Open-source multiplayer game server compatible with the RuneScape client
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
openrs2/share/doc/cryptography.md

76 lines
3.4 KiB

# Cryptography
## ISAAC
[ISAAC][isaac] is a cryptographically-secure pseudorandom number generator. By
combining its output with addition/subtraction, the client uses it as a stream
cipher to encrypt the opcodes of packets.
It was implemented to break packet injection bots, such as AutoRune. While
using ISAAC in this manner only provides confidentiality, and not authenticity
or integrity, if the opcodes are tampered with the packet lengths will no
longer be in sync between the client and server. This causes one or both of the
endpoints to read garbage opcodes, though the garbage opcodes may happen to
match valid packets for a while. Eventually, one or both endpoints will detect
an invalid packet and close the connection.
## RSA
[RSA][rsa] is an asymmetric encryption and signature algorithm. The client uses
it to protect the user's password and the session's symmetric key during the
login process.
In later revisions, the JS5 master index is signed with Jagex's private key.
This change was made around the time the native libraries were moved into the
cache, ensuring that Jagex's code-signed applet could not be used to run
arbitrary native code if an attacker tampers with the JS5 connection. This
change was probably required by Jagex's certificate authority.
Jagex used a 512-bit RSA key when build 550 was released, and due to the size
of the output buffer in the client, the maximum key size is 1,008 bits. Both of
these sizes are considered insecure by modern standards, and Jagex's 512-bit
private key was factored in 2016.
Textbook RSA is used, rather than a secure padding scheme, which leads to
[several weaknesses][textbook-rsa].
## SHA-1
[SHA-1][sha1] is a cryptographic hash function. It is used to verify the
integrity of the game's code. SHA-1 is no longer secure.
## XTEA
[XTEA][xtea] is a symmetric block cipher. It is primarily used to encrypt
location files in the cache, reportedly to prevent bots from performing
path-finding across the entire map - the server only provides keys for a
location file when the player is within or adjacent to it.
It is used in [Electronic codebook (ECB)][ecb] mode. ECB is theoretically
insecure, however, as the location files are compressed before encryption it is
difficult to make use of this insecurity in practice.
The location files do not contain padding, and therefore the last 0-7 bytes are
leaked. This has no practical impact as they only contain a portion of the gzip
or bzip2 trailer.
It is also used (in ECB mode, but with padding) to encrypt the player's email
address in the create account packet, with the symmetric key encrypted with RSA.
XTEA is used as email addresses may sometimes be too long to be encrypted
directly by Jagex's 512-bit RSA key.
## Whirlpool
[Whirlpool][whirlpool] is a cryptographic hash function. It is not used in
build 550, however, it is included here for completeness as it is supported by
OpenRS2's cache library. It is used to verify the integrity of native libraries
stored in the cache.
[ecb]: https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_codebook_(ECB)
[isaac]: https://burtleburtle.net/bob/rand/isaacafa.html
[rsa]: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
[sha1]: https://en.wikipedia.org/wiki/SHA-1
[textbook-rsa]: https://en.wikipedia.org/wiki/RSA_(cryptosystem)#Attacks_against_plain_RSA
[whirlpool]: https://en.wikipedia.org/wiki/Whirlpool_(hash_function)
[xtea]: https://en.wikipedia.org/wiki/XTEA