input and output files with c++ but the problem with that is a player of the game can easily go into the file and edit the numbers to change the character and where he is in the game. I don't want to allow someone to edit the save data that easily. Any ideas?

Sponsor:

#2 m41q   Members   -  Reputation: 151

Like
0Likes
Like

Posted 02 March 2012 - 12:20 PM

you could make the file so confusing that no one knows how the data is acutally saved Posted Image
or maybe encrypt it in some simple way (i don´t assume client try to crack the file that hard)

if thats not your thing you could search the web for the methods that are used be companies or just take a look in some savefiles yourself

#3 slayemin   Members   -  Reputation: 2464

Like
1Likes
Like

Posted 02 March 2012 - 12:51 PM

I like the idea of encryption :)

You could use the Ceasar Cypher: When you're encrypting a bit, add a fixed value to it before writing it to file. If your addition value is +2, then A => C. It's super simple to implement and its also pretty simple to thwart. You could make it slightly more complicated by using a pseudo random number generator to generate your fixed values. The key is that the sequence of random numbers needs to be the same every time. So, if you generate a random value between 1->26, and then add that value to your byte, you'd get something like:
Unencrpted string: {AAAA}
Random Numbers: {13, 21, 4, 16}
Encrypted String: {A+13 => N, A+21 => U, A+4=>D, A+16=>Q}

So, if someone knows that their health is 16 and they open up your file to look for that value, they won't find it :) But, if they are really determined and reverse engineer your code to figure out what encryption algorithm you're using and the random number seed you're using as a key, then they can easily decrypt and encrypt your saved data file. I'd probably not concern myself with the 0.01% of the population who might do that.
If you want to use a nuke to hammer a fly, you could look into using AES 256 bit encryption. Nobody will crack that without extreme effort and hardware. It's military grade :)

Eric Nevala

Indie Developer | Dev blog


#4 Six222   Members   -  Reputation: 439

Like
0Likes
Like

Posted 02 March 2012 - 02:28 PM

Or you could just simply save the file as binary data (ios::binary)

#5 FLeBlanc   Crossbones+   -  Reputation: 3101

Like
1Likes
Like

Posted 02 March 2012 - 03:27 PM

The people that care to hack your save game data are going to hack your save game data, regardless of any encryption or obfuscation. Everyone else doesn't give a shit. You might as well reduce your development time by not going out of your way to complicate things overmuch.

#6 MilesPrower   Members   -  Reputation: 101

Like
0Likes
Like

Posted 03 March 2012 - 04:03 PM

The people that care to hack your save game data are going to hack your save game data, regardless of any encryption or obfuscation. Everyone else doesn't give a shit. You might as well reduce your development time by not going out of your way to complicate things overmuch.


I agree with the above. people will hack the save data if they want to. however, if you really want to encrypt the save data, I would suggest developing an enigma-based encryption algorithm.

#7 slayemin   Members   -  Reputation: 2464

Like
0Likes
Like

Posted 04 March 2012 - 06:44 PM

The people that care to hack your save game data are going to hack your save game data, regardless of any encryption or obfuscation. Everyone else doesn't give a shit. You might as well reduce your development time by not going out of your way to complicate things overmuch.


I think the cryptographic community would strongly disagree with you. A file encrypted with AES256 would take longer than the age of the universe to break via brute force. It's certified by NIST to process up to top secret data, so save game files would probably be pretty safe. I'm betting that there's code floating around somewhere out there which implements AES, so adding it would be relatively trivial.

I agree with the above. people will hack the save data if they want to. however, if you really want to encrypt the save data, I would suggest developing an enigma-based encryption algorithm.

Enigma ciphers? Uhm, no. If the allies were able to break that during WW2 with rudimentary computing power, it doesn't speak well towards the security of the cipher. I strongly suggest using AES since it meets modern security standards.

