encryption key protection in C#

Question

Is there an industry standard for solving following problem:

Story; I have a program (=>game) that saves it state (=>level,..) in an xml file; this state should not be user editable; and I want to prevent people writing patch software that can patch my xml & program state.

You want to protect your xml file. You can do this by encrypting. However what do you do with the key?

Because someone can always just reverse engineer (open your dll) en read the key...?

public static string Encrypt (string toEncrypt)
{
 byte[] keyArray = UTF8Encoding.UTF8.GetBytes ("12345678901234567890123456789012");
 // 256-AES key
 byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes (toEncrypt);
 RijndaelManaged rDel = new RijndaelManaged ();
 rDel.Key = keyArray;
 rDel.Mode = CipherMode.ECB;
 // http://msdn.microsoft.com/en-us/library/system.security.cryptography.ciphermode.aspx
 rDel.Padding = PaddingMode.PKCS7;
 // better lang support
 ICryptoTransform cTransform = rDel.CreateEncryptor ();
 byte[] resultArray = cTransform.TransformFinalBlock (toEncryptArray, 0, toEncryptArray.Length);
 return Convert.ToBase64String (resultArray, 0, resultArray.Length);
}

public static string Decrypt (string toDecrypt)
{
 byte[] keyArray = UTF8Encoding.UTF8.GetBytes ("12345678901234567890123456789012");
 // AES-256 key
 byte[] toEncryptArray = Convert.FromBase64String (toDecrypt);
 RijndaelManaged rDel = new RijndaelManaged ();
 rDel.Key = keyArray;
 rDel.Mode = CipherMode.ECB;
 // http://msdn.microsoft.com/en-us/library/system.security.cryptography.ciphermode.aspx
 rDel.Padding = PaddingMode.PKCS7;
 // better lang support
 ICryptoTransform cTransform = rDel.CreateDecryptor ();
 byte[] resultArray = cTransform.TransformFinalBlock (toEncryptArray, 0, toEncryptArray.Length);
 return UTF8Encoding.UTF8.GetString (resultArray);
}

edit: app is 100% client side.

Answer 1

I have a program (=>game) that saves it state (=>level,..) in an xml file; this state should not be user editable; and I want to prevent people writing patch software that can patch my xml & program state. You can do this by encrypting. However what do you do with the key? Because someone can always just reverse engineer (open your dll) and read the key.

You have produced a convincing argument that what you want to do is impossible. Your argument is correct.

Security systems are designed to protect users from attackers, not to protect the user's data from the users themselves.

Think about it this way: the game is a program that can edit the state. The user can run the game. Therefore the user can run a program that can edit the state. You don't even need to consider key management because the entire scenario is fundamentally impossible. You can't both require that the user be able to run a program that changes the state and forbid it at the same time.

If you really want the game state to be protected from the user then the thing that has to give is: the user must not be allowed to run the game. Instead the game must run on a server which you own, and the user runs a client which communicates with the server. The server is then responsible for determining whether the client is hostile or not, and determining what the game state is.

Since the game is now running on a server that you own, and saving the state to a server which you own, you know that the user is not going to edit the state because they cannot run a program which does so.

Answer 2

Yes, you ask the user for a key (password). This is built into the OS with APIs like Data Protection API.

If you're looking for a way to hide a secret from the user then the problem you're trying to solve is called DRM (Digital Rights Management) and you need a DRM solution.