We have a feature in our game, where the player can unlock achievement and it get sent to a website, kinda like what steam is doing.
One detail, we want our player to be able to play offline. So if he achieve something and he is offline, we would like to keep it in a json/list or something, and send the data once he is connected again.
My issue tho, is I’m not sure how secure you can do this?
Right now we aim to keep our persistent data in a json and encrypt it with something like SHA-256. I’m pretty new in encryption, but as we have to save the key localy for the encryption, does it mean that somoene could break our encryption?
How safe is it to keep data encrypted localy? And what is the safest way?
Since the data is first created in clear by your application in the first place, it’s pretty useless to encrypt it. Since the player could easily (depending on his motivation) access it before it is encrypted.
I don’t think what you need is encryption. Encryption simply hide the data from the player, what you want is more to not let the player modify the data, or at least you want a way to detect whether the player has modify the data. There’s no 100% way to know whether the data has been genuinely generated by your application or has been corrupted. But you could implement some (obscure) mechanisms to make the task of modifying the data more complicated for player.
By accessing it before it’s encryption, do you mean reading the memory and changing it?
I’m not sure We will go as far as checking for this. We are a pretty small team on a large project, and trying to secure everything with special mechanism would be a hell of a job.
Yes, that’s what I meant. The hardware is on the player the side and so he has total control over it, therefore is no 100% secure way to hide the data from the player.
You would need to ponder what would be the motivation of the player to manipulate the data and to consider what would be the cost or damage for your game/company.
A cheap way to check for data corruption, is to compute the hash (optionally salted) of the data and store it along locally. If the player modifies the file by hand, the hash will not match. Maybe that would be enough.
Again, nothing is safe. Anyone a bit techie with some motivation can decompile your game and read how your protection algorithm works. Remember you can’t stop attackers, however you can slow them down.
The hash of your data would be stored on disk along with the data stored locally. Both the data and its hash would be send to the server so that the integrity could be check.
The salt can be anything and can even change dynamically, that’s where you can put some obfuscation. It could be a date, or it containing a part of the data or something combination of…whatever… that you concatenate with the data to hash. The important thing is that both the client application and the server need to know how to create the salt.