If you use AES, your game data won't be hacked by someone decrypting it. They'll have to modify the game data while its sitting in memory.

Eric Nevala

Indie Developer | Dev blog


#8 Chris_F   Members   -  Reputation: 2281

Like
0Likes
Like

Posted 04 March 2012 - 07:11 PM

...but the problem with that is a player of the game can easily go into the file and edit the numbers to change the character and where he is in the game.


What exactly makes you say that?

Unless you are storing variables in a human readable, XML or INI like format (and you really shouldn't be), then it shouldn't be "easy" at all.

I think the notion that you should encrypt the game saves is just plain silly. Encryption should be used for bank account transactions and nuclear launch codes. What difference does it make if somebody out their decides they want to cheat at a single player game? Is the safety of the free world at stake?

Simply storing your data in a binary format that can quickly be loaded into memory and used without any type of conversion or parsing is going to be good for performance and will already be difficult to figure out when it comes to cheating.

#9 mdwh   Members   -  Reputation: 861

Like
0Likes
Like

Posted 05 March 2012 - 08:09 AM

I think the cryptographic community would strongly disagree with you. A file encrypted with AES256 would take longer than the age of the universe to break via brute force. It's certified by NIST to process up to top secret data, so save game files would probably be pretty safe. I'm betting that there's code floating around somewhere out there which implements AES, so adding it would be relatively trivial.

But if it's encrypted, how is the game supposed to be able to load its own save game files? If it uses the encryption key to decrypt it, then someone will be able to hack that from the executable. Whilst this will be harder than simply reading it from plain text, this is still a case of obfuscation, and therefore could be broken more directly.

I do agree though that if one did want to do something like this, one might want to look at modern methods, rather than messing around with things like Caesar ciphers. Is there a known good solution for this problem? I guess this is similar to issues of DRM (though IIRC in some cases DRM systems have the advantage of hardware support).

Though I agree with others that (for single player at least) it's not worth worrying about. Perhaps save as binary just so it isn't totally trivial, but if someone wants to spend time hacking it, who cares? (And if someone releases a game-save-editor as sometimes happens, then they're creating extra awareness and advertising for your game!)
http://erebusrpg.sourceforge.net/ - Erebus, Open Source RPG for Windows/Linux/Android
http://homepage.ntlworld.com/mark.harman/conquests.html - Conquests, Open Source Civ-like Game for Windows/Linux

#10 BahDragon   Members   -  Reputation: 125

Like
0Likes
Like

Posted 05 March 2012 - 11:15 AM

thanks for all the help. Good info here.

#11 slayemin   Members   -  Reputation: 2464

Like
0Likes
Like

Posted 05 March 2012 - 04:32 PM

Using strong encryption keys in your game would make it illegal in USA and Russia.

I don't know about Russia, but it's not illegal in the US. The supreme court ruled that encrypted data falls under the protections of free speech. And you certainly won't get in trouble if you're encrypting data which isn't related to criminal activity.

However, there ARE export regulations on strong encryption software to designated countries. Though, I think it's kind of pointless since the strong encryption algorthims are publicly available.

Eric Nevala

Indie Developer | Dev blog


#12 Abrahman McGuyenski   Members   -  Reputation: 116

Like
0Likes
Like

Posted 09 March 2012 - 10:45 AM

Maybe you already know about Binary IO, but let's assume you don't.

If you save data in text format, it will be easy for people to edit the save game. When saving in text format, your numeric variable's values will be saved as the number represented in ASCII character. As you probably know, there are 256 ASCII characters. These characters take exactly one byte when you save them in a text file.

The text file will look like something like this:
1
8
4
1


If instead you save your data in binary format, your numbers will be saved as the byte's number itself (from 0 to 255). If you want to save larger number than 255, you will need more than one byte (each byte is 8 bits). When saving in binary format, you normally often don't need to play with such details manually. Your file will look like a bunch of random characters, and those willing to hack it should deserve to be successful (in my opinion).

http://courses.cs.vt.edu/~cs2604/fall02/binio.html

If you really want to make it harder to hack (it's always possible to hack an encryption method when it can be decrypted by your program), you must use encryption methods. You can create your own encryption method using some mathematical operation on number, or you can use existing ones.

