• Advertisement
Sign in to follow this  

Secure game files from editing by users

This topic is 4038 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hi all. I'm working now on the game "PacMan". I created images but every user can edit them without any problem. How i can secure this images from user editing? I mean create maybe a new format that only i know how to open it, but it sounds hard. Any ideas? The same with the Game Map. Actually i can load the map in game with function that will fill the array with number 1,2,3,4 in this way (1-wall, 2-bonus point, 3-just terrain, 4-enemy), but lets say i want to save the map in separate file for example "Map.map". The first idea its just do the same as i did with array and them my file will look like this: 1 2 2 2 1 2 2 2 2 2 1 1 1 2 2 1 2 2 4 1 2 2 2 2 3 1 1 1 3 4 and etc. (Its just an example its not the real map). But then every use will come and change 4 to 1 and the map will not have any enemy. What are the ways to create .map file? One that will be very hard to edit and if he was edited to compare it with some key in game and that tell that the key is not correct => the map is not correct. Thanks a lot.

Share this post


Link to post
Share on other sites
Advertisement
The solution is to create an archive with all game data files in it e.g. ".pak" file - you can see that in commercial games. But I'd like to hear how to do that myself;)

Share this post


Link to post
Share on other sites
I heard about .pak files. I'm not sure but i think its a .zip file with extension of .pak and not .zip.
Ok i run a search query in google and i got this http://www.gamedev.net/reference/articles/article1991.asp
its look like what we need :)
I'll check it.
If some one else have another solution bring it up :)
Thanks again

Share this post


Link to post
Share on other sites
The first thing you should do is consider whether you really need to prevent editing of your data files. Is there any harm in it? Will people enjoy your game less?
(Oblivion is moddable, but I haven't seen many people making use of that to remove all the monsters, so most likely, people don't ruin the game even if they have the option)

Ok, so *if* you decide that you still don't want your files to be edited, there are several options. First, you could simply zip your files, and rename the extension. Obviously pretty easy to get at the original files, but it'll keep casual players out.
Or you could zip up *all* the files in one big archive, and rename it .pak or .whatever you like.

Or, of course, you could just store your file because no one has any clue what 1, 2, 3 and 4 means? True, they might find out by experimenting, but it's not immediately obvious, at least.
Or you could just store it as a binary format, which makes it less obvious what's inside. (Instead of storing the character '1' to a file, store the character whose ascii value is 1.

Or you could create your own archive format, even. It could consist of a simple header listing the file names of the contained files, followed by an offset to where the file starts. Or something. Creating file formats is easy. Just think up a structure, and make sure to stick to the rules you created.

Or you could use actual encryption, if you're serious about wanting to keep people out.

Share this post


Link to post
Share on other sites
A fairly simple way is to have the (binary) file data encrypted/decrypted with a simple xor algorithm (XOR each byte with a rolling pattern of numbers). This will block most people from accessing the data. A dedicated hacker can always look at your code to see what the program is doing and do the same thing themselves to edit the data.

Likely such a solution is still 'good enough' for you.

Share this post


Link to post
Share on other sites
Ok you may right about prevent users from editing the data files. Let say that editing images/music its not so harm, BUT editing map it is harm. Cause In the future i want develop MMORPG so if the user will be able to edit the map it will allow him to move in close area that other players cant move there.

And BTW if u mentioned zip files: as i know SDL can open .zip files but what about .zip files renamed to .somethingelse can SDL open zip file with other extension?
Thank a lot again.

Share this post


Link to post
Share on other sites
For multiplayer games, I believe you would want to calculate all the movement on the server, because you can never trust the players to not cheat (since however hard you try to make it, somebody will be able to break it). So it still wouldn't matter if players could edit their copies of the data files - the server will make sure they don't do anything that's not allowed. And in single-player games it doesn't matter since you should let the player do what they want.

Share this post


Link to post
Share on other sites
Quote:
Original post by Excors
And in single-player games it doesn't matter since you should let the player do what they want.


Quoted for emphasis.

Further, they effectively can do what they want, given time and patience, no matter what you do. The best techniques for hacking around encryption *bypass it entirely*.

