I have been having this idea of using encryption to prevent users from figuring out content in my program outside of the program itself. Like users may find textures never used in the game meant to be part of some kind of Easter egg while going though the games data. This may e.g. ruin it for everybody if posted online.
Imagine a secret room where the player have to press the correct numbers on a security door in the game, which if correct should generate the correct decryption key and then decrypting that part of the level and opening the door. Thus making the Easter egg otherwise inaccessible even when looking through the game-data since the key isn't actually stored, it's generated based on user-input.
Here is another example of what I was imagining. I have a puzzle game with let's say 20 levels, each one encrypted using a different key. Instead of storing the decryption key with the program directly allowing someone to decompile the program and find it, I instead generate the encryption/decryption key based on the solution of the previous puzzle. This way the player would have to actually figure out the puzzle before getting any information about the next level, even when looking through the game-data.
The player, if knowledgeable, could possible brute-force it "easily" given that the number of puzzle solutions is probably less that the number of decryption keys. It is really a matter complexity of the puzzle and is not very important here. Though I did post an answer regarding it over here
Is there programs/games today that has done something like this? Storing encrypted content in their games? And if not why? Is there a lot of rules and regulation about it, either at the store or country level? Does anyone see any obvious pitfalls that I'm missing? Ignoring things like user-experience, the idea seems sound to me and makes me curious why I haven't seen this before.
Edit: It may not be clear exactly what I'm saying, so here is a more concrete example.
Let's say I have a function that takes in a string of 20 characters and generates a symmetric key which I can use to encrypt/decrypt some content in the game. The only way the user could get to that content is to know those 20 characters and generate the same key. This key is never directly stored and is generated on the fly based on user input. These characters would be hidden in the game in what could be books, dialog with NPCs, maybe even outside of the game on the back of the box even.
So with 2*10^28 possible combinations to try it would probably be more likely people will find the content in the way intended rather that by looking through the game-data.
Edit 2:
The content in question would be encrypted with an arbitrary and secret key before being shipped to the consumer. This key will obviously not be shipped with the game. He or she would have to somehow puzzle the key back together given a series of clues made based on the key, and that are hidden throughout the game or somewhere else. This system would however be transparent for the user as you wouldn't know the content was encrypted unless you actually looked through the game-data.
As a lot has mention this has one obvious downside in that its use case is limited. Once a single person has figured it out he/she may share it with everybody else, if not the key/solution then the content itself. However if your intention is to keep something so secret that a single person shouldn't be able to solve it and people have to work together to solve it, or you are afraid that your easter egg is so well hidden (by design) that it is more likely someone will find it in the code rather through game play. Then I think this could work great.
I would personally recommend to only use it maybe once per game and only for things that does not affect core game-play, e.g. easter eggs, a secret ending. Any puzzle would have to be so complicated or well hidden for it to slow people down enough to make encrypting the content worth it and if this puzzle stood in the way of people progressing then nobody is probably having any fun.
Best Answer
This question is asking whether it is possible (not just commercially viable or some other interpretation) to force at least 1 user to solve a puzzle instead of hacking to unlock certain game content.
To my knowledge this is definitely possible. In fact, it is bizarre to me that other answers are saying it is outright not possible, even when it has been very explicitly stated that the key is neither generated nor stored, merely read in from the game state (which could have googleplexes of possible values). The argument that "the game knows how to decrypt it" so it won't work would then imply that any open source encryption/decryption software (for example, TrueCrypt) is inherently insecure because you know "how" to decrypt containers (just enter a string based on keyboard input, it's simple right?).
In the absolute simplest case, imagine that the game itself is a keyboard simulator and it asks the question "what is the password to my encrypted files?", clearly we all agree that having the source code to the game wouldn't help. Now imagine the game asks the questions "what is the name of the largest animal on Earth concatenated with the name of the smallest animal?". Is it not clear that even having the game's source code would not help, and you still have to solve the puzzle?
With respect to whether this is possible the answer is absolute YES, this is possible.