Firemen get paid even if there's no fire, and that's a good thing -me


#13 kunos   Crossbones+   -  Reputation: 2205

Like
0Likes
Like

Posted 09 March 2012 - 11:05 AM

I think the notion that you should encrypt the game saves is just plain silly. Encryption should be used for bank account transactions and nuclear launch codes. What difference does it make if somebody out their decides they want to cheat at a single player game? Is the safety of the free world at stake?

Simply storing your data in a binary format that can quickly be loaded into memory and used without any type of conversion or parsing is going to be good for performance and will already be difficult to figure out when it comes to cheating.


this

seriously, your development time is much better spent on gameplay than trying to avoid this kind of cheating.
Stefano Casillo
Lead Programmer
TWITTER: @KunosStefano
AssettoCorsa - netKar PRO - Kunos Simulazioni

#14 Inukai   Members   -  Reputation: 1297

Like
0Likes
Like

Posted 09 March 2012 - 12:21 PM

Just make binary files it should be enough for single player games...
If u want to troll those hackers, place some fake save files (with random content and binary ofc) in your dir and hide the real one elswhere with an unrelated name.

#15 fpadoan   Members   -  Reputation: 100

Like
0Likes
Like

Posted 13 March 2012 - 11:51 AM

I agree on just writing binary data. Write only the values to the file, then read it in a specific sequence to identify what those values mean. Or create a file structure that fits your needs (and make it simple, if it's possible), but you probably don't need to put the labels in the file.

As people have said before, if you are going to encrypt the file, how would you secure the key (it must be somewhere your code can read it, so other can find it too)? Is it worth the time and resources you'll need?

#16 MarlboroKing   Members   -  Reputation: 192

Like
0Likes
Like

Posted 13 March 2012 - 01:41 PM

Just to add onto the encryption idea;
http://www.cryptopp.com/

#17 samoth   Crossbones+   -  Reputation: 4704

Like
0Likes
Like

Posted 14 March 2012 - 05:08 AM

Guys, rot-13 encryption or simple xor with a short string wrapping around is really just as good as AES.

Both the key and the decryption algorithm must be part of the program, otherwise the game will not be able to read its own save files. Therefore, AES is none better than the simplest encryption algorithm. It adds absolutely zero extra security, no matter how advanced an algorithm and how long a key you use.

On the other hand, even a simple wrap-around xor encryption will make the data look "sufficiently random" so you are unable to make out a pattern with a hex editor or figure out what's what using a pen, paper, and a pocket calculator. And that's just how far 99% of the people will go, and it's just as good as you can get.

As a sidenote, the Enigma was not cracked with "rudimentary computer power", but failed by sheer arrogance. The Enigma (even the early model) was far ahead of its time and far beyond anything anyone could possibly have "cracked" until at least 30 years later.
It's well-documented by contemporary witnesses that the truth was much closer to what's pictured in a 1963 James Bond movie (a.k.a. some guy carrying "the magic super typewriter in a black suitcase" over the border at night with everyone else on his heels), except in this case "Bond" was a Polish factory worker near Warshaw stealing specimens of the rotators and the configuration info. It is also well-documented that code tables had occasionally been stolen and later repeatedly been captured on board of captured ships. Though tables were written in water-soluble ink and there was strict order on how tables and rotors had to be destroyed and the boat be sunk afterwards to avert capture, there exist many records of survivers that describe that this was often not done.
For propaganda reasons, and out of a sense of superiority that one can hardly understand nowadays the obvious facts were ignored. A few modifications were made over time, but these were little effective, again for obvious reason.




Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.



PARTNERS