Reputation: 63
Anti-hacking a game - best practices, suggestions
I recently made a simple game where user can submit his/her high scores online. It is very easy to hack the game by increasing high score by using software such as Cheat Engine. High score is stored in an integer. Should I store encrypted high score instead of an integer and decrypt it to show in the game?
I was wondering what are the best practices since I'm new in these things (hacking).
Upvotes: 5
Views: 1565
Answers (2)
Reputation: 6688
Best practise would probably be to send the scores over an encrypted connection to your server using some kind of authentication. This is non-trivial and you would likely need to refer to your platform for any crypto/security functionality it makes available.
It is the essence of security research to be able to share a secret over the ether (net). Essentially both parties need to know how to encode/decode the messages but the method for doing that has to be kept secret from the "Man in The Middle".
I'd refer to Tanenbaum's book on Internetworks or have a look at "Trusted Computing Module".
Upvotes: -1
Reputation: 10106
This question over at GameDev SE has what you're looking for:
Another discussion on SO about the topic: Suggestions for (semi) securing high-scores in Flash/PHP game
The summary is that while there are many methods to make cheating difficult, eventually somebody with enough time in their hands will bypass your security measures. The only way to make leader boards hacker proof is to run the game logic on the server.
Upvotes: 5
Related Questions
- Protecting games from memory scanners (like Cheat Engine)
- secure my program from RE
- Protecting Stored Data in C++ RPG Game
- Cheat Prevention by Code Generation
- how to deal with passwords securely within your application
- Defense against common security threat for Desktop Application
- Is there a more elegant way to achieve a "cheat code" implementation for a game in C++?
- Anti Cheat Client