Sengir and Rotbart, we're talking about data being recorded by the drone's sensors. Are you saying that the sensors record at some phenomenal rate that can't be kept on storage? Also, the data is being transmitted. Are you saying that transmitters and receivers in SR operate at such a high rate that you can't keep even hours transmission in standard storage? That sounds very strange. Perhaps you're confusing full human sensory recordings with that coming from a few drone sensors.

Since you've chosen to make feeble arguments against only full simsense rigging, obviously the worst case, I assume that you've accepted how much sense one-time pads make for normal data transmission?

Very few uses of Encryption have the property that there is a daily rendezvous with a reliable source of one time pads.
Note that just because the drone goes back to base does not usually meet the needs. Corporate drones are often managed by remote riggers, or at least backed up by them.

In general, as has been said in this thread, the problem with one time pads is that key distribution becomes a continuous, high volume, activity. Master key distribution is the single riskiest part of the system, since if the enemy gets that without you knowing, you are completely compromised, without a clue.

On top of that, given that mathematical crypto as we know it has been declared broken, we don't know what they are using. (We don't really know what is broken either, since that depends upon the math that I would not ask the Devs to specify to a sufficient degree.)

Also, for playability, we mostly have to assume that many normal practices either don't work or are not practiced. Given that playability trumps authenticity, we let it go.

(No, I am not a cryptanalyst, cryptologist, cryptographer, nor a designer of security systems. But I do work with a lot of this stuff in my protocol design work. )

What makes you think they are that much different? Sure, the emotions are missing, but it makes up for this with constant control data


You simply didn't bring up that point any more, but if you insist I will repeat myself: What good is an an encryption that requires the secure exchange of a message to securely exchange a message of egual size?

Just like to point out:

Hours upon hours of full human sensory recordings fit on a datachip small enough to fit in your ear.

Or have we forgotten about BTL?

Those have been subject to lossy compression, see Unwired (IMG:style_emoticons/default/wink.gif)

Even so, lossy compression doesn't compact things down as small as you think it does.

Besides, you still have to have somewhere to extract it to in order to "read" it.

UW says it does. Page 185ff to be exact.

Reading over that makes me wonder how the matrix could be capable of allowing a rigger to jump into a drone at all, if the data is so massive that nodes can't handle it. And the DIR-X are compressed, jumping in isn't.

I'm very sure that the few cameras, microphones, accelerometers and whatever other sensors a drone has it on, hours upon hours of input from these can easily be stored in standard storage. Unwired says that raw simsense recordings cannot. Ergo they are different. Control data is going to be much less than sensory data, there are very few control elements on a drone, or any vehicle for that matter.

Why did you dodge the question of how you could transmit the data, but not store it?



Because the two can be separated in time. It is practical and easy to exchange OTPs through direct links at the start of the shift, mission briefing, drone refuelling. During operations, it is not practical or easy to exchange "a message of equal size" through a direct link, but having secure wireless communications is very convenient.


I don't think we need to talk about this anymore, you're clearly not making any effort in thinking these things through for yourself.

Why are people suggesting properly implementing OTPs in the game, but leaving regular encryption intentionally hobbled? If you want real encryption in SR, change the rules to permit real encryption. If you implement OTPs as actual encryption, you're just back to the original question of fun/realistic without ever bothering to actually think about it.

Talk about apples and oranges!

And what makes you so sure about that?


Because you didn't ask? A CCTV cam can transmit images all year long, without a single byte of internal storage.


I people see each other daily, sure. The whole point of telecommunications is that that you don't have to.



Well Mr. Thinker, then here's one for you: OTPs are clearly superior to everything we have right now and apparently key exchange is no problem...so why does everybody rely on the slow, wasteful and potentially insecure (who knows, maybe the NSA has found an attack on RSA long ago?) public-key algorithms? Those things are nothing but a crutch, and not even a comfortable one...


@Draco: The same way the Matrix allows you to control a drone on the other side of the planet without any latency (IMG:style_emoticons/default/wink.gif)

I don't think anyone is suggesting to actually use OTPs in game. The discussion is about SRs backstory of why there is no effective encryption begin completely bogus, even if someone did find a way to break mathematical encryption.

