Jump to content

  • Log In with Google      Sign In   
  • Create Account

We're offering banner ads on our site from just $5!

1. Details HERE. 2. GDNet+ Subscriptions HERE. 3. Ad upload HERE.


crypto++ question


Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.

  • You cannot reply to this topic
7 replies to this topic

#1 Anddos   Members   -  Reputation: 515

Like
0Likes
Like

Posted 23 September 2013 - 09:56 AM

is this library only meant to be used for protecting network traffic?


:)

Sponsor:

#2 frob   Moderators   -  Reputation: 22692

Like
1Likes
Like

Posted 23 September 2013 - 11:47 AM

It can be used on any data.

 

Note that encryption is just a limited armored transport service. It only helps protect against tampering between the time it is encrypted and the time it is decrypted. That is all.

 

It does not protect you against any other attacks. It won't help protect the data once it is decoded, such as monitoring the memory of your application, modifying values inside a running program, protecting the communications protocol itself, or preventing attackers from establishing their own secure connections. Since all data must be deciphered to be used, you must assume that an attacker who has access to the machine also has full access to all the data.


Check out my book, Game Development with Unity, aimed at beginners who want to build fun games fast.

Also check out my personal website at bryanwagstaff.com, where I write about assorted stuff.


#3 Anddos   Members   -  Reputation: 515

Like
0Likes
Like

Posted 23 September 2013 - 12:34 PM

is this the best one to use?,thanks for the smart reply btw


:)

#4 frob   Moderators   -  Reputation: 22692

Like
0Likes
Like

Posted 23 September 2013 - 01:10 PM

is this the best one to use?,thanks for the smart reply btw

 

Best is subjective. Only you know your requirements, Only you know if you have requirements about trusting (or distrusting) any specific library. 

 

It is functional and has developed a community around it. Is it better or worse than any other product? That depends on you and your needs.


Check out my book, Game Development with Unity, aimed at beginners who want to build fun games fast.

Also check out my personal website at bryanwagstaff.com, where I write about assorted stuff.


#5 Anddos   Members   -  Reputation: 515

Like
0Likes
Like

Posted 24 September 2013 - 06:09 AM

Thats the problem , i am not sure what exactly this library is used for,all i know that you can encode/crypt strings, i am not sure if you can do it for varibles?


:)

#6 haegarr   Crossbones+   -  Reputation: 4580

Like
0Likes
Like

Posted 24 September 2013 - 06:18 AM


Thats the problem , i am not sure what exactly this library is used for,all i know that you can encode/crypt strings, i am not sure if you can do it for varibles?

It can compute hashes, checksums, MACs, PRNs, ... and is by no way restricted to strings. Instead, it works on streams of bytes. And because any data can be seen as stream of bytes, the library can work on any data (not even plain but also structured data).



#7 KnolanCross   Members   -  Reputation: 1360

Like
0Likes
Like

Posted 24 September 2013 - 10:13 AM

What do you wish to encrypt? The library can encrypt anything you want, but it is not always worth to encrypt normal game data, unless you want to delay the discovery of your protocol (which will happen if your game get enough attention).

 

IMO encrypt the login information and private chats and you should be fine.

 

I would recommend that you take your time and have at least a good idea of how algorithms work and what you should save because some are not as intuitive as they may seem (specially public key encryption and hash + salt password saving).


Edited by KnolanCross, 24 September 2013 - 10:14 AM.

Currently working on a scene editor for ORX (http://orx-project.org), using kivy (http://kivy.org).


#8 Bacterius   Crossbones+   -  Reputation: 9262

Like
0Likes
Like

Posted 25 September 2013 - 12:04 AM

I also recommend *not* using the library in a serious project if you don't know how to use it. Cryptography is difficult to get right, and even if you do know what you are doing you should still use existing frameworks and protocols to achieve whatever security property you are looking for (e.g. use SSL/TLS bindings, a validated SRP implementation, and so on) instead of rolling your own. The problem is that it's very easy to think you've got it right when in reality all you've got is a gaping hole that you can't even see. I know it's tempting to just go ahead and hack away at code until it looks like it's working, but most crypto tutorials you will find on the net are utter crap and with the wealth of easily accessible knowledge and vetted implementations there is really no excuse for doing this yourself, failing, and getting your ass kicked shortly after by the PR backlash.

 

And, yes, encryption does not care about the underlying structure or semantics of the data. It works on any kind of information, in any encoding.


Edited by Bacterius, 25 September 2013 - 12:08 AM.

The slowsort algorithm is a perfect illustration of the multiply and surrender paradigm, which is perhaps the single most important paradigm in the development of reluctant algorithms. The basic multiply and surrender strategy consists in replacing the problem at hand by two or more subproblems, each slightly simpler than the original, and continue multiplying subproblems and subsubproblems recursively in this fashion as long as possible. At some point the subproblems will all become so simple that their solution can no longer be postponed, and we will have to surrender. Experience shows that, in most cases, by the time this point is reached the total work will be substantially higher than what could have been wasted by a more direct approach.

 

- Pessimal Algorithms and Simplexity Analysis





Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.



PARTNERS