Search code examples
c++encryptionxxtea

How to store encryption key in safe (C++)?

I want to use xxtea for data encryption/decryption in my game.

Here is the example of library usage:

#include <stdio.h>
#include <string.h>
#include <xxtea.h>

int main() {
    const char *text = "Hello World! 你好,中国!";
    const char *key = "1234567890";
    size_t len;
    unsigned char *encrypt_data = xxtea_encrypt(text, strlen(text), key, &len);
    char *decrypt_data = xxtea_decrypt(encrypt_data, len, key, &len);
    if (strncmp(text, decrypt_data, len) == 0) {
        printf("success!\n");
    }
    else {
        printf("fail!\n");
    }
    free(encrypt_data);
    free(decrypt_data);
    return 0;
}

How to keep the key itself in safe then?

Solution

  • As @ArtjomB notes, you would keep the key safe by not putting it into your program. During startup, an authorized user or security device will need to provide the key.

    Anything that doesn't look like that is no longer encryption or security, it's some form of obfuscation. Obfuscation (or "DRM") can be somewhere between useless and somewhat effective depending on how much effort you're going to put into it versus how much interest there is in cracking it. What's your ongoing budget for improving this as new attacks come along? What is the sophistication of your expected attackers?

    Apple (as one example) controls their hardware, firmware, and OS very tightly, and has a team entirely devoted to constantly improving that. The iPhone is generally jailbroken within a few weeks to months after new releases. You should consider that the best case scenario for an attractive target.

    If you're thinking "well, what can I put together in an afternoon that will stop the ankle biters?" do whatever comes to mind. XOR it with some other hard-coded value. Maybe bitshift it or whatever. It won't help very much against anyone who cares, but it'll stop the most casual attacker, and at least you won't waste a ton of time and money on it.

    Stepping up from that, look at your platform's built-in solutions. OS assistance is a big help. In particular, look at SLP Services on Windows. Mac provides licensing enforcement if you work through Mac App Store. Or you can look at commercial vendors like eSellerate who have their own proprietary solutions. SafeNet has several products. Of course all of these can be (and regularly are) defeated. But they're much stronger than whatever you're going to develop over a few days.

    Any specific approach you get off of StackOverflow will be, by definition, useless. The only thing obfuscation has going for it is that its details are secret. If you know how it works, then you can beat it. That's what differentiates it from encryption. Good encryption is designed to be just as strong even if the attacker knows the entire algorithm. That's why obfuscation techniques are proprietary. They pretty much have to be. Which means you're either going to (a) quickly build a lousy one, (b) spend a lot of time and money building a slightly-less lousy one, or (c) spend quite a lot more money to get a somewhat-passable one from a vendor who specializes in these things.

    (If you're asking this question on StackOverflow, there is absolutely no chance you are going to build a good one on your own. If you haven't cracked a few programs yourself, you're in no position to build something to stop others.)