I'd probably go with something magical if I had to explain why OTPs don't work. Maybe there's some sort of magical threat that are attracted to random strings, using an OTP carries a high threat of getting a visit from a chaos spirit. Or some artefact of technomancy causes XORing with a random string to produce a random output (that's why people hate technomancers, they took away our privacy!).

I think that people are indeed missing the point of Encryption in the game... It is not meant to mimic real world occurrences... Unbreakable encryption would totally eliminate the Hacker as an Archtype... loads of No Fun for anyone...

If you cannot see that the Encryption is clearly designed for slowing people down (sometimes to the point of inability, but usually not... Higher rated Encryption slows for far longer than lower rated Encryption), then you really are looking at it the wrong way... Is it realistic... No, but any other solution removes teh immediacy of hacking usefulness... There are options in Unwired for those who like to make things even harder... Strrong Encryption Intervals can be from 1 Turn to 12 Hours; and this will indeed slow down a hacker even more... implementing this would make a Hacker more like what you get in Neuromancer, but that is not a Good Thing in that the Archtype is truly no longer a viable character and we are back to the Decker of Versions past... again, no fun...

The other is dynamic encryption, and, while not exactly as useful as Strong Encryption, it can make a system almost impossible to crack if the rating is very high, as the dynamic encryption will tend to score as many hits as "most" Decryption attempts... again, it may be somewhat exciting at first, but in the end it eliminates the Acrhtype, and again we are back to Deckers...

Now... in the end, we have encountered both such systems in the game, but they are not ubiquitous by any means... they were designed for tailored and sculpted systems that took much research and additional resources so that we could social engineer the key (which we have been working on in game for about a year now for that "Big" Run)... takes a while, but once you have it, the system is then vulnerable... Why are these schemes not included with each and every system? Because it would reduce the options for the Hacker to just one... Social Engineering... Way Boring and all to predictible...

My 2 Nuyen anyways...

Keep the Faith

A few things about SR encryption to think about.

First off, with all forms of encrypted transmission, you can't capture any of the data until you have broken the encryption.
This is definitely not like real world encryption. Sounds a lot more like quantum cryptography to me.
But quantum cryptography isn't really an encryption scheme, its more of a method of transmitting encrypted data. We would still have to implement some method of encryption. And in SR with all standard forms of encryption being broken, unfortunately that's all that is left. But when combined with quantum cryptography, now any would be listeners can't just snoop it, they have to try to decrypt it, alerting the sender that an encryption attempt is being made so that they can stop transmission, change channels, change keys, or any number of other things. Making encryption a lot more useful.

There are still problems with trying to rationalize that, but its the best I can think of at the moment.

Static file encryption is still gonna be mostly useless. But for that at least you will be able to rely on the system security.

Also, the problem with OTP methods is that they still rely on random strings. There is no such thing as random in the computing world. And the larger the random string, the more likely you are that your random string is gonna break itself as suddenly it starts repeating (given that it might be after a few trillion digits, but if your transmitting terabytes of data on a regular basis that's gonna happen a lot). Which basically means once someone knows how your random strings are seeded its not really gonna take very long to break your OTP. If there is some magic equation that can break any and all PSK and PKI encryption methods, then its not gonna be that hard to break an OTP.

And lets not cry doom over encryption being unbreakable. If all encryption was always unbreakable and everything was encrypted, there are still so many other ways for a hacker to be a hacker and get the job done.

No it doesn't. We have strong encryption now and people still break into our systems. if we encrypted them to hell it wouldn't matter. Encryption isn't some frigging magic wand that mysteriously makes systems secure.

The point is, it is no longer Shadowrun, it is Neuromancer... and the hackers do not crack the encryption in a timeframe that is even playable... so, as such, the archtype is now relegated to the Decker of old, which many people never used as a playable character... why, you ask? Because it was NO FUN...

It is a game, not a reality simulation... people just need to get over the disparities and play...

Keep the Faith

OTPs are typically created via specialized hardware that relies on actual random quantum events, such as thermal noise or nuclear decay. See Hardware Random Number Generators. They are really random. There is a reason why OTPs are considered unbreakable, it's because they are part of the class of problems mathematicians call undecidable and hence can't be decisively answered.

