5

I recently made a simple game where user can submit his/her high scores online. It is very easy to hack the game by increasing high score by using software such as Cheat Engine. High score is stored in an integer. Should I store encrypted high score instead of an integer and decrypt it to show in the game?

I was wondering what are the best practices since I'm new in these things (hacking).

Cœur
  • 37,241
  • 25
  • 195
  • 267
TomazVovk
  • 63
  • 5
  • 1
    You'll have to run the game on your own server and only communicate the I/O to the client in order to prevent them from subverting the rules. – Kerrek SB Feb 14 '12 at 22:36
  • 1
    Running a program on a locked-down server is the only 100% way. For things on the user's machine, either validate all results, or don't bother with any anti-hacking. – Mooing Duck Feb 14 '12 at 22:38

2 Answers2

5

This question over at GameDev SE has what you're looking for:

https://gamedev.stackexchange.com/questions/4181/how-can-i-prevent-cheating-on-global-highscore-tables

Another discussion on SO about the topic: Suggestions for (semi) securing high-scores in Flash/PHP game

The summary is that while there are many methods to make cheating difficult, eventually somebody with enough time in their hands will bypass your security measures. The only way to make leader boards hacker proof is to run the game logic on the server.

Community
  • 1
  • 1
Julio Gorgé
  • 10,056
  • 2
  • 45
  • 60
  • Yes, as the first link says. Create a simple rule set that is reproducible on both machines. Even then you have to worry about AI engines (chess and back gammon for example) so it's probably going to be more enjoyable to take a simple ruleset and bend it slightly to break the established bots. – John Feb 14 '12 at 22:46
  • I probably didn't make myself clear enough. I'm more interested on the cleint side. The only restriction I can make on the server is that high scores are high enough to get on the list, but bellow a certain value. By using software such as Cheat Engine I can modify high score value in the memory and it will be valid for the game, and it will be sent to the server. Should I make additional checks in-game for example: I killed 45 enemies, each enemy awards 10 points which totals 450 points. If the points value != 450 reset the scores to 450. Tell me if you need more info. – TomazVovk Feb 14 '12 at 23:23
  • Nevermind, 2nd link was the one I was looking for. Didn't read it through since I was a bit tired. Thanks! – TomazVovk Feb 15 '12 at 07:15
-1

Best practise would probably be to send the scores over an encrypted connection to your server using some kind of authentication. This is non-trivial and you would likely need to refer to your platform for any crypto/security functionality it makes available.

It is the essence of security research to be able to share a secret over the ether (net). Essentially both parties need to know how to encode/decode the messages but the method for doing that has to be kept secret from the "Man in The Middle".

I'd refer to Tanenbaum's book on Internetworks or have a look at "Trusted Computing Module".

John
  • 6,433
  • 7
  • 47
  • 82
  • 3
    What if I attach a debugger and change the value being sent in memory before it gets encrypted? – Matti Virkkunen Feb 14 '12 at 22:39
  • @MattiVirkkunen: Then I would probably call you the man in the middle. – John Feb 14 '12 at 22:44
  • Actually the man in the middle is usually listening in on the encrypted traffic. This is more like "the man that shot the runner before he reached the starting line". – Matti Virkkunen Feb 14 '12 at 22:45
  • @John : You should also call him the most likely scenario that actually needs to be worried about. – ildjarn Feb 14 '12 at 22:46
  • @John: No. MITM is someone who relays your encrypted connection and inserts himself in the authentication process. This is very different from what Matti is referring to. – Kerrek SB Feb 14 '12 at 22:46
  • @KerrekSB: I'd argue that encryption can start very early on in the process of communication. Take (oligo/)polymorphic virii for example. That is the only way you can keep your binary relatively unhackable for any length of time. And requires extensive knowledge of encryption primitives to have half a chance of creating a new one. – John Feb 14 '12 at 22:49
  • @John: That also sounds more promising than just "encrypting the connection". A self-encrypted binary is a little better, but you'll have to work pretty hard to being debugged while run. Skype has tried pretty hard, I suppose. – Kerrek SB Feb 14 '12 at 22:52