Secure Connections

Protect your game from hackers Once your online game reaches a certain popularity people will try to cheat. You will need to account for this both at the game layer and at the network layer. RakNet handles the network layer by providing secure connections if you wish to use them. Secure connections: Uses AES encryption with randomized, chained blocks, preventing unauthorized reads and blocking replay attacks. Adds CRCs so that data tampering can be detected. Uses randomized, encrypted SYNCookies to prevent unauthorized logins. Uses RSA encryption to protect the AES key. Most games will want to use secure connections. However, they add up to 15 bytes per packet and take time to compute so you may wish to limit usage to release mode. The relevant header is as follows: Peer: void InitializeSecurity(char *RSAe, char *RSAn, char *RSAp, char *RSAq); Server: void InitializeSecurity(char *RSAe, char *RSAn); Client: void InitializeSecurity(char *RSAp, char *RSAq); RSAe and RSAn are the private keys corresponding to the well-known variables of the same name. The same holds true with RSAp and RSAq. In all cases you can pass 0 to all the parameters and RakNet will generate a new key. However, it takes a few moments to do this which you may wish to avoid by generating the RSA keys in advance and passing them to the function. While it isn't necessary for the client to have the public key in advance, if you don't do this you will be vulnerable to a man in the middle attack. This attack consists of someone sitting between you and the server, modifying the transmitted public key to something with known results, decrypting the AES key, and sending that to the server encrypted with the transmitted public key. The AES key can then be used to read data transmissions between the client and server. See the sample at Samples\Code Samples\Encryption to see how to save and load keys.

See Also

Index