Authenticating high scores?

Thread in 'Discussion' started by tepples, 28 Sep 2008.

  1. tepples

    tepples Lockjaw developer

    But how does "encryption" defeat a tool-assisted speedrun? How would you know that an authentic program, and not a modified program, encrypted the scores? For example, if I were to add a feature to Lockjaw to post lj-scores.txt and the ljm file to a server, how would I know that an upload isn't being generated by a version that has been recompiled with a master game speed slower than the standard 3600 frames per minute?
     
  2. @tepples: this is a very interesting topic. could you move that to a seperate thread?

    in blockout II by jean luc pons, this is solved somehow (though not 100% perfect):

    1. the code / function that encrypts and transmits the code is not open source, so there is only one official blockout binary for win32 and linux. if someone did made a port (there was someone making an amiga port) the one needs to contact jean-luc and must agree to keep the secret code or just receives some object file.

    2. you need several libraries to detect
    a) manipulations of the system clock
    b) manipulation of the standard runtime libraries and hence for example the randomizer (best is to implement its own rnd() function)
    c) you need to detect memory debuggers / hacking tools. jean luc did, but i have no idea how to do this. but searching the web should give some results.

    3. best is to transmit also the replay file. just compress it ad its mostly below some 10 - 100 kbytes. this should be ok even for slow modem users. with the replay file you could do some calculations on the server side and do a turing test. ( mean reaction times below 100ms ? surely tool assisted)

    with all those stuff together its fairly hard to break the highscore system.
     
  3. jujube

    jujube Unregistered

    not necessarily. remember that the player knows what piece is coming next, and has a sense of exactly when the piece will spawn or when ARE will begin. the player can also have a feel for the DAS and can drop or lock the piece almost instantly after shifting.
     
  4. Giulioski

    Giulioski Unregistered

    are you a progammer? how many people are able to recompile it and make this changes?
    Isn't it simplier for any dummy to slower the pc by a 3rd party software, without to need to know anything about it? this works with any application. therefor this isn't a critical point because you can do this with any application and game.
     
  5. tepples

    tepples Lockjaw developer

    I can think of two scenarios:
    • Free game, non-free uploader: Record ljm on slowed build of free game, upload with non-free uploader.
    • Non-free game, non-free uploader: The version of the game capable of uploading official high scores might have to omit game features that depend on a copylefted library. On Linux, both major C language support libraries (glibc and uclibc) are copylefted under GNU LGPL.
    That will work until Darwine, a port of Wine to Mac OS X, matures. Then some cheater will hack Darwine to screw with the timer.

    Like ljRand() of Lockjaw?

    Unless the entire PC is emulated and slowed down. That's easy to do with things like VMware.

    I already mentioned this. If I record a .ljm on a version of Lockjaw with game speed reduced to 360 frames per minute (10% speed), it'll still work on the stock version.

    Subtle tool assistance (e.g. game speed reduced to 1800 fpm) might move the player's performance into that gray area that jujube mentions.

    It doesn't take a genius to install GCC and the required libraries, edit the line in src/ljpc.c that specifies frames per minute, run make, and release the EXE to everyone in his clan. In first-person shooters, you don't need to be able to compile an aimbot just to use an aimbot.

    So I guess that's why a lot of the competitive games are either server-based or released exclusively on game consoles with a cryptographic lockout chip.
     
  6. DeHackEd

    DeHackEd green Gm

    I have such a Linux DLL, and have successfully used it against Texmaster and Sprint's Tetris (under Wine). Made it myself. CT and Amnesia have both seen it in action.

    If all else fails, I'll run your game in a virtual machine and use the DLL against the virtual machine itself.

    You cannot win. You can only hope to trust the user. And we all remember how that went.
     
  7. tepples

    tepples Lockjaw developer

    I guess it might be possible to block some forms of cheating, but the player would have to use a PC connected to the Internet while attempting a record. First, the server sends the random seed. Then the client has five seconds to start streaming the replay to the server during gameplay, and the server verifies that the packets come in close to 3600 frames per minute. Scores would be marked as unverified until a separate machine downloads the replays, runs them in a version of the game without video or sound output or frame delays, and uploads the digitally signed final score. (It'd have to be a separate machine because shared web hosting doesn't offer C but only dynamic languages whose names start with P. I use Python at work but don't want to maintain two versions of Lockjaw.)
     
