Custom? IO steam Encryption/Conversion??

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,513
Reaction score
3,203
First Language
Binary
Primarily Uses
RMMZ
Hey yo, hello, so....

I am wondering if anyone is aware of alternative IO steam 'encryption' methods. Similar to Marshal.dump/load.

Preferably one written in ruby that I can use as reference for how to write my own.

Alternatively, if you are aware of any good articles on writing custom IO steam encryption systems, please share. :)

Thanks for reading, and even more thanks if you can provide any information on this matter. :D
 

Tsukihime

Veteran
Veteran
Joined
Jun 30, 2012
Messages
8,564
Reaction score
3,846
First Language
English
You are looking for solutions specifically for steam?


Encryption is a very common. Just search encryption algorithms.


Marshal isn't encryption.
 
Last edited by a moderator:

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,513
Reaction score
3,203
First Language
Binary
Primarily Uses
RMMZ
Is it not? Whats the difference then. Perhaps thats where I have been going wrong...

Edit, yea, I am looking for things for writing to/reading from files that will alter the contents in some manner to make it more difficult to distinguish whats going on. :)

Edit 2:

Ok, so its serialization. 

I understand that YAML and JSON are not supported in Ace, so are there any known custom serialization scripts or anything that anyone knows of?
 
 
Last edited by a moderator:

Tsukihime

Veteran
Veteran
Joined
Jun 30, 2012
Messages
8,564
Reaction score
3,846
First Language
English
Rather than coming up with your own serialization format I would recommend just trying to support one of the standard ones.
 

Engr. Adiktuzmiko

Chemical Engineer, Game Developer, Using BlinkBoy'
Veteran
Joined
May 15, 2012
Messages
14,682
Reaction score
3,003
First Language
Tagalog
Primarily Uses
RMVXA
@Theo - EST uses Marshal... :)

@Dekita - AFAIK, Marshal is the default serialization used by Ruby. Maybe you can study how JSON works and try to implement that in RGSS3? YMAL is like Marshal according to what I've read. Though it seems like Marshal is still somehow the best choice for the case of RGSS3.

I'd suggest just going on with marshal, then if you need some protection or something, add an encryption before dumping the data like what EST did. 
 
Last edited by a moderator:

Tsukihime

Veteran
Veteran
Joined
Jun 30, 2012
Messages
8,564
Reaction score
3,846
First Language
English
@Theo - EST uses Marshal... :)


@Dekita - AFAIK, Marshal is the default serialization used by Ruby. Maybe you can study how JSON works and try to implement that in RGSS3? YMAL is like Marshal according to what I've read. Though it seems like Marshal is still somehow the best choice for the case of RGSS3.


I'd suggest just going on with marshal, then if you need some protection or something, add an encryption before dumping the data like what EST did.
Study means looking at the grammar and implementing a reader/writer.


http://json.org/


However, the problem you are trying to solve is not just being able to read or write JSON; it's being able to actually serialize your ruby objects in a sensible way while supporting all of the possible types of data that can be thrown at you, and if you can't...then you'd have to be able to allow others to easily provide support for it.
 
Last edited by a moderator:

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,513
Reaction score
3,203
First Language
Binary
Primarily Uses
RMMZ
Will have to have a good look over that later. :)

I'm also wondering if there are other serialization methods available outwith ruby? maybe some C serialisation methods that wouldnt be too tricky to utilize via some dll. 
 

Zeriab

Huggins!
Veteran
Joined
Mar 20, 2012
Messages
1,268
Reaction score
1,422
First Language
English
Primarily Uses
RMXP
Sounds like you want to create your own stream class. Feel free to take apart the IO subclasses I created a while ago: http://pastebin.com/AaNrudWc

*hugs*

 - Zeriab
 

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,513
Reaction score
3,203
First Language
Binary
Primarily Uses
RMMZ
Yea that seems like the route I require.  Thanks for sharing. That wil be much hep I think :)
 

Tsukihime

Veteran
Veteran
Joined
Jun 30, 2012
Messages
8,564
Reaction score
3,846
First Language
English
You should test performance but any sort of encryption beyond 1 MB will likely require you to move to a DLL otherwise it would be too slow.
 

