search

SoftwareGuy / Ignorance

Ignorance utilizes the power of ENet to provide a reliable UDP networking transport for Mirror Networking.
Other
248 stars 31 forks source link

Packet Encryption #69

Closed JayPeet closed 3 years ago

JayPeet commented 3 years ago

Hello @SoftwareGuy !

I was looking into using Ignorance for a project, and was wondering if you have any future plans for implementing some form of optional UDP encryption such as DTLS or an alternative.

Im not fully sure if this is something which would be implemented in Ignorance itself, or in the ENet side of things but I can see it being a useful adition in some scenarios.

SoftwareGuy commented 3 years ago

I've been having a lot of discussion both in the public eye and behind closed doors in the Mirror Discord with developers.

Honestly, in my limited encryption experience I don't think it should be done at the native C layer. ENet definitely doesn't need to burn extra CPU cycles with encryption, when it would add extra dependencies and may also hurt performance on mobile platforms where some platforms have no accelerated Crypto co-processors/cores.

Then that begs the question, where else in the hot path should encryption go? Vis2k thinks the transport layer should encrypt everything. James from the Mirror Development team thinks it's best to have a [Encrypted] parameter so Mirror knows the Command/RPC is going to be encrypted. He has a basic implementation that uses TLS-something SSL Stream in the works, and so far it looks okay, but will need a stress test once it's reaching Release Candidate status. I honestly like James' approach more than Vis's "encrypt everything" since you can select what you want encrypted. You would want to encrypt data like usernames and passwords - which should already be hashed and never sent plain-text - but shit like position updates and whatnot can be left non-encrypted.

I disagree with having all the data encrypted, and my biggest gripe with the "encrypt everything" mentality is you literally bloat up packets, as in a 20 byte packet would be bigger due to the encryption overhead. Sure, I understand that people might want data encrypted (Dissonance comes to mind), but what's stopping them from implementing their own encryption and letting Mirror just shuttle the encrypted payloads over the wire?

If anyone wants to implement encryption in Ignorance then be my guest, you'll need to interrupt the Client Connected event trigger, so encryption gets set up before the client says it's connected. I probably won't be able to maintain the encryption portion of the code, so it would have to be kept up to date or written in a way that can be independent of code updates.

JayPeet commented 3 years ago

Thanks for the response!

Ill do some research and see if I can take a crack at implementing optional encryption in the future, when my project ends up needing it. If I can't do it, I'll just do all the sensitive stuff via HTTPS requests.

SoftwareGuy commented 3 years ago

Paul is apparently working on some Encryption-based system and James has implemented a Middleware Transport layer on Mirror master.

So it's finally happening the way I envisioned it - as a removable middleware layer for between Mirror and the Transport. Will wait and see if Ignorance needs fixes or tweaks to support this, but I don't think so.

SoftwareGuy commented 3 years ago

Paul's working on HushHush transport which is a middle layer between Mirror and other transports. It uses DTLS to keep data private.

Going to close this for now. Feel free to reopen if desired.