UDP security and identifying incoming data.

Posted by Charles on Stack Overflow See other posts from Stack Overflow or by Charles
Published on 2010-05-11T04:33:10Z Indexed on 2010/05/11 4:44 UTC
Read the original article Hit count: 198

Filed under:
|
|

I have been creating an application using UDP for transmitting and receiving information. The problem I am running into is security. Right now I am using the IP/socketid in determining what data belongs to whom.

However, I have been reading about how people could simply spoof their IP, then just send data as a specific IP. So this seems to be the wrong way to do it (insecure). So how else am I suppose to identify what data belongs to what users? For instance you have 10 users connected, all have specific data. The server would need to match the user data to this data we received.

The only way I can see to do this is to use some sort of client/server key system and encrypt the data. I am curious as to how other applications (or games, since that's what this application is) make sure their data is genuine. Also there is the fact that encryption takes much longer to process than unencrypted. Although I am not sure by how much it will affect performance.

Any information would be appreciated. Thanks.

© Stack Overflow or respective owner

Related posts about python

Related posts about udp