Hello,
I recently started to use encryption for .es3 files in my mobile game to prevent users from modifying it.
Also I've heard that some guys can try to do reverse engineering and get the source code, so keeping password as text in the code is a bad idea.
Is it more secure to store password in ES menu - Settings - Encryption Password field? (Is it additionally protected that way?)
Could you please advice some best practices to keep the game most secure from reverse engineering?
p.s. Apart from save games I'm thinking about resources encryption, does it make sense to encrypt resources?
Best regards,
John
.es3 encryption and security
Re: .es3 encryption and security
Hi John,
Anything which means the password is stored with the app is susceptible to reverse engineering. However, most find that the effort required is enough to deter people.
The only way to prevent reverse engineering would be to store the data on a server (for example using ES3Cloud), so that no data is stored on the users device.
All the best,
Joel
Anything which means the password is stored with the app is susceptible to reverse engineering. However, most find that the effort required is enough to deter people.
The only way to prevent reverse engineering would be to store the data on a server (for example using ES3Cloud), so that no data is stored on the users device.
I'm afraid it wouldn't be possible for me to say because this depends on your game and what you're trying to achieve.p.s. Apart from save games I'm thinking about resources encryption, does it make sense to encrypt resources?
All the best,
Joel
Re: .es3 encryption and security
Hi Joel,
Thanks for your reply.
Could you please clarify if there is a difference from security perspective between storying password in es3 menu: or in code as literal:
Best regards,
John
Thanks for your reply.
Could you please clarify if there is a difference from security perspective between storying password in es3 menu: or in code as literal:
Code: Select all
// Create a new ES3Settings to enable encryption.
var settings = new ES3Settings(ES3.EncryptionType.AES, "myPassword");
// Use the ES3Settings object to encrypt data.
ES3.Save("myTransform", this.transform, settings);
// Use the ES3Settings object to load and decrypt the data.
ES3.LoadInto("myTransform", this.transform, settings);
John
Re: .es3 encryption and security
Hi there,
To clarify, both store the password in the app, so there is no different from a security perspective.
All the best,
Joel
To clarify, both store the password in the app, so there is no different from a security perspective.
All the best,
Joel