Security when communicating between client and server

Hi, We are working on a game that is typically hosted by one of the clients. All communication about player data has to be done via the clients to the server. We would like to ensure no invalid information is send to the server by using some form of authentication / cryptography, what is the right way to go here?
I found the GitHub - ufna/VaRest: REST API plugin for Unreal Engine 4 - we love restfull backend and JSON communications! plugin, which is nice but doesn’t provide any encryption/authentication right now. I would like to prevent hacks such as using wireshark to find out how the communication takes places…

I would like to know to!

the description of VaRest says that it supports HTTPS…

i might be mistaken, but with HTTPS the client could still modify the HTTPS calls right? E.g. a player earned 50 dollars for example, but the client modifies this and sends a message with 1 million dollars instead…

You could include some form of CRC/Hash check of the entire message being sent, such that even if TLS was broken, you would still be covered.

Hope this helps,

The basic premise of networking is that the client must never be trusted. Using authentication or encryption will not solve your problem, since a malicious client can still use the authentication and encrypted layer to submit data. Even wrapping your client in some sort of DRM application will not eliminate the possibility of someone circumventing the client application altogether and submitting data on the network only.

Instead, you can rely on heuristics that measure the likelihood of compromise. For instance, you can bound rewards to be never higher than 500 dollar (units?) per fixed time interval (10 minutes). Might a client send more frequent updates, you can trigger this and look into the case manually.

Another solution is to use the so-called “proof of work,” in which clients must hash their changeset together with a well-known previous value set by a trusted party. You can look into Merkle trees or other related structures that have a very low chance of being tampered with, since it is known that hash collissions are rare or expensive to compute. It is, however, cheap to verify the integrety of the message, simply by walking the tree and validating the bounds of each additional computation and verifying that it relies on a trusted root of information (from your trusted party).

To illustrate the complex nature of clients that can host their own games with regard to authenticity and integrety, consider these scenario’s:

  1. A benign player joins a malicious game server, in which the unknowing player will not be awarded but another cheating player instead.
  2. A malicious player joins a trusted game server, in which the player sends invalid information to the otherwise trusted server.
  3. Both (one or all of) the players and the game server is controlled by malicious intent, thereby rendering any cross-validation insecure.

Even if you would invest in creating an automatic in-game observer, that joins any non-LAN game to observe and validate player rewards, you could face problems: a malicious server might send the wrong game data only to the observer, thereby circumventing its role and you still have to deal with wrong information.

Long story short: pick the heuristics, and ban client-hosted servers that cheat the system and have an option to undo their rewards. This has far better survivability than security by obscurity.

1 Like