Crypto Protocol Question - Securely submitting high scores from flash games?

Hello,

I am looking to build a high score system for flash games, however I am not sure how to verify that the scores sent from the game to the server actually came from the game.

My first idea was just to send the score, and also a hash of the score from some sort of secret function. However, the problem is that the game files can be decompiled, and then people could find the secret function and send fake scores and fake hashes using it.

Is there any sort of algorithm or protocol which will work to verify that the score came from an unmodified game, in the scenario where we assume that the server is secure but the game can be decompiled and any sort of password or function inside the game can be found out?

It seems impossible to me, but there are some surprising algorithms in crypto so I don't know

If you think about it, this is a variant of the DRM problem. I don't know whether it has been proven to be impossible, but having thought a lot about this type of "anti-counterfeit" problem, I consider that it is practically impossible. And this seems to be the consensus among the security gurus.

Of course, you can always try "dodges" to make the cheater's job more difficult, for certain types of cheating. To pick an extreme example: a score would be accompanied by a record of all of the player inputs during the game. This record could then be analyzed for "reasonableness". Of course, this would not prevent cheating, but it would make a bit more work for the cheaters.

If you take some time, maybe you can think of more clever and more practical tricks that could work within your constraints.

Because (IMO) preventing cheating is impossible, my thoughts have focused on 1) adding to the adversary's cost, 2) making counterfeits more detectable, and 3) benefit denial - arranging the system so that a counterfeit doesn't pay off.

ahh I didn't think about it from the DRM angle, that is interesting.

I will probably just try to create more work for the cheaters

Thanks for the reply and helpful suggestions.

Nearly all security, protocols, etc. are about moving data from one secure source to another over the evil internet. They are not about moving data from a hacked system.

If you seriously want to keep the security model, you have to trust the source of the data. In this case, you would have to compute the score on a trusted server (i.e. your server) based on data from a possibly hacked client (the gamer's computer). Its not clear you can do this, but you probably could make it too expensive to hack, but it would be a fair amount of work for you to design and implement.

You clearly can't just have the hacked client computer say @m4rk4s killed 478 bad guys.