I'm thinking about clients spoofing IP addresses, tricking other clients that they are the server; that sort of stuff. (I don't know much about this, so if this is completely wrong, please correct me.)
What should I do to prevent this? Because it is a real-time game, if I were to use encryption, I would use something fast and secure like RC4. Should I encrypt packet data with a key, that the server gives to the client?
If it makes any difference, I'm using UDP.
Answer
One possible solution is to authenticate the user using TCP+TLS; then, within the same channel, use something like Diffie-Hellman to negotiate a symmetrical key. Finally encrypt each UDP packet using a symmetrical algorithm like RC4.
You technically do not need to use TCP+TLS to negotiate the symmetrical key if you use something like SRP - just remember that clean Diffie-Hellman is vulnerable to a MITM attack.
You could go even further and use the custom SEQ field in your UDP packets (if you are using some form of reliable UDP) to implement a form of counter-mode encryption - where you add the SEQ number to the negotiated key for each packet; making it that much more difficult to mount a known-plain-text attack.
Don't let your server just hand out keys at will - a 'spoof' server could just as easily hand out it's own key; defeating the purpose of your whole encryption scheme. The only assured way is to either use TLS or mutual knowledge (such as a password/hash).
No comments:
Post a Comment