Quote:Original post by Falados
I would like to design this project to combat cheating as much as possible. Most of the time, closed-source projects have an easier time because they aren't exposing the client-side network protocol,
1. No, they don't. This is a fallacy promoted by people who've generally not tried writing closed-source projects and are working from a position of "thought experiments", i.e. "no idea what they are talking about". Don't worry about the open vs closed debate: closed-source games today are written with the assumption they are open-source anyway ;).
2. You could read Game Programming Gems 5, "Secure by Design", on the topic of how to make your game secure, especially if it's an online game. It doesn't tell you how to do encryption etc, but it gives you a framework to let you find out whether it's even worth bothering doing encryption etc. (disclaimer: I wrote that. So, I'm biased. I make something like $ 0.01 if you buy a copy of the book)
3. Encryption is generally worthless in games, just assume you don't want to do it. Anyone who thinks it's a good idea you can safely assume they don't know what they're talking about w.r.t games, and demand a damn good justification before listening to them. Ditto with many of the other tools in the security-programmer's toolbox - most people don't really ask themselves "but, does it actually make the overall game any more secure *at all* if I do this?" and the answer is often "no" :(.