Simple Security (*)

This library gives you security without using heavy-weight and restricted encryption technologies.

The purpose of this module is to make it difficult for end-users to read and modify saved files. It is great for obfuscating game settings like score, IAP purchase flags, etc.

This library uses a substitution-cypher to encode and decode strings.

While difficult to crack, this is NOT STRONG security. It should not be used to secure sensitive data.

Security Operations (*)

encode decode
saveKey loadKey
printKeyString loadKeyFromKeyString

Generating A Key

After exeucuting this code, the security module will be using a new randomly generated key (cypher): 


To encode a string with the current key (cypher) do this:

local origString = "This is a random string 1234567890."

local encodedString = origString )

Now, encodedString contains a obfuscated version of origString.


To decode a previously obfuscated string:

local decodedString = encodedString )

Assuming was configured with the same key (cypher) used to encode encodedString, decodedString will now contain the original un-encoded string.

Saving A Key

You can save the current key (cypher) to a file with this function: fileName [ , base  ])


-- Save current key as file key.json (in system.DocumentsDirectory) "key.json" )

Restoring A Key

You can restoring a key (cypher) from a key previously stored in a file with this function fileName [ , base  ])


-- Load key from file key.json (in system.DocumentsDirectory) "key.json" )

Assuming was configured with the same key (cypher) used to encode encodedString, decodedString will now contain the original un-encoded string.

Embedding A Key

Instead of saving and loading to/from a file, you may find it easier to embed a key right in your app/game code.

To do this, follow these steps:

1. Generate & Print Key

Do this in the simulator:

-- Generate random key 

-- Print To Console 

2. Get Key From Console

Look in your console and find a statement like this:

21:20:38.762  'a>bKc=d e.f;goh:ijj]ktlPmzn&olpWqQrFsHtau`v!wSxEyRzsAMB0CCDTE8FUGrHYI6J-KhL[MANcO9PfQ5RnSpTbU@VdW<XZYwZI1}2k3)4g5_6(728O9?0m!i@##V$%%{^y&N*B(v)$_++D-^=4`3~* G,u.x<e>7[1]L{X}~/q?|;J:,|/'

This is the key:

'a>bKc=d e.f;goh:ijj]ktlPmzn&olpWqQrFsHtau`v!wSxEyRzsAMB0CCDTE8FUGrHYI6J-KhL[MANcO9PfQ5RnSpTbU@VdW<XZYwZI1}2k3)4g5_6(728O9?0m!i@##V$%%{^y&N*B(v)$_++D-^=4`3~* G,u.x<e>7[1]L{X}~/q?|;J:,|/'

Copy it (including the start and end tics ') to your cut-copy-paste buffer.

3. Write Code To Load Key String

Now, write this code in main.lua or in your initialization code (be sure to use key in your cut-copy-paste buffer):

-- Paste your key into this variable:
local keyString = 'a>bKc=d e.f;goh:ijj]ktlPmzn&olpWqQrFsHtau`v!wSxEyRzsAMB0CCDTE8FUGrHYI6J-KhL[MANcO9PfQ5RnSpTbU@VdW<XZYwZI1}2k3)4g5_6(728O9?0m!i@##V$%%{^y&N*B(v)$_++D-^=4`3~* G,u.x<e>7[1]L{X}~/q?|;J:,|/'

-- Now initialize with it: keyString )

Getting A Key String

At any time, you can get the current key (cypher) from with this function:

local keyString = )

Complete Security Example

local test = {}

-- Localize security module
local security =

function group, params )
   group = group or display.currentStage
   params = params or {}


   -- Print current key (default key)
   local curKey = security.getKeyString()
   print( "Default Key: ", curKey)

   -- Generate and set a new key
   local newKey = security.getKeyString()
   print( "Generated key: ", newKey )

   -- Test encoding and decoding.
   local origString = "This is a random string 1234567890."
   local encodedString = security.encode( origString )
   local decodedString = security.decode( encodedString )

   print( "   Original string: " .. tostring( origString ) )
   print( "    Encoded string: " .. tostring( encodedString ) )
   print( "    Decoded string: " .. tostring( decodedString ) )
   print( "    Strings match?: " .. tostring( origString == decodedString ) )

   -- Save key
   security.saveKey( "key.json" )

   -- Generate a new key

   -- Load saved key   
    security.loadKey( "key.json")

    -- Test saved, generated, reloaded key
   local reDecodedString = security.decode( encodedString )

   print( " Re-Decoded string: " .. tostring( reDecodedString ) )
   print( "    Strings match?: " .. tostring( origString == decodedString ) )

return test

RoamingGamer Copyright © Roaming Gamer, LLC. 2008-2016; All Rights Reserved