December 01, 2021, 02:55:10 am

The Gang Garrison 2 Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

NOTICE: Due to a rise in bot activity, new posters need to be approved before posting.

Join the community Discord server!

Pages: 1 [2]

Author Topic: Haxxy identification not secure!  (Read 7212 times)

nightcracker

  • NC
  • Full Member
  • ***
  • Karma: 0
  • Offline Offline
  • Posts: 517
  • PyGG2 dev
    • NC Labs
Re: Haxxy identification not secure!
« Reply #15 on: October 17, 2011, 09:38:02 am »

I have an algorithm that is completely secure, but sadly requires an authority (gangarrison.com for example). It works like this:

The authority (ganggarrison.com) knows a secret key. This same secret key is given to the haxxy award winners.

When a server starts up it asks ganggarrison.com for an unique ID. The authority returns that ID, and a hash calculated as md5(id + haxxykey). Lets call the ID the serverID and md5(id + haxxykey) the serverhash.

When a client connects to a server and says it's a haxxy winner the server will send it's serverID to the client. Then the client sends the md5(serverID + secretkey) back to the server and the server will check if it matches with it's serverhash. If it does the client is a haxxy award winner.

Note that this algorithm can easily be changed around to use sha1 or something else instead.

Why is this algorithm secure? Well, first, since only the MD5 is taken from secretkey PLUS id it means that the algorithm implicitly uses a salt removing the possibility of using rainbow tables to extract the secretkey. And because the client never sends the secretkey but the hash of it + serverID to the server the server can't steal the key.
« Last Edit: October 17, 2011, 09:40:56 am by nightcracker »
Logged

Derpduck

  • 2011 Haxxy Finalist
  • *
  • Karma: 42
  • Offline Offline
  • Posts: 5770
Re: Haxxy identification not secure!
« Reply #16 on: October 20, 2011, 10:43:10 am »

You could just swap the last 2 frames in the character sprite and make a sprite mod

Saniblues

  • Onion Knight
  • Administrator
  • *****
  • Karma: -1305
  • Offline Offline
  • Posts: 12416
Re: Haxxy identification not secure!
« Reply #17 on: October 20, 2011, 05:04:28 pm »

Having something in a mod is a lot different than having something in the actual game that everyone sees.
Logged
Quote from: mop
Quote from: MR MAGN3TIC
I don't like it.  :nah:
Oh, well, you might as well pack up and stop now, because he doesn't like it
I'm bored out of my skull, Lets play a different game!
Lets take a visit down below And cast the world in flames!

nightcracker

  • NC
  • Full Member
  • ***
  • Karma: 0
  • Offline Offline
  • Posts: 517
  • PyGG2 dev
    • NC Labs
Re: Haxxy identification not secure!
« Reply #18 on: October 20, 2011, 05:15:06 pm »

You could just swap the last 2 frames in the character sprite and make a sprite mod

Perhaps you don't understand it. The game sees me as a legit haxxy award winner. The server sees me as a legit haxxy award winner.
« Last Edit: October 20, 2011, 05:16:06 pm by nightcracker »
Logged

Haxton Sale

  • The only true
  • Moderator
  • *****
  • Karma: 18
  • Offline Offline
  • Posts: 3542
  • HAXTON SAAAAAAAAAAALE!
Re: Haxxy identification not secure!
« Reply #19 on: October 21, 2011, 01:28:30 am »

You could just swap the last 2 frames in the character sprite and make a sprite mod

Perhaps you don't understand it. The game sees me as a legit haxxy award winner. The server sees me as a legit haxxy award winner.
Have fun then. 95% of people here wouldn't understand if you explained them how you did this.
Logged
THIS POST GOT SIGNED BY

Derpduck

  • 2011 Haxxy Finalist
  • *
  • Karma: 42
  • Offline Offline
  • Posts: 5770
Re: Haxxy identification not secure!
« Reply #20 on: October 21, 2011, 08:27:27 am »

it doenst really matter if everyone sees you with it, its not like they will like you more or anything and unless you alt as an actual haxxy winner people will realise that you didnt win a haxxy

nightcracker

  • NC
  • Full Member
  • ***
  • Karma: 0
  • Offline Offline
  • Posts: 517
  • PyGG2 dev
    • NC Labs
Re: Haxxy identification not secure!
« Reply #21 on: October 21, 2011, 08:51:17 am »

Oh I didn't do it so anyone would like me or anything, just to show that the encryption is broken.

And the reason I'm still running around with it is just because it's funny :)
Logged

Derpduck

  • 2011 Haxxy Finalist
  • *
  • Karma: 42
  • Offline Offline
  • Posts: 5770
Re: Haxxy identification not secure!
« Reply #22 on: October 21, 2011, 08:53:45 am »

ok, it just seems a little pointless

MedO

  • Owns this place
  • *****
  • Karma: 151
  • Offline Offline
  • Posts: 1751
Re: Haxxy identification not secure!
« Reply #23 on: October 21, 2011, 09:14:30 am »

As has already been said, the current protocol was always known to be insecure, it was only meant to stop people from *trivially* circumventing it (e.g. if the actual key was present in the server code). If we ever introduce an actual account system, we will of course use something more secure.

I have an algorithm that is completely secure, but sadly requires an authority (gangarrison.com for example). It works like this:

The authority (ganggarrison.com) knows a secret key. This same secret key is given to the haxxy award winners.

When a server starts up it asks ganggarrison.com for an unique ID. The authority returns that ID, and a hash calculated as md5(id + haxxykey). Lets call the ID the serverID and md5(id + haxxykey) the serverhash.

When a client connects to a server and says it's a haxxy winner the server will send it's serverID to the client. Then the client sends the md5(serverID + secretkey) back to the server and the server will check if it matches with it's serverhash. If it does the client is a haxxy award winner.

Note that this algorithm can easily be changed around to use sha1 or something else instead.

Why is this algorithm secure? Well, first, since only the MD5 is taken from secretkey PLUS id it means that the algorithm implicitly uses a salt removing the possibility of using rainbow tables to extract the secretkey. And because the client never sends the secretkey but the hash of it + serverID to the server the server can't steal the key.
This protocol is not secure though, since someone can open a server with the serverID of an existing server. He cannot learn the actual key this way, but at least a temporarily valid token for authenticating on a selected server.

It is also a security problem that the server (a potential attacker) is allowed to choose the salt value used by the client, effectively destroying any additional entropy that a salt is supposed to provide.
Logged
Quote from: Alfred North Whitehead
It is the business of the future to be dangerous; and it is among the merits of science that it equips the future for its duties.

Quote from: John Carmack
[...] if you have a large enough codebase, any class of error that is syntactically legal probably exists there.

nightcracker

  • NC
  • Full Member
  • ***
  • Karma: 0
  • Offline Offline
  • Posts: 517
  • PyGG2 dev
    • NC Labs
Re: Haxxy identification not secure!
« Reply #24 on: October 21, 2011, 09:33:10 am »

Instead of the server sending it's serverID, instead the client could ask ganggarrison.com what the serverID of IP x is (where x is the IP of the server we're connecting to). The updated scheme would look like this:

The server is started up and asks the authority for a serverID and md5(serverID + secretkey). When a haxxy client connects to a certain server it asks the authority the serverID of the IP of the server we're connecting to and it sends md5(serverID + secretkey) to the server. The server next authenticates by comparing the two hashes.

Also, this system could be built in the lobby, the lobby server can give a serverID to every server connecting.


P.S. A salt is not there for entropy. A salt is for preventing rainbow tables and such from working. Quoting Wikipedia:

Quote
The benefit provided by using a salted password is making a lookup table assisted dictionary attack against the stored values impractical, provided the salt is large enough. That is, an attacker would not be able to create a precomputed lookup table (i.e. a rainbow table) of hashed values (password + salt), because it would take too much space. A simple dictionary attack is still very possible, although much slower since it cannot be precomputed.
Logged

MedO

  • Owns this place
  • *****
  • Karma: 151
  • Offline Offline
  • Posts: 1751
Re: Haxxy identification not secure!
« Reply #25 on: October 21, 2011, 11:11:30 am »

P.S. A salt is not there for entropy. A salt is for preventing rainbow tables and such from working.
Yes. By adding entropy. If the key has enough entropy on its own, you do not need a salt. In fact, a long key without salt is more secure than a salted, shorter key, since the shorter key can be bruteforced more easily.
Logged
Quote from: Alfred North Whitehead
It is the business of the future to be dangerous; and it is among the merits of science that it equips the future for its duties.

Quote from: John Carmack
[...] if you have a large enough codebase, any class of error that is syntactically legal probably exists there.
Pages: 1 [2]
 

Page created in 0.032 seconds with 36 queries.