"Think about it. If I give you a message encrypted with a one–time pad and then give you the key which I claim decrypts it, do you have any way to prove that I’m right? Do you have any way to prove that I’m wrong? All keys are equally likely, all decryptions are equally likely, and there is absolutely no mathematical way to tell when you get the right key as opposed to any of the umpteen billions of wrong ones.

"This is an undecidable cryptosystem."

You keep ignoring that encryption just doesn't matter to hackers. What encryption does is allow electronic communication to be used for non-trivial purposes. Like fund transfers and not having everyone listen to your calls and perfectly simulate people calling you.

Because its not wet simsense, which includes emotional data and dozens of other things that your brain does.



I believe we're talking EXTERNAL storage here.



Drones aren't people and still have to be serviced by someone. In person. SR doesn't have repair droids.



Because the hassle of one time pads is so exorbiently high that we use a "good enough" solution called the Public Key Method. Which in the fucking real world is neigh unbreakable. This is not true in ShadowRun.



Everyone knows the matrix is backwards. It was written with a "you are in the node" rather than the way the internet works of "the node sends data to you." They've kept this backward stuff around, despite its painful wrongness. Oh. And in ShadowRun if you have a hacker at node A exploring node C through node B and jam/crash/remove node B, nothing happens. The hacker is in node C and his body is at node A, node B is irrelevant.

One (two) more reason(s) why the Matrix rules need an update.

IMHO that wasnt it at all, I've played several deckers through out the years and GMed for more. The reason most people didnt play them was the go get a pizza problem or misconceived idea that the rules were horribly complex. In reality the only suckage was the system map(1e-2e)/host(VR2.0-3e)/node(4e). By having multiple interaction points you have now created a minigame that no one else is a part of. Its the same as having the face have to talk to multiple npcs to finally get the desired results. By limiting the interaction points you take a solo game back into an acceptable aside. Also if you were to have the multiple points and the decker/hacker did his thing but its going to take a couple hours in game you can now bounce back and forth between players so they dont have to get a pizza. By having a 12 point matrix map that takes 10 seconds in game to go through you now have to play the whole thing out as a GM without interacting with the other players because their characters had enough time to walk to the fridge and grab a beer even though out of game it took 2 hours to complete all the rolling.

Ideally if you want Deckers/Hackers in your game you would have 1/2 dozen or less interaction points with each interaction point taking 30 minutes or so of in game time, that way you can bounce between parties and still have a reasonable aside for the Decker/Hacker.

Which in my opinion was no fun... I was often part of that Pizza Crowd...

Keep the Faith

I just don't feel 4e improved this in anyway its still a multiple node map with microseconds of game time. You still either keep it to a single or few nodes or house rule the time it takes up. Both of which people have been doing since 1e.

It does, see Lockheed Vulcan in Arsenal (IMG:style_emoticons/default/wink.gif)
Besides, I was talking about actual people. If Mr. J wants to send me a job offer, but has to send a physical messenger first (with escort to make sure the message remain confidential), that defeats the whole purpose of telecommunication...



I'm afraid you are confusing the 'trix and Astral Space here. A hacker's consciousness stays inside his own body, which is why Math SPUs or Rigger equipment even do anything in the matrix. And killing somebody while in VR does not leave a lingering ghost like it does with an astrally projecting mage.

Oh you were? But you said



It seems you were talking about drones and maglocks. You just weren't making any sense, so your point was as usual easily refuted, and then you tried to make it seem like you were talking about something else to save face, but fell right on it instead.




What makes me sure that hours of camera footage and audio recordings can be kept in standard storage? That you can even doubt this shows exactly why I said I was done discussing this with you.

This:




Not quite:

In general, a standard vehicle sensor package (Capacity 12),
will contain the following sensors:
• Atmosphere Sensor (taking up 1 Capacity)
• 2 Cameras (front and back, taking up 2 Capacity)
• 2 Laser Range Finders (front and back, taking up 2 Capacity)
• 2 Motion Sensors (front and back, taking up 2 Capacity)
• Radar (taking up 5 Capacity)


Plus the sensors which make the rigger actually feel acceleration, tilt, or engine data as if those were senses of his own body.