Opened 5 years ago
Last modified 3 years ago
#5467 new enhancement
Encrypt enet connections
Reported by: | elexis | Owned by: | |
---|---|---|---|
Priority: | Must Have | Milestone: | Backlog |
Component: | Network | Keywords: | |
Cc: | Patch: |
Description
As discussed with anonymous on #0ad-dev today, the ingame data should be encrypted, that is on the enet-layer prior to the 0ad protocol.
This would ideally not only work for the connection between two enet peers, but also from end-2-end, i.e. team chat and private chat messages could be encrypted so that only the addressees of the chat message can decrypt the message.
While the lobby / XMPP protocol may help with providing public-key exchange, there would also have to be a way to exchange keys for IP-based games.
It's not only relevant to encrypt in order to prevent unauthorized reading, but also to mitigate traffic injection or modfication.
Only previous encryption work on enet I found: http://lists.cubik.org/pipermail/enet-discuss/2005-October/000461.html
The libsodium library 0ad already uses would probably be a better fit, as it supports both https://libsodium.gitbook.io/doc/secret-key_cryptography and https://libsodium.gitbook.io/doc/public-key_cryptography