Jump to content
  • Advertisement
Sign in to follow this  
bilsa

DLL security?

This topic is 4857 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hi everyone! Well, I would need some help on a matter. If I am to make a Game Server application, would it be secure using DLL files? More exactly I want to put the server code with the ENCRYPTION algorithms in the DLL... but I'm afraid that it will be easy to pick the algorithms from a DLL? The DLL itself would not expose any encryption functions... that would be done behind the scenes inside the DLL. Is there any way to make it practically impossible to get the algorithms from the DLL? Or is there no difference in security if I have a single .exe or DLL files as well - would it be equally easy to get the algorithms from the .exe? The binary files will be public for use :/ Would appreciate some help on this! :)

Share this post


Link to post
Share on other sites
Advertisement
Basically, if you use binary code in any kind of file, it can be reverse engineered. DLLs might make it infinitesimally easier because they actually have a list of functions, but it doesn't really make a while lot of difference.

There are ways to make a program more difficult to hack, but you have to have a much better understanding of low-level things than you appear to, and I don't know enough about it myself to have any helpful references.

Share this post


Link to post
Share on other sites
Yeh, well... I will not bother with the low level stuff you spoke about :)

So, If I for example only export a function like this:

IMyModule CreateModule() { ... }

and IMyModule would only expose:

IMyModule::Init()
IMyModule::Shutdown()

Then you mean the DLL should be equally "safe" to a .exe file?

Thx!

Share this post


Link to post
Share on other sites
If you make a server application, then let the server handle
the checking, clients send their key to the server.

If you have to distribute the server - make two versions of the
server (eg for lan), one for public and one for 'closed' use
(some #ifdef's and extra project-builds)

The public version can do a 'light' check of your encryption
algorithm, which narrows it down to 'this key could be valid'.

The private server checks for the exact matches (for example from
the list of 'possible keycodes' which the light-check provides,
the server has the list of the keycodes which you actually distributed).

I don't think their will be any difference (from a hackers point
of view) if you put the check in a dll/lib/exe...

Regards

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!