Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Separate encrypted SRAM for Hardcore mode #6

Open
Jamiras opened this issue Jun 26, 2018 · 4 comments
Open

Separate encrypted SRAM for Hardcore mode #6

Jamiras opened this issue Jun 26, 2018 · 4 comments

Comments

@Jamiras
Copy link
Member

Jamiras commented Jun 26, 2018
edited
Loading

As a player, I shouldn't be able to artificially be able to boost my gameplay by making changes to the SRAM file.

For any game that has a SRAM file, players can modify that externally, or even internally using the Memory Viewer, then restart the emulator in hardcore mode to take advantage of the changes.

The easiest way to prevent this is to encrypt the SRAM file. For extra security the salt could be the player's username ID.

For players who have existing SRAM files, we have to be able to grandfather them into the system. I recommend using a new filename for hardcore (i.e. game.hardcore.sram) and if it doesn't exist, and the player has a game.sram, load that instead. Grandfathering a file would require the player having earned achievements for the game prior to supporting encrypted SRAM files.

When playing in hardcore mode, if the RAM hasn't been tampered with, the SRAM would be saved as game.hardcore.sram using the encryption method described above. If the player has disabled hardcore mode or tampered with RAM, the SRAM would be saved as game.sram.

It may be desirable to save both game.sram and game.hardcore.sram in hardcore mode so players can use their SRAM file in other emulators.

This solution isn't foolproof. A very creative player could still use an external tool (like a debugger) to modify the RAM without setting the "tampered" flag. Additionally, as the emulators are open source, they could recompile them without the additional security. Finally, as we don't currently require players to use the latest emulators, they could just continue playing with older emulators and not have to worry about the encrypted SRAM files.
@GameDragon2k
Copy link
Contributor

@kdecks has wanted something like this for a long time.

If I'm understanding correctly, if a game.sram exists, a game.hardcore.sram is created using the former SRAM. So what's stopping someone from just deleting their hardcore save and just generating a new one after modifying game.sram?

@Jamiras
Copy link
Member Author

Jamiras commented Jun 28, 2018

Grandfathering a file would require the player having earned achievements for the game prior to supporting encrypted SRAM files.

This would prevent players from importing a save for a set they haven't already played. And if they do start playing after the encrypted SRAM files are supported, they'd only be able to use the encrypted SRAM files.

@leiradel
Copy link

leiradel commented Jul 7, 2018

What about creating a digital signature of the SRAM file using the user ID? Just hash the SRAM contents, encrypt using the user ID as the key, and save the result. When reading, re-evaluate the digital signature and compare to the one on the file system.

I'm not an expert, but I think even SHA-2 + blowfish would provide enough security for this purpose, and there are public domain implementations for both of them available.

@salvadorc17
Copy link
Contributor

This is not related to the save protection? this issue is clearly visible on gba games, and need to be addressed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@leiradel @GameDragon2k @salvadorc17 @Jamiras