The Gaming Den Forum Index The Gaming Den
Welcome to the Gaming Den.
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Google
 Search WWW   Search tgdmb.com 
The Ends v4.01
Goto page Previous  1, 2, 3, ... 21, 22, 23  Next
 
Post new topic   Reply to topic    The Gaming Den Forum Index -> In My Humble Opinion...
View previous topic :: View next topic  
Author Message
zeruslord
Knight-Baron


Joined: 07 Mar 2008
Posts: 577

PostPosted: Sat Jul 26, 2008 2:39 am    Post subject: Reply with quote Add User to Ignore List

Quote:
The key weakness of Asymmetric Code is that by its very nature anyone who really wants to can have both plain text and encrypted text of their choice. Simply take plain text of your choice and encrypt it with the public version and you can do “math” to decrypt it out and have what is essentially the private key. Oh snap.

You seem to have forgotten the paragraph above this. While this is theoretically possible, it should be in the realm of the quote at the top
Quote:
“We estimate that we can crack this faster by waiting a few years for computers to become faster and then starting the project on the new generation of machines.”

Anybody worth spoofing will change their key faster than Moore's law can mess it up. You still might be able to get keys by directly hacking into whatever they use to do their decryption, but the "math" is a truly enormous pain. Even then, you assume a known algorithm, which may not be true. Overall, near perfect encryption is possible, and impersonation would just take too damn long.
Back to top
View user's profile Send private message
Quantumboost
Knight-Baron


Joined: 07 Mar 2008
Posts: 968

PostPosted: Sat Jul 26, 2008 4:19 am    Post subject: Reply with quote Add User to Ignore List

zeruslord wrote:
Quote:
The key weakness of Asymmetric Code is that by its very nature anyone who really wants to can have both plain text and encrypted text of their choice. Simply take plain text of your choice and encrypt it with the public version and you can do “math” to decrypt it out and have what is essentially the private key. Oh snap.

You seem to have forgotten the paragraph above this. While this is theoretically possible, it should be in the realm of the quote at the top
Quote:
“We estimate that we can crack this faster by waiting a few years for computers to become faster and then starting the project on the new generation of machines.”

Anybody worth spoofing will change their key faster than Moore's law can mess it up. You still might be able to get keys by directly hacking into whatever they use to do their decryption, but the "math" is a truly enormous pain. Even then, you assume a known algorithm, which may not be true. Overall, near perfect encryption is possible, and impersonation would just take too damn long.


While an accurate assessment of the current state of affairs, there are things that could happen between 2007 and 2071 that could easily make asymmetric doable in real-time with Matrix-reasonable processing power. For instance, if it turns out that P = NP, then it becomes possible to break modern (as in modern key size) asymmetric encryption [edit]in a reasonable amount of time[/edit] even with current hardware. Cracking an asymmetric key scheme is a matter of what mathematics looks like in 2071, and we don't *know* what that looks like, so we can have it look like several possible things, some of which may be more or less advantageous for gameplay.


Last edited by Quantumboost on Sat Jul 26, 2008 4:31 am; edited 1 time in total
Back to top
View user's profile Send private message
CatharzGodfoot
King


Joined: 07 Mar 2008
Posts: 5664
Location: North Carolina

PostPosted: Sat Jul 26, 2008 5:30 am    Post subject: Reply with quote Add User to Ignore List

Quantumboost wrote:
For instance, if it turns out that P = NP

ROFL

I suppose that P could equal NP in a world where people summon fire elementals on a daily basis.
Back to top
View user's profile Send private message
Manxome
Knight-Baron


Joined: 07 Mar 2008
Posts: 977

PostPosted: Sat Jul 26, 2008 6:48 am    Post subject: Reply with quote Add User to Ignore List

zeruslord wrote:
Quote:
The key weakness of Asymmetric Code is that by its very nature anyone who really wants to can have both plain text and encrypted text of their choice. Simply take plain text of your choice and encrypt it with the public version and you can do “math” to decrypt it out and have what is essentially the private key. Oh snap.

You seem to have forgotten the paragraph above this. While this is theoretically possible, it should be in the realm of the quote at the top
Quote:
“We estimate that we can crack this faster by waiting a few years for computers to become faster and then starting the project on the new generation of machines.”

Anybody worth spoofing will change their key faster than Moore's law can mess it up. You still might be able to get keys by directly hacking into whatever they use to do their decryption, but the "math" is a truly enormous pain. Even then, you assume a known algorithm, which may not be true. Overall, near perfect encryption is possible, and impersonation would just take too damn long.


Yeah, that part kind of threw me for a loop when I first read it, too. But you need to take a look at this part:

A Note on Cryptographic Realism wrote:
Real world cryptography and code breaking in 2008 revolves around incredibly intensive mathematical analysis and exploitations of technical weaknesses and user error. This is a fascinating field and incredibly non-photogenic. This means that it's the kind of thing that makes a very bad game, because it is almost impossible to describe the action in a way that is in any way comprehensible or cool. I mean basically it would largely come down to people rolling some kind of dice to determine if the security spiders or some non-security conscious user had made some bone headed mistake and then making more die rolls to see if the player could find that mistake and exploit it. You seriously might as well flip coins to see if you win or not, because nothing the player describes their actions as will make any difference to such a system.

In the interests of playability, the weaknesses of computers have been standardized. If you can project high density signal into a computer, you can manipulate it on the hardware level. And if you have access to both the plain text (or brain text) and the encrypted text version of a message you can break the code. Other weaknesses are assumed to not exist. This is admittedly and specifically an abstraction, but it makes the action so much cooler looking and the game so much more accessible to non-mathematicians that the sacrifice is well worth it.
(Emphasis added.)

We are explicitly assuming (in defiance of all modern precedent) that any known plaintext gives you an automatic break of Shadowrun ciphers. Given that assumption, the conclusion that all asymmetric encryption is easily breakable is definitely accurate.

It's not terribly realistic, but for purposes of a game, I think it's a clever rule. Encryption is still useful, but people also have to do cloak-and-dagger stuff to exchange keys, and players have a plausible way to break it that depends on factors that are understandable to a non-mathematician.

And yes, it means there's no asymmetric encryption that you care about (probably; depends how long the "math" takes). But if there was robust asymmetric encryption, you'd just always use that to exchange your symmetric keys (like people do in real life) and then the weakness might as well not exist at all.
Back to top
View user's profile Send private message
Sma
Master


Joined: 07 Mar 2008
Posts: 269

PostPosted: Mon Jul 28, 2008 11:22 am    Post subject: Reply with quote Add User to Ignore List

How is Seize Network supposed to interact with Technomancers effectively being in contact range with anyone who is in their signal range?

Wouldn't this allow them to boot people out of their PAN even if they are using Datajacks?


Equipment Spotlight: Micro Transceivers
Click here to see the hidden message (It might contain spoilers)
Back to top
View user's profile Send private message
Quantumboost
Knight-Baron


Joined: 07 Mar 2008
Posts: 968

PostPosted: Mon Jul 28, 2008 5:16 pm    Post subject: Reply with quote Add User to Ignore List

Sma wrote:
Equipment Spotlight: Micro Transceivers
Click here to see the hidden message (It might contain spoilers)


If the transceiver has an hour's worth of key, listening to Joe for only a few minutes will let you decode the part that you already know - which is not particularly useful. One-time pads are unbreakable specifically because there is no correlation at all between any two parts of the key, and knowing one part of the message won't help you decode any other part.

You could get this to work if the key was shorter, such as a few minutes long, though - that brings you into ordinary symmetric encryption territory. If you have a long transmission (at least twice the key length) recorded, and you can listen in on some part of it, you have at least a chance of getting some meaningful information from it - and the more message you have, the better your chances.
Back to top
View user's profile Send private message
FrankTrollman
Serious Badass


Joined: 07 Mar 2008
Posts: 27288

PostPosted: Mon Jul 28, 2008 5:33 pm    Post subject: Reply with quote Add User to Ignore List

Quote:
How is Seize Network supposed to interact with Technomancers effectively being in contact range with anyone who is in their signal range?

Wouldn't this allow them to boot people out of their PAN even if they are using Datajacks?


Yep. Added text to make that clear.

-Frank
Back to top
View user's profile Send private message
Sma
Master


Joined: 07 Mar 2008
Posts: 269

PostPosted: Mon Jul 28, 2008 6:38 pm    Post subject: Reply with quote Add User to Ignore List

Quantumboost wrote:
If the transceiver has an hour's worth of key, listening to Joe for only a few minutes will let you decode the part that you already know - which is not particularly useful. One-time pads are unbreakable specifically because there is no correlation at all between any two parts of the key, and knowing one part of the message won't help you decode any other part.

You could get this to work if the key was shorter, such as a few minutes long, though - that brings you into ordinary symmetric encryption territory. If you have a long transmission (at least twice the key length) recorded, and you can listen in on some part of it, you have at least a chance of getting some meaningful information from it - and the more message you have, the better your chances.


You´re right, having OTP's that span multiple hours might be a tad long. Breaking transmissions encoded by a one time pad should be trivial enough to require no dice rolls, once you forced enough known plain text through the system.

Since everyone will most likely have a commlink anyway, transceivers are pretty much reserved for the highly paranoid users of paired cellphones or security guards breaking out the faraday suits. Attacking setups like these should require a certain amount of playtime investment while not bogging down the game.

Maybe simply going with a key length in minutes equal to the rating of the system will make for a decent resolution. Engaging your target in conversation for <rating> minutes, without making him suspicious, would allow you to either force a Con roll, or time the actual player.
Back to top
View user's profile Send private message
Manxome
Knight-Baron


Joined: 07 Mar 2008
Posts: 977

PostPosted: Mon Jul 28, 2008 6:40 pm    Post subject: Reply with quote Add User to Ignore List

Quantumboost wrote:
Sma wrote:
Equipment Spotlight: Micro Transceivers
Click here to see the hidden message (It might contain spoilers)


If the transceiver has an hour's worth of key, listening to Joe for only a few minutes will let you decode the part that you already know - which is not particularly useful. One-time pads are unbreakable specifically because there is no correlation at all between any two parts of the key, and knowing one part of the message won't help you decode any other part.

You could get this to work if the key was shorter, such as a few minutes long, though - that brings you into ordinary symmetric encryption territory. If you have a long transmission (at least twice the key length) recorded, and you can listen in on some part of it, you have at least a chance of getting some meaningful information from it - and the more message you have, the better your chances.


It's possible that the assumption is that you use a little bit of the OTP to exchange a symmetric key that you use for a while, then periodically burn a little more OTP for a new key, thereby allowing you to communicate relatively securely for a lot longer than pure OTP would allow. But if that's the idea, it's not at all clear from the description. Also, if you're taking steps to limit the number of times you need to update your OTP, forbidding the guard from using the secure line to order pizza would probably be pretty high on the list.

On a side note, why on earth would you trust a OTP preloaded on a mass-market product? Unless generating random noise is a serious problem for you, it seems like you'd much rather generate your own, especially because then the hardware could be designed to accept a OTP as input but never to divulge it as output or re-use it, and then you know that no one can steal your OTP off your transceiver without physically compromising the Farraday cage. If the device is designed to store a OTP and then transmit it to another device for synchronization, someone could presumably just order it to sync with their device and steal your entire OTP.

Sma wrote:
You´re right, having OTP's that span multiple hours might be a tad long. Breaking transmissions encoded by a one time pad should be trivial enough to require no dice rolls, once you forced enough known plain text through the system.


Um...I think you're confusing OTP and EUE. With EUE, if you know enough of the plaintext (where "enough" has not yet been rigorously defined), you can retrieve the key and read the entire message. OTP is unbreakable, period.


