Photon is able to encrypt messages between client and server, which is a must-have for sending authentication input or other sensible user-data.
On the other hand, encryption causes quite some overhead, so it's used sparingly and not exposed that much in our APIs.
For example: In our default logic, these go to all players of a room, so the content can't be too secret to send openly. So events are not encrypted by default.
Our client SDKs use it only for authentication. As developer, you can use it per message.
When you use Photon LoadBalancing or PUN, the API will automatically exchange encryption keys between client and server. This is done via Diffie Hellmann Key Exchange when the client connects.
The 160 bit key is then used for AES encryption on demand.
Once a client is authenticated, the server will issue a Token, an encrypted summary of the client's auth values to be used on other servers. The Token does not need to be read by the client.
By design Photon tokens are refreshed on the Master Server only. The refresh happens when switching from Master Server to Game Server which happens when you create or join a room. Token expiration is 1 hour but as long as the client keeps raising events inside the room the token will be refreshed automatically using a special event. However, if a client stays inside a room for more than 1 hour without raising any event the token will not be refreshed and will expire. The client may stay longer on the Game Server without any issues. It will get the ('Authentication token expired' Code: 32753) error when trying to go back to the Master Server after leaving the room. The solution to the issue is to reconnect again.
Other Security Recommendations
If you use Custom Authentication, Webhooks or WebRPCs, make sure to use HTTPS instead of HTTP. Also in Custom Authentication, you should prefer POST over GET. And if you combine Custom Authentication and Webhooks or WebRPCs you could make use of AuthCookie.
If you use Unity's WebGL export to connect to Photon Cloud, the client will connect via Secure WebSockets. We recommend the use of WSS over WS when self hosting as well.
Encryption in PUN
In PUN, you can call RPCs in a secure way by calling
RpcSecure()on some PhotonView.
Encryption Of Operations
In all C# APIs, we have a class called
It is a lower level class which offers a method
This is the basis for all operation calls a client does an it has a parameter for encryption.
In PUN, the
PhotonNetwork.networkingPeer is a
In LoadBalancing, it's the
OpCustom() with the encrypt-parameter set to true if needed.
Manually Establish Encryption
If you use the LoadBalancing API or PUN, you don't need to do this manually. Only if you start your client from scratch, you have to establish encryption after connecting.
In best case, call
OnStatusChanged like this:
The library takes care of sending and handling the required keys. When
this finishes, the client library will call
OnStatusChanged with either
of these codes: