We can argue all day about whether secure money is possible without decent dynamic crypto.
I tend to suspect that if the number of nodes (not combinations, just nodes) is reasonably limited, and if traffic monitoring is practical, then the system is probably broken.

But it doesn't matter.

The assumption we are making is that the financial system works.
We also are assuming that credsitcks are, for some reason, hard to break.
And we are assuming that hackers can get into lots of things, and find lots of useful information.

These assumptions are necessary for anything resembling the game world to work.
They are probably also actually mutually inconsistent.
But, frankly, I am more interested in playing the game than in playing amateur cryptographer. And I have no interest in trying to get a security professional to audit / analyze the assumptions and conclusions of the system. I am sure that the system is, in a formal sense, broken.
So that means that trying to craft more secure techniques is probably a bad idea. We have to live with what is written, and reasonably small generalizations from that. (If wiring things together works in one context, it better work in others.)

I sure as heck don't want to try to get into how they manage key exchange, key refresh, and key revocation without dynamic crypto. But it has to somehow work.

I am actually a bit concerned about the magic side of this same question. The spell design system in street magic allows for a lot of spells not thought of by the devs. That is neat. But like generalizing the matrix security, it is almost certainly subject to breaking the structure. (Yes, the GM can be careful about what he allows. There are still going to be surprises. And there is also the fact that the GM is probably going to have to sometimes say "sorry, not allowed" when there is no good reason, when someone comes up with something that is too strong. Remember that gam e balance is an important concept to us, but irrelevant to meta-physics. Reality is not game balanced.)

Joel

So... they're crowdsourcing financial verification?

That. Is. AWESOME.

Is something borken because you don't know exactly how it works?
Do you know how you work?
Are you borken?

If there is one case where it might be borken, does this mean it must be borken in all cases?

Are all things which can be borken always borkened?

Up until it's actually borkened, things tend to work just fine... is it an acceptable lifecycle?

I think Unwired refers to "new math" from the Crash2 virus that cracks algorithms like rock candy, which is essentially what I did in my game. Encryption is now a nuisance on par with current WEP security on WiFi. It acts like the flimsy lock on a screen door; breaking it proves you have criminal intent.



Short answer now is multiple connections. I figure credsticks are like the "fob" one time key generators. As long as the credstick doesn't get tapped too often, there's not enough of a dataset to "decrypt" the key generation. If a hacker has to sniff and decrypt 3 datafeeds simultaneously, the transaction can outrun the hacker.




Same way you do today: traffic analysis. You start refusing connections, particularly at a gateway level. Local security could use a fiber optic connection to root out agents once all the external connections are closed.

Of course my house rule is that each agent needs their own user account. If you want 24 Smiths to attack Renraku, you need to either have 24 user accounts or have the 24 begin hacking their way in. The odds of triggering an alert go waay up then. If you're just trying to DDOS them then that's fine.



Primarily by disabling connections to any other network. Then a hacker a) has to find a hidden connection, b) break the encryption, c) analyze the rigger's Persona and d) start issuing spoof commands. I often set drones down to the minimal signal level required to operate. In really stealthy operations, the drones are assigned to people on the intrusion team (mage's like having mechanical bodyguards) so that the signal level can be 0 or 1.

Outside of runs I strap a rating 1 comm operating in public mode to vehicles or drones expected to meet legit challenges and it handles the "paperwork."

I also install a LOT of databombs. Sure, you can spoof a command to add your Comm to my vehicle's subscription list. But then you've got to defuse the r:5 databomb to issue it any commands directly without taking some damage and letting me know someone's on my net. So their option is to continue spoofing, which is not a zero risk operation.

Even IRL, hacking an encryption can take 5 minutes or five hours. All those articles you read in the news about new encryption methods developed over time can apply in SR as well.

Look at it this way, most hackers can break 32-bit encryption in less than 1/2 an hour, 64-bit in less than 6 hours, and 128-bit in less than 2 days. It depends on the encryption method as well, but apply that to the tech in SR4 and you see how it would be possible to hack a node in a single round, especially considering most places employ similar if not the same encryption and coding software.

If you can break a 128 bit in less than 2 days you can break a 64 bit in a milliseconds. You need 2^127 tries to break a 128 bit code (on average). You need 2^63 tries to break a 64 bit code. It's 18 sextrillion times harder to break a 128 bit code then a 64 bit code. (18,446,744,073,709,551,616 to be precise). It's only 4 billion times harder to break a 64 bit code than a 32 bit code.

The amount of computing power this implies (ignoring the violation of the laws of thermodynamics) is pretty astonishing.

There's always a bigger number.

I should have added that I am not the hacker doing this. At a conference I attended there was a competition to see if developers, coders and hackers (there is a difference) could crack different levels on encryption. One person was able to crack 64-bit encryption (I believe it was a type called Blowfish) in 12 minutes. I was stunned, but I do know it's possible.

I will also grant that these folks had some powerful computing power. I'm not sure which law of thermodynamics would be violated as matter was neither created nor destroyed, the rule of entropy was followed, and no one approached absolute zero at any point.

Remember, just like our characters, real hackers have developed programs and schemas that work for them and cut time down drastically.

It's complex, but here's the most readable analysis I've seen, from Robert J Hansen.

"Entropy is a measure of the statistical disorder of a system. In physics, disorder manifests itself as heat. Something that’s hot is in a much, much more disordered state than something that’s cold. In computer science, disorder manifests itself as…

"…heat.

"This is something that stunned Claude Shannon when he discovered it. He was trying to figure out a way to measure the information content of telephone lines, and the equations he kept on discovering looked very familiar. Shannon eventually called it “entropy�, just because the equations were the same as the physics equations for entropy. Shannon’s discovery was that information and “entropy� were opposite sides of the same coin: an increase in one necessarily involved a decrease in the other.

"What nobody disagrees on, though, are the real–world implications: that every single time you discard information, you have to pay a cost in heat. Period. End of sentence.

"This number is very, very small, but it’s not zero. Every single time you lose a bit of information, you pay kT ln 2 joules of energy. That’s how much energy has to leak from the system with every single bit of information that’s lost.

"This is an incredibly small amount—about 10^-23 joules per bitflip. By comparison, a car battery puts out about 10^26 times that each and every second. That’s a huge difference, just mind–blowingly huge. Most people think we can just ignore the Landauer Bound… but when it comes to crypto, that’s just folly.

"Assume a 128–bit cipher. Each time you want to try a new key, you’re going to have to discard (on average) 64 bits. 64 is close enough to 100 for our purposes—we want some quick back–of–the–napkin estimates, nothing more—so let’s write down: “each key = 10^2 bits lost.�

"Now, to break a 128–bit cipher by brute force requires, on average, 2^127 attempts. That’s close to 10^38, so let’s write that down. “Total attempts, 10^38.�

"Multiply the two numbers together to get the total number of bits of information you’ve discarded. To multiply together two numbers written in scientific notation, you add together their exponents. 10^2 × 10^38 = 10^40.

"Finally, we have to multiply our total number of discarded bits by the price we have to pay for each of them. Just like before, multiplying scientific–notation numbers is addition… except this time, one of the numbers is negative, so we can think of it like subtraction. 1040 × 10^-23 = 10^17.

"That gives us an absolute lower bound on the amount of energy we would have to lose while brute–forcing a 128–bit key. 10^17 joules… but that’s just a number. It doesn’t mean much to us, does it? So let’s put it in terms we can understand. "

A one megaton nuke releases 4.2*10^15 joules. Hence your system cracking really big numbers will make the room it is in VERY warm.

Except that the energy numbers are directly related to the technology used to flip those bits. I can increase the amount of heat generated by hiring a fifteen-year-old to flip dinner plates. This isn't about information generating heat, it's about machines that manipulate information generating heat. It's just nifty geekery, on the same level as calculating the physics of Santa Claus.

I think they actually had a guy on NPR's Science Friday work out the math on Santa once. It was interesting and absolutely hilarious.

He also mathematically explained how your christmas lights get tangled no matter how you pack them. (IMG:style_emoticons/default/smile.gif)

Heh. It´s not what you have, it´s how you use it.

No, that's the amount of energy generated just by the bit flipping. Any additional work created by an inefficient process is just additional overhead.

For a more detailed and numeric approach see:
http://en.wikipedia.org/wiki/Entropy_in_th...ormation_theory

You can pretend that Pi=3 because you don't understand how Pi is derived, but it still isn't 3.

Any process that is efficient today might/will be tomorrows inefficient tech.

An ideal processor would not waste energy at all, but can not exist. Real tech wastes energy, but steadily increases calculations/entropy. Take nowadays personal computers vs. an equally powerful number of revered C64-PCs. The question is if the necessary increase in calculation power is larger or smaller than the increase in available calculation power.

This is more than I should be offering, but I recommend you read it yourself. I mean really read it, not just skim it. Heck, just read the first four words of the actual article text, the ones that go "There are close parallels ..." I'll also recommend the entire section entitled "Theoretical Relationship."


While you're at it, here's another Wikipedia article for your reading pleasure.

Aaron, you are a glutton for punishment. (IMG:style_emoticons/default/frown.gif)

The other point on the energy analysis is that if you assume the mathematics has been cracked (which is the assumption the game makes) then you don't break a 128 bit key by testing 2^127 different possible values. You break it by applying the mathematics which lets you dramatically reduce the search space, and then using brute force.

(As a minor note, it takes very different kinds of mathematics to break asymmetric key systems (like RSA and Elliptical curve systems) and to break symmetric, fast key systems like Blowfish and AES. However, for game purposes it is perfectly reasonable to assume that both have been suitably weakened / broken.)

Joel

The Connection between Logical and Thermodynamic Irreversibility

Good cryptography is by definition logically irreversible. If you can trivially recover the input from the output without the key it's not a very effective encryption system. And, yes, the fact that there IS a key doesn't make it reversible.

"It is clear that every logically irreversible transformation is equivalent to
a logically reversible transformation plus one or more Reset operations. To
see this consider an arbitrary logically irreversible transformation. It can
be converted into a reversible transformation if a copy of the input state is
appended to its output. This clearly allows the input state to be recovered
from the output state. To obtain a transformation logically equivalent to the
original irreversible transformation we simply reset the copy."

That's also why people are interested in differential power analysis as a side channel attack, because the power consumption of the encryption process is directly related to the key and what it's encrypting. Odd how it all ties together, isn't it? Brute force attacks on well run and well designed crypto systems are just not a viable approach in the real world for a reason. Brute force attacks against naively run systems, particularly if you have hints, are perfectly viable to use as a starting point because you can greatly limit the keyspace you have to search to variations on their kids name, SSN, birth dates, etc.

And this all started with "ignoring the violation of the laws of thermodynamics"....

Forgive me if I've missed a cryptology lesson along the way, but what does "reset the copy" mean? There's not quite enough context there for me to put it together (and I seem to have glitched my Data Search roll, as Google is hating me on all relevant searches).

That's a nice quote, but it's a bit out of context. Try the first line of page seven, or the entirety of section 4. Maybe everything after that, too. I'm afraid it doesn't support your point at all, but it does go directly to my comment.

I think I'm going to be done with this sub-thread, unless something convincing comes up.

I'm just going to throw some questions out there and see how they fall.

My understanding of the thermodynamics generated around cryptography etc, is that we are working with silicon systems and traditional computer processors as we understand them today. How does that impact optical systems? Does an optical chip heat up by writing or removing data from it, since there are no moving parts?

If reducing entropy increases heat, does increasing entropy reduce heat? I have some problems with visualizing how exactly organizing a bunch of 1s and 0s makes heat, but scrambling them should definitely not make the world a cooler place.

Completely removed from the cryptography discussion:
Are there any modifiers for hacking use if I am running a sculpted system, where the sculpture uses Generic Matrix Iconography, but several key substitutions have been made? (Example my IC are sculpted to carry the icons of system maintenance bots and vice versa.) The visual representation would seem like everything was normal, but when an Analyze program was run on a specific Icon, different information than expected would return.

The entire point of the paper is defending Landauer's Principle, as first shown in "Irreversibility and heat generation in the computing process". The primary argument used against it is that entropy only applies to physical systems. Which is why the phrase he uses is "Thermodynamic irreversibility" with the paper showing that the general form of Landauer's Principle is true in a physical system, then applying it to a logical system. As noted it's pretty suggestive that you get the same answer using 'information-theoretic' entropy or phenomenological thermodynamics entropy.

It's possible that the second law of thermodynamics isn't actually true, and it's true that the relationship between of information theory and thermodynamics isn't firmly established, but Landauer's Principle is a tool that is found useful in other areas of science and models our understanding of reality in a useful fashion, as does thermodynamics in general. For example "Landauer’s Principle and Black-Hole Entropy." Given this it's perfectly reasonable to use it as tool to analyze cryptographic systems, which is why it is in fact in general use by people who work on cryptographic systems for a living.

You may be attempting to snidely claim that quantum computing will sidestep the heat dissipation issue, but that's also not true, as long as people don't choose encryption systems that can be easily attacked by QC. Logically it seem unlikely that corporations and governments will choose to use cryptosystems that they know can be trivially broken. Currently the commonly used symmetric systems are not easily attacked by QC, so I can't see any reason this will change.

It's all well and good to continually shout "wrong", but it's pretty pointless when you can't actually be bothered to produce any evidence other then your clear belief that you are omniscient.

There aren't any moving parts in a Intel processor either. Just moving electrons. That said, most of the heat in modern CPU (the vast majority) is due to resistance, not Landauer's. I'm not sure if any Landauer heating can even be detected. An optic fiber used for data will heat up (slightly) due to the laser light being absorbed over several kms of glass. I have no idea how much an actual optical computer would heat up, as somewhere you need RF converted to light, which implies a laser or vscel. Plus the gates will absorb some photons. This article suggests that there isn't any evidence for an optical system being cooler running. I have no idea how accurate this is, but I know the power requirements of high speed optical interfaces are pretty big due to the lasers.


It never gets cooler. You can move the heat to somewhere else, but that creates more heat in the process, which you have to move too.
The joke version of the laws is:
First: You can't win. Second: You can't break even. Third: You can't quit the game.

Not exactly new, but it shows why Landauer entropy is no issue: Bennet: Logical reversibility of computation

This skims over the biggest problem with it all - verisimilitude

Why is banking protected by security ninjas, but identity isn't? Especially when banking relies totally on identity and secure transaction for verification. I could simply get the ID of bill gates for what, 6k, wait for him to buy a coffee while monitoring him, then empty his bank account, because I all have all the information he could present to his bank.


Wham bam thank you ma'am.

And any defense that works for money is equally applicable to identification. It is stupid.