Last edited by Manxome on Mon Jul 28, 2008 6:43 pm; edited 2 times in total
Back to top
View user's profile Send private message
Sma
Master


Joined: 07 Mar 2008
Posts: 269

PostPosted: Mon Jul 28, 2008 7:51 pm    Post subject: Reply with quote Add User to Ignore List

I have used one time pads as a subset of EUE because it is easy to explain and thus works well in a movie style decryption paradigm. I steered clear of making up stuff for EUE since I wanted to the spotlight to be compatible with whatever Frank happens to have halfwritten on his harddrive.

So the assumption on how transceivers work is this:

- There´s a unbreakable key inside that will encrypt a certain length of transmitted speech.

- Getting the key is the only way to decrypt the transmission.

- Obtaining that key can either be done by accessing the hardware or by making a known plaintext attack.

And upon nowrereading the material that got posted this far I can´t find any mention of known plaintext attacks, teh hoops I was trying to jump through are moot, and I'll rewrite when I stop making up imaginary rules Smile
Back to top
View user's profile Send private message
Manxome
Knight-Baron


Joined: 07 Mar 2008
Posts: 977

PostPosted: Mon Jul 28, 2008 9:22 pm    Post subject: Reply with quote Add User to Ignore List

No, you didn't make up the known plaintext attack:

Passing Notes: Encryption, Reception, and Retransmission wrote:
In Shadowrun, an encryption scheme can be undone if one has both the encrypted and the unencrypted version of the message. This means that if one compromises the computer on either terminal end of a message relay, that the code itself is compromised. However, merely listening to the encrypted transmission is essentially worthless. Indeed, any number of devices can be along the chain and be compromised without endangering the code in any way. Each computer can take the encrypted information and pass it on, still encrypted, without understanding or changing the data in any way. It is only when one gets to a computer that actually composes the encrypted data or is intended to put the data into brain text or other usable format that a hardware compromise gives away the show.


The problem is that a one-time pad is used, well, once. If you have the plaintext and ciphertext encrypted with a OTP, you can indeed retrieve the key used--that's true even in 2008. But the part of the key you recover was only used to encrypt the particular message you already know; if the OTP is implemented correctly, that part of the key was thrown away after that message was sent and will never be used ever again, so knowing it dosn't help you.

Additionally, the encryption scheme and the key are perfectly decomposable, so if you have the plaintext for half of a message, that will get you half of the key--but that half of the key wasn't used in any way in encrypting the other half of the message. Every single bit of information is combined with a different bit of the key. You might be able to guess what the second half is likely to say based on what the first half said, but having the encrypted version of the second half doesn't help you in any way except to determine how long the message is. No matter how much of the message you know, you can't decrypt any other part of it, because you could decrypt the remaining message to anything at all (of the same length) if you chose the right bits for the remaining key.

It's entirely true that this is a game and ciphers don't have to follow the real-world rules, but there's no point in calling something a OTP if it actually has the security characteristics of EUE instead. And there's a big blurb in the rules about one-time pads and how they're totally unbreakable.


Additionally, I don't see anything putting a length limit on the text you can transmit under EUE. Most (real-world) ciphers allow you to encrypt arbitrary-length messages safely, and EUE is supposed to be used for high-density signals, so I imagine the cut-off can't be very low without seriously impacting its usefulness. So if the transceiver is actually using EUE, and not a OTP, I don't see why there should be any practical limit to the amount of data you can send through (though someone who overhears some of the data will be able to recover the key and decrypt all of it, as per the rules quoted above).

Though, in order to apply that rule rigorously, you do need some sort of cut-off for the amount of plaintext you need and how long it takes to retrieve the key (and maybe an inverse relationship between the two). But those parameters can be almost anything you want, as long as the players know what they are.
Back to top
View user's profile Send private message
FrankTrollman
Serious Badass


Joined: 07 Mar 2008
Posts: 27288

PostPosted: Thu Jul 31, 2008 1:39 am    Post subject: Reply with quote Add User to Ignore List

Does anyone feel that any of the Sprites are over/under powered?

