You're looking at it the wrong way. It isn't about the system being unbeatable.

It is about this: Would people

a) go ahead with just easily breakable encryption
or
b) pay a very small cost to use a one-time pad encryption service that can only be compromised if people manage to hack the encryption service provider.

It sounds like you want it to compete with an unbreakable system that people already have access, but that isn't the case - in SR, people have no effective encryption available to them, and that should be the starting point of your analysis.

No, it's about the system being broken-by-design. Handing over both the key and your plaintext to a trusted third party defeats the whole idea of encryption.

Yes, because at least they control the keys and the plaintext for a certain amount of time.

The thing is, those services will go out of business with the first breakin.

Which can lead to disaster as well due to inflexibility: The protocol for encryption is slow and rigid, and everything that is too much hassle will stay plain unencrypted, before failing in the field.
This is what caused the drones to transmit video uncrypted, which in turn was captured and used by the opposition.

The problem with a one-time pad is that you have to have secure means to get a copy. As in RAW there are NO secure means other then face-to-face this makes it pretty hard to have service that provides it to you electronically.

By RAW you can't trust anything you get electronically. That call from your fixer? It could just easily be LS and there isn't any way you can tell, until you show up at the meeting. Your calls can be overheard by anyone. There are no "secure matrix conferences", the entire idea of having a matrix meeting to discuss anything more secret then the lunch menu is totally insane.

Any time you transmit anything, like a credit transfer, it can be decoded in real time. So once you use your credstick to buy anything anyone can empty to account trivially.

The Resonance Realm expands on that problem by an insane amount, too:

With a Realm Search, you can find and recover any data that ever existed on a non-hardcopy system, even if long-gone in the real world. If that wasn't already worse, you can make data in the real world disappear, too, regardless of protection.

And how did he do that, in a secure and verifiable way? (IMG:style_emoticons/default/wink.gif)

Quantum encryption in theory is supposed to prevent people from eavesdropping on a secure communication. Since the data changes when observed, the receiver will know if there's an eavesdropper since data is not what are expected. Communication ceases, and the eavesdropper only has a small portion of data that by itself is likely meaningless.

--



That's the foundation of the public key infrastructure. You have a private key which only you know and keep, and a public key that you give out that people can use to encrypt files send to and by you. It sounds weird, but it does work.

--



In my opinion, that was a mistake that could have become a significant intelligence tool. They fouled it up by reporting it.

What they should have done was increase the drone fleet by about 25% with new drones using encrypted transmission and convert about 25-33% of the existing fleet to using encrypted transmissions.

Basically, we knew that they knew what we knew about them, but they didn't know that we knew that they knew what we knew. We had the upper hand and frivolously wasted it away by publicizing it. We could have used it for misinformation. Send the unencrypted drones over targets we consider low priority and use encrypted drones over high priority targets. So while they're looking once way, we get to kick them in the ass.

Not quite, as that is asymmetric encryption.

The suggestion is about symmetric encryption, which only has one key that needs to be kept secret - and the equivalent would be to give away your private key in asymmetric encryption.

Perhaps you had read symmetric encryption, but I saw nothing that specified symmetric. Just that to easily break encryption you go after the key. That's a weakness that is shared between symmetrical and asymmetrical encryption.

Symmetric encryption should never be utilized for data in transit, only for data at rest and only for a single machine, unless you can secure the transmission of the key itself, and even then only between a small number of machines. The strength of asymmetric and symmetric encryption is identical, with a noted exception that you require a large keysize in asymmetric to get the same level of effectiveness.

There are technology deficiencies that also affect symmetric vs asymmetric key size, but those are beyond the strength of the actual encryption and boil back to the fact that data at rest is far easier to protect than data in transit.

One-Time-Pads are symmetric.

WPA2 uses symmetric encryption. There are schemes that use asymmetric encryption to negotiate a symemetric session key, too.

...for example the key exchange methods used by WPA and WPA2 (IMG:style_emoticons/default/wink.gif)
Even when using a pre-shared key, this key is only used for authentification. The actual key for encrypting the data stream is negotiated between the client and the AP every time the client connects.


Also there seems to be some confusion about quantum cryptography, so here's a quick rundown on it:
The idea of quantum cryptograhpy is not to transmit any data over quantum states, the idea is to produce two identical sets of random numbers on both sides of the line. These numbers would then be used as a key to encrypt the actual data, and because any evasdropping along the line will inevitably change a significant ammount of those numbers, every attempt to sniff the key would be noticed.
After the key has been exchanged, the data is encrypted with this key and an arbitrary cryptosystem and sent over any conventional channel you like, from fiber wires to pigeon carriers.



In short, the problem with every kind of cryptography is the secure and trusted exchange of keys. Even public-key systems do not solve that problem, because how do you know for sure that the public key you got is really the one of the person you want to communicate with? An evasdropper could just have sent you his own public key, then he can decrypt your messages, encrypt them with the real key of the intended sender and pass them on. You could of course have other people vouch for the correctness of the keys, but how do you know you can trust those people...(IMG:style_emoticons/default/wink.gif)

Apart from out-of-band-verfification, one approach is a Web of Trust with key-signing, the other is the Socialist millionaire method.

Web of Trust is the method I described, including the problems...you need a "starting point". Out-of-band simply shifts the problem to another medium, and the socialist millionaire problem is just a name for very similar problem (which means that the possible solutions and their weaknesses [man-in-the-middle attacks] are also quite similar) (IMG:style_emoticons/default/wink.gif)

I'm trying to follow (not completely comprehend) this back-and-forth, but I was never a math / mathematical applications guy, so I'm going to ask a couple questions because I find it interesting. First of all, the difference between symmetric and asymmetric encryption is the symmetry between the keys that both parties use, right? So in a symmetric scheme, you and I have the same, or a related key, but in asymmetric, I have one key to encode / encrypt (proper terminology?), whereas you have a unrelated key to decode / decrypt? By their nature, is one naturally more secure then the other, or does it depend on specific schemes?

That's not a problem of encryption, though, but a general one. (IMG:style_emoticons/default/wink.gif)

Which helps a lot to start a WoT. (IMG:style_emoticons/default/wink.gif)

Used correctly, it prevents MitM attacks, as done in Off-The-Record messaging.

/agree, I'd like to add that some of the NSA documentation is INSANE about how to secure a system. I mean unless your only using that terminal once it would be unusable on day to day use. For example taking plugging the time into a math formula in a script that renames everything on your linux install (including commands) and gives one print out of the system changes that you then store in a secure safe and then removes all printing functionality from the OS. This system (while secure by being obscure) is unusable on a day to day level!

[edit] I've seen some very interesting ways of handling computer security over the years both in government and private sectors. Some are good some are terrible. One of the most interesting was in the private sector where everyone had a wireless devices that you received all your passwords on every day (passwords changed daily). The device passwords changed monthly and you had 5 chances to get it right or it wiped the device. If you lost your device all you had to to was call a phone number and they scrubbed it remotely. You also had to call a number if your device ever lost its network connection for any reason, so you could reconnect.

Correct. By their nature, asymmetric is USUALLY considered preferred because it allows certain other functionality (such as digital signatures). PKI, Public Key Infrastructure, is a form of asymetric encryption, where I have a super-secret encryption key (my private key), and I can send the same public key to whoever I want to be able to read my messages. Every message I send is 'signed' by me, and it allows me to maintain several encrypted lines of communications without requiring I generate a slew of different key pairs for each one.

I strongly recommend not trying to insert technical explanations for the SR4 Encryption rules. The Devs are trying (not too effectively, but they are stuck) to match the sense that hacking and data stealing are achievable. But they still need to have some way to protect things like electronic currency. So they have thrown a large quantity of technical handwavium at it.
Do what you think works for your game. (For example, one game I am in has declared that slow encryption can not be used on nodes which are actually in use. even though the rules seem to say it is okay. Because otherwise it would itnerfere with the game.)

Yours,
Joel

PS: There was recently a demonstration of how tap an untappable Quantum encryption. Thiinks are rarely as simple and clear cut as they seem.

It typically far more CPU intensive to use a public key system to do encryption. AFAIK all the public key system approaches in common use use a public key system to do an initial negotiation, which incules setting up the symmetric keys they then use for the rest of the transaction.

If you already know who you are talking to you can just skip the public key stuff and just use a symmetric key system. IIRC, that's how encrypted radio voice traffic works, as there is no negotiation process possible.

But the root of the issue is this.

If any encryption can be broken in a matter of seconds, it servers no purpose. Its simply security through obscurity, no better than using a hash. Which means anything that is transmitted would be treated by security as if it was plain text. No sensitive information would ever be transmitted across any channel that isn't PHYSICALLY secure.

Which means Encryption by RAW just doesn't work. It either needs to be harder to crack or you might as well pretend it doesn't exist.

The most common use for an asymmetric key system is a public key system.

If Joe wants to world to be able to talk to him he creates two keys, one secret that he keeps and one public that he widely distributes. These are mathamtically related such that data encrypted with one key can only be decrypted with the other. If Tina uses Joe's public key to encrypt a message only Joes secret key can decrypt it. Once Joe gets Tina's message he can use his secret key to send her a response that she can decrypt using his public key. However so can everyone else, but it proves that it came from someone with Joe's secret key.

In a perfect world when Tina sent a message to him she would also have included her public key, so Joe can use his secret key and her public key to encrypt the response so that Tina knows it came from Joe and only Tina can read it.

This all works great in theory, as there is, in theory, a universally trusted completely secure central repository that everyone keeps their keys at. The real world problem is that this doesn't exist and never will, so ensuring that the key you get for Joe is really Joe's key is a big issue. For example, if Steve gave out his public key in place of Joe then when Tina sent a message to Joe Steve could decrypt Tina's message and then encrypt it using Joe's real public key. So now you have a man in the middle who can see all the "secret" data.

If you want to go into more detail "Applied Cryptography" will tell you more about this than you ever wanted to know, and google can find lots of examples too.

Generally people believe that you need longer keys with asymmetric keys than you do with symmetric keys. For exemple, NIST says that a 3072 bit public key is similar in security to a 128 bit symetric key. Essentially it is easier to cleverly solve the asymmetric key math than the math underlying a symmetric key system. However asymmetric keys also require a lot more CPU cycles to do encryption/decryption than do symmetric keys.

This is one of my biggest complaints about ShadowRun:

If it really is secure, then hacking it takes forever.

On the other hand, then hacking it isn't fun.

Thanks for the rundown, guys. How would you guys with a background in this alter the rules while still keeping them playable?

You can't. Either things are easy enough to hack that when used against the players things might as well be unencrypted (likewise they'll find little resistance to their own hacking). Or things are so difficult to hack as to make doing so pointless from the player's point of view.

Basically, the difficulty threshold should be that the hacker can move around in the system fairly easily, but will take some damage for doing it, keeping him on par with the other characters (fights are fast and deadly, but not many of them), but the rules don't support this. And even if they did, it'd be really boring. The matrix doesn't have a "I dodge behind cover" action, it's call "oh, I have a program that does that. Automatically. Every time. I don't even have to think about it."

There's a tiny little computer game out there called Decker, which (using its own rules) appears very much like 1st or 2nd edition matrix rules (the maps, the programs, etc). Every time I've played it--including the highly advanced character who's actually managed to survive for more than 20 minutes--it basically came down to Stealth, Stealth, and more Stealth. If the system went to red alert (i.e. combat) I'd log out. Combat was so deadly that even with 4 or 5 ranks higher than each IC you'd still take damage, which was VERY EXPENSIVE to heal, if you had too much you did more poorly at all things, and if you took more you up and died (save file erased).

It was far less detrimental to fail a mission than it was to get into combat. Failing a run lost me 24 hours (a mission generally lasted 2 to 4 days, giving you 2 to 4 chances), failing a mission lost me the time I spent on it for the money it would have gained me (and sometimes I still had paydata that I could sell). So I never had any attack programs, kept stealth, spoof, and hide at the highest rating I could, then got smoke and silence to keep the node from triggering an alert if I was doing something sensative. I still kept armor though as if an alert triggered, IC got to go first.

To be honest I think the hacking rules in SR4 suck. They suck less than the previous editions, but they are still essentially dumb and unusable.

That being said, here are some ideas.

1) If you hack a system and get an admin account file encryption doesn't matter. Nobody carries around a little black book filled with thousands of file names and passwords, it is all handled by the OS. Once you own the OS it will automatically do all the decryption for you, so who cares about encryption?

Encryption really matters when you steal a computer that is turned off or a backup tape. With effectively done encryption it's essentially impossible to break via brute force if the person setting up knows what they are doing. This doesn't mean it's unbreakable, see #2 & #5.

2) All the technology in the world doesn't help if the person setting it up is an idiot. And a lot of people with technology act as if they are idiots. I'd assume a lot of people don't set up decent passwords/passphrases/crypto variables. These can be broken in a trivial amount of time. No matter how good the encryption is if you set it to password, dragon, your birth date, you dogs name, etc it doesn't work.

3) Running good encryption is expensive, painful, and gets in the way of doing work. People need to be willing to spend quite a lot of money to have really secure encryption, hire good people to run it and allow it to be an inconvenience from time to time. So many people are sloppy. Sloppy encryption can produce serious issues. For example see the Verona Project, where the US/UK broke the 'invincible one time pad' because the KGB was sloppy.

4) Having encrypted data does not prevent it from being recorded. You may not be able to do anything with it right now, but you can record it and hope to later get the keys. And you can still do traffic analysis of the messages and eventually find interesting stuff or locate weaknesses in the encryption.

5) The best way to attack good encryption is to get the keys. This is also a lot more interesting from an role-playing game then having one guy rolling "decryption dice", as it allows the players to do stuff and the break into places, con people and do various things to get the keys. In SR, never forget the power of Rubber-hose cryptanalysis.

edit: forgot the "good" in point 5

Don't forget Black Bag Crytanalysis. (IMG:style_emoticons/default/wink.gif)