0

I'm creating a C# game server loop that updates positions of dynamic entities on the map 15 times per second. Every client will be sending UDP packets to the authoritative server giving commands such as turn left, turn right, etc. My question is: how can i make sure a UDP packet came from a specific client, and was not spoofed by another client?

My guess: is that when a client sends a specific packet asking to connect, the server will create a private key and give it to the client, therefore when the client sends a packet it must send it encrypted? (cant someone just intercept the packet and see the key?), also that means every packet will have to be encrypted and decrypted, is this standard practice? or is there a lower overhead method? There may be theoretically be 4000+ clients producing up to 20-40 packets per second of commands, is encryption still good for this scenario?

DiscreteTomatoes
  • 769
  • 1
  • 14
  • 30
  • 2
    Did you see [this](https://stackoverflow.com/questions/11323592/securing-a-udp-connection)? – Klaus Gütter Nov 16 '19 at 07:56
  • 1
    Encryption itself doesn't provide integrity or authenticity of the message. What about using DTLS? That includes entity authentication of the server, potentially entity authentication of the client and both confidentiality / integrity and authenticity of the UDP messages. Better not design your own **transport protocol** that's a rather tricky thing to do (even for me). – Maarten Bodewes Nov 16 '19 at 21:45

0 Answers0