The ProudNet provide various encrypting method to you. The variety come from combination between performance and security level. If you want to send a encrypted message, you should call RMI function or a function of SendUserMessage function group with Proud.RmiContext.m_encryptMode parameter filled with the encrypting method which you want.
Samples
RmiContext rmiContext; rmiContext.m_encryptMode = EM_Secure; Proxy.RequestLogon(HostID_Server, rmiContext, m_Name, password);
RmiContext rmiContext; rmiContext.m_encryptMode = EM_Fast; Proxy.RequestLogon(HostID_Server, rmiContext, m_Name, password);
You can use it like this.
Proxy.RequestLogon(HostID_Server,RmiContext::SecureReliableSend, m_Name, password); // using EM_Secure
Proxy.RequestLogon(HostID_Server,RmiContext::FastEncryptedReliableSend, m_Name, password); // using EM_Fast
P2P Group에서 암호화 기능을 사용할 경우 CStartServerParameterBase::m_enableP2PEncryptedMessaging
의 값을 true
로 설정 해야 합니다.
9.1The encrypting method of ProudNet
ProudNet offers a very strong communication security function. For instance, it can encrypt the message related to logon into the highest level.
First, let's learn what encryption is about.
If a message being sent to a different computer is easy to decode or alter then it becomes vulnerable for being hacked by a third person. Especially if the message is your login ID and Password, then one day you would see your game character stripped completely by hackers.
To encrypt a message, it requires each algorithms (formulas) to encrypt and decode. But what is going to happen if the algorithm itself breaks out to public? It wouldn't take long for any hacker to crack the encryption and your valuable information would be leaked. To prevent this, there must be a method, so called key that locks the encrypted message and make hackers see the encrypted message but can never decode it. In today's computer science, the key based encryption is used for encrypted algorithm. The length of encrypted key varies that it can be as long as hundreds of bits if needed.
Let's assume there is a hacker succeeded in possessing an encrypted message. In order to decode the message, the hacker must find a key to open it. Let's say the hacker already knows the algorithm used in the encryption. Then the hacker would pull out his key chain and see which key fits. Again, let's assume the length of encryption key is 128 bits. Then our hacker has a chance of finding the right one out of only 2^128 keys. If our hacker also has a program that automatically switches keys until the correct one come out, it may take around 1/1,000,000,000,000 seconds per a key with his multi-million dollars' worth of super computer. So to our smart and remarkably rich hacker, it only takes 10,790,283,070,806,014,188 years to find the right key.
Key, in other words, the encryption key is categorized into asymmetric and symmetric. Asymmetric key comes in a pair that if one key is used for encryption, then it can't be decoded without the other key. On the contrary, symmetric key can encrypt and decode by itself. Using this difference, both asymmetric and symmetric keys are used together for sending encrypted message in computer network.
Let's say there are two hosts, one is called A, and the other, B. Host A wants to send an encrypted message to Host B safely. Host A first makes a pair of asymmetric keys, then keeps one to himself and sends the other to Host B. The key that Host A kept it is called Private Key and one send to Host B is called Public Key.
And when a hacker attacked the transmission between Host A and B, he found the Public Key.
Host B has created a symmetric key (Session Key), is keeping it to himself and receives the Public Key coming from Host A. Then Host B encrypts the Public Key into a symmetric key. Our hacker manages to steal that symmetric key as well. Host A decodes the received symmetric key as Private Key and shares the symmetric key made by Host B. The hacker has Public Key and the encrypted symmetric key but can't decode the file since he has no Private Key in his possession.
Now Host A sends the message to Host B after encrypting it with the symmetric key came from Host B. The hacker captures this also.
Host B well uses the encrypted message after decoding it with the symmetric key but unfortunately, the hacker can't make of the contents in the message since he hasn't earned the symmetric key.
In an act of revenge, the hacker contaminates the message and sends it to Host B. Host B receives the corrupted message, decoded it anyhow but trashes it since it makes no sense.
ProudNet has such method of encryption implemented as default. It uses 128bit RSA as asymmetric key algorithm and AES, Fast as symmetric key algorithm. RSA is very powerful but it requires heavy calculation that it is difficult to encrypt all messages in RSA. This is precisely why the encryption method has to be mixed between the use of asymmetric and symmetric algorithm.
Not only ProudNet offer the strong encryption for communication between server and client, but also for P2P communication so that the message can be protected from any hacker's attack.
9.2Performance of encrypted messaging
Per RMI unit method of ProudNet use AES type or Fast type. In result of performance check, server computers in these days can transmit as many as 100,000 encrypted RMIs per second.
The symmetric key used in the encrypted RMIs gets encrypted as RSA algorithm Public Key at the initial startup of server. Thus the security of encrypted RMI is extremely high.
9.3Cautions as using encrypting messaging
Events that occur while ProudNet client connects to server or custom fields being transmitted from Proud::INetServerEvent::OnConnectionRequest are not encrypted thus any information related user must not be exchanged through those.
9.4The length of encryption: mediate between the level of encryption and performance.
In the process of encryption, keys are exchanged between hosts within ProudNet. Users are allowed to set the length of exchanged keys. The length of encryption key should be set with taking system performance & the level of encryption into account.
The length of encryption key can be set at parameters - Proud.CStartServerParameter.m_encryptedMessageKeyLength and Proud.CStartServerParameter.m_fastEncryptedMessageKeyLength when the server starts.
Proud.CStartServerParameter.m_encryptedMessageKeyLength parameter means the length of key when using AES encryption and can set the length of 3 keys.
Proud.EncryptLevel.EncryptLevel_Low , Proud.EncryptLevel.EncryptLevel_Middle , Proud.EncryptLevel.EncryptLevel_High.
Proud.CStartServerParameter.m_fastEncryptedMessageKeyLength parameter means the length of key when using Fast encryption and can set the length of 3 keys.
Proud.FastEncryptLevel.FastEncryptLevel_Low , Proud.FastEncryptLevel.FastEncryptLevel_Middle , Proud.FastEncryptLevel.FastEncryptLevel_High.
AES encryption method provides a high level of encryption even though it is slower than Fast encryption method. But you can use speedy Fast encryption method when sending & receiving character moving message or unimportant data or mass data.
The following is the comparison between Fast encryption algorithm and AES encryption algorithm.
It is about measuring time when password decoding is executed 100,000 times (1 time per 1 password decoding) by each algorithm.
Execution time for password decoding is depending on PC specification & data size.
The specification of the computer which executed this test is below.
OS | Windows 7 Professional K |
CPU | Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz 3.40GHz |
RAM | 16.0GB |
System type | 64-bit Operating System |