SOLVED Create an SSL connection with GML

Hello !

During the past few month (maybe a year) I've been learning about security over the internet.

I'm now able to implement basic encryption through symetric keys :
message (xor) key = encrypted

And hash login : send salted and hashed logs over http and compare it with a hashed database.

So now I am coming to SSL which I very well understand the steps why and how it's so secure, but yet game maker doesn't offer pre-made functions to use it.
However I can't find any information on math on code to work with it. So here is my own approch that I wish to submit to someone who could invalidate me.

In the following context :
-The server can handle SSL (let say a socat server with ssl configured).
-The client is made in game maker GML with no extensions.
-The client has the public ssl key.


I would do :
-Use the public key from the ssl certificate to message (xor) ssl_public_key = encrypted
-Send to the server which handle ssl so restitute the message.

Am I on a good guess or not at all ?
Is it possible to connect to a server using ssl in gml ? How ?


Thanks a lot and big hopes to get an answer :)
 

chamaeleon

Member
So ... your key to encrypt would be a public key that anyone could request? Ignoring the idea of using a SSL public key as a simple xor key in the first place, using a symmetric encryption with a public key sounds, well, not secure.
 
So ... your key to encrypt would be a public key that anyone could request?
That's basicly ssl right ?

using a symmetric encryption with a public key sounds, well, not secure.
I wouldn't try to work in SSL if i didn't know that ...


If you know how to do then please give some clues, code, or references I could read to study the subject and solve the problem. I have knowledge in math and computing eventhough I am an amateur and I wish to learn SSL seriously.

Thanks for reading ;)
 

rytan451

Member
First of all, I'd recommend not using SSL. It's old, outdated, and deprecated. Instead, you should be using TLS. Wikipedia has a workable description of the TLS protocol.

Also, you should avoid implementing security-critical protocols yourself. Not only are you likely to implement it incorrectly, it also is likely to introduce side channel attacks, which require a very deep understanding to avoid. Instead, I recommend finding an already written implementation of TLS for GML, or if that's not possible, then an already written implementation of TLS in a format which you can use as an extension (for native releases, for example, I recommend finding a TLS library for C++ and Objective-C).
 
Only in conjunction with the SSL cryptographic algorithm. xor is not that. I have no particular pointers to SSL as far as its implementation is concerned. But it seems likely there are some resources on the internet that can be uncovered with some search engine usage.
Thanks again for your quick replies. I've found some math to generate keys but not to transfer datas. I also suppose that it's not easy to explain and understand that's why it's not easy to find. Yet I still need a solution on sending data safely and I got an other idea :



I've come with an other idea however using Diffie-Hellman (DH) which I know is vulnerable to man in the middle attacks. However since it's about connecting with the server there is (if I am not mistaken) a way to walk around that problem.

DH uses 2 keys : DH(server) and DH(client) which you combine to to get DH(sc) used as a symetrical key.
The weak point is that you send both DH(s) and DH(c) through the network and so the two keys can be intercepted. The solution would then be to send only ONE of the two keys so that any hacker in the middle would lack the other side of the key DH(sc).

I would proceed as follow :

- Authenticate to the server through hash protocol.
- At this point the client login and pass are known by both the client and the server.

- SERVER generate DH(client) from the login and pass of the client.
- SERVER generate DH(server) and send it to the client.
- SERVER generate DH(sc).

- CLIENT generate DH(client) from the login and pass of the client.
- CLIENT receives DH(server) through the network.
- CLIENT generate DH(sc).

That way DH(client) is never sent through the network and can't be use to modify datas.


Would it be fine ? or shouldI really really use extensions ??
BTW how can I be sure that i implemented the extension correctly ?
 

rytan451

Member
If you really want to simplify it instead of actually using TLS (as you've indicated in the previous and opening posts), here's a basic idea:

You game (the client) includes, in its source code, a public key. When your game contacts the server, it generates a random number (using a cryptographic random number generator, not GMS's RNG, which, being a linear congruential generator, isn't cryptographically secure; for this purpose, I recommend an extension). It encrypts this random number using the built-in public key and a public-key cryptography algorithm (such as RSA or an elliptic curve algorithm), and sends the ciphertext to the server. This random number is a symmetric key. Since the symmetric key is encrypted using public key cryptography, only a party holding the private key can decrypt it.

The public key is also secure, since it was downloaded alongside your game, and your game was (presumably) sent over a TLS-secured channel, so it is known to be sent by you.

The encrypted symmetric key reaches your server and is decrypted. Now, the client (your game) and the server have a shared secret. Using this shared secret as a key for a symmetric encryption algorithm (such as AES), you can prevent any eavesdroppers from knowing what was sent between the client and server without first having found your key (which either requires a brute force attack, a side channel attack, or having broken "safe" encryption algorithms).

This isn't exactly TLS, but it's very similar. I wouldn't rely on its security (since I'm not exactly an encryption expert), but it should be safer from a MITM attack than your DH-based encryption method.
 
If you really want to simplify it instead of actually using TLS (as you've indicated in the previous and opening posts), here's a basic idea:

You game (the client) includes, in its source code, a public key. When your game contacts the server, it generates a random number (using a cryptographic random number generator, not GMS's RNG, which, being a linear congruential generator, isn't cryptographically secure; for this purpose, I recommend an extension). It encrypts this random number using the built-in public key and a public-key cryptography algorithm (such as RSA or an elliptic curve algorithm), and sends the ciphertext to the server. This random number is a symmetric key. Since the symmetric key is encrypted using public key cryptography, only a party holding the private key can decrypt it.

The public key is also secure, since it was downloaded alongside your game, and your game was (presumably) sent over a TLS-secured channel, so it is known to be sent by you.

The encrypted symmetric key reaches your server and is decrypted. Now, the client (your game) and the server have a shared secret. Using this shared secret as a key for a symmetric encryption algorithm (such as AES), you can prevent any eavesdroppers from knowing what was sent between the client and server without first having found your key (which either requires a brute force attack, a side channel attack, or having broken "safe" encryption algorithms).

This isn't exactly TLS, but it's very similar. I wouldn't rely on its security (since I'm not exactly an encryption expert), but it should be safer from a MITM attack than your DH-based encryption method.
The point with DH is I fully understand it. Moreover it's far simple enough to implement it into GML. That way it will garanty 100% compatibilities with every platforms (computers + phone) which is extremly important to me. The walk around may be fine. However you are totaly right that I am not an expert and then it's not entirely reliable. Also cryptographicaly secure RNGs will be needed as well ...


So the question that comes to me from what you said is : will GM extension(s) bring compatibilities issues ?

Thanks for your answers o/
 

rytan451

Member
What platforms are you intending on exporting to? For Windows and Ubuntu, I'd recommend using existing C/C++ code and compiling the code to the needed binaries yourself. For Mac and iOS, Apple provides a random number generator you can easily access through Objective-C. For Android, it uses Java, so you can just use Java's built-in cryptographic RNG. For HTML5, you may be able to use the Web Cryptography API. For consoles, I can't possibly comment, but if Xbox works with C++, it should be possible to use the existing C/C++ code.

Again, I'd recommend not using for implementing the cryptography in GML, since it's extremely likely to not work at all.

Here are a few potentially useful links:


Also, a quick note on legality: apparently, cryptography has some legal restrictions in some jurisdictions. Now, I'm not a lawyer, but you may wish to be careful about that.

EDIT: A quick note on Web Crypto: someone else on this forum worked with it, and there are some peculiarities you'll have to keep in mind. I've linked the relevant topic below:

 
Top