问题描述

我即将把Android应用放在市场上。我最近加密了我的所有服务器/客户端通信。我想知道的是，如果我的数据是使用专门的密钥加密的，如果一个人反编译我的代码并提取密钥，那么这是否值得加密数据呢？当数据未加密时，我的通信速度快了很多。随着游戏是一个动作游戏，滞后将是一个巨大的有趣的杀手，从经验我知道这是令人沮丧的。我知道加密使应用程序更安全，它使游戏玩家和服务器更安全，但会造成巨大的滞后。安全性是否值得扣除演出？当您的代码可以被反编译时，甚至值得使用加密？我已经使用了Android Proguard，但是如果有人真的想反编译代码，那么他们将花费时间对所有垃圾进行排序。

Im about to put my Android app on the marketplace. I recently encrypted all of my server/client communication. What i am wondering is if my data is encrypted using a specialized key, and if a person decompiles my code and extracts the key, then is it even worth encrypting the data in the first place? My communications ran a lot faster when the data wasn't encrypted. With the game being an action game, lag is going to be a huge "fun killer" and from experience i know it is frustrating. I know the encryption makes the app a lot safer, it makes it safer for the gamers and the server but it causes huge lag. Is the security worth the deduction in performance? Is even worth using encryption when your code can just be decompiled? I already use Android Proguard but if someone really wanted to decompile my code, they would take the time to sort through all of that garbage.

推荐答案

我认为，在这些假设下运行是安全的。

I think, it is safe to operate under these assumptions.

• 客户端不能被信任。


• 服务器是权威的信息来源。

不要信任客户端的数据发送给您，对其进行检查和验证（例如，如果有人尝试通过发送修改的位置从一个地图角传送到另一个地图角）。

Don't trust data that clients send you, make checks and validations against it (like if someone tries to 'teleport' from one map corner to another, by sending modified location).

仅接受数据

禁止骗子。

加密是确定，但是当它不会伤害游戏或游戏在你的情况下）。

Encryption is ok, but when it does not harm the game or gameplay (in your case it does).

这篇关于加密和解码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！