Hello,
We are developing unity game for Xbox One, and we are trying to comply with Xbox requirements about secure connection that requires encrypt UDP connections. As docs says there is a 3 possible libraries to achieve this: OpenSSL, bCrypt and SChannel. The question is - do Smartfox handles UDP traffic encryption? How can we enable it? And do smartfox encryption approaches comply with Xbox requirements from the box? The same questions is for TCP traffic encryption.
Thanks in advance.
UDP/TCP Encryption for Xbox
Re: UDP/TCP Encryption for Xbox
Hello,
yes encryption is managed by SmartFoxServer once you deploy the SSL certificate.
See the documentation here: http://docs2x.smartfoxserver.com/Gettin ... yptography
I am not familiar with XBox requirements but we use standard SSL certificates and TLS 1.2 which is the industry security standard adopted for any encrypted communication over the internet. (The same used for connecting to an online banking service, for instance)
This applies to all supported protocols in SFS2X: TCP, UDP, HTTP and Websocket.
Hope it helps
yes encryption is managed by SmartFoxServer once you deploy the SSL certificate.
How can we enable it?
See the documentation here: http://docs2x.smartfoxserver.com/Gettin ... yptography
And do smartfox encryption approaches comply with Xbox requirements from the box?
I am not familiar with XBox requirements but we use standard SSL certificates and TLS 1.2 which is the industry security standard adopted for any encrypted communication over the internet. (The same used for connecting to an online banking service, for instance)
This applies to all supported protocols in SFS2X: TCP, UDP, HTTP and Websocket.
Hope it helps
Re: UDP/TCP Encryption for Xbox
Hi Lapo,
Thanks a lot for a help!
We will follow documentation and I hope this information will be enough for getting secure communication approval. I'll be back with updated info on this in case if anyone will encounter same issue.
Best regards!
Thanks a lot for a help!
We will follow documentation and I hope this information will be enough for getting secure communication approval. I'll be back with updated info on this in case if anyone will encounter same issue.
Best regards!
Re: UDP/TCP Encryption for Xbox
Hello, one more clarification please.
For WebSockets using Xbox requires to communicate with MessageWebSocket/StreamWebSocket libraries on a client. Can you please tell do client api uses one of those libraries to communicate through WebSockets?
For WebSockets using Xbox requires to communicate with MessageWebSocket/StreamWebSocket libraries on a client. Can you please tell do client api uses one of those libraries to communicate through WebSockets?
Re: UDP/TCP Encryption for Xbox
Hi,
you didn't specificy if you're using Unity or not, but in any case Websocket should be used for web-based clients only. For standard executables (be it PC or console) you should use standard TCP/UDP.
In any case the Websocket component in our C# client API is based on the Websocket Sharp library.
Thanks
you didn't specificy if you're using Unity or not, but in any case Websocket should be used for web-based clients only. For standard executables (be it PC or console) you should use standard TCP/UDP.
In any case the Websocket component in our C# client API is based on the Websocket Sharp library.
Thanks
Re: UDP/TCP Encryption for Xbox
Sorry, yes, we developing with Unity.
Thanks a lot.
Thanks a lot.
Re: UDP/TCP Encryption for Xbox
Exactly. So in that case Websocket are only used when the build target is WebGL.
Any other platform will use the standard SFS2X protocol over TCP/UDP sockets.
Cheers
Any other platform will use the standard SFS2X protocol over TCP/UDP sockets.
Cheers
Re: UDP/TCP Encryption for Xbox
Hi Lapo, me again)
Does servers supports only AES128 encryption? Is there a way to use AES256?
Does servers supports only AES128 encryption? Is there a way to use AES256?
Re: UDP/TCP Encryption for Xbox
Hi,
Do you mean the initial TLS key exchange or the messages encryption after that?
Thanks
v.potapov wrote:Hi Lapo, me again)
Does servers supports only AES128 encryption? Is there a way to use AES256?
Do you mean the initial TLS key exchange or the messages encryption after that?
Thanks
Re: UDP/TCP Encryption for Xbox
Lapo wrote:Do you mean the initial TLS key exchange or the messages encryption after that?
It seems that Xbox requires AES256 encryption for both cases.
Re: UDP/TCP Encryption for Xbox
Hi,
I am not sure about this as we had other developers using the Xbox platform and they didn't have troubles with encryption.
For the time being, we don't support AES-256 for message encryption, although you should be able to force the initial key exchange via external JVM settings, as explained here.
I am not sure about this as we had other developers using the Xbox platform and they didn't have troubles with encryption.
For the time being, we don't support AES-256 for message encryption, although you should be able to force the initial key exchange via external JVM settings, as explained here.
Re: UDP/TCP Encryption for Xbox
This may be irrelevant, at least as far as Xbox requirements, but there seem to be good arguments to stick with AES-128 when a choice is possible. Here are the details from a cryptography expert: https://www.schneier.com/blog/archives/ ... w_aes.html
From the article's conclusions:
From the article's conclusions:
And for new applications I suggest that people don't use AES-256. AES-128 provides more than enough security margin for the forseeable future. But if you're already using AES-256, there's no reason to change.
Re: UDP/TCP Encryption for Xbox
I wonder how other companies went through this routine)
But anyway, thanks again for a help, I'll go deep into topics you suggested.
Best Regards.
But anyway, thanks again for a help, I'll go deep into topics you suggested.
Best Regards.
Re: UDP/TCP Encryption for Xbox
Hi Lapo,
Yesterday we were able to test our multiplayer flow with SFS encryption enabled. And it seems all works great as expected. One thing is we aware of - other platforms with unsupproted encryption on a client side became unavailable to use TCP/UDP traffic, i.e. Join/Create rooms. Am I properly understand that in case of encryption enabled in Admin Tool - all clients in the current zone with unsupproted encryption must support it? Is there ways to combine secure and insecure traffic in one zone?
Best Regards
Yesterday we were able to test our multiplayer flow with SFS encryption enabled. And it seems all works great as expected. One thing is we aware of - other platforms with unsupproted encryption on a client side became unavailable to use TCP/UDP traffic, i.e. Join/Create rooms. Am I properly understand that in case of encryption enabled in Admin Tool - all clients in the current zone with unsupproted encryption must support it? Is there ways to combine secure and insecure traffic in one zone?
Best Regards
Who is online
Users browsing this forum: No registered users and 129 guests