CODEWITHSUNDEEP
c#encryption
Thomas
Thomas

Reputation: 1706

encryption key protection in C#

Is there an industry standard for solving following problem:

Story; I have a program (=>game) that saves it state (=>level,..) in an xml file; this state should not be user editable; and I want to prevent people writing patch software that can patch my xml & program state.

You want to protect your xml file. You can do this by encrypting. However what do you do with the key?

Because someone can always just reverse engineer (open your dll) en read the key...?

public static string Encrypt (string toEncrypt)
{
 byte[] keyArray = UTF8Encoding.UTF8.GetBytes ("12345678901234567890123456789012");
 // 256-AES key
 byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes (toEncrypt);
 RijndaelManaged rDel = new RijndaelManaged ();
 rDel.Key = keyArray;
 rDel.Mode = CipherMode.ECB;
 // http://msdn.microsoft.com/en-us/library/system.security.cryptography.ciphermode.aspx
 rDel.Padding = PaddingMode.PKCS7;
 // better lang support
 ICryptoTransform cTransform = rDel.CreateEncryptor ();
 byte[] resultArray = cTransform.TransformFinalBlock (toEncryptArray, 0, toEncryptArray.Length);
 return Convert.ToBase64String (resultArray, 0, resultArray.Length);
}

public static string Decrypt (string toDecrypt)
{
 byte[] keyArray = UTF8Encoding.UTF8.GetBytes ("12345678901234567890123456789012");
 // AES-256 key
 byte[] toEncryptArray = Convert.FromBase64String (toDecrypt);
 RijndaelManaged rDel = new RijndaelManaged ();
 rDel.Key = keyArray;
 rDel.Mode = CipherMode.ECB;
 // http://msdn.microsoft.com/en-us/library/system.security.cryptography.ciphermode.aspx
 rDel.Padding = PaddingMode.PKCS7;
 // better lang support
 ICryptoTransform cTransform = rDel.CreateDecryptor ();
 byte[] resultArray = cTransform.TransformFinalBlock (toEncryptArray, 0, toEncryptArray.Length);
 return UTF8Encoding.UTF8.GetString (resultArray);
}

edit: app is 100% client side.

Upvotes: 3

Views: 2073

Answers (3)

InBetween
InBetween

Reputation: 32780

Create a user account service that generates user specific keys. Then the application just needs to encrypt and decrypt the sensitive data you want to protect with it. Each time the game runs make the user log in to his account. The key is never stored in the user's machine so your data is relatively safe (at least almost as safe as your account service).

Downside: You need an internet connection to play the game, but hey, who doesn't have a connection nowdays?

Is this a 100% secure? No, a determined user with enough time could plausibly decrypt his saved game. Of course he would only be able to hack his saved games, so the damage would be minimal (as long as the hacked data is user specific and not shared data).

To make things harder you could always make your service change passwords each few times a given user logs in.

If you want a 100% secure system, or the sensitive data is shared data and not user specific (MMORPG for instance), then, as Eric points out, your only solution would be to have the data in your server, not in the client's machine.

Upvotes: -1

Eric Lippert
Eric Lippert

Reputation: 660455

I have a program (=>game) that saves it state (=>level,..) in an xml file; this state should not be user editable; and I want to prevent people writing patch software that can patch my xml & program state. You can do this by encrypting. However what do you do with the key? Because someone can always just reverse engineer (open your dll) and read the key.

You have produced a convincing argument that what you want to do is impossible. Your argument is correct.

Security systems are designed to protect users from attackers, not to protect the user's data from the users themselves.

Think about it this way: the game is a program that can edit the state. The user can run the game. Therefore the user can run a program that can edit the state. You don't even need to consider key management because the entire scenario is fundamentally impossible. You can't both require that the user be able to run a program that changes the state and forbid it at the same time.

If you really want the game state to be protected from the user then the thing that has to give is: the user must not be allowed to run the game. Instead the game must run on a server which you own, and the user runs a client which communicates with the server. The server is then responsible for determining whether the client is hostile or not, and determining what the game state is.

Since the game is now running on a server that you own, and saving the state to a server which you own, you know that the user is not going to edit the state because they cannot run a program which does so.

Upvotes: 10

Remus Rusanu
Remus Rusanu

Reputation: 294407

Yes, you ask the user for a key (password). This is built into the OS with APIs like Data Protection API.

If you're looking for a way to hide a secret from the user then the problem you're trying to solve is called DRM (Digital Rights Management) and you need a DRM solution.

Upvotes: 4

Related Questions