CN103607402B

CN103607402B - A kind of online game data encryption and decryption method and equipment

Info

Publication number: CN103607402B
Application number: CN201310610956.9A
Authority: CN
Inventors: 张志豪; 庄礼深
Original assignee: Guangzhou Boguan Information Technology Co Ltd
Current assignee: Guangzhou Boguan Information Technology Co Ltd
Priority date: 2013-11-26
Filing date: 2013-11-26
Publication date: 2016-11-23
Anticipated expiration: 2033-11-26
Also published as: CN103607402A

Abstract

Embodiments of the present invention provide a kind of online game data encryption method, and the method includes: use the first encryption method to carry out data of network game for the first time in script engine and encrypt；Data of network game after encryption in script engine is sent in game engine, use the second encryption method that described data of network game in script engine after encryption is carried out second time in described game engine to encrypt, it is thus achieved that the data of network game after double-encryption；Data of network game after carrying out double-encryption is sent to server end by network, so that after the data of network game that described server end is after receiving described double-encryption, using second decryption method corresponding with described second encryption method and the first decryption method corresponding with described first encryption method that the data of network game after described double-encryption is decrypted respectively.The method of the present invention significantly reduces the risk that data are cracked, and improves the safety of data of network game transmission.

Description

A kind of online game data encryption and decryption method and equipment

Technical field

Embodiments of the present invention relate to technical field of data processing, more specifically, the enforcement of the present invention Mode relates to a kind of online game data encryption and decryption method and equipment.

Background technology

This part it is intended that in claims statement embodiments of the present invention provide background or on Hereafter.Description herein is not because being included in this part just recognize it is prior art.

Along with the development of computer networking technology, online game application receives vast the Internet and uses Liking of family.Current online game is operation mould based on client and server end mostly Formula, client is communicated with server end by network, Internet game data.In order to Improve the safety of data transmission, prior art exists use based on " public, private key " The method that game data is encrypted by encryption mechanism.In this approach, server end uses Data are encrypted by PKI, and client uses corresponding private key to be decrypted.This realization side Formula improves the safety of data of network game transmission to a certain extent.

Summary of the invention

But, in prior art, owing to server end uses PKI to carry out data of network game Encryption, during these data allowing for " in plain text " are exposed to client deciphering, by instead The means of compiling then can obtain data in plain text, thus compromises data of network game safety. The encryption method of prior art, exist easily cracked, defect that safety is low.

The most in the prior art, the safety how improving data of network game transmission is very Bothersome process.

To this end, be highly desirable to online game data encryption and the decryption method of a kind of improvement and set Standby, improve the safety of data of network game transmission.

In the present context, embodiments of the present invention expectation provides a kind of data of network game to add Close and decryption method and equipment.

In the first aspect of embodiment of the present invention, it is provided that a kind of method, including:

Use the first encryption method data of network game to be carried out for the first time in script engine to add Close；

Data of network game after encryption in script engine is sent in game engine, in institute State and game engine uses the second encryption method to described network in script engine after encryption Game data carries out second time and encrypts, it is thus achieved that the data of network game after double-encryption；

Data of network game after carrying out double-encryption is sent to server end by network, with After making described server end data of network game after receiving described double-encryption, respectively Use second decryption method corresponding with described second encryption method and encrypt with described first Data of network game after described double-encryption is solved by first decryption method corresponding to method Close.

Preferably, described method also includes:

Receive the first encryption seed and the first encryption rule that described server end sends, described the One encryption seed and described first encryption rule are described server end real-time update；

Wherein, described use the first encryption method that data of network game is carried out in script engine Encryption for the first time includes:

Use the first encryption seed and the first encryption rule that described server end sends to described Data of network game carries out encrypting for the first time.

Preferably, described use the second encryption method to described at script in described game engine In engine, the data of network game after encryption carries out encrypting for the second time, it is thus achieved that the net after double-encryption Network game data includes:

The second encryption seed is utilized to generate black list；

Described black list is carried out random offset upset process and upsets encryption to generate random offset Table；

Utilize the described random offset generated to upset black list to encrypt in script engine described After data of network game carry out second time encrypt, it is thus achieved that the online game number after double-encryption According to.

In the second aspect of embodiment of the present invention, it is provided that a kind of method, including:

Receive the data of network game after double-encryption that client sends；Wherein, described Data of network game after double-encryption is to be used first in script engine by described client Encryption method carries out encrypting for the first time and use in game engine the to data of network game Two encryption methods carry out second time to the data of network game after encryption in script engine and encrypt Obtain afterwards；

Use second decryption method corresponding with described second encryption method respectively and with described First decryption method corresponding to the first encryption method is to the online game number after described double-encryption According to being decrypted.

Preferably, described the second decryption method that use is corresponding with described second encryption method respectively And after the first decryption method corresponding with described first encryption method is to described double-encryption Data of network game is decrypted and includes:

Use second decryption method corresponding with the second encryption method to dual in game engine Data of network game after encryption carries out deciphering for the first time；

Use the first decryption method corresponding with the first encryption method to first in game engine Data of network game after secondary deciphering carries out second time and deciphers.

Use the first decryption method corresponding with the first encryption method to first in script engine Data of network game after secondary deciphering carries out second time and deciphers.

Preferably, described method also includes:

The data of network game received is carried out data integrity verifying.

Preferably, the described data of network game to receiving carries out data integrity verifying and includes:

And script engine carries out data length to data of network game in game engine respectively Verification and data validation.

In the third aspect of embodiment of the present invention, it is provided that a kind of method, including:

Use the first encryption method data of network game to be carried out for the first time to encrypt；

Use the second encryption method that the data of network game carried out after encrypting for the first time carries out the Secondary is encrypted；

Data of network game after carrying out double-encryption is sent to client by network, so that After obtaining described client data of network game after receiving described double-encryption, draw in game Hold up middle use second decryption method corresponding with described second encryption method to described double-encryption After data of network game carry out deciphering for the first time, and, use and first in script engine Data of network game after deciphering for the first time is carried out by first decryption method corresponding to encryption method Second time deciphering.

Preferably, data of network game is carried out encrypting for the first time by described use the first encryption method Including:

Use the first encryption method data of network game to be carried out for the first time in game engine to add Close；

The data of network game carried out after encrypting for the first time is entered by described use the second encryption method Row second time encryption includes:

Use the second encryption method to the online game number after encryption for the first time in game engine Encrypt according to carrying out second time.

Use the second encryption method to the network after encryption in script engine in game engine Game data carries out second time and encrypts.

Preferably, described use the second encryption method online game to carrying out after encrypting for the first time Data carry out encrypting for the second time including:

The second encryption seed is utilized to generate black list；

The described random offset generated is utilized to upset black list to the network trip after encryption for the first time Play data carry out second time and encrypt, it is thus achieved that the data of network game after double-encryption.

In the fourth aspect of embodiment of the present invention, it is provided that a kind of method, including:

Receive the data of network game after the double-encryption that server end sends；Wherein, described double Data of network game after re-encryption is to be used the first encryption method to net by described server end After network game data carries out encrypting and use the second encryption method to encryption for the first time for the first time Data of network game carry out second time encrypt after and obtain；

Second decryption method pair corresponding with described second encryption method is used in game engine Data of network game after described double-encryption carries out deciphering for the first time；

Preferably, described method also includes:

Receive the first deciphering seed that described server end sends regular with the first deciphering, described the One deciphering seed is described server end real-time update with described first deciphering rule；

Wherein, described the first decryption side that use is corresponding with the first encryption method in script engine Data of network game after deciphering for the first time is carried out deciphering for the second time including by method:

The the first deciphering seed and first using described server end to send deciphers rule, to described Data of network game carries out second time and deciphers.

Preferably, described method also includes:

The data of network game received is carried out data integrity verifying.

In the 5th aspect of embodiment of the present invention, it is provided that a kind of client device, including:

First encrypting module, is configured to use the first encryption method to network in script engine Game data carries out encrypting for the first time and by the online game number after encryption in script engine According to being sent in game engine；

Second encrypting module, is configured to use the second encryption method to described in game engine In script engine, the data of network game after encryption carries out encrypting for the second time, it is thus achieved that double-encryption After data of network game；

First sending module, is configured to the data of network game after carrying out double-encryption and passes through Network is sent to server end, so that described server end is after receiving described double-encryption Data of network game after, second corresponding with described second encryption method can be used respectively to solve Decryption method and the first decryption method corresponding with described first encryption method dual add described Data of network game after close is decrypted.

Preferably, described client device also includes:

3rd receiver module, is configured to receive the first encryption seed that described server end sends With the first encryption rule, described first encryption seed and described first encryption rule are described services Device end real-time update；

Wherein, described first encrypting module is configured to:

Preferably, described second encrypting module includes:

First black list signal generating unit, is configured to utilize the second encryption seed to generate black list；

First random offset upsets black list signal generating unit, is configured to carry out described black list Random offset upset processes to generate random offset upset black list；

First ciphering unit, is configured to utilize the described random offset generated to upset black list pair Described data of network game in script engine after encryption carries out second time and encrypts, it is thus achieved that dual Data of network game after encryption.

In the 6th aspect of embodiment of the present invention, it is provided that a kind of server apparatus, including:

First receiver module, be configured to receive client device send after double-encryption Data of network game；Wherein, the data of network game after described double-encryption is by described visitor Family end equipment uses the first encryption method that data of network game is carried out first in script engine Secondary encryption and use in game engine the second encryption method in script engine encryption after Data of network game carry out second time encrypt after and obtain；

First deciphering module, is configured to use second solution corresponding with described second encryption method Data of network game after described double-encryption is decrypted by decryption method；

Second deciphering module, is configured to use first solution corresponding with described first encryption method Decryption method carries out second time to the data of network game carried out after deciphering for the first time and deciphers.

Preferably, described first deciphering module is configured to:

Described second deciphering module is configured to:

Preferably, described first deciphering module is configured to:

Described second deciphering module is configured to:

Preferably, described server apparatus also includes:

First correction verification module, is configured to the data of network game to receiving and carries out data integrity Verification.

Preferably, described first correction verification module is configured to:

In the 7th aspect of embodiment of the present invention, it is provided that a kind of server apparatus, including:

3rd encrypting module, is configured to use the first encryption method to carry out data of network game Encryption for the first time；

4th encrypting module, after being configured to use the second encryption method to carrying out encrypting for the first time Data of network game carry out second time encrypt；

Second sending module, is configured to the data of network game after carrying out double-encryption and passes through Network is sent to client, so that the net that described client is after receiving described double-encryption After network game data, game engine uses second solution corresponding with described second encryption method Data of network game after described double-encryption is carried out deciphering for the first time by decryption method, and, Script engine use the first decryption method corresponding with the first encryption method to deciphering for the first time After data of network game carry out second time decipher.

Preferably, described 3rd encrypting module is configured to:

Described 4th encrypting module is configured to:

Use the second encryption method that data of network game carries out second time in game engine to add Close.

Preferably, described 3rd encrypting module is configured to:

Described 4th encrypting module is configured to:

Preferably, described 4th encrypting module includes:

Second black list signal generating unit, is configured to utilize the second encryption seed to generate black list；

Second random offset upsets black list signal generating unit, is configured to enter described black list Row random offset upset processes to generate random offset upset black list；

Second ciphering unit, is configured to utilize the described random offset generated to upset black list Data of network game after encryption for the first time is carried out second time encrypt, it is thus achieved that after double-encryption Data of network game.

In the eighth aspect of embodiment of the present invention, it is provided that a kind of client device, bag Include:

Second receiver module, is configured to the net after receiving the double-encryption that server end sends Network game data；Wherein, the data of network game after described double-encryption is by described server End uses the first encryption method to carry out data of network game for the first time and encrypts and use second After the data of network game carried out after encrypting for the first time is carried out encrypting for the second time by encryption method Obtain；

3rd deciphering module, is configured in game engine use and described second encryption side Second decryption method corresponding to method carries out first to the data of network game after described double-encryption Secondary deciphering；

4th deciphering module, is configured in script engine use and the first encryption method pair The first decryption method answered carries out second time to the data of network game after deciphering for the first time and deciphers

Preferably, described client device also includes:

4th receiver module, is configured to receive the first deciphering kind that described server end sends Son and the first deciphering rule, described first deciphering seed is described clothes with described first deciphering rule Business device end real-time update；

Wherein, described 4th deciphering module is configured to:

The the first deciphering seed and first using described server end to send deciphers rule, to institute State data of network game to carry out deciphering for the second time.

Preferably, described client device also includes:

Second correction verification module, is configured to that the data of network game received is carried out data complete Property verification.

Preferably, described second correction verification module is configured to:

Online game data encryption according to embodiment of the present invention and decryption method and set Standby, it is possible to achieve data of network game is carried out twice encryption/decryption process, wherein, for For client, encryption or decrypting process are carried out, due to foot in script engine at least one times Data in this engine be difficult to monitored, crack, thus significantly reduce what data were cracked Risk, improves the safety of data of network game transmission, brings preferably experience for user.

Accompanying drawing explanation

By reading detailed description below, exemplary embodiment of the invention above-mentioned with reference to accompanying drawing And other objects, features and advantages will become prone to understand.In the accompanying drawings, with exemplary rather than limit The mode of property processed shows some embodiments of the present invention, wherein:

Fig. 1 schematically shows the application scenarios that embodiment of the present invention can realize wherein；

Fig. 2 schematically shows online game data encryption according to an embodiment of the invention The flow chart of method；

Fig. 3 schematically shows data of network game deciphering according to another embodiment of the present invention The flow chart of method；

Fig. 4 schematically shows the online game data encryption according to further embodiment of this invention The flow chart of method；

Fig. 5 schematically shows data of network game deciphering according to yet another embodiment of the invention The flow chart of method；

Fig. 6 schematically shows client device block diagram according to an embodiment of the invention；

Fig. 7 schematically shows server apparatus block diagram according to another embodiment of the present invention；

Fig. 8 schematically shows the server apparatus block diagram according to further embodiment of this invention；

Fig. 9 schematically shows client device block diagram according to yet another embodiment of the invention.

In the accompanying drawings, identical or corresponding label represents identical or corresponding part.

Detailed description of the invention

Principle and the spirit of the present invention are described below with reference to some illustrative embodiments.Should manage Solve, be given these embodiments be only used to make those skilled in the art better understood when and then Realize the present invention, and limit the scope of the present invention the most by any way.On the contrary, it is provided that these are implemented Mode is to make the disclosure more thorough and complete, and can the scope of the present disclosure intactly be passed Reach to those skilled in the art.

One skilled in the art will appreciate that embodiments of the present invention can be implemented as a kind of system, device, Equipment, method or computer program.Therefore, the disclosure can be implemented as following form, Hardware, completely software (including firmware, resident software, microcode etc.) i.e.: completely, or The form that hardware and software combines.

According to the embodiment of the present invention, it is proposed that a kind of online game data encryption and the side of deciphering Method and equipment.In this article, it is to be understood that involved term " game engine " can be used In representing the games system edited write or the core of interactive real time imaging application program Assembly, it is the core content of Games Software, it is provided that resource directly control interface.Involved Term " script engine " be generally used for representing the interpreter of a kind of computer programming language, be used for solving Release the program documentaion performing user, be transcribed into machine code that computer is able to carry out to complete phase The function answered.In game application scenarios, " script engine " is properly termed as again " script virtual machine ", Being a kind of state machine performing job sequence, it is responsible for when performing script script is resolved to sequence of instructions Row also perform according to instruction." script engine ", for according to game play logical organization resource, " swims Play engine " then provide resource directly control interface.Additionally, any number of elements in accompanying drawing is all used Unrestricted in example, and any name is only used for distinguishing, and does not have any limitation.

Principle and essence below with reference to some representative embodiments of the present invention, in detail the explaination present invention God.

Summary of the invention

The inventors discovered that, in prior art, server end uses PKI to data of network game Being encrypted, during client is decrypted, the data of " in plain text " are exposed to deciphering During, then can be obtained data in plain text by the means of decompiling, thus compromise net Network game data safety, compromises the interests of user.The encryption method of prior art, exists easily Cracked, defect that safety is low.

For prior art exists the problem that encryption data is easily cracked, safety is low, this Bright provide a kind of online game data encryption and decryption method and equipment, it is possible to achieve to net Network game data carries out twice encryption/decryption process, wherein, in client, encrypts at least one times Or decrypting process is carried out in script engine, owing to the data in script engine are difficult to be supervised Listen, crack, thus significantly reduce the risk that data are cracked, improve online game number Safety according to transmission.

After the ultimate principle describing the present invention, introduce the various unrestricted of the present invention in detail below Property embodiment.

Application scenarios overview

With reference first to Fig. 1, the adaptable scene of embodiment of the present invention can be such as such as Fig. 1 Shown scene.Between client and server shown in Fig. 1 can with Internet game data, The method and apparatus that the present invention provides is intended to improve transmission network between client and server end The safety of network game data.

Illustrative methods

Below in conjunction with the application scenarios of Fig. 1, it is described with reference to Figure 2 according to the exemplary enforcement of the present invention The method of the online game data encryption of mode.It should be noted that above-mentioned application scenarios be only for Readily appreciating that spirit and principles of the present invention illustrate, embodiments of the present invention are the most not It is restricted.On the contrary, embodiments of the present invention can apply to any scene being suitable for.