Note that, no matter how weird your file format is, your player already owns a program that understands it *completely* - it's called your game. The best you can do is make it harder for the user to reverse-engineer everything than it would be to recreate your game from scratch - and it's really not worth it, in general.

Besides, being able to edit your save files is *very* convenient for *testing* your program. :)

Share this post


Link to post
Share on other sites
I agree with Zahlman for single-player or "offline" games. What harm is there to a player modifying their copy of the game? The worst they can do is ruin the game for themselves.

If you still want to go the pain of making your game files hard to tamper with, you could use digital signatures or hash codes (SHA1 for example). However, depending how good the signature is hidden within the executable a simple hex-editor might be enough to alter it. In the worst case the player would have to decompile/recompile the executable or library file. Thanks to the internet anyone could enjoy the cracked game if the hacker decides to distribute it.


When it comes to online games you should prevent modifications that break the game or give unfair advantages (cheating) to certain players. For one thing you could use the same technique described above. You should, of course, verify the signature against a server side key and not one that is stored within the executable. This can, again, be circumvented by using a cracked executable that always reports the correct signature.

The next step, like Excors said, would be to counter-check any user input against server side rules. You could/should still have client side checks for the sake of speed and a server side "sanity" check every few game ticks. If the players position or any stats have changed in an impossible way you could re-position the player, alter the stats of kick the player of the server.

Share this post


Link to post
Share on other sites
Short answer: you can't prevent the user from editing the data files. You could use asymmetric encryption, where the data files are encrypted with your private key, but then the user could just edit the binary and replace the private key (or even intercept the request to load the file, and load it from somewhere else). If you want to prevent cheating, you'll need another method - one that isn't client-side.

Share this post


Link to post
Share on other sites
There is no way (other than the mostly useless security through obscurity way). You just use softICE or any other debugger, attach to process, step through the code and edit the in-memory data before encryption, after that you write a small application that does it for you and distribute it. The only way to secure data is to keep the actual mechanics on an online server and do it all there. Customer machines cannot be trusted and must be assumed to be in compromised state all the time.

This is why FIPS 140-1 (http://www.itl.nist.gov/fipspubs/fip140-1.htm) exists and states that you must have secure hardware (or various levels of course) to prevent the user from modifying data and since the PC is not such a device and Windows is not a secure OS running on secured hardware, you are just fighting a game of time-until-cracked.

What I would do is provide the user with a way of editing the images in a predicatble way (like a skin) and not worry about keeping people out but provide a way for them to enhance your game.

Share this post


Link to post
Share on other sites
Just look at the popularity of Doom, Unreal Tournament etc. and their open attitude to modding. Release your tools and let the players have fun.

The only problem I could see is if you have online rankings/high scores/achievements where hacking the game could provide an advantage. I suppose if you wanted to do this you could have the server generate a key, send the key to the client, encrypt the data with that key and send the encrypted data back.

Is there any source examples for encrypting/decrypting with keys? Or is it a simple XOR as wodinoneeye says?

Share this post


Link to post
Share on other sites
Use any Public/Private key crypto lib like OpenSSL or cryptlib or even the API that comes with windows. I prefer OpenSSL, it's pretty easy to use and has a bunch of examples online and provides a way to do SSL socket connection on client and server which is very useful.

Share this post


Link to post
Share on other sites
You can't stop the user from editing his files. They're his files, not yours.

What you can do is refuse to load any modified files.

Here's what you need to do.

(1) Create a public/private key pair. Use OpenSSL, GPG, or whatever.
(2) Generate an MD5 hash of each file and encrypt it with the private key. This is called "signing".
(3) Append the signature to the data file and ship the public key with your software.
(4) On loading the data file, remove the signature data and calculate the MD5 hash on the remaining data. Decrypt the signature with the public key. If the two hashes do not match, refuse to load the file because it's been tampered with.

Unless someone gets a hold of your private key, this is fairly secure.

To crack this kind of security, you just run a debugger on the executable to find where the hashes are compared, then replace the compare with NOOPs using a disk editor. This sort of thing is not for the casual user, so it would take hours before a cracked version of your program will appear in the torrent.

