Jump to content



Xbox Secure Networking Protocol

  • Please log in to reply
No replies to this topic

#1 jhurliman


    X-S Young Member

  • Members
  • Pip
  • 50 posts

Posted 14 September 2003 - 06:28 PM

I found some documentation here http://home.g365.net...ibrary_xsnl.htm on the Xbox secure networking, it uses a public/private keypair to encrypt data. The sequence goes something like this (according to the docs):

Client broadcasts looking for game
- Possibly contains a message ID saying what kind of broadcast it is
- Broadcast contains a unique (random) identifier

Server responds with another broadcast
- Contains the client's unique identifier
- Session name
- Keypair
- Address (XNADDR) of the host

Once the client receives the keypair and the address of the host it can create a secure connection. A man in the middle attack would be trivial if there was any information on how the server's response is laid out (it's surely different in every game), or the type of encryption used. The good news is they can't use cipher block chaining because of the uncertain nature of UDP. Imagine writing custom plug-ins for games where you can keep track of match scores with a web frontend... Down the road when I get Free XLink looking good I'll dig in myself, but it would be great to form a team (including some cryptoheads and peeps familiar with IPSec) to attack this.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users