As in figure 2 it is shown, be the online game data encryption side according to an embodiment of the present invention The flow chart of method, the method is applied to client-side, the most such as, may include that

S201, uses the first encryption method that data of network game is carried out first in script engine Secondary encryption.

In embodiments of the present invention, method illustrated in Figure 2 is applied to client-side, described visitor Family end and server end can communicate with Internet game data.Owing to client needs Being communicated with server by network, substantial amounts of sensitive data is likely intercepted, and therefore carries The safety of high client data is very important.

In order to improve the safety of client data, in the first embodiment of the invention, by net Before network game data is sent to server, client device is respectively at script engine and game engine In employ different encryption methods data of network game carried out twice encryption.This is Because relative to server end, the Information Security of client is relatively low, it is therefore desirable to carry out two Secondary encryption.Additionally, due to game engine is easier to monitored, and follows the tracks of, monitor script The difficulty of engine is the biggest, and therefore, first the present invention uses the first encryption side in script engine Data of network game is carried out encrypting for the first time by method, then uses the second encryption in game engine Method carries out second time to the data of network game carried out after encrypting for the first time and encrypts, and so, sends out Delivering to the data in game engine has been the data after script engine encryption, even if There is rogue program that game engine is monitored, it is also difficult to crack after having carried out the first encryption Ciphertext data.Thus, the safety of client data is substantially increased.Those skilled in the art It is understood that the first encryption method used in script engine can be the most flexible , it is not defined at this.

When implementing, the method that the present invention provides can also include: receives described server end The first encryption seed sent and the first encryption rule, described first encryption seed and described first Encryption rule is described server end real-time update.Client uses first in script engine When data of network game is carried out encrypting for the first time by encryption method, it is possible to use real from server end Time the first encryption seed of obtaining and the first encryption rule data of network game is carried out for the first time Encryption.It is to say, the method that the present invention provides, server end can dynamically update encryption kind Son and encryption rule, and encryption seed and the encryption rule of renewal are sent to client, then Utilized by client and obtain the first encryption seed and the first encryption rule generation foot from server end The black list of this engine.When data of network game is encrypted by needs, then use generation Black list carries out encrypting for the first time to the data of network game of server to sending.Due to clothes Business device end is higher relative to the Information Security of client, can dynamically be updated by server end and add Close seed and encryption rule, so that encryption data is more difficult to be cracked, and then improve The safety of client data.

S202, is sent to game engine by the data of network game after encryption in script engine In, use in described game engine the second encryption method to described in script engine encryption after Data of network game carry out second time encrypt, it is thus achieved that the data of network game after double-encryption.

When implementing, use the first encryption method that data of network game is carried out at script engine For the first time after encryption, use the second encryption method to described in game engine in script engine Data of network game after encryption carries out second time and encrypts.First encryption method and the second encryption side Method can be different.Specifically, described use the second encryption method to institute in described game engine State in script engine the data of network game after encryption to carry out second time and encrypt, it is thus achieved that dual add Data of network game after close includes: utilize the second encryption seed to generate black list；Add described Close table carries out random offset upset process and upsets black list to generate random offset；Utilize generation Described random offset upsets black list to described online game number in script engine after encryption Encrypt according to carrying out second time, it is thus achieved that the data of network game after double-encryption.When the second encryption side When method is the RC4 method improved, above-mentioned implementation method such as may include that and utilizes second to add Close seed (integer) initialization encryption table, carries out computing to black list, to its carry out with Machine offsets upset and processes with generation random offset upset black list, then utilizes the random inclined of acquisition Move upset black list data of network game is encrypted, and preserve described random offset upset add Close table.

S203, the data of network game after carrying out double-encryption is sent to server by network End, so that the data of network game that described server end is after receiving described double-encryption After, use second decryption method corresponding with described second encryption method respectively and with described the First decryption method corresponding to one encryption method is to the data of network game after described double-encryption It is decrypted.

Data of network game after double-encryption is sent to service by network by client Device end.Data of network game after double-encryption described in received server-side, uses the most respectively Second decryption method corresponding with described second encryption method and with described first encryption method Data of network game after described double-encryption is decrypted by corresponding first decryption method, with Obtain the data of network game after deciphering.

In the first embodiment of the invention, user end to server send data of network game it Before, client device employs different encryption methods respectively in script engine and game engine Data of network game has been carried out twice encryption.Due to the data in script engine be difficult to by Monitoring, crack, the data being sent in game engine have been through script engine encryption After data, even if there being rogue program that game engine is monitored, it is also difficult to crack Ciphertext data after row the first encryption, thus improve the safety of client data.By client Holding the data of network game sent to server is the data through double-encryption, significantly decreases The risk that data are cracked, improves the safety of data of network game transmission.

As shown in Figure 3, it is schematically shown that online game number according to another embodiment of the present invention According to the flow chart of decryption method, the method the most such as may include that

S301, receives the data of network game after double-encryption that client sends；Wherein, Data of network game after described double-encryption is to be used in script engine by described client Data of network game is carried out encrypting and making in game engine for the first time by the first encryption method By the second encryption method, the data of network game after encryption for the first time in script engine is carried out Obtain after second time encryption.

This embodiment of the present invention is corresponding with the embodiment shown in Fig. 2, provides in this embodiment Method be applied to server end, server can with client communicate with the Internet swim Play data.Server is for receiving the online game number after double-encryption that client sends According to.Wherein, first client device uses the first encryption method to swim network in script engine Play data carry out encrypting for the first time, then use the second encryption method to carrying out in game engine Data of network game after encryption carries out second time encryption for the first time, to obtain double-encryption After data of network game.

S302, respectively use second decryption method corresponding with described second encryption method and with Network after described double-encryption is swum by first decryption method corresponding to described first encryption method Play data are decrypted.

