堆栈内存溢出
  简体   繁体   English

如何保护Kryonet(SSLSocketChannel)

[英]How to secure Kryonet (SSLSocketChannel)

 原文  2016-05-24 06:49:33       java/ ssl/ encryption/ libgdx/ kryonet

问题描述

I have a working game servers + clients system using Kryonet that I want to secure. 我有一个要保护的使用Kryonet的可运行游戏服务器+客户端系统。 I have read a lot of the source code for Kryo and Kryonet and also a bit about java.nio (SocketChannels and SSL). 我已经阅读了很多有关Kryo和Kryo​​net的源代码,也了解了有关java.nio(SocketChannels和SSL)的一些知识。 I have a good enough understanding in encryption working with Java but I am not sure if I got all the concepts right when it comes to Kryonet and SocketChannels using SSL. 我对使用Java进行加密有足够的了解,但是我不确定使用SSL进行Kryonet和SocketChannel时是否理解所有概念。

You can Encrypt the objects you send in Kryonet with Blowfish but I can not see this being secure? 您可以使用河豚对在Kryonet中发送的对象进行加密,但是我看不出这是安全的吗? What I mean is that all clients must use the same symmetric secret key since you do not encrypt the client connections separately but instead the serialization on the server and thus all client need the same secret and it wont be that secret anymore? 我的意思是,所有客户端都必须使用相同的对称密钥,因为您不必分别加密客户端连接,而是要在服务器上进行序列化,因此所有客户端都需要相同的密码,而不再是该密码了吗?

Then I looked at changing Kryonet source to use SSLSockets but I saw that Kryonet use non blocking IO and from what I have read using a SSLSocket instead of a Socket would not be good when working with SocketChannels? 然后,我查看了将Kryonet源更改为使用SSLSockets的过程,但是我看到Kryonet使用非阻塞IO,从我使用SSLSocket而不是Socket读取的内容中,使用SocketChannels不好吗? This is where I am really at a loss and not sure if it would be worth the effort so I was hoping someone with more insight in Kryonet and SocketChannels could help me out a little. 这是我真的很茫然的地方,不确定是否值得付出努力,所以我希望对Kryonet和SocketChannels有更深入了解的人能对我有所帮助。 It seems impossible to secure Kryonet but I really do not want to switch at this point in my project so any suggestion are very welcome! 确保Kryonet的安全似乎似乎是不可能的,但我真的不想在我的项目中切换到这一点,因此非常欢迎任何建议!

1 个解决方案

解决方案1
 1 已采纳  2016-05-24 07:45:55

You are correct, mere encryption isn't secure even if you solve the key distribution problem unless Kryonet also does all the things that SSL does, starting with peer authentication. 没错,即使您解决了密钥分发问题,仅加密也不是安全的,除非Kryonet从对等身份验证开始也做SSL所做的所有事情。

There is no SSLSocketChannel in Java. Java中没有SSLSocketChannel You have to do all the hard yakka yourself with an SocketChannel and the dear old SSLEngine , which takes practically a Ph.D. 您必须自己使用SocketChannelSocketChannel的旧版SSLEngine来完成所有艰苦的工作,实际上需要博士学位。 to drive correctly. 正确驾驶。

See the jsse tag, passim, for numerous posts about the SSLEngine by me, which I will not repeat here. 有关我的许多关于SSLEngine的帖子,请参见jsse标记passim,在此不再赘述。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在Kryonet中注册Enum类? - How to register an Enum class in Kryonet? 如何使用Kryonet客户端处理游戏对象更新 - How to handle game object updates with kryonet client 如何将数据发送到 java 之外的 kryonet - How to send data to kryonet outside java slick2d(lwjgl),漂亮,kryonet-如何构建一个.jar? - slick2d(lwjgl), nifty, kryonet - how to build a .jar? 如何将Kryonet库导入Android Studio上的libGdx项目 - How to import the Kryonet library to a libGdx project on Android Studio 如何通过KryoNet发送用户信息? - How do I send user information over KryoNet? 如何检查通过Kryonet LAN搜索连接的特定服务器? - How to check for specific servers to connect to through Kryonet LAN search? Kryonet - 如何在课堂上注册课程? - Kryonet — How can I register classes within my class? 如何仅在一种协议上运行 Kryonet 服务器? - How do I run a Kryonet server, only on one protocol? Kryonet和android - Kryonet and android
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM