Password-protected Castle game sessions (passwords distributed via a BridgeDB-like mechanism) prevent censors from joining instances to observe in-game state or identify participants; when a client fails to supply the correct password within a timeout, the Castle proxy falls back to an AI player, making Castle instances indistinguishable from legitimate games even to an adversary who enters the lobby.
From 2016-hahn-games — Games Without Frontiers: Investigating Video Games as a Covert Channel
· §6.2
· 2016
· European Symposium on Security \& Privacy
Implications
Implement a timed credential-challenge protocol at the application layer so that uninvited probers receive only legitimate-looking game behavior; distribute session credentials through an existing bridge distribution system (e.g., BridgeDB) rather than building a bespoke discovery mechanism.
When the cover protocol does not support password protection natively, use standard (non-custom) maps so Castle sessions blend into the global lobby and reduce the signal-to-noise ratio for censor enumeration attempts.