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,513
Reaction score
3,203
First Language
Binary
Primarily Uses
RMMZ
Yea I will probably be doing that anyway to try secure the method a little more - or at least try to :)
 

Zeriab

Huggins!
Veteran
Joined
Mar 20, 2012
Messages
1,268
Reaction score
1,422
First Language
English
Primarily Uses
RMXP
Cryptoanalysis is an unlikely attack vector. Considering only encryption parts of the files may be performance-wise important.

*hugs*

 - Zeriab
 

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,513
Reaction score
3,203
First Language
Binary
Primarily Uses
RMMZ
@Zeriab - what would you say is a more likely target?
 

FenixFyreX

Fire Deity
Veteran
Joined
Mar 1, 2012
Messages
434
Reaction score
310
First Language
English
Primarily Uses
He means that if you encrypt only a part of the file, then its less of a chance that the hacker will figure it out because he/she would have to analyze which part of the file is encrypted or not, and map it out. Multiple types of encryption is significantly more secure, but quite slower. The middleground, using just one (or maybe two) type of secure encryption over a piece of a file (not the whole thing) is slightly more secure than encrypting the whole thing and it is sufficiently faster as well, if done right.


Hackers don't look for only pieces of files to be encrypted, so it'll slow them down. Can't guarantee it'll completely deter them though.
 
Last edited by a moderator:

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,513
Reaction score
3,203
First Language
Binary
Primarily Uses
RMMZ
ahhh ok I get you now...

You mean like additional encryption for various areas of the file. ?

I kinda done that with my patching system - the scripts have one more level of serialization and compression compared to the rest of the patch :p
 

Zeriab

Huggins!
Veteran
Joined
Mar 20, 2012
Messages
1,268
Reaction score
1,422
First Language
English
Primarily Uses
RMXP
There is a bunch of interesting information available about Cryptanalysis

Let me give an extreme example of what I mean, as it is something different.

Say we want to encrypt our png-files. PNG-files have a particular header with the first byte being 0x89.

Encryption: Change first byte from 0x89 to 0x79.

Decryption: Change first byte from 0x79 to 0x89.

Doesn't get much simpler than that. Should someone try to open the picture file they'll get a corrupted error or something like that.

Now let's say that they open the file in a text editor or hex editor. PNG is there in plaintext.

Why can't it be opened?

*opens a working PNG-file*

*compares and notices the different first byte*

*changes first byte and checks if that works*

Hey.... encryption broken :D

I claimed that while this example is so simple it might actually happen. The more likely breach is that someone simply uses whatever code the game uses for decryption to decrypt the files.

While you certainly can pipe different encryptions together and increase the code path between the different encryptions, protecting against an attacker studying your code directly or through a VM is simply impractical.

The game must contain all secrets and therein lies the issue.

*hugs*

 - Zeriab
 
Last edited by a moderator:

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,513
Reaction score
3,203
First Language
Binary
Primarily Uses
RMMZ
Lol, so your underlying point is, its pointless. ?

I get what you mean about how the game must contain the secrets so in the end, someone whom is able to interpret the secrets to their true meaning will always be able to cause 'damage' wherever they see fit (should they so choose to). But I mean, isnt it at least worth making it a little more time consuming in the hope of being able to deter a few folk? :)

Also, I never thought of something to simple for an encryption method :D

Certainly got me thinking now...
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

Latest Threads

Latest Posts

Latest Profile Posts

Couple hours of work. Might use in my game as a secret find or something. Not sure. Fancy though no? :D
Holy stink, where have I been? Well, I started my temporary job this week. So less time to spend on game design... :(
Cartoonier cloud cover that better fits the art style, as well as (slightly) improved blending/fading... fading clouds when there are larger patterns is still somewhat abrupt for some reason.
Do you Find Tilesetting or Looking for Tilesets/Plugins more fun? Personally I like making my tileset for my Game (Cretaceous Park TM) xD
How many parameters is 'too many'??

Forum statistics

Threads
105,862
Messages
1,017,049
Members
137,570
Latest member
fgfhdfg
Top