-Frank
Back to top
View user's profile Send private message
Sma
Master


Joined: 07 Mar 2008
Posts: 269

PostPosted: Thu Jul 31, 2008 2:33 pm    Post subject: Reply with quote Add User to Ignore List

The Crack Sprite pretty much is a must have,because it comes preloaded with Jedi Trick Master Control and Ostraka and can be given Misplace as well. Since this is Shadowrun having a Sprite that allows you open doors, spoof cameras and steal cars seems like a no brainer.

I don´t think this is bad though, because the alternative of having to switch between sprites whenever the task goes from "open door" to "turn camera off" would be worse.

One thing that just now sunk in, is that in this iteration technomancers seem to use resonance + skill for all CF's and Programs.

Since the assumption is that a starting hacker should have dicepools of 11 and you´re limited to getting 2 skills to 5 at character creation I don´t see how a technomancer is supposed to accomplish that.

Also it leaves him in the odd spot where a mage might actually benefit from implants more than a technomancer.

Quick and dirty Human Technomancer
B 3 A 3 R 3 S 2 C 4 I 5 L 5 W 5 Res 5
200 BP in attributes
40 BP Resonance
Cracking Group 4, Electronics Group 4, Tasking 4, +1 for two skills
128 CF's

This leaves him with 32 Points to buy CF's and the stuff like a vehicle, social skills and dodge.

He still walks in with dicepools averaging nine, and that's his specialty.

He´d probably better off ditching everything but Tasking & Resonance and playing what basically ends up being a summoner, with a few matrix effects.

That's certainly a valid archetype, but if it is the only really viable one, it probably bears a mention in the Technomancer chapter.

Also it would require a mention of how Cyberware that affects <Attribute> based skills works when you´re not using that attribute in conjunction with a skill anymore.
Back to top
View user's profile Send private message
FrankTrollman
Serious Badass


Joined: 07 Mar 2008
Posts: 27288

PostPosted: Thu Jul 31, 2008 4:08 pm    Post subject: Reply with quote Add User to Ignore List

The first thing to note is that the character you list actually has too high starting attributes. Best you can do with three fives and a 4 is three 2s and a 3. Starting attribute caps for regular stats are pretty harsh.
But starting caps for Resonance are not. It's a special stat, so it can just do its things. While you are likely to run around with a Logic, Intuition, and Willpower of 4, you can have a Resonance of 6 - so you can easily be throwing 10 dice on all Complex Forms.

-Frank
Back to top
View user's profile Send private message
Sma
Master


Joined: 07 Mar 2008
Posts: 269

PostPosted: Thu Jul 31, 2008 5:19 pm    Post subject: Reply with quote Add User to Ignore List

So TM throwing less dice when doing things on their own is in there to balance out the sprites ?
Back to top
View user's profile Send private message
FrankTrollman
Serious Badass


Joined: 07 Mar 2008
Posts: 27288

PostPosted: Thu Jul 31, 2008 5:48 pm    Post subject: Reply with quote Add User to Ignore List

Sma wrote:
So TM throwing less dice when doing things on their own is in there to balance out the sprites ?


That's the hope, yeah. They don't throw a lot less dice, but they have more stats and more skills to worry about. In exchange they get extra forms and access to Sprites. I think it's contingent which one you'd rather be, which is ideal.

Edit:[b/] Oh, and the Technomancers are up.

-Frank


Last edited by FrankTrollman on Fri Aug 01, 2008 1:27 am; edited 1 time in total
Back to top
View user's profile Send private message
FrankTrollman
Serious Badass


Joined: 07 Mar 2008
Posts: 27288

PostPosted: Sat Aug 02, 2008 11:07 pm    Post subject: Reply with quote Add User to Ignore List

OK dokey. Now it's up save for the editing, the Dumpshock version can be seen over here:

http://forums.dumpshock.com/index.php?showtopic=23034

-Frank
Back to top
View user's profile Send private message
Surgo
Duke


Joined: 07 Mar 2008
Posts: 1888

PostPosted: Sun Aug 03, 2008 12:12 am    Post subject: Reply with quote Add User to Ignore List

