iDevGames

I did not have very high hopes for ‘Policing Online Games’. At first glance, I thought its relevance for me was close to zero. What use do I have for secure transfers for massive multiplayer online games? I only write simple puzzle games and the like, and will probably be senile by the time I release a ‘real’ game. But, as so often before, the book in my hand held much more relevance than I thought at first. While much of the book is intended for an online experience, it is just as relevant for developers who want to prevent cracking of the game on the gamers’ computers. For anyone desiring to implement an online high-score list, the techniques within are very useful. And, I believe, as Apple presses on with its Rendezvous¹ technology, more of us will come to develop head-to-head games, online multiplayer games, games depending on a centralized server’s data, and such. If not, the book is a very good entry-point to cryptography for those who aren’t too keen on buying a book that might be out of their mathematical league.

A slim little paperback book, all 120 pages of ‘Policing’ fit neatly into my coat pocket. It is extremely compact, to the point, and devoid of unnecessary filler. Presenting an introduction to computer game cheating and cryptography (including very good explanations of RSA, DAE, SHA and other three-letter acronyms that scare anyone with weak math skills), followed by fourteen encryption techniques and a concluding chapter on building a secure engine architecture, this is an Encryption 101 book that also deals with using the techniques in new, innovative ways.

The way I understand it, the entire online gaming industry has decided that the only workable strategy is “Never trust the client”, which means that nothing that could be subject to cheating is ever performed on the player’s computer. The player’s computer is reduced to a machine that renders the graphics, plays the sounds, and sends the keystrokes to the central server. While this might be the most secure method, it is also very ineffective. It requires tedious machine maintenance of the central server, which must be very powerful, and the players’ gigahertz machines are twiddling their thumbs while the server is doing all the work. By applying Wayner’s encryption methods, the client can once again be trusted, and many of the classical online gaming problems vanish into thin air.

The fourteen techniques are presented in separate chapters, and each is applied to a precise problem. In that respect the book is rather hands-on, though without a trace of source code, and very few equations. Wayner starts out with the lightweight example of using a secure hash algorithm to synchronize clients. This is a good method of making sure that no player cheats by tampering with the data on his/her computer—all the computers involved compare their data to ensure that they are in total agreement on the state of the world. In the next chapters, Wayner passes over methods to, for example, prevent players from changing a guess after it has been committed, guarantee randomness in online casinos, and ensure that secrecy is maintained for information that needs to be shared while also being kept secret.

I had virtually no experience with cryptography, encryption, or even hash algorithms before delving into this book, so I can assure you that it passes the newbie test. Still, the book is advanced enough to satisfy those who know their cryptography. The secrets of this book are not in the algorithms themselves, but in the way they are used.

Each chapter (technique) has a short introduction involving a fictive company and the specific problem it faces, and presents a solution to that problem in the simplest possible way—no deviations whatsoever. Often witty, and using good examples, Wayner guides the reader in an almost step-by-step fashion. As Peter Wayner is the author of twelve books, he is obviously a very experienced writer, and it is evident that the book is well-planned and has a clear goal.

In short, for anyone wanting to go online with their games, I really recommend spending some time with this little gem. It is a small book that packs a lot of punch, and it doubles perfectly as an introduction to encryption techniques.

Gamasutra has published an excerpt from the book:

http://www.gamasutra.com/features/20031010/wayner_01.shtml

Related Books:

• ‘Developing Online Games: An Insider’s Guide’ by Jessica Mulligan, Bridgette Patrovsky
• ‘Designing Virtual Worlds’ by Richard Bartle

• ‘Massively Multiplayer Game Development’ by by Thor Alexander

¹ Editor’s Note: Rendezvous, now renamed Bonjour, is a networking technology that lets you create an instant network of computers and devices without any configuration.

policing,online,games,wayner