gamedevlists-general

RE: [GD-General] serial numbers

[Gareth L. <GL...@cl...>]

Just make the serial number out of two parts. The first part is a =
sequential
number, then hash the name and the serial number.

> -----Original Message-----
> From: Ignacio Casta=F1o [mailto:cas...@ya...]
> Sent: 27 May 2003 17:37
> To: gam...@li...
> Subject: Re: [GD-General] serial numbers=20
>=20
>=20
> J C Lawrence wrote:
> > Typical forms I've seen are a one-way hash ala MD5 of the=20
> public data,
> > along with a secret.  The resultant string (often with=20
> another secret)
> > is then digitally signed with the resultant string,=20
> sometimes with a CRC
> > or other padding data appended..  The application then verifies the
> > signature to check that the key is of valid form, and the=20
> central site
> > can check that the key is legit.
>=20
> Thanks, I was looking for something like that so, but I still have a
> problem. I create a message using the secret and the public data, and
> generate the key aplying MD5 to it, so when the user logs in,=20
> he provides
> the previous key and the public data. I know the secret, so I=20
> can recompute
> the key and validate the key that the user provided.
>=20
> MD5 is not trivially reversible, so this seems to work.=20
> However, if two
> users have the same name, the keys will also be the same, and=20
> some products
> don't requiere an username, so in that case I would have a single =
key!
>=20
> How can I solve that? I'd like to add a random part to the=20
> encoded message,
> but then I don't know how to validate it...
>=20
> Thanks in advance,
>=20
>=20
> Ignacio Casta=F1o
> cas...@ya...
>=20
>=20
>=20
>=20
> -------------------------------------------------------
> This SF.net email is sponsored by: ObjectStore.
> If flattening out C++ or Java code to make your application fit in a
> relational database is painful, don't do it! Check out ObjectStore.
> Now part of Progress Software. http://www.objectstore.net/sourceforge
> _______________________________________________
> Gamedevlists-general mailing list
> Gam...@li...
> https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
> Archives:
> http://sourceforge.net/mailarchive/forum.php?forum_id=3D557
>=20

RE: [GD-General] serial numbers

[Gareth L. <GL...@cl...>]

Hmm, say (for arguments sake) that your hash is 12 characters. The
sequential number is 4 characters.

My name is Gareth Lewin, the code you give me is

0001-2486-2546-1356

2486-2546-1356 is the hash of "Gareth Lewin 0001"

if another Gareth Lewin registered your product, you create the hash =
for
"Gareth Lewin 002" and say that is 4532-5634-1867 so his key is
0002-4532-5634-1867

Ofcourse you need to make sure your hash function generates vastly =
differant
values for "Gareth Lewin 001" and "Gareth Lewin 002"

You can do that by taking the 4 digits as a hex number and xoring =
"Gareth
Lewin" with it and hashing.

So you generate a hash for "Gareth Lewin" xored (each 4 chars) by 0001 =
etc.
This would work nicely if (and that's the case you describe) the hash
function runs on a remote machine.

This stuff won't work really well on the clients machine.

Another idea is to have 255 or more secrets ( You can just take a
dictionary, randomise it and use that as the secret table ), then the
sequential number is just the index into the table.

> -----Original Message-----
> From: Ignacio Casta=F1o [mailto:cas...@ya...]
> Sent: 27 May 2003 18:18
> To: gam...@li...
> Subject: Re: [GD-General] serial numbers=20
>=20
>=20
> Gareth Lewin wrote:
> > Just make the serial number out of two parts. The first part is a
> sequential
> > number, then hash the name and the serial number.
>=20
> But then, given a key, it's quite easy to generate a different one, =
by
> changing the sequential number.
>=20
> The validator doesn't know the sequential number of a given=20
> serial number
> beforehand. So, the sequential number cannot be added to the=20
> message with
> the secret and the public data. It has to be mixed with the=20
> result of the
> hash function. But how can I mix the sequence number and the hash in =
a
> non-obvios but reversible way?
>=20
> If it's too obvious, anybody can take an existing key, and=20
> generate many new
> keys using the same hash, but a different sequence number.
>=20
>=20
> Ignacio Casta=F1o
> cas...@ya...
>=20
>=20
> > -----Original Message-----
> > From: Ignacio Casta=F1o [mailto:cas...@ya...]
> > Sent: 27 May 2003 17:37
> > To: gam...@li...
> > Subject: Re: [GD-General] serial numbers
> >
> >
> > J C Lawrence wrote:
> > > Typical forms I've seen are a one-way hash ala MD5 of the
> > public data,
> > > along with a secret.  The resultant string (often with
> > another secret)
> > > is then digitally signed with the resultant string,
> > sometimes with a CRC
> > > or other padding data appended..  The application then=20
> verifies the
> > > signature to check that the key is of valid form, and the
> > central site
> > > can check that the key is legit.
> >
> > Thanks, I was looking for something like that so, but I still have =
a
> > problem. I create a message using the secret and the public=20
> data, and
> > generate the key aplying MD5 to it, so when the user logs in,
> > he provides
> > the previous key and the public data. I know the secret, so I
> > can recompute
> > the key and validate the key that the user provided.
> >
> > MD5 is not trivially reversible, so this seems to work.
> > However, if two
> > users have the same name, the keys will also be the same, and
> > some products
> > don't requiere an username, so in that case I would have a=20
> single key!
> >
> > How can I solve that? I'd like to add a random part to the
> > encoded message,
> > but then I don't know how to validate it...
> >
> > Thanks in advance,
> >
> >
> > Ignacio Casta=F1o
> > cas...@ya...
> >
> >
> >
> >
> > -------------------------------------------------------
> > This SF.net email is sponsored by: ObjectStore.
> > If flattening out C++ or Java code to make your application fit in =
a
> > relational database is painful, don't do it! Check out ObjectStore.
> > Now part of Progress Software.=20
http://www.objectstore.net/sourceforge
> _______________________________________________
> Gamedevlists-general mailing list
> Gam...@li...
> https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
> Archives:
> http://sourceforge.net/mailarchive/forum.php?forum_id=3D557
>


-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Gamedevlists-general mailing list
Gam...@li...
https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
Archives:
http://sourceforge.net/mailarchive/forum.php?forum_idU7



-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Gamedevlists-general mailing list
Gam...@li...
https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
Archives:
http://sourceforge.net/mailarchive/forum.php?forum_id=3D557

Re: [GD-General] serial numbers

[<cas...@ya...>]

Thanks a lot for your explanation, now I understand.


Ignacio Castaño
cas...@ya...


Gareth Lewin wrote:
> Hmm, say (for arguments sake) that your hash is 12 characters. The
> sequential number is 4 characters.
>
> My name is Gareth Lewin, the code you give me is
>
> 0001-2486-2546-1356
>
> 2486-2546-1356 is the hash of "Gareth Lewin 0001"
>
> if another Gareth Lewin registered your product, you create the hash for
> "Gareth Lewin 002" and say that is 4532-5634-1867 so his key is
> 0002-4532-5634-1867
>
> Ofcourse you need to make sure your hash function generates vastly
differant
> values for "Gareth Lewin 001" and "Gareth Lewin 002"
>
> You can do that by taking the 4 digits as a hex number and xoring "Gareth
> Lewin" with it and hashing.
>
> So you generate a hash for "Gareth Lewin" xored (each 4 chars) by 0001
etc.
> This would work nicely if (and that's the case you describe) the hash
> function runs on a remote machine.
>
> This stuff won't work really well on the clients machine.
>
> Another idea is to have 255 or more secrets ( You can just take a
> dictionary, randomise it and use that as the secret table ), then the
> sequential number is just the index into the table.

[GD-General] Dithering from 24-bit to 16-bit

[Tom H. <to...@ve...>]

I'm looking for a tool that will take a 24-bit RGB image and reduce it down 
to lower bit depths (specifically, RGBA_4444, RGB_565, and RGBA_5551) with 
nice dithering to attempt to preserve the image quality. The perfect 
solution would be a Photoshop plug-in that worked kinda like their 
posterize function, but supported different bit depths per channel and did 
dithering.

Tom

RE: [GD-General] serial numbers

[Timur D. <ti...@cr...>]

Unlikely mandatory registration will bring any change, it is valuable =
for online games of course,
but for the simple Single Player, what can they do? everything on the =
client can be cracked.
IMHO it is worthless to waste allot of precisios game development time, =
trying to protect from inevitable.

_________________________________
Timur Davidenko.
Crytek Studios (http://www.crytek.com)



-----Original Message-----
From: Javier Arevalo [mailto:ja...@py...]
Sent: Friday, May 30, 2003 5:39 PM
To: gam...@li...
Subject: Re: [GD-General] serial numbers


What kind of drugs are you on, man? :)

I assume most games are uniquely signed to identify the receiver of =
betas.
We certainly did that on Praetorians (nice batch-mode signature tool for
those 85+ magazines!). Leaked versions may still appear, and despite the
fact that the leak can be traced back to one of the magazines, you will =
have
a hard time getting any compensation, the most you can hope for is their
promise that "they will be more careful in the future". The point of =
digital
signatures is "prevention": make sure the mag gets the point that their =
copy
is uniquely signed, that the signature is prominently displayed on the =
title
screen, that it can be hacked to not appear there but can't be removed
entirely, etc etc. and hope that, if they screw up, it will be with =
someone
else's title.

Flooding will not stop most p2p systems, they have learned to cope with
that: "trusted link sites", statistics for files, and pretty soon they =
will
have built-in ratings and "quality" estimators, just like they don't =
have
central servers anymore. The ones that don't adapt will simply stop =
being
used.

I wonder what the future is for mandatory online registration / =
verification
systems. These do create much more trouble for pirated versions, but =
have
tons of usability and privacy issues.

  Javier Arevalo
  Pyro Studios

Colin Fahey wrote:
>
> [1] First, put a unique code in each build of the game before the
> official release date, then do a Google search for any cracked
> versions, and then embarrass the reviewer who leaked the game to the
> public before it was
> even on sale!  Demand his head on a platter from the game magazine
> editor, or threaten to reduce your bribes for A+/100%/5-star ratings.
> Won't those punks change their tunes when you cut off their supply of
> cocaine, outcall escorts, and Japanese anime DVDs!
>
> [2] Later, when the game is in general release, do the Google search
> again, and send "Cease and Desist" e-mail to the punks offering
> cracks to your game, from fake law firms or from Yakuza assassins
> with an inexplicable desire to optimize "market efficiency" for your
> product.  Or invoke the Patriot Act and TIA or whatever and have the
> crackers tried by a secret military tribunal and summarily executed
> -- or at least brainwashed and cryogenically frozen to be revived
> later as Universal Soldiers, defending the government against freedom
> and democracy.
>
> [3] Then, do what Madonna does!  Flood Kazaa and Direct Connect with
> *fake* cracks to your game -- and put in some profane message to
> infuriate pirates! Releasing your most unimaginative game yet, just
> to get more cash out of your fan base, would complete the analogy,
> but that would simply be icing on the cake!  That will teach them to
> rage against the machine!  The freakin' machine is X-treme raging
> right back at 'em!  You da "Man"!



-------------------------------------------------------
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
_______________________________________________
Gamedevlists-general mailing list
Gam...@li...
https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
Archives:
http://sourceforge.net/mailarchive/forum.php?forum_id=3D557

RE: [GD-General] serial numbers

[Gareth L. <GL...@cl...>]

The trick is to use some kind of onliness. Downloading of new content for
example. Although sadly, even that can be downloaded by one and distributed
to everyone.

> -----Original Message-----
> From: Timur Davidenko [mailto:ti...@cr...]
> Sent: 03 June 2003 09:07
> To: gam...@li...
> Subject: RE: [GD-General] serial numbers
> 
> 
> Unlikely mandatory registration will bring any change, it is 
> valuable for online games of course,
> but for the simple Single Player, what can they do? 
> everything on the client can be cracked.
> IMHO it is worthless to waste allot of precisios game 
> development time, trying to protect from inevitable.
> 
> _________________________________
> Timur Davidenko.
> Crytek Studios (http://www.crytek.com)

[GD-General] Prices of well-known 3D engines

[Pierre T. <p.t...@wa...>]

Hi,

I'm looking for current prices of well-known 3D engines, to back up an
argument I have with some people...  Any quick figures for me ?

I found those prices online:
- Quake3
- Cipher
- Lithtech
- Gamebryo (Netimmerse)

I'd like to know for :
- Renderware
- Unreal
- others ?

Thanks,
- Pierre

RE: [GD-General] Prices of well-known 3D engines

[Jamie F. <ja...@qu...>]

While i've got an excuse to plug.... :)

Q is free on Windows, Linux and FreeBSD, with minimal support. I think the
supported license is undergoing a little massaging as we build up to the
next release, but is 50K euros per product according to the website
(http://www.qubesoft.com/q/licensing.php), and covers consoles too.

You could certainly debate the well-knownness of the engine, but the company
founders' previous engine became D3D, which i believe is fairly well known
;p

Jamie


-----Original Message-----
From: gam...@li...
[mailto:gam...@li...]On Behalf Of
Pierre Terdiman
Sent: 03 June 2003 17:59
To: gam...@li...
Subject: [GD-General] Prices of well-known 3D engines


Hi,

I'm looking for current prices of well-known 3D engines, to back up an
argument I have with some people...  Any quick figures for me ?

I found those prices online:
- Quake3
- Cipher
- Lithtech
- Gamebryo (Netimmerse)

I'd like to know for :
- Renderware
- Unreal
- others ?

Thanks,
- Pierre





-------------------------------------------------------
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
_______________________________________________
Gamedevlists-general mailing list
Gam...@li...
https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
Archives:
http://sourceforge.net/mailarchive/forum.php?forum_id=557

Re: [GD-General] Prices of well-known 3D engines

[Tom S. <to...@pi...>]

    I guess i'll throw in Torque (
http://www.garagegames.com/torque/commercial.php ) which is $10,000 per
title for a commercial license.  For those that don't know this is basically
the Tribes 2 engine.

    Tom

----- Original Message ----- 
From: "Pierre Terdiman" <p.t...@wa...>
To: <gam...@li...>
Sent: Tuesday, June 03, 2003 11:59 AM
Subject: [GD-General] Prices of well-known 3D engines


> Hi,
>
> I'm looking for current prices of well-known 3D engines, to back up an
> argument I have with some people...  Any quick figures for me ?
>
> I found those prices online:
> - Quake3
> - Cipher
> - Lithtech
> - Gamebryo (Netimmerse)
>
> I'd like to know for :
> - Renderware
> - Unreal
> - others ?
>
> Thanks,
> - Pierre
>
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: eBay
> Get office equipment for less on eBay!
> http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
> _______________________________________________
> Gamedevlists-general mailing list
> Gam...@li...
> https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
> Archives:
> http://sourceforge.net/mailarchive/forum.php?forum_id=557
>

Re: [GD-General] serial numbers

[<cas...@ya...>]

Gareth Lewin wrote:
> Just make the serial number out of two parts. The first part is a
sequential
> number, then hash the name and the serial number.

But then, given a key, it's quite easy to generate a different one, by
changing the sequential number.

The validator doesn't know the sequential number of a given serial number
beforehand. So, the sequential number cannot be added to the message with
the secret and the public data. It has to be mixed with the result of the
hash function. But how can I mix the sequence number and the hash in a
non-obvios but reversible way?

If it's too obvious, anybody can take an existing key, and generate many new
keys using the same hash, but a different sequence number.


Ignacio Castaño
cas...@ya...


> -----Original Message-----
> From: Ignacio Castaño [mailto:cas...@ya...]
> Sent: 27 May 2003 17:37
> To: gam...@li...
> Subject: Re: [GD-General] serial numbers
>
>
> J C Lawrence wrote:
> > Typical forms I've seen are a one-way hash ala MD5 of the
> public data,
> > along with a secret.  The resultant string (often with
> another secret)
> > is then digitally signed with the resultant string,
> sometimes with a CRC
> > or other padding data appended..  The application then verifies the
> > signature to check that the key is of valid form, and the
> central site
> > can check that the key is legit.
>
> Thanks, I was looking for something like that so, but I still have a
> problem. I create a message using the secret and the public data, and
> generate the key aplying MD5 to it, so when the user logs in,
> he provides
> the previous key and the public data. I know the secret, so I
> can recompute
> the key and validate the key that the user provided.
>
> MD5 is not trivially reversible, so this seems to work.
> However, if two
> users have the same name, the keys will also be the same, and
> some products
> don't requiere an username, so in that case I would have a single key!
>
> How can I solve that? I'd like to add a random part to the
> encoded message,
> but then I don't know how to validate it...
>
> Thanks in advance,
>
>
> Ignacio Castaño
> cas...@ya...
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: ObjectStore.
> If flattening out C++ or Java code to make your application fit in a
> relational database is painful, don't do it! Check out ObjectStore.
> Now part of Progress Software. http://www.objectstore.net/sourceforge
> _______________________________________________
> Gamedevlists-general mailing list
> Gam...@li...
> https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
> Archives:
> http://sourceforge.net/mailarchive/forum.php?forum_id=557
>


-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Gamedevlists-general mailing list
Gam...@li...
https://lists.sourceforge.net/lists/listinfo/gamedevlists-general
Archives:
http://sourceforge.net/mailarchive/forum.php?forum_idU7