When implementing, server is receiving the data of network game after double-encryption After, use second decryption method corresponding with described second encryption method the most respectively and with described First decryption method corresponding to the first encryption method is to the online game number after described double-encryption According to being decrypted.

In a kind of possible implementation, described use respectively and described second encryption method pair The second decryption method answered and the first decryption method pair corresponding with described first encryption method Data of network game after described double-encryption is decrypted and includes: in game engine use with Data of network game after double-encryption is entered by the second decryption method corresponding to the second encryption method Row deciphering for the first time；First decryption side corresponding with the first encryption method is used in script engine Method carries out second time to the data of network game after deciphering for the first time and deciphers.In this implementation In, twice decrypting process is carried out respectively in game engine and script engine, owing to script draws Hold up existence and be difficult to feature monitored, that crack, therefore can improve the safety of decrypting process. Corresponding first encryption method of first decryption method, corresponding second encryption method of the second decryption method, Concrete encrypting/decrypting method can be made an appointment by client and server end, does not carries out at this Limit.Especially, server end can also dynamically update and be encrypted in script engine/decipher The first encrypting/decrypting method, and the first of real-time update the encryption/deciphering seed and first is added Close/deciphering rule is sent to client so that it is generate corresponding black list/decryption table.

In the implementation of another possibility, described use respectively and described second encryption side The second decryption method that method is corresponding and first decryption side corresponding with described first encryption method Data of network game after described double-encryption is decrypted and includes by method: make in game engine By second decryption method corresponding with the second encryption method to the online game number after double-encryption Decipher according to carrying out first time；First solution corresponding with the first encryption method is used in game engine Decryption method carries out second time to the data of network game after deciphering for the first time and deciphers.In this realization In mode, owing to the running environment of server end may be considered safe, not malice journey The running status of sequence real-time analysis server, therefore to improve the efficiency of deciphering, can be by two Secondary decryption processing all realizes in game engine.

Whether there is the situation of loss in transmitting procedure to check data to wrap in, the present invention provides Method may further comprise: to receive data of network game carry out data integrity verifying. When implementing, the data of network game received is carried out data integrity verifying and includes: respectively Data length verification sum is carried out in game engine and in script engine to data of network game According to validity check.It should be noted that data integrity verifying is at game engine layer and script Engine layers all can realize.

When data of network game being carried out data integrity verifying at game engine layer, including right Data of network game carries out data length verification and data validation.Data length verification is According to a length of foundation described by the packet header of network packet, inspection data length is the most just Really.The data carrying out verifying in game engine are due to through overcompression process, therefore data length The packet that verification is mainly used in after verification compression is the most complete.Data are carried out in game engine During validity check, it is judged that the data content decrypted is the most effective, if invalid, then says Bright data exist loses.

When data of network game being carried out data integrity verifying at script engine layer, including right Data of network game carries out protocol length verification and data validation.Wherein, protocol length It is defined as whether foundation judges the protocol package after decompressing with network communication protocol bag form during verification Completely.Such as, agreement would generally transmit in transmission both sides when data of network game wraps in transmission Agreement, such as arranging certain byte is fixed value, when carrying out data length verification, the most permissible Judge that the protocol package after decompression is whether complete by the definition of protocol package form, itself and at game engine In carry out data length verification be slightly different, be that the content by data judges that data are the completeest Whole.When script engine layer carries out data validation to data of network game, it is possible in order to Checking by decryption method, if data are modified, then the data decrypted are invalid number According to.The purpose that data of network game carries out twice checking treatment is to prevent from monitoring client Rogue program amendment data of network game, to improve the safety of data.

In second embodiment of the invention, received server-side client device draws at script respectively Hold up and employ the network after different encryption methods carries out twice encryption in game engine Game data, and data of network game is decrypted process.Owing to user end to server is sent out The data of network game sent is the data through double-encryption, significantly reduces data and is cracked Risk, and improve data of network game transmission safety.

As shown in Figure 4, for the online game data encryption method according to further embodiment of this invention Flow chart, shown method such as may include that

S401, uses the first encryption method to carry out data of network game for the first time and encrypts.

S402, uses the second encryption method to enter the data of network game carried out after encrypting for the first time Row second time encryption.

S403, the data of network game after carrying out double-encryption is sent to client by network End, so that after the data of network game that described client is after receiving described double-encryption, Use second decryption method corresponding with described second encryption method to described in game engine Data of network game after double-encryption carries out deciphering for the first time, and, make in script engine With the first decryption method corresponding with the first encryption method to the online game after deciphering for the first time Data carry out second time and decipher.

Method shown in Fig. 4 of the present invention is applied to server end, and described server can be with client End communicates with Internet game data.Online game number is sent to client at server According to before, server uses different encryption methods to carry out twice adding to data of network game respectively Close process, to obtain the data of network game after double-encryption.

When implementing, in a kind of possible implementation, server can be respectively at script In engine and game engine use different encryption methods to be encrypted data of network game Process.Wherein, data of network game is carried out encrypting for the first time by described use the first encryption method Including: use the first encryption method data of network game to be carried out for the first time in script engine and add Close.The data of network game carried out after encrypting for the first time is carried out by described use the second encryption method Second time encryption includes: use the second encryption method to add in script engine in game engine Data of network game after close carries out second time and encrypts.Owing to game engine is easier to monitored, The difficulty following the tracks of, monitoring script engine is the biggest, and therefore, the present invention is first at script engine Data of network game is carried out encrypting for the first time by middle use the first encryption method, then draws in game Hold up use the second encryption method and the data of network game carried out after encrypting for the first time is carried out the Secondary is encrypted, and so, the data being sent in game engine have been to encrypt through script engine Data after process, even if there being rogue program to monitor game engine, it is also difficult to crack Ciphertext data after carrying out the first encryption.Thus, the safety of data is substantially increased.Tool When body realizes, the first encryption method and the second encryption method can set, at this not as required Limit.Wherein, script engine encryption method that is first encryption method that server end uses is permissible It is that dynamic realtime updates.

In a kind of possible implementation, in order to improve the efficiency of encryption, server can enter Row uses different encryption methods that data of network game is carried out twice encryption in game engine Process.Specifically, data of network game is carried out adding for the first time by described use the first encryption method Close include: use the first encryption method data of network game to be carried out for the first time in game engine Encryption；The data of network game carried out after encrypting for the first time is entered by described use the second encryption method Row second time encryption includes: use the second encryption method to data of network game in game engine Carry out second time to encrypt.Owing to the running environment of server end is comparatively safe, in order to take into account encryption Efficiency, twice ciphering process all can be carried out in game engine, simply use different Encryption method carries out double-encryption.Certainly, it will be appreciated by persons skilled in the art that in order to Improve the safety of data, it is also possible to carry out multi-enciphering process.

When data of network game is carried out encrypting specifically for the first time by described use the first encryption method Encrypt for using the first encryption method data of network game to be carried out for the first time in script engine Time, it is possible to use the first encryption seed of server end real-time update generates with the first encryption rule The black list of script engine, uses the black list generated to carry out data of network game for the first time and adds Close.

Similarly, carry out adding for the first time to data of network game when described use the first encryption method Close being specially uses the first encryption method that data of network game is carried out first in game engine During secondary encryption, it is possible to use the first encryption seed of server end real-time update and the first encryption rule Then generate the black list of game engine, use the black list generated that data of network game carries out the Once encrypt.

When implementing, use the second encryption method that data of network game is entered in game engine Row second time encryption includes: utilize the second encryption seed to generate black list；Described black list is entered Row random offset upset processes to generate random offset upset black list；Utilize generate described with Machine skew is upset black list and is carried out encrypting for the second time to the data of network game after encryption for the first time, Obtain the data of network game after double-encryption.Wherein, the second encryption method can be improve RC4 method.

Then, the data of network game after double-encryption processes is sent to client by server end End, after client data of network game after receiving described double-encryption, first in game Engine use second decryption method corresponding with described second encryption method dual add described Data of network game after close carries out deciphering for the first time, then, uses and the in script engine Data of network game after deciphering for the first time is entered by first decryption method corresponding to one encryption method Row second time decryption processing, to obtain the data of network game after deciphering.

As it is shown in figure 5, be the data of network game decryption method according to yet another embodiment of the invention Flow chart, shown method such as may include that

S501, receives the data of network game after the double-encryption that server end sends；Wherein, Data of network game after described double-encryption is to be used the first encryption side by described server end Data of network game is carried out encrypting and use the second encryption method to for the first time for the first time by method Data of network game after encryption carries out obtaining after second time is encrypted.

The method of this embodiment is corresponding with the method for embodiment illustrated in fig. 4.Client receives Data of network game after the double-encryption that server end sends.Server end is to online game number According to encryption process may refer to the description of previous embodiment.

S502, uses second decryption side corresponding with described second encryption method in game engine Data of network game after described double-encryption is carried out deciphering for the first time by method.

S503, uses the first decryption method pair corresponding with the first encryption method in script engine Data of network game after deciphering carries out deciphering for the second time for the first time.

Owing to the safety of client is relatively low, therefore in this embodiment of the present invention, twice deciphering Process is carried out respectively in game engine and script engine.First, use and institute at game engine State the second decryption method corresponding to the second encryption method to the online game after described double-encryption Data carry out deciphering for the first time, then, use corresponding with the first encryption method in script engine First decryption method the data of network game after for the first time deciphering carried out second time decipher.By Data before script engine processes are all ciphertext data, can protect game data well Safety.Simultaneously as script engine deciphering does not has game engine decryption efficiency high, therefore First time decrypting process is carried out in game engine, decryption efficiency can be improved.

When implementing, client can also receive the first deciphering kind that described server end sends Son and the first deciphering rule, described first deciphering seed is described clothes with described first deciphering rule Business device end real-time update.Client uses corresponding with the first encryption method in script engine When data of network game after deciphering for the first time is carried out deciphering for the second time by first decryption method, can Rule is deciphered, to described net with the first deciphering seed and first using described server end to send Network game data carries out second time and deciphers.It is to say, server end can dynamically update encryption (deciphering) seed and encryption (deciphering) rule, and by update encryption (deciphering) seed with Encryption (deciphering) rule is sent to client, is then utilized by client and obtains from server end First encryption (deciphering) seed and the first encryption (deciphering) rule generate the encryption of script engine Table (decryption table).When data of network game is decrypted by needs, then use the solution of generation Close table is decrypted process to the data of network game received.Owing to server end is relative to client End Information Security higher, dynamically can be updated by server end encryption (deciphering) seed with Encryption (deciphering) rule, so that encryption method is more difficult to be cracked, and then improves The safety of client data.

Whether there is the situation of loss in transmitting procedure to check data to wrap in, the present invention provides Method may further comprise: to receive data of network game carry out data integrity verifying. When implementing, the data of network game received is carried out data integrity verifying and includes: respectively Data length verification sum is carried out in game engine and in script engine to data of network game According to validity check.

In fourth embodiment of the invention, client receives server after double-encryption processes Game data, and respectively in game engine and script engine in use correspondence decryption method It is decrypted process, owing to script engine is difficult to monitored and before script engine processes data Being ciphertext data, therefore data are difficult to be cracked, and significantly improve the peace of data of network game Quan Xing.

It should be noted that above example all with double-encryption in order to illustrate, this area Artisans will appreciate that, the method that the present invention provides can also include online game number According to carrying out multi-enciphering process, it is referred to above-described embodiment and carries out, then this does not repeats.

Example devices

After describing according to the method for exemplary embodiment of the invention, it follows that with reference to Fig. 6 Client device according to an embodiment of the invention is introduced.Described client device 600 Such as may include that

First encrypting module 601, is configured to use the first encryption method pair in script engine Data of network game carries out encrypting for the first time and by the network trip after encryption in script engine Play data are sent in game engine；

Second encrypting module 602, is configured to use the second encryption method pair in game engine Described data of network game in script engine after encryption carries out second time and encrypts, it is thus achieved that dual Data of network game after encryption；

First sending module 603, is configured to carry out the data of network game after double-encryption It is sent to server end, so that described server end is receiving described dual add by network After data of network game after close, corresponding with described second encryption method can be used respectively Two decryption methods and the first decryption method corresponding with described first encryption method are to described double Data of network game after re-encryption is decrypted.

Preferably, described client device 600 also includes:

3rd receiver module 604, is configured to receive the first encryption that described server end sends Seed and the first encryption rule, described first encryption seed is described with described first encryption rule Server end real-time update；

Wherein, described first encrypting module 601 is configured to:

Preferably, described second encrypting module 602 includes:

As it is shown in fig. 7, be the server apparatus block diagram according to another embodiment of the present invention, described clothes Business device equipment 700 such as may include that

First receiver module 701, is configured to receive adding through dual of client device transmission Data of network game after close；Wherein, the data of network game after described double-encryption is by institute Stating client device uses the first encryption method to carry out data of network game in script engine Encrypt for the first time and use the second encryption method to add in script engine in game engine Data of network game after close carries out obtaining after second time is encrypted；

First deciphering module 702, is configured to use corresponding with described second encryption method the Data of network game after described double-encryption is decrypted by two decryption methods；

Second deciphering module 703, is configured to use corresponding with described first encryption method the One decryption method carries out second time to the data of network game carried out after deciphering for the first time and deciphers.

Preferably, described first deciphering module 702 is configured to:

Described second deciphering module 703 is configured to:

Preferably, described first deciphering module 702 is configured to:

Described second deciphering module 703 is configured to:

Preferably, described server apparatus 700 also includes:

First correction verification module 704, is configured to that the data of network game received is carried out data complete Whole property verifies.

Preferably, described first correction verification module 704 is configured to:

As shown in Figure 8, for server apparatus 800 block diagram according to further embodiment of this invention, institute State server apparatus 800 such as to may include that

3rd encrypting module 801, is configured to use the first encryption method to data of network game Carry out encrypting for the first time；

4th encrypting module 802, is configured to use the second encryption method to carrying out adding for the first time Data of network game after close carries out second time and encrypts；

Second sending module 803, is configured to carry out the data of network game after double-encryption It is sent to client, so that described client is after receiving described double-encryption by network Data of network game after, game engine uses corresponding with described second encryption method the Data of network game after described double-encryption is carried out deciphering for the first time by two decryption methods, with And, use the first decryption method corresponding with the first encryption method to for the first time in script engine Data of network game after deciphering carries out second time and deciphers.

Preferably, described 3rd encrypting module 801 is configured to:

Described 4th encrypting module 802 is configured to:

Preferably, described 3rd encrypting module 801 is configured to:

Described 4th encrypting module 802 is configured to:

Preferably, described 4th encrypting module 802 includes:

Second random offset upsets black list signal generating unit, is configured to carry out described black list Random offset upset processes to generate random offset upset black list；

Second ciphering unit, is configured to utilize the described random offset generated to upset black list pair Data of network game after encryption carries out encrypting for the second time for the first time, it is thus achieved that the net after double-encryption Network game data.

As it is shown in figure 9, be the client device block diagram according to yet another embodiment of the invention, described visitor Family end equipment 900 such as may include that

Second receiver module 901, after being configured to receive the double-encryption that server end sends Data of network game；Wherein, the data of network game after described double-encryption is by described service Device end uses the first encryption method to carry out data of network game for the first time to encrypt and uses the After the data of network game carried out after encrypting for the first time is carried out encrypting for the second time by two encryption methods And obtain；

3rd deciphering module 902, is configured in game engine use and described second encryption Second decryption method corresponding to method carries out to the data of network game after described double-encryption Once decipher；

4th deciphering module 903, is configured in script engine use and the first encryption method Corresponding first decryption method carries out second time to the data of network game after deciphering for the first time and solves Close.

Preferably, described client device 900 also includes:

4th receiver module 904, is configured to receive the first deciphering that described server end sends Seed and the first deciphering rule, described first deciphering seed is described with described first deciphering rule Server end real-time update；

Wherein, described 4th deciphering module 903 is configured to:

Preferably, described client device 900 also includes:

Second correction verification module 905, is configured to that the data of network game received is carried out data complete Whole property verifies.

Preferably, described second correction verification module 905 is configured to:

If although it should be noted that, being referred to equipment for drying or the son dress of equipment in above-detailed Put, but this division be merely exemplary the most enforceable.It practice, according to this Other bright embodiments, the feature of two or more devices above-described and function can be at one Device embodies.Otherwise, feature and the function of an above-described device can be with Further Divisions For being embodied by multiple devices.

Although additionally, describe the operation of the inventive method in the accompanying drawings with particular order, but, This does not requires that or implies and according to this particular order to perform these operations, or must have to carry out Operation shown in all could realize desired result.Additionally or alternatively, it is convenient to omit some step Suddenly, multiple steps are merged into a step and performs, and/or a step is decomposed into multiple step Perform.

Although describing spirit and principles of the present invention by reference to some detailed description of the invention, but It should be understood that the present invention is not limited to disclosed detailed description of the invention, to the division of each side the most not Mean that the feature in these aspects can not combine to be benefited, this division merely to statement Convenient.It is contemplated that various amendments included in containing spirit and scope of the appended claims and Equivalent arrangements.

Claims

1. an online game data encryption method, including:

Data of network game after encryption in script engine is sent in game engine, Described game engine use the second encryption method to described net in script engine after encryption Network game data carries out second time and encrypts, it is thus achieved that the data of network game after double-encryption；

Data of network game after carrying out double-encryption is sent to server end by network, So that after the data of network game that described server end is after receiving described double-encryption, Use second decryption method corresponding with described second encryption method respectively and with described first Data of network game after described double-encryption is entered by first decryption method corresponding to encryption method Row deciphering.

Method the most according to claim 1, also includes:

Receive the first encryption seed and the first encryption rule that described server end sends, described First encryption seed and described first encryption rule are described server end real-time update；

Wherein, described use the first encryption method that data of network game is entered in script engine Row encryption for the first time includes:

Method the most according to claim 1, wherein, described in described game engine Use the second encryption method that described data of network game in script engine after encryption is carried out Second time encryption, it is thus achieved that the data of network game after double-encryption includes:

The second encryption seed is utilized to generate black list；

4. a data of network game decryption method, including:

Receive the data of network game after double-encryption that client sends；Wherein, institute Stating the data of network game after double-encryption is to be used in script engine by described client Data of network game is carried out encrypting for the first time and using in game engine by one encryption method Second encryption method carries out second time to the data of network game after encryption in script engine and adds Obtain after close；

Method the most according to claim 4, wherein, described uses and described the respectively The second decryption method and corresponding with described first encryption method that two encryption methods are corresponding Data of network game after described double-encryption is decrypted and includes by one decryption method:

Method the most according to claim 4, also includes:

The data of network game received is carried out data integrity verifying.

Method the most according to claim 7, wherein, the described online game to receiving Data carry out data integrity verifying and include:

9. an online game data encryption method, including:

Data of network game after carrying out double-encryption is sent to client by network, with After making described client data of network game after receiving described double-encryption, in trip Play engine use second decryption method corresponding with described second encryption method to described dual Data of network game after encryption carries out deciphering for the first time, and, use in script engine The first decryption method corresponding with the first encryption method is to the online game number after deciphering for the first time Decipher according to carrying out second time.

Method the most according to claim 9, wherein, described use first side of encryption Data of network game is carried out encrypting for the first time including by method:

11. methods according to claim 9, wherein, described use first side of encryption Data of network game is carried out encrypting for the first time including by method:

12. according to the method described in claim 9-11 any one, wherein, described use Second encryption method carries out second time to the data of network game carried out after encrypting for the first time and encrypts Including:

The second encryption seed is utilized to generate black list；

13. 1 kinds of data of network game decryption methods, including:

Receive the data of network game after the double-encryption that server end sends；Wherein, described Data of network game after double-encryption is to be used the first encryption method pair by described server end Data of network game carries out encrypting and use the second encryption method to encryption for the first time for the first time After data of network game carry out second time encrypt after and obtain；

14. methods according to claim 13, described method also includes:

Receive the first deciphering seed and the first deciphering rule that described server end sends, described First deciphering seed is described server end real-time update with described first deciphering rule；

Wherein, described the first deciphering that use is corresponding with the first encryption method in script engine Data of network game after deciphering for the first time is carried out deciphering for the second time including by method:

15. methods according to claim 13, also include:

The data of network game received is carried out data integrity verifying.

16. methods according to claim 15, wherein, the described network trip to receiving Play data carry out data integrity verifying and include:

17. 1 kinds of client devices, including:

First encrypting module, is configured to use the first encryption method to net in script engine Network game data carries out encrypting for the first time and by the online game after encryption in script engine Data are sent in game engine；

Second encrypting module, is configured to use the second encryption method to institute in game engine State the data of network game after encrypting in script engine to carry out encrypting for the second time, it is thus achieved that dual Data of network game after encryption；

First sending module, is configured to the data of network game after carrying out double-encryption and leads to Cross network and be sent to server end, so that described server end is receiving described dual add After data of network game after close, can use corresponding with described second encryption method respectively Second decryption method and the first decryption method corresponding with described first encryption method are to described Data of network game after double-encryption is decrypted.

18. 1 kinds of server apparatus, including:

First receiver module, be configured to receive client device send through double-encryption After data of network game；Wherein, the data of network game after described double-encryption is by institute Stating client device uses the first encryption method to carry out data of network game in script engine Encrypt for the first time and use the second encryption method to add in script engine in game engine Data of network game after close carries out obtaining after second time is encrypted；

First deciphering module, is configured to use second corresponding with described second encryption method Data of network game after described double-encryption is decrypted by decryption method；

Second deciphering module, is configured to use first corresponding with described first encryption method Decryption method carries out second time to the data of network game carried out after deciphering for the first time and deciphers.

19. 1 kinds of server apparatus, including:

3rd encrypting module, is configured to use the first encryption method to enter data of network game Row encryption for the first time；

4th encrypting module, is configured to use the second encryption method to carrying out encrypting for the first time After data of network game carry out second time encrypt；

Second sending module, is configured to the data of network game after carrying out double-encryption and leads to Cross network and be sent to client, so that described client is after receiving described double-encryption Data of network game after, in game engine use corresponding with described second encryption method Data of network game after described double-encryption is carried out deciphering for the first time by the second decryption method, And, use the first decryption method corresponding with the first encryption method to the in script engine Once the data of network game after deciphering carries out deciphering for the second time.

20. 1 kinds of client devices, including:

Second receiver module, is configured to the net after receiving the double-encryption that server end sends Network game data；Wherein, the data of network game after described double-encryption is by described service Device end uses the first encryption method to carry out data of network game for the first time to encrypt and uses the After the data of network game carried out after encrypting for the first time is carried out encrypting for the second time by two encryption methods And obtain；

4th deciphering module, is configured in script engine use and the first encryption method pair The first decryption method answered carries out second time to the data of network game after deciphering for the first time and solves Close.