Handling Resource Decryption Passwords

Question

[This question has nothing to do with login credentials, or the user/player inputting any kind of pass-phrase, etc; thank you and keep reading.]

First off, my question has already sort of been asked, here and here. My question is different than either of these though, because I am not connecting through the internet to get data or concerned with any type of "logging in". To put this as simply as I can, I am making a game, and my games resources are all encrypted into a proprietary format, which takes a single password to decrypt the data. I have to hide that password in the source code. I can't think of any other way than to keep the password within the application itself. Encrypting the password within another file would still take a password, and that just starts this endless circle of where to hide that password, and so on.

This got me wondering, how do modern games handle their resource decryption passwords? Think of games like Call of Duty, Elder Scrolls, Grand Theft Auto, etc. They encrypt their data, right? So that means that they need a password/salt/etc to decrypt it. Such a password would also need to be within the executable, too. So where do they hide it? How do they obfuscate it?

I considered one option, which seems like it would actually be pretty good. Basically, I would construct a method which would run through some bizzare gauntlet of mathmatical computations, construct a string, and return the data to serve as the password. Someone could just rip the method out of the code and then launch it in their own private app, but at least it wouldnt be so blatant as:

public const string ResourceDecryptionPassword = "MY_AWESOME_DECRYPTION_PASSWORD";

Also, I considered just keeping the password as a large hardcoded array of bytes, which I could convert back to a string during application start.

Can anyone suggest any other solutions to this problem?

Also, and I forgot to mention: the source code of my game will be obufsicated. This is a no brainer, so it will already make it difficult to visually walk through the code. I just need a good solution for how to hide the password for my encrypted resources.

Why do you think games encrypt their assets? You say "data", but what kind of data? Images? Save files? Embedding a key in an application can never be reasonably protected. I could just use WinDbg and put a breakpoint on your called to `Decrypt`, or whatever you call it, and see what key is passed in. You don't need source code to debug an application. — vcsjones, Sep 25 '15 at 19:48
@vcsjones Data = Images, models, shaders, resources, default game data. — Krythic, Sep 25 '15 at 19:49
So you want to distribute offline games with unique login passwords / keys to unlock it? Are the users able to change this password after they unlocked the game? Or is this a one time unlock on a single device? You could just use a license manager. Or do you wish to use the same password for every released game? — Oceans, Sep 28 '15 at 14:19
@Oceans No. This is not what I want. I want my RESOURCES to be encrypted(already achieved). And i want the game to be able to decrypt my assets. My intentions have nothing to do with login credentials. I understand that it is impossible to perfectly hide the password within the executable; I just want to know what my options are for storing the password within the executable(So that it would take some time to discover, weeks, months, maybe even years) — Krythic, Sep 28 '15 at 19:14
@Krythic, You want a single key/password that gives access to your program when entered correctly, even when sharing the program with multiple people all will get the same key? I'm just double checking, as storing the key within the program itself isn't safe. No matter how much you encrypt it, ultimately it will always be possible crack. You could make it significantly harder making it dynamic using time as a parameter, but if you use a single password then people can share this with others as well without needing to crack anything. So I'd definitely consider making it user dependent — Oceans, Sep 29 '15 at 06:28
I am going to be asking this same question on gamedev after work. I think it will get a better response there. — Krythic, Sep 29 '15 at 17:01
I rerouted this topic to gamedev: http://gamedev.stackexchange.com/questions/108991/encrypted-game-resources-how-to-hide-password-within-the-executable?noredirect=1#comment189801_108991 — Krythic, Sep 29 '15 at 21:46
What you are talking about is "security through obscurity" and its not a good solution. — sm14, Oct 02 '15 at 02:29
@sm14 Just ignore this question. I don't care about it anymore. I can't delete it though, because it's up for bounty. — Krythic, Oct 02 '15 at 02:32
@Krythic Hmm. Why did you change Your mind? It was interesting question. — ntohl, Oct 02 '15 at 08:46
@ntohl I was receiving the usual petty-bullshit from stackoverflow/gamedev. I have better things to do with my time than waste it on people who won't help, and instead act condescending to make themselves feel better. — Krythic, Oct 02 '15 at 14:58

score 1 · Accepted Answer · edited May 23 '17 at 12:23

Based on the comments you received, you already know that "hiding" a security key in the code is NOT a good practice. It's Security through obscurity and it's not efficient.

For games, it was used long time ago. Then with the advance of world wide web, games required an online connection to register/activate the game.
However, these games were so popular they ended cracked whatsoever (by replacing the online activation by a dummy check). That's why a big part of the modern games content (if not all) is now only available when connected to the game servers.

Anyway some games retains parts of the old scheme and use DRM while others (Pillars of Eternity) don't have any.

The common principle is all DRM is to make the reverse engineering of the key (or the debugging of the whole program) difficult: Easy to compute, difficult to debug.

Like a hundred or so embedded encryption/decryption (with hundreds of keys).
Another example is this DRM software that process the code into a VM.
Call unmanaged code to decrypt the data.
Detect any debugger and kills it.
Generate decryption unmanaged code, compile it and run it.

Anything sufficiently complex will do.

I've even seen some financial well known console that refused to launch when VNC is run on the machine... Others complained about Process Explorer.
However, such a hiding job is complex and if you're saying the code will be obfuscated, it should be handled already by the obfuscation software.
By the way, you shouldn't miss windbg if your intent is to play games.

Handling Resource Decryption Passwords

1 Answers1