RAEmus icon indicating copy to clipboard operation
RAEmus copied to clipboard

Published 20 hours ago verified publisher icon RetroAchievements

Separate encrypted SRAM for Hardcore mode

Open Jamiras opened this issue 6 years ago • 4 comments

As a player, I shouldn't be able to artificially be able to boost my gameplay by making changes to the SRAM file.

For any game that has a SRAM file, players can modify that externally, or even internally using the Memory Viewer, then restart the emulator in hardcore mode to take advantage of the changes.

The easiest way to prevent this is to encrypt the SRAM file. For extra security the salt could be the player's ~username~ ID.

For players who have existing SRAM files, we have to be able to grandfather them into the system. I recommend using a new filename for hardcore (i.e. game.hardcore.sram) and if it doesn't exist, and the player has a game.sram, load that instead. Grandfathering a file would require the player having earned achievements for the game prior to supporting encrypted SRAM files.

When playing in hardcore mode, if the RAM hasn't been tampered with, the SRAM would be saved as game.hardcore.sram using the encryption method described above. If the player has disabled hardcore mode or tampered with RAM, the SRAM would be saved as game.sram.

It may be desirable to save both game.sram and game.hardcore.sram in hardcore mode so players can use their SRAM file in other emulators.

This solution isn't foolproof. A very creative player could still use an external tool (like a debugger) to modify the RAM without setting the "tampered" flag. Additionally, as the emulators are open source, they could recompile them without the additional security. Finally, as we don't currently require players to use the latest emulators, they could just continue playing with older emulators and not have to worry about the encrypted SRAM files.

Jamiras avatar Jun 26 '18 13:06 Jamiras

@kdecks has wanted something like this for a long time.

If I'm understanding correctly, if a game.sram exists, a game.hardcore.sram is created using the former SRAM. So what's stopping someone from just deleting their hardcore save and just generating a new one after modifying game.sram?

GameDragon2k avatar Jun 28 '18 19:06 GameDragon2k

Grandfathering a file would require the player having earned achievements for the game prior to supporting encrypted SRAM files.

This would prevent players from importing a save for a set they haven't already played. And if they do start playing after the encrypted SRAM files are supported, they'd only be able to use the encrypted SRAM files.

Jamiras avatar Jun 28 '18 20:06 Jamiras

What about creating a digital signature of the SRAM file using the user ID? Just hash the SRAM contents, encrypt using the user ID as the key, and save the result. When reading, re-evaluate the digital signature and compare to the one on the file system.

I'm not an expert, but I think even SHA-2 + blowfish would provide enough security for this purpose, and there are public domain implementations for both of them available.

leiradel avatar Jul 07 '18 16:07 leiradel

This is not related to the save protection? this issue is clearly visible on gba games, and need to be addressed.

salvadorc17 avatar Aug 14 '18 01:08 salvadorc17