|
|
|
This thread is locked; no one can reply to it.
|
| PhysFS + Password Protected Archives? |
|
RPG Hacker
Member #12,492
January 2011
 |
PhysFS seems to be the most convenient way to handle levels (or any kind of file packages) in your game. But I wonder: Is it possible to use password protected archives with PhysFS? Using just regular archives seems to make it kinda easy for people to mess around with your files. I didn't find any function for this in the documentation, so...
|
|
jmasterx
Member #11,410
October 2009
|
No, it does not support it. The way I see it is this: What I do is rename the zip to dat. To help against modding, I get the md5 hash of my zip and I hard code it into the game. The game will not load it unless the hash matches. But if you really want password protected resources, encrypt all your resources, put them in the zip file, then load each resource into memory, decrypt in memory, then have allegro load from memory. Agui GUI API -> https://github.com/jmasterx/Agui |
|
RPG Hacker
Member #12,492
January 2011
|
Sure, I could do that. Just thought that maybe there was an easy way. Well, thanks, anyways!
|
|
Thomas Fjellstrom
Member #476
June 2000
 |
passworded zips are stupid simple to crack anyhow. And you have to store the password somewhere in your program, so its even easier to crack. -- |
|
Arthur Kalliokoski
Second in Command
February 2005
 |
Thomas Fjellstrom said: passworded zips are stupid simple to crack anyhow. I thought that was because people used stupidly simple passwords? They all watch too much MSNBC... they get ideas. |
|
jmasterx
Member #11,410
October 2009
|
Thomas Fjellstrom said: passworded zips are stupid simple to crack anyhow. Not quite; example, 7-zip uses 256 bit encryption, but, with a bruteforcer that uses a gpu, within a few weeks any password should be crackable. But yeah, for the purposes of games, it's not that hard to go in and modify the exe if that is your motive. Agui GUI API -> https://github.com/jmasterx/Agui |
|
RPG Hacker
Member #12,492
January 2011
|
You have a point there. I completely overlooked the fact that you'd have to store the password inside the EXE. I guess that would make the whole thing pointless. Anyways, if that wasn't the case, I'd be using 7z-archives, I guess. Needing "a few weeks" to crack a single file should be fair enough. Noone would go through that much trouble for some simple game resources.
|
|
Thomas Fjellstrom
Member #476
June 2000
|
jmasterx said: Not quite; example, 7-zip uses 256 bit encryption, but, with a bruteforcer that uses a gpu, within a few weeks any password should be crackable. But yeah, for the purposes of games, it's not that hard to go in and modify the exe if that is your motive. I'm talking plain old passworded zip files. If you really wanted some security, you could AES-256 your archives... -- |
|
BAF
Member #2,981
December 2002
 |
jmasterx said: But if you really want password protected resources, encrypt all your resources, put them in the zip file, then load each resource into memory, decrypt in memory, then have allegro load from memory. Why? Personally, I'd be flattered if a game I made became popular enough for someone to mod it. I wouldn't try and put obstacles in their way - some modders produce some really cool stuff. |
|
Phrasz
Member #10,091
August 2008
|
IMO: If it's not interacting with a server it doesn't matter. Personally, I feel some of the best features of a game are ones modded in: Case in Point == Diablo II. If you want to secure your content just XOR the data/ FLIP ALL THE BITS. This guy has a scrambler: http://www.mindspring.com/~tcoonan/scramble.c . That will keep MOST people out. Then if you are still crazy concerned with data: fragment it and put it back together when saving: using it [1][2][3][4] === save it ===> [2][4][1][3] (and back). That is STILL not enough? Hash only parts of the data to "sign" the contents. Unfortunately, this are less protecting than they are preventing measures. If you have a server(Certifying entity): If you want the real answers look what the NSA does:
|
|
jmasterx
Member #11,410
October 2009
|
BAF said: Why? I don't know, I would personally not take that route. Agui GUI API -> https://github.com/jmasterx/Agui |
|
Arthur Kalliokoski
Second in Command
February 2005
|
If it's multi-player, the cheaters have an advantage over the others, but if it's single player, what's the harm? They're having "fun", after all... They all watch too much MSNBC... they get ideas. |
|
|
