The Ends v4.01

General questions, debates, and rants about RPGs

Moderator: Moderators

zeruslord
Knight-Baron
Posts: 601
Joined: Fri Mar 07, 2008 7:54 pm

Post by zeruslord »

The key weakness of Asymmetric Code is that by its very nature anyone who really wants to can have both plain text and encrypted text of their choice. Simply take plain text of your choice and encrypt it with the public version and you can do “math” to decrypt it out and have what is essentially the private key. Oh snap.
You seem to have forgotten the paragraph above this. While this is theoretically possible, it should be in the realm of the quote at the top
“We estimate that we can crack this faster by waiting a few years for computers to become faster and then starting the project on the new generation of machines.”
Anybody worth spoofing will change their key faster than Moore's law can mess it up. You still might be able to get keys by directly hacking into whatever they use to do their decryption, but the "math" is a truly enormous pain. Even then, you assume a known algorithm, which may not be true. Overall, near perfect encryption is possible, and impersonation would just take too damn long.
Quantumboost
Knight-Baron
Posts: 968
Joined: Fri Mar 07, 2008 7:54 pm

Post by Quantumboost »

zeruslord wrote:
The key weakness of Asymmetric Code is that by its very nature anyone who really wants to can have both plain text and encrypted text of their choice. Simply take plain text of your choice and encrypt it with the public version and you can do “math” to decrypt it out and have what is essentially the private key. Oh snap.
You seem to have forgotten the paragraph above this. While this is theoretically possible, it should be in the realm of the quote at the top
“We estimate that we can crack this faster by waiting a few years for computers to become faster and then starting the project on the new generation of machines.”
Anybody worth spoofing will change their key faster than Moore's law can mess it up. You still might be able to get keys by directly hacking into whatever they use to do their decryption, but the "math" is a truly enormous pain. Even then, you assume a known algorithm, which may not be true. Overall, near perfect encryption is possible, and impersonation would just take too damn long.
While an accurate assessment of the current state of affairs, there are things that could happen between 2007 and 2071 that could easily make asymmetric doable in real-time with Matrix-reasonable processing power. For instance, if it turns out that P = NP, then it becomes possible to break modern (as in modern key size) asymmetric encryption [edit]in a reasonable amount of time[/edit] even with current hardware. Cracking an asymmetric key scheme is a matter of what mathematics looks like in 2071, and we don't *know* what that looks like, so we can have it look like several possible things, some of which may be more or less advantageous for gameplay.
Last edited by Quantumboost on Sat Jul 26, 2008 4:31 am, edited 1 time in total.
User avatar
CatharzGodfoot
King
Posts: 5668
Joined: Fri Mar 07, 2008 7:54 pm
Location: North Carolina

Post by CatharzGodfoot »

Quantumboost wrote:For instance, if it turns out that P = NP
:rofl:

I suppose that P could equal NP in a world where people summon fire elementals on a daily basis.
Manxome
Knight-Baron
Posts: 977
Joined: Fri Mar 07, 2008 7:54 pm

Post by Manxome »

zeruslord wrote:
The key weakness of Asymmetric Code is that by its very nature anyone who really wants to can have both plain text and encrypted text of their choice. Simply take plain text of your choice and encrypt it with the public version and you can do “math” to decrypt it out and have what is essentially the private key. Oh snap.
You seem to have forgotten the paragraph above this. While this is theoretically possible, it should be in the realm of the quote at the top
“We estimate that we can crack this faster by waiting a few years for computers to become faster and then starting the project on the new generation of machines.”
Anybody worth spoofing will change their key faster than Moore's law can mess it up. You still might be able to get keys by directly hacking into whatever they use to do their decryption, but the "math" is a truly enormous pain. Even then, you assume a known algorithm, which may not be true. Overall, near perfect encryption is possible, and impersonation would just take too damn long.
Yeah, that part kind of threw me for a loop when I first read it, too. But you need to take a look at this part:
A Note on Cryptographic Realism wrote:Real world cryptography and code breaking in 2008 revolves around incredibly intensive mathematical analysis and exploitations of technical weaknesses and user error. This is a fascinating field and incredibly non-photogenic. This means that it's the kind of thing that makes a very bad game, because it is almost impossible to describe the action in a way that is in any way comprehensible or cool. I mean basically it would largely come down to people rolling some kind of dice to determine if the security spiders or some non-security conscious user had made some bone headed mistake and then making more die rolls to see if the player could find that mistake and exploit it. You seriously might as well flip coins to see if you win or not, because nothing the player describes their actions as will make any difference to such a system.