  8. you wont believe it, but my provider, www.domainfactory.de , allows cgi with native binaries compiled with gcc (c code or such). you can login with ssh and run gcc directly from command line.
    i have not used it , because i am not that experienced in linux programming.
    tepples, if you ever want to try that, i can give you ssh and ftp access to my server and give you a subdirectory where you can do that stuff. in fact, i gave jean luc the same access for his blockout II. and he does exactly what you described:
    he tests the replay data via executing a native binary running on the server to detect any mismatches. the binary is called via php function "exec (..)" . the cgi is a simplified version of blockoutII without any graphics etc.

    besides - i was lucky : i got my virtual server for 5 euro per month, instead of the usual at least 30 euro / month. thats because of some birthday "5 years domainfactory" givaway . i am quite lucky [​IMG] so i am happy to share my account for everything tetris / blockout related stuff. anyone trustable here can PM me if he needs advanced server stuff.
     
  9. i have an idea to prevent TASing that would also require internet, although much less complicated.

    When the player starts a game a timer runs from the server and stops when it receives notice that the player finished its game.
    If there is a discrepency between the player's time played and the server's elapsed time on the timer, do not record the score (with a small buffer time of a few seconds to account for lag and anything else).

    I didn't really think about it much so feel free to point out any flaws.

    game pauses would of course pause the server's timer too, and game starts/resets also reset the timer.
     
  10. tepples

    tepples Lockjaw developer

    That's exploitable: have a proxy lag the packets while resuming the game. Better would be no pausing during a record attempt, just like on arcade hardware, and the requirement to maintain a steady rate of 3600 frames per minute would ensure this.
     
  11. I agree on no pausing.
     
  12. I'm a big fan of the honour system, personally. It's so much less work.
     
  13. Except it can't really scale up, and I think it sort of defeats the point of a leaderboard if all the scores could potentially be false. I mean, here we're pretty friendly and the honour system works well, but it wouldn't hold up as well on a larger scale, and if the top 10 is full of scores which are suspect then why bother with a leaderboard at all?
     
  14. Given that there shouldn't be any major incentives to falsify scores, the honor system theoretically holds up...Like you said, though, it potentially has problems on a larger scale.
    Any authentication scheme needs to be simple and accessible otherwise it makes people jump through hoops that they're not willing to, thus discouraging them from ever posting scores in the first place. I'd rather have a leaderboard with a bunch of participants, most of whom are most likely legit, than have a guiness/TG-like one that's meaningless because only 20% of people actually satisfy the requirements.

    It all depends on the authentication method.
     
  15. Come to think of it, arcades are a pretty awesome solution to this problem. There's no way to cheat when you're using public hardware!
     
  16. jujube

    jujube Unregistered

    i agree that a leaderboard-only type of site wouldn't hold up so well with the honor system. here at TC we have a community, where records are only a part of it. the vast majority of the people who would sign up at a community oriented site want to be part of that community above anything else, which is why i believe the honor system works very well here. but if people are just names on a list, what motive do they have to be honest? i'm sure most people would be honest anyway, but you'd have that percentage of people who want recognition at any cost, and don't really care about self improvement or the spirit of competition. i don't think we have these problems at TC at all.

    it's nice to have a leaderboard to upload scores to, but like Rosti said it's pointless if there are doubts about the legitimacy of the scores. we can see how many people cheat in TDS, people who buy RAM editing devices for the sole purpose of cheating. yes, some people are even willing to spend money on cheating ranking systems. wouldn't these same people (and perhaps more) do it if it were free?
     
  17. +1
     
  18. tepples

    tepples Lockjaw developer

    But then I have to convince thousands of arcade owners to buy my hardware and set up Internet access in their locations, and I have to manufacture and ship the hardware.
     
  19. Deniax

    Deniax Blockbox developer

    Can someone PM me a link where I can download time/frames manipulating programs?
    It would be nice to test them against my own game and find some good countermeasures.
     
  20. Muf

    Muf

Share This Page