Scripting Moderators ds1-e Posted November 6, 2019 Scripting Moderators Share Posted November 6, 2019 Hi. I have some question about those encoding functions. I use teaEncode with base64 for encoding my files (dff, txd, col), the problem is the size of file. Wiki suggests, that i should use encodeString instead. - What's difference between teaEncode and encodeString? - What does base64? - Does encodeString is less secure than teaEncode? Link to comment
WorthlessCynomys Posted November 6, 2019 Share Posted November 6, 2019 Hi! teaEncode and encodeString are the same. encodeString uses teaEncode. Base64 creates a uniqe character sequence out of data, which can be decoded to retrieve the data. It just makes files into characters and vice versa. Size does not change. It has to store the same amount of data, It's just a string now. 1st answer. 1 Link to comment
gubi Posted November 6, 2019 Share Posted November 6, 2019 (edited) 14 minutes ago, WorthlessCynomys said: Size does not change. It has to store the same amount of data, It's just a string now. Of course it changes the size. Original file size: 3.07 MB (random generated text) encodeString: 3.07 MB encodeString with base64: 4.10 MB teaEncode: 4.10 MB teaEncode with base64: 5.46 MB Edited November 6, 2019 by gubi 1 Link to comment
WorthlessCynomys Posted November 6, 2019 Share Posted November 6, 2019 1 minute ago, gubi said: Of course it changes the size. Original file size: 3.07 MB (random generated text) encodeString: 3.07 MB encodeString with base64: 4.10 MB teaEncode: 4.10 MB teaEncode with base64: 5.46 MB That's a fair point. 1 Link to comment
Scripting Moderators ds1-e Posted November 7, 2019 Author Scripting Moderators Share Posted November 7, 2019 What's about security then? teaEncode, teaEncode + base64 looks like it uses some kind of obfuscation, or i am wrong? Link to comment
WorthlessCynomys Posted November 7, 2019 Share Posted November 7, 2019 teaEncode encrypts data. base64 is easily decryptable by anyone. Link to comment
Moderators IIYAMA Posted November 7, 2019 Moderators Share Posted November 7, 2019 (edited) 57 minutes ago, majqq said: base64 looks like it uses some kind of obfuscation It makes the data portable across different applications and storing solutions. In some cases your raw data can break the application, while it will not in the base64 format. For example you can embed with this format images(png/jpg/svg) within your HTML and CSS files. Also it is widely supported by W3C across the web. Edited November 7, 2019 by IIYAMA 1 Link to comment
Scripting Moderators ds1-e Posted November 9, 2019 Author Scripting Moderators Share Posted November 9, 2019 On 07/11/2019 at 13:22, IIYAMA said: It makes the data portable across different applications and storing solutions. In some cases your raw data can break the application, while it will not in the base64 format. For example you can embed with this format images(png/jpg/svg) within your HTML and CSS files. Also it is widely supported by W3C across the web. Still not sure if i should stay with teaEncode or replace it with encodeString, do you know maybe if there any cons if we gonna compare encodeString to teaEncode, what about protection, should i worry about that, if am gonna replace it? Link to comment
Moderators IIYAMA Posted November 9, 2019 Moderators Share Posted November 9, 2019 (edited) 1 hour ago, majqq said: Still not sure if i should stay with teaEncode or replace it with encodeString, do you know maybe if there any cons if we gonna compare encodeString to teaEncode, what about protection, should i worry about that, if am gonna replace it? It is to me unclear what format the algorithm could be beside tea. So I personally probably wouldn't use it yet, unless I know all the options. But to really answer your question, I don't think there is a big difference at the very end. You are still having 1 key and both functions are provided by MTA. More layers of protection will not help you unless you can make sure that the steps are harder to trace back. One way is to combine client storage with a network message. 1 extra step to make it harder The client has a RAW key. The server has a key. The server sends his key. The client just before decrypting uses the server key to change the RAW key in to the real key. This way the client can't decrypt the files without being connected to your game server. (at least if the key isn't network sniffed before) Why should the client have a key in the first place? If the server sends the only key every time over, there is more risk in it being network sniffed. And don't forget you can use the player serial as salt. This information can't be network sniffed when it is only implemented clientside. 3 risks you have to counter Wiki Packet analyzer Wiki Cheat engine (or something similar) Wrapper functions. Make sure that the script can only be functional with your serverside. Edited November 9, 2019 by IIYAMA 1 Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now