We build and Streamed Scene Asset Bundles (asset bundles containing only a scene and for which isStreamedSceneAssetBundle is true).
What options do we have to protect the content of these asset bundles using encryption?
Do you want to protect the transfer of the bundle or do you also want them to be protected from tampering with on end-users machine as well?
For the first - use HTTPS when downloading.
The second one. Particularly, I don’t want people to be able to just copy paste the file from their android device and load the contained scene using Unity
Sigh, I see so many people wasting their precious lifetime on this impossible task.
If you’re concerned about the user ‘hacking your save files,’ or ‘cheating in your game,’ just don’t be. There’s nothing you can do about it. Nothing is secure, it is not your computer, it is the user’s computer. If it must be secure, store it on your own server and have the user connect to download it.
Anything else is a waste of your time and the only person you’re going to inconvenience is yourself when you’re debugging the game and you have savegame errors. Work on your game instead.
Remember, it only takes one 12-year-old in Finland to write a script to read/write your game files and everybody else can now use that script. Read about Cheat Engine to see more ways you cannot possibly control this.
The good news is that most likely nobody will care enough about your game to bother, so you’re safe.
@Kurt-Dekker No, your logic is flawed.
What I want is: using very simple and cheap measures (encryption of AssetBundle) to prevent others from reusing my assets without expending significant effort of finding the decryption key within the compiled source or scrapping them from runtime memory.
It is orders of magnitude more easy (or in other words less expensive / more readily available) to simply open the external storage location on any Windows explorer, copy AssetBundles from there and open them in your own Unity project, than to figure out how to extract a decryption key from a compiled source which potentially obfuscates this encryption key additionally.
Encryption does NOT need to be theoretically secure in order to provide significant practical benefits and protection from certain events.
You can load asset bundles from Streams, so you can use some encrypted stream class.