0
\$\begingroup\$

TCP guarantees message authenticity rather reliably using packet sequence number. Other option would be going with UDP and using digital signatures to make the message authentic. What could be my other options (basically are there any I missed)? Maybe there is some sort of framework which I could use which would allow me to plug into a game engine without writing all authentication logic(each time using tcp i would need that clients login into my system, with udp i would rely on client public signatures inside my db).

TY

\$\endgroup\$
1
  • \$\begingroup\$ Yes, LIDGREN is a type of framework I was looking for. \$\endgroup\$ Commented Dec 31, 2012 at 16:24

1 Answer 1

Reset to default
3
\$\begingroup\$

TCP does not guarantee message authenticity, it only guarantees that all messages are received and that they are received in the order they were sent.

If you want to be sure the messages originate from the source you expected you can use Diffie-Hellman key exchange to establish a key. You can then use that key to encrypt all further messages using AES or another encryption algorithm. When you implement these algorithms correctly they are secure. (That is the only known way to crack it is by brute-forcing the key). Anyway implementing these algorithms correctly is very hard so it would be best if you would try to find a library that has already implemented these algorithms.

A popular networking library for games is LIDGREN which includes AES encryption, however I'm not sure if it has also implemented D-H key exchange but it should be easy to add this on top.

\$\endgroup\$
3
  • \$\begingroup\$ With authenticity I meant that you can't spoof IP address:Port of originating packet, that's enough for me to guarantee players authenticity. I'm not worried that somebody is able to intercept packets and change them (MIM). It's not very realistic that other player - hacker could have physical access to the victim's network. Thank you for the LIDGREN. Seems it is I was looking for. Other suggestions also welcome. \$\endgroup\$ Commented Dec 31, 2012 at 16:30
  • \$\begingroup\$ Ah I understand, well Lidgren is great anyway and it has some security features in case you require them :). \$\endgroup\$ Commented Dec 31, 2012 at 16:56
  • \$\begingroup\$ Strictly speaking, TCP does not even guarantee delivery of all messages. It breaks a stream of data into packets (secretly) and guarantees that packets are resent unless acknowledged. It reassembles a "stream of data" from the packets on the other end and assures that data on the stream arrives in the order as indicated by the sequence numbers in the packets. It does not guarantee that someone hasn't replaced a packet with a different packet having the same sequence number (or sent fake ACKs and dropped packets). Such stuff must be done on a higher protocol level. \$\endgroup\$ Commented Dec 31, 2012 at 17:34

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.