Secure transport for Mirror
- Using RSA for handshake phase (pre-generated)
- Using AES for data exchange
- Only encrypt message sent by reliable channel
- Pre-generate the Rsa key pair
- Client random AES key, iv (K1, IV1)
- The client encrypts (K1, IV1) and sends it to the server using the rsa public key.
- The server receives and decrypts ciphertext using rsa private key to get (K1, IV1).
- The server generates a random Aes key, iv (K2, IV2), and uses the following formula to calculate the final key, iv (K, IV): K=K1 XOR K2, IV = IV1 XOR IV2.
- (K2, IV2) is encrypted with (K1, IV1) and sent to the Client by the Server.
- The client uses (K1, IV1) to decrypt ciphertext to get (K2, IV2).
- The client calculate the final key, iv (K, IV) with same formula as server.
- Client sends a Confirm message that is encrypted with (K, IV), and the client side handshake is complete.
- The server confirms the message by decrypting it with (K, IV). The server side handshake has been completed.
- With (K, IV), the client and server exchange data and encrypt and decrypt messages.
- Enable "Allow 'unsafe' code" in Player Settings
- Add MiTransport.cs to NetworkManager game object.
- Drag current transport to MiTransport innerTransport field.
- Replace transport on your NetworkManager to MiTransport.
- Click Generate keypair button and save scene.
Inspired by Monke Transport