In the interests of playability, the weaknesses of computers have been standardized. If you can project high density signal into a computer, you can manipulate it on the hardware level. And if you have access to both the plain text (or brain text) and the encrypted text version of a message you can break the code. Other weaknesses are assumed to not exist. This is admittedly and specifically an abstraction, but it makes the action so much cooler looking and the game so much more accessible to non-mathematicians that the sacrifice is well worth it.
(Emphasis added.)

We are explicitly assuming (in defiance of all modern precedent) that any known plaintext gives you an automatic break of Shadowrun ciphers. Given that assumption, the conclusion that all asymmetric encryption is easily breakable is definitely accurate.

It's not terribly realistic, but for purposes of a game, I think it's a clever rule. Encryption is still useful, but people also have to do cloak-and-dagger stuff to exchange keys, and players have a plausible way to break it that depends on factors that are understandable to a non-mathematician.

And yes, it means there's no asymmetric encryption that you care about (probably; depends how long the "math" takes). But if there was robust asymmetric encryption, you'd just always use that to exchange your symmetric keys (like people do in real life) and then the weakness might as well not exist at all.
Sma
Master
Posts: 273
Joined: Fri Mar 07, 2008 7:54 pm

Post by Sma »

How is Seize Network supposed to interact with Technomancers effectively being in contact range with anyone who is in their signal range?

Wouldn't this allow them to boot people out of their PAN even if they are using Datajacks?


Equipment Spotlight: Micro Transceivers
Transceivers are the 2070's descendants of modern day digital radios and cell phones. They only transmit on low density signal and usually come preloaded with a hundred hours of pregenerated one time pads. The processing unit is housed in a sealed faraday cage making the keys invulnerable to direct tampering, though nothing stops you from shutting them down by burning out or jamming the transmission array.
The Transceivers need to be linked up before use to can share their keys. Once that is done they then can provide essentially unbreakable audio communication. The only way to break that communication would be to have them transmit a known signal and recording the encrypted output and cross-referencing both. So if you can eavesdrop on Joe Security Guard while he orders his pizza over the secure comm network, you can listen in until they share a new key. Grabbing one and breaking it open of course also works.
Keep in mind though since the Transceivers operates on low signal only and is a sealed unit it cannot be used to provide signal defense or firewall for a brain.
Quantumboost
Knight-Baron
Posts: 968
Joined: Fri Mar 07, 2008 7:54 pm

Post by Quantumboost »

Sma wrote:Equipment Spotlight: Micro Transceivers
Transceivers are the 2070's descendants of modern day digital radios and cell phones. They only transmit on low density signal and usually come preloaded with a hundred hours of pregenerated one time pads. The processing unit is housed in a sealed faraday cage making the keys invulnerable to direct tampering, though nothing stops you from shutting them down by burning out or jamming the transmission array.
The Transceivers need to be linked up before use to can share their keys. Once that is done they then can provide essentially unbreakable audio communication. The only way to break that communication would be to have them transmit a known signal and recording the encrypted output and cross-referencing both. So if you can eavesdrop on Joe Security Guard while he orders his pizza over the secure comm network, you can listen in until they share a new key. Grabbing one and breaking it open of course also works.
Keep in mind though since the Transceivers operates on low signal only and is a sealed unit it cannot be used to provide signal defense or firewall for a brain.
If the transceiver has an hour's worth of key, listening to Joe for only a few minutes will let you decode the part that you already know - which is not particularly useful. One-time pads are unbreakable specifically because there is no correlation at all between any two parts of the key, and knowing one part of the message won't help you decode any other part.

You could get this to work if the key was shorter, such as a few minutes long, though - that brings you into ordinary symmetric encryption territory. If you have a long transmission (at least twice the key length) recorded, and you can listen in on some part of it, you have at least a chance of getting some meaningful information from it - and the more message you have, the better your chances.
Username17
Serious Badass
Posts: 29894
Joined: Fri Mar 07, 2008 7:54 pm

Post by Username17 »

How is Seize Network supposed to interact with Technomancers effectively being in contact range with anyone who is in their signal range?

Wouldn't this allow them to boot people out of their PAN even if they are using Datajacks?
Yep. Added text to make that clear.

-Username17
Sma
Master
Posts: 273
Joined: Fri Mar 07, 2008 7:54 pm

Post by Sma »

Quantumboost wrote:If the transceiver has an hour's worth of key, listening to Joe for only a few minutes will let you decode the part that you already know - which is not particularly useful. One-time pads are unbreakable specifically because there is no correlation at all between any two parts of the key, and knowing one part of the message won't help you decode any other part.

You could get this to work if the key was shorter, such as a few minutes long, though - that brings you into ordinary symmetric encryption territory. If you have a long transmission (at least twice the key length) recorded, and you can listen in on some part of it, you have at least a chance of getting some meaningful information from it - and the more message you have, the better your chances.
You´re right, having OTP's that span multiple hours might be a tad long. Breaking transmissions encoded by a one time pad should be trivial enough to require no dice rolls, once you forced enough known plain text through the system.

Since everyone will most likely have a commlink anyway, transceivers are pretty much reserved for the highly paranoid users of paired cellphones or security guards breaking out the faraday suits. Attacking setups like these should require a certain amount of playtime investment while not bogging down the game.

Maybe simply going with a key length in minutes equal to the rating of the system will make for a decent resolution. Engaging your target in conversation for <rating> minutes, without making him suspicious, would allow you to either force a Con roll, or time the actual player.
Manxome
Knight-Baron
Posts: 977
Joined: Fri Mar 07, 2008 7:54 pm

Post by Manxome »

Quantumboost wrote:
Sma wrote:Equipment Spotlight: Micro Transceivers
Transceivers are the 2070's descendants of modern day digital radios and cell phones. They only transmit on low density signal and usually come preloaded with a hundred hours of pregenerated one time pads. The processing unit is housed in a sealed faraday cage making the keys invulnerable to direct tampering, though nothing stops you from shutting them down by burning out or jamming the transmission array.
The Transceivers need to be linked up before use to can share their keys. Once that is done they then can provide essentially unbreakable audio communication. The only way to break that communication would be to have them transmit a known signal and recording the encrypted output and cross-referencing both. So if you can eavesdrop on Joe Security Guard while he orders his pizza over the secure comm network, you can listen in until they share a new key. Grabbing one and breaking it open of course also works.
Keep in mind though since the Transceivers operates on low signal only and is a sealed unit it cannot be used to provide signal defense or firewall for a brain.
If the transceiver has an hour's worth of key, listening to Joe for only a few minutes will let you decode the part that you already know - which is not particularly useful. One-time pads are unbreakable specifically because there is no correlation at all between any two parts of the key, and knowing one part of the message won't help you decode any other part.

You could get this to work if the key was shorter, such as a few minutes long, though - that brings you into ordinary symmetric encryption territory. If you have a long transmission (at least twice the key length) recorded, and you can listen in on some part of it, you have at least a chance of getting some meaningful information from it - and the more message you have, the better your chances.
It's possible that the assumption is that you use a little bit of the OTP to exchange a symmetric key that you use for a while, then periodically burn a little more OTP for a new key, thereby allowing you to communicate relatively securely for a lot longer than pure OTP would allow. But if that's the idea, it's not at all clear from the description. Also, if you're taking steps to limit the number of times you need to update your OTP, forbidding the guard from using the secure line to order pizza would probably be pretty high on the list.

On a side note, why on earth would you trust a OTP preloaded on a mass-market product? Unless generating random noise is a serious problem for you, it seems like you'd much rather generate your own, especially because then the hardware could be designed to accept a OTP as input but never to divulge it as output or re-use it, and then you know that no one can steal your OTP off your transceiver without physically compromising the Farraday cage. If the device is designed to store a OTP and then transmit it to another device for synchronization, someone could presumably just order it to sync with their device and steal your entire OTP.
Sma wrote:You´re right, having OTP's that span multiple hours might be a tad long. Breaking transmissions encoded by a one time pad should be trivial enough to require no dice rolls, once you forced enough known plain text through the system.
Um...I think you're confusing OTP and EUE. With EUE, if you know enough of the plaintext (where "enough" has not yet been rigorously defined), you can retrieve the key and read the entire message. OTP is unbreakable, period.
Last edited by Manxome on Mon Jul 28, 2008 6:43 pm, edited 2 times in total.
Sma
Master
Posts: 273
Joined: Fri Mar 07, 2008 7:54 pm

Post by Sma »

I have used one time pads as a subset of EUE because it is easy to explain and thus works well in a movie style decryption paradigm. I steered clear of making up stuff for EUE since I wanted to the spotlight to be compatible with whatever Frank happens to have halfwritten on his harddrive.

So the assumption on how transceivers work is this:

- There´s a unbreakable key inside that will encrypt a certain length of transmitted speech.

- Getting the key is the only way to decrypt the transmission.

- Obtaining that key can either be done by accessing the hardware or by making a known plaintext attack.

And upon nowrereading the material that got posted this far I can´t find any mention of known plaintext attacks, teh hoops I was trying to jump through are moot, and I'll rewrite when I stop making up imaginary rules :)
Manxome
Knight-Baron
Posts: 977
Joined: Fri Mar 07, 2008 7:54 pm

Post by Manxome »

No, you didn't make up the known plaintext attack:
Passing Notes: Encryption, Reception, and Retransmission wrote:In Shadowrun, an encryption scheme can be undone if one has both the encrypted and the unencrypted version of the message. This means that if one compromises the computer on either terminal end of a message relay, that the code itself is compromised. However, merely listening to the encrypted transmission is essentially worthless. Indeed, any number of devices can be along the chain and be compromised without endangering the code in any way. Each computer can take the encrypted information and pass it on, still encrypted, without understanding or changing the data in any way. It is only when one gets to a computer that actually composes the encrypted data or is intended to put the data into brain text or other usable format that a hardware compromise gives away the show.
The problem is that a one-time pad is used, well, once. If you have the plaintext and ciphertext encrypted with a OTP, you can indeed retrieve the key used--that's true even in 2008. But the part of the key you recover was only used to encrypt the particular message you already know; if the OTP is implemented correctly, that part of the key was thrown away after that message was sent and will never be used ever again, so knowing it dosn't help you.

Additionally, the encryption scheme and the key are perfectly decomposable, so if you have the plaintext for half of a message, that will get you half of the key--but that half of the key wasn't used in any way in encrypting the other half of the message. Every single bit of information is combined with a different bit of the key. You might be able to guess what the second half is likely to say based on what the first half said, but having the encrypted version of the second half doesn't help you in any way except to determine how long the message is. No matter how much of the message you know, you can't decrypt any other part of it, because you could decrypt the remaining message to anything at all (of the same length) if you chose the right bits for the remaining key.

It's entirely true that this is a game and ciphers don't have to follow the real-world rules, but there's no point in calling something a OTP if it actually has the security characteristics of EUE instead. And there's a big blurb in the rules about one-time pads and how they're totally unbreakable.


Additionally, I don't see anything putting a length limit on the text you can transmit under EUE. Most (real-world) ciphers allow you to encrypt arbitrary-length messages safely, and EUE is supposed to be used for high-density signals, so I imagine the cut-off can't be very low without seriously impacting its usefulness. So if the transceiver is actually using EUE, and not a OTP, I don't see why there should be any practical limit to the amount of data you can send through (though someone who overhears some of the data will be able to recover the key and decrypt all of it, as per the rules quoted above).

Though, in order to apply that rule rigorously, you do need some sort of cut-off for the amount of plaintext you need and how long it takes to retrieve the key (and maybe an inverse relationship between the two). But those parameters can be almost anything you want, as long as the players know what they are.
Username17
Serious Badass
Posts: 29894
Joined: Fri Mar 07, 2008 7:54 pm

Post by Username17 »

Does anyone feel that any of the Sprites are over/under powered?

-Username17
Sma
Master
Posts: 273
Joined: Fri Mar 07, 2008 7:54 pm

Post by Sma »

The Crack Sprite pretty much is a must have,because it comes preloaded with Jedi Trick Master Control and Ostraka and can be given Misplace as well. Since this is Shadowrun having a Sprite that allows you open doors, spoof cameras and steal cars seems like a no brainer.

I don´t think this is bad though, because the alternative of having to switch between sprites whenever the task goes from "open door" to "turn camera off" would be worse.

One thing that just now sunk in, is that in this iteration technomancers seem to use resonance + skill for all CF's and Programs.

Since the assumption is that a starting hacker should have dicepools of 11 and you´re limited to getting 2 skills to 5 at character creation I don´t see how a technomancer is supposed to accomplish that.

Also it leaves him in the odd spot where a mage might actually benefit from implants more than a technomancer.

Quick and dirty Human Technomancer
B 3 A 3 R 3 S 2 C 4 I 5 L 5 W 5 Res 5
200 BP in attributes
40 BP Resonance
Cracking Group 4, Electronics Group 4, Tasking 4, +1 for two skills
128 CF's

This leaves him with 32 Points to buy CF's and the stuff like a vehicle, social skills and dodge.

He still walks in with dicepools averaging nine, and that's his specialty.

He´d probably better off ditching everything but Tasking & Resonance and playing what basically ends up being a summoner, with a few matrix effects.

That's certainly a valid archetype, but if it is the only really viable one, it probably bears a mention in the Technomancer chapter.

Also it would require a mention of how Cyberware that affects <Attribute> based skills works when you´re not using that attribute in conjunction with a skill anymore.
Username17
Serious Badass
Posts: 29894
Joined: Fri Mar 07, 2008 7:54 pm

Post by Username17 »

The first thing to note is that the character you list actually has too high starting attributes. Best you can do with three fives and a 4 is three 2s and a 3. Starting attribute caps for regular stats are pretty harsh.
But starting caps for Resonance are not. It's a special stat, so it can just do its things. While you are likely to run around with a Logic, Intuition, and Willpower of 4, you can have a Resonance of 6 - so you can easily be throwing 10 dice on all Complex Forms.

-Username17
Sma
Master
Posts: 273
Joined: Fri Mar 07, 2008 7:54 pm

Post by Sma »

So TM throwing less dice when doing things on their own is in there to balance out the sprites ?
Username17
Serious Badass
Posts: 29894
Joined: Fri Mar 07, 2008 7:54 pm

Post by Username17 »

Sma wrote:So TM throwing less dice when doing things on their own is in there to balance out the sprites ?
That's the hope, yeah. They don't throw a lot less dice, but they have more stats and more skills to worry about. In exchange they get extra forms and access to Sprites. I think it's contingent which one you'd rather be, which is ideal.

Edit:[b/] Oh, and the Technomancers are up.

-Username17
Last edited by Username17 on Fri Aug 01, 2008 1:27 am, edited 1 time in total.
Username17
Serious Badass
Posts: 29894
Joined: Fri Mar 07, 2008 7:54 pm

Post by Username17 »

OK dokey. Now it's up save for the editing, the Dumpshock version can be seen over here:

http://forums.dumpshock.com/index.php?showtopic=23034

-Username17
Surgo
Duke
Posts: 1924
Joined: Fri Mar 07, 2008 7:54 pm

Post by Surgo »

Shall I PDF it up, then? (Next week that is.)
Draco_Argentum
Duke
Posts: 2434
Joined: Fri Mar 07, 2008 7:54 pm

Post by Draco_Argentum »

Dumpshock post truncates some paragraphs. Wireless Terrain and Technomancers from my read through of the non mechanical section. I haven't read the mechanics yet.
Eyeless Blond
NPC
Posts: 4
Joined: Sun Aug 03, 2008 12:51 pm

Post by Eyeless Blond »

((Popping over from the DS forum))

Heh, I loved this the first time I saw it; I love it today. Haven't gotten through all the revisions, so I'll keep this brief:

Some quick editing highlights:
Within the game of Shadowrun the player characters drill holes into their heads in order to create a good mind/machine interface so that they can better hack into secure computer systems while running around cyber ninja style so that they can complete espionage missions and go back to the seedy dives that they that live in...
Because while when you or I are sitting down to write a novel we can have the characters do any part of that simply by typing a sentence that says that do, in a cooperative storytelling game it is nowhere near that easy.

Responding to: "Getting the Most of your Datajack"
You seem to have one reason in your flavor text, and a different reason in your example, for why someone would get a display link. The flavor text spells out that building a visual overlay in brain text is simply considered inellegant and resource-consuming (in which case how is VR any better, since you're overwriting considerably more than just visuals there), while the example text spells it out as increased security for the non-datajacked (as the non-jacked are reading what we assume to be encrypted machinespeak off of their glasses instead of unencrypted braintext). I prefer the example over the flavor text, as it actually makes sense and doesn't require end-users accepting the value judgements of computer experts.
Veracity:
Loved this the first time I read it; love it today. It's just so... so cyberpunk to have Truth be nothing more than what everyone else knows about you.
Username17
Serious Badass
Posts: 29894
Joined: Fri Mar 07, 2008 7:54 pm

Post by Username17 »

Thank you. Yeah, this document still needs some editing, and I getting pointed to the places where that needs to be done is incredibly helpful. It's really hard to edit your own material because your brain "knows" what it's supposed to say and then fills in the right information even if it isn't actually there.

-Username17
RiotGearEpsilon
Knight
Posts: 469
Joined: Sun Jun 08, 2008 3:39 am
Location: Cambridge, Massachusetts

Post by RiotGearEpsilon »

How much does it cost to get a faraday hat or headjammer?
Eyeless Blond
NPC
Posts: 4
Joined: Sun Aug 03, 2008 12:51 pm

Post by Eyeless Blond »

Wouldn't you need a Faraday suit instead of hat? Unless you wanted to cut off your head, your neck still provides a fairly large "hole" in the cage, even if you did go all Cobra Commando with the facemask.
User avatar
Orion
Prince
Posts: 3756
Joined: Fri Mar 07, 2008 7:54 pm

Post by Orion »

Sorry to derail the thread, but I'm starting a game soon ad I wanted to know:

What is your opinion on Geasa for Adepts? It's listed as an optional rle in Street Magic. I feel inclined ot allow it, since Adepts aren't exactly overpowered, but it seems like such straight power creep I'm a little dubious. Also, many geasa work weirdly. Gesture geas doesn't even make sense for Improved Unarmed, say, and an incantation geas is no real penalty if you take it for a conspicuous power.
ludomastro
Apprentice
Posts: 87
Joined: Sun Aug 03, 2008 10:19 pm

Post by ludomastro »

Hello again Frank.

I posted in your other Matrix thread (it's a sticky currently) but wasn't sure which one is active.

Just stopping by to say hello and good work on the writeup. I might actually play the Matrix in my games now rather than have it be so much hand waving and NPC action.

ludomastro
(Alex on DS)
Post Reply