PUN Classic (v1)、PUN 2 和 Bolt 處於維護模式。 PUN 2 將支援 Unity 2019 至 2022，但不會添加新功能。當然，您所有的 PUN & Bolt 專案可以用已知性能繼續運行使用。對於任何即將開始或新的專案：請切換到 Photon Fusion 或 Quantum。

Bolt Connection Encryption System

Security is one the main objectives when developing with Photon Bolt, for this reason, Bolt has builtin a native encryption system, that ensures that each package is encrypted/decrypted, making it even harder to modify by thirdy parties. Available starting on Photon Bolt v1.2.13.

One key point about this implementation that you need to keep in mind is that Bolt does not accomplish the secrets (keys) exchange, but supply all necessary means to create and extract such keys, that later will be used to encrypt the data.
In summary, in order to properly use this system, you need to implement your own secure exchange service.

Basic Setup

The Encryption System setup is as easy as set all necessary keys, and you are done.
Photon Bolt will use those keys to encrypt and decrypt all the packages without any other intervention.
The code sample below shows how you can setup and reset the encryption system:

using System;
using UdpKit.Security;
using UnityEngine;

namespace Bolt.Samples.Encryption
{
    /// <summary>
    /// Example class to fill the Encryption Keys
    /// </summary>
    public class EncryptionSystemSample
    {
        /// <summary>
        /// Setup the Encryption System
        /// </summary>
        public static void InitEncryption()
        {
            // The Encryption System includes some Utility methods to generate all necessary Keys
            var IV = EncryptionManager.GenerateAesIV();
            var key = EncryptionManager.GenerateAesKey();
            var secret = EncryptionManager.GenerateHashSecret();

            EncodedIV = Convert.ToBase64String(IV);
            EncodedKey = Convert.ToBase64String(key);
            EncodedSecret = Convert.ToBase64String(secret);

            // Initlize the system just passing the keys as argument and done
            EncryptionManager.Instance.InitializeEncryption(EncodedIV, EncodedKey, EncodedSecret);
        }

        /// <summary>
        /// Reset the Encryption System
        /// </summary>
        public static void ResetEncryption()
        {
            // Reset all configurations on the Encryption System if you want to disable it
            EncryptionManager.Instance.DeinitializeEncryption();
        }
    }
}

We've also included a small sample showing how you can interact with the EncryptionManager class, the central class to setup the Encryption System.
You can check the basic usage inside the SetupEncryptionSystem folder on the samples package included in the SDK or directly on our Samples Repo.

Encryption System Description

The packet encryption system accomplishes the it's behavior by the application of the following well know algorithms with the specified settings:

Advanced Encryption Standard (AES)(doc page):
- Key Size: 256 bits;
- Mode: CipherMode.CBC (doc page).
Message Authentication Code (HMAC)(doc page).
- Using the SHA256 function (doc page).

The Data Encryption Process can be described with the following steps:

Encrypt Data:
1. The packet is prefixed with a unique sequential ID;
2. A Hash based on the packet content is generated and appended to the data buffer;
3. All buffer is encrypted using the above algorithms.
Decrypt Data:
1. The received data buffer is decrypted;
2. Hash code validated, otherwise, the packet is discarded;
3. Received ID checked with last valid packet, if older, the packet is discarded.

Extra Notes

Links with related information about encryption in general:

https://docs.microsoft.com/en-us/dotnet/standard/security/cryptography-model
https://chrishammond.ca/2018/09/03/rijndaelmanaged-aesmanaged-and-aescryptoserviceprovider-simpleaccountlocker-app/
http://www.philosophicalgeek.com/2014/10/22/using-memorystream-to-wrap-existing-buffers-gotchas-and-tips/

Basic Setup
Encryption System Description
Extra Notes