Comcast Web Hosting Downloadable Games White Paper Comcast Hosting

2004 Web and Downloadable Games White Paper

IGDA Online Games SIG

ideal solution is one that maintains the greatest level of accessibility for legitimate game play while

identifying, responding to, and learning about the greatest number of attacks.

The  trade off  becomes  even  more  acute  when  discussing  networked  games.  In  designing  a

secure  gaming  system  for  skill based  competitions  on  iWin.com,  Flipside's  engineering  team

deployed  three  distinct  countermeasures:  a  solid  encryption  scheme,  a  protocol  for  verifying

game clients, and a control response loop.

To  secure  the  network  pipe  and  prevent  a  man in the middle  attack,  Flipside  integrated  a

symmetric  encryption  component  for  all  client server  communication.  Utilizing  this  algorithm

independent  component  achieved  their  goals  both  in  terms  of  accessibility  (the  speed  of

encryption  and  decryption)  and  security  (symmetric  encryption  is  a  well  tested  method  and  a

standard of conventional cryptography). This was a seemingly ideal scenario. Unfortunately, the

work  was  not  complete.  Because  symmetric  encryption  requires  that  the  sender  and  receiver

share the same key, the crucial element in the relationship is the secure delivery of that key. To

accomplish  this,  Flipside  designed  a  proprietary  Public  Key  Infrastructure  (PKI)  handshake  to

deliver  a  (reasonably)  randomly  produced,  single use  symmetric  key.  The  combination  of  both

technologies provided the best of both worlds: the security of PKI and the efficacy of symmetric

encryption.

However, the team quickly realized that the most secure encryption scheme was worthless if not

combined with a plan to verify and secure the game clients themselves. The ready availability and

ease  of  use  of  decompilers  led  the  company  to  believe  that  the  most  secure  way  to  mitigate

attacks on the game clients was to utilize a Zero Knowledge Protocol, or ZKP. By relegating the

client to display layer code only, ZKPs allow a developer to protect the game and scoring logic

within a server side component to be delivered dynamically at run time. While using ZKP served

the  security  goal  well,  the  latency  inevitably  introduced  by  such  high  network  traffic  made  fluid

game play impossible for all users but those with the fastest connections. In this case, the security

system (ZKP) mitigated certain types of attacks very well, but at the cost of the operation of the

games.  The  solution was to go with a hybrid approach: allow inclusion of scoring logic into the

clients  to  streamline  game  play,  and  replicate  it  with  a  server  side  component  that  could  verify

scoring  behavior  versus  its  own  version  of  the  logic.  Additionally,  Flipside  employed  a  method

referred  to  as  the  bouncing  pebble  theory  (unrelated  to  Oxford's  pebble  theory).  This  entailed

taking  an  outwardly  meaningless  stream  of  game  data,  such  as  an  event  related  to  a  pebble

bouncing on the side of the road in a racing game, and verifying it along with the scoring events.

We found that the inclusion of this  red herring  was often overlooked by reverse engineers.

Finally, the most effective security solution is one that is ongoing, a perpetual work in progress.

Actively identifying and testing different types of attacks and corresponding new countermeasures

will  generally  provide  more  security  than  a  sedentary  system.  At  the  same  time,  all  new

countermeasures need to meet the same criteria: mitigate risks (hacks) against the asset (your

game) without creating additional holes, and maintaining access for the approved users (players).

No security system is perfect, but one that recognizes its shortcomings and balances the trade

offs  outlined  above  will  go  a  long  way  in  achieving  the  ultimate  goal:  the  confidence  of  your

players.

1.

Types of Attacks

From a technology perspective, it is useful to divide attacks on online games into three major categories:

hacking, cheating and griefing. These distinctions serve to allow us to separate traditional computer

security countermeasures from those that are unique to online games.

Unfortunately, the number of specific attacks is virtually limitless. Also unfortunately, many stem from

sloppy development and business practices. Buffer overflows and out of range errors are the product of

poor programming. The traditional software development community has this problem and has not

addressed it for the past thirty plus years and the game development community is no better or worse.

Page 72 of 93





Unlimited Web Hosting





  
    
      
        Home :: RegularHostingPlan :: 
          DatabaseHostingPlan :: 
          JavaHostingPlan :: 
          CompareOurPlans :: AboutUs - 
          Our Network :: 
          Testimonials 
          WhyChooseTotalRoute.net :: 
          MoneyBackQuarantee :: 
          SupportOnline :: FAQ :: 
          ControlPanel :: 
          24/7TechSupport :: 
          ContactUs :: 
          Order 
          TransferYourSite :: 
          Sitemap :: 
            TermsOfService
      Comcast Web Hosting 
    
  
  
    
 
  
  
    Our partners:Jsp Web   Hosting 
      Unlimited Web Hosting 
      Cheapest Web   Hosting  Java Web Hosting 
      Web   Templates 
      Best Web Templates 
      Web Design   Templates 
      Interland Web Hosting 
      Cheap Web Hosting  
      Java Web Hosting   
      Tomcat Web Hosting 
      Quality Web   Hosting 
    Best Web Hosting  Mac Web   Hosting
  
  
    TotalRoute.net Business web hosting division of Vision Web Hosting Inc. All rights reserved.