Consider the impact on response time that this protection will have, given that you are competing against pirated versions of your own software. Evaluate what value-added options you can provide over the cracked version of your software to make people use your game instead of the cracked copy, and what benefits your DRM scheme will bring you in return.

--smw

Share this post


Link to post
Share on other sites
Or you could use public key encryption on all data files, and make it impossible to disable the hash checking (since there wouldn't be a hash needing to be checked). That doesn't change the fact that they can load the data another way (the data doesn't have to come from the archives, you know - regardless of how you coded it).

Share this post


Link to post
Share on other sites
Cheers Bregma. That was a really good explanation of the procedure.
Is this the way game consoles prevent piracy?
Whereby the private key is needed to sign the files that only registered developers have.

Share this post


Link to post
Share on other sites
Quote:
Original post by Catafriggm
Or you could use public key encryption on all data files, and make it impossible to disable the hash checking how? (since there wouldn't be a hash needing to be checked). That doesn't change the fact that they can load the data another way (the data doesn't have to come from the archives, you know - regardless of how you coded it).


Ah, but this is exactly what I meant... go ahead, sign the files with your private key. Have the game engine check the signed file (which is done through a hash code...) against the public key for validity.

Is this any better? Nope... find the public key, change the public key and you're free to sign the game files with your own private key. As long as the key is inside your binaries and the gamer is able to change those binaries you're screwed.

Even if you require your game to contact an online server to verify the signature of the file, you can alter the game to always report the correct signature to the server even if files have been altered. This makes is harder to crack but not impossible.

Quote:
Original post by Bregma
Unless someone gets a hold of your private key, this is fairly secure.


No. They do not need your private key. They simply modify the application so that it checks the file against a public key of their own, which enables them to use their own private key. You don't even need to disassembly/recompile the game if the key is stored in a way that it can be modified by a hex-editor. If the player is proficient enough (s)he can simply circumvent the whole check-on-load algorithm.

The casual gamer may not be able to do this, but there are enough people around who can and will. And if they're willing to share the crack even the casual gamer can and will alter game files.

Share this post


Link to post
Share on other sites
There are more hackers than you think that can do it.
I release a little game called BV2.

It is very little, stupid. Only like 50 to 80 people constantly playing it. But we have a lot of hackers hacking it in all the way you mentioned. So imagine a popular game :|

But it's only for multi-player. In Single player you don't have to make any anti-hack, except maybe for the CD key. But you will be hacked so fast for that anyway.

A way we found, is to use a CRC. (not implemented yet)
You take your loaded data, and sometime (twice per minute?) you pass all the data or a part of it, from the first pointer. You increment an integer, then you send it directly to the server (the integer). The game server compares with his CRC. If he didn't receive it, kick. If it's the wrong CRC value, kick.

This way, it's very hard for a hacker to find it using a debugger, because this variable is not stored as a variable for long. You instantiate it for the checkup, and deallocate it after. This is only a frame. The only way he can easily pickup it, it's in the packet sent to the server. Again, you can encrypt your packet, or just compress it using a static huffman table.

Also, you can send multiple CRC per minute. For different resources. So the hacker will need to know the exact CRC for each ones. Because the server will wait for it ;).

This way, the hacker is really fucked. But a really really really core hacker can find a way through. Good luck anyway :)

Share this post


Link to post
Share on other sites
Quote:
Original post by Catafriggm
...and what about the fact that the CRC code isn't going anywhere?


Not sure to understand what you mean.
Isn't going to the server? If the hacker block the message being sent, the server will still wait for it, and kick the player.

(Sorry if I understood wrong, i'm not native english)

Share this post


Link to post
Share on other sites
Quote:
Original post by DaivukNot sure to understand what you mean.
Isn't going to the server? If the hacker block the message being sent, the server will still wait for it, and kick the player.

The hacker could just sent the correct CRC. Emulating a state that the game isn't actually in isn't a new trick in the hacker's book.

Share this post


Link to post
Share on other sites
Quote:
Original post by Minios
Hi all. I'm working now on the game "PacMan".


Then I definitely think .pak files are the way to go.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement