If someone actually uses this, all you need to do to break the scheme is run your test map on the new bank and see what the new checksum is supposed to be then change the checksum.
Without proper locking(which I suspect is impossible under the current architecture), nothing can be made even close to secure. You can't encrypt because you can't keep the keys private. You can't hash because as soon as they know the hashing algorithm, it's easy for them to generate a correct checksum. You can't sign because that's encrypting a hash... The only thing you can do is slow down lazy people.
Rollback Post to RevisionRollBack
To post a comment, please login or register a new account.
If someone actually uses this, all you need to do to break the scheme is run your test map on the new bank and see what the new checksum is supposed to be then change the checksum.
Without proper locking(which I suspect is impossible under the current architecture), nothing can be made even close to secure. You can't encrypt because you can't keep the keys private. You can't hash because as soon as they know the hashing algorithm, it's easy for them to generate a correct checksum. You can't sign because that's encrypting a hash... The only thing you can do is slow down lazy people.