Shall I PDF it up, then? (Next week that is.)
_________________
http://www.dnd-wiki.org -- the wiki
Back to top
View user's profile Send private message
Draco_Argentum
Duke


Joined: 07 Mar 2008
Posts: 2435

PostPosted: Sun Aug 03, 2008 9:36 am    Post subject: Reply with quote Add User to Ignore List

Dumpshock post truncates some paragraphs. Wireless Terrain and Technomancers from my read through of the non mechanical section. I haven't read the mechanics yet.
Back to top
View user's profile Send private message
Eyeless Blond
NPC


Joined: 03 Aug 2008
Posts: 4

PostPosted: Sun Aug 03, 2008 1:04 pm    Post subject: Reply with quote Add User to Ignore List

((Popping over from the DS forum))

Heh, I loved this the first time I saw it; I love it today. Haven't gotten through all the revisions, so I'll keep this brief:

Some quick editing highlights:
Click here to see the hidden message (It might contain spoilers)



Responding to: "Getting the Most of your Datajack"
Click here to see the hidden message (It might contain spoilers)


Veracity:
Click here to see the hidden message (It might contain spoilers)
Back to top
View user's profile Send private message
FrankTrollman
Serious Badass


Joined: 07 Mar 2008
Posts: 27288

PostPosted: Sun Aug 03, 2008 4:18 pm    Post subject: Reply with quote Add User to Ignore List

Thank you. Yeah, this document still needs some editing, and I getting pointed to the places where that needs to be done is incredibly helpful. It's really hard to edit your own material because your brain "knows" what it's supposed to say and then fills in the right information even if it isn't actually there.

-Frank
Back to top
View user's profile Send private message
RiotGearEpsilon
Knight


Joined: 08 Jun 2008
Posts: 468
Location: Cambridge, Massachusetts

PostPosted: Sun Aug 03, 2008 8:22 pm    Post subject: Reply with quote Add User to Ignore List

How much does it cost to get a faraday hat or headjammer?
Back to top
View user's profile Send private message AIM Address
Eyeless Blond
NPC


Joined: 03 Aug 2008
Posts: 4

PostPosted: Sun Aug 03, 2008 8:46 pm    Post subject: Reply with quote Add User to Ignore List

Wouldn't you need a Faraday suit instead of hat? Unless you wanted to cut off your head, your neck still provides a fairly large "hole" in the cage, even if you did go all Cobra Commando with the facemask.
Back to top
View user's profile Send private message
Orion
Prince


Joined: 07 Mar 2008
Posts: 3624

PostPosted: Sun Aug 03, 2008 9:46 pm    Post subject: Reply with quote Add User to Ignore List

Sorry to derail the thread, but I'm starting a game soon ad I wanted to know:

What is your opinion on Geasa for Adepts? It's listed as an optional rle in Street Magic. I feel inclined ot allow it, since Adepts aren't exactly overpowered, but it seems like such straight power creep I'm a little dubious. Also, many geasa work weirdly. Gesture geas doesn't even make sense for Improved Unarmed, say, and an incantation geas is no real penalty if you take it for a conspicuous power.
Back to top
View user's profile Send private message
ludomastro
Apprentice


Joined: 03 Aug 2008
Posts: 87

PostPosted: Sun Aug 03, 2008 11:22 pm    Post subject: Reply with quote Add User to Ignore List

Hello again Frank.

I posted in your other Matrix thread (it's a sticky currently) but wasn't sure which one is active.

Just stopping by to say hello and good work on the writeup. I might actually play the Matrix in my games now rather than have it be so much hand waving and NPC action.

ludomastro
(Alex on DS)
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    The Gaming Den Forum Index -> In My Humble Opinion... All times are GMT
Goto page Previous  1, 2, 3, ... 21, 22, 23  Next
Page 2 of 23

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum




Powered by phpBB © 2001, 2005 phpBB Group