Unwired - Strong Encryption, Why doesn't every node have it? |
Unwired - Strong Encryption, Why doesn't every node have it? |
Jun 26 2008, 01:24 PM
Post
#1
|
|
Moving Target Group: Members Posts: 315 Joined: 12-October 03 From: Germany, Regensburg Member No.: 5,709 |
Just a small detail I don't understand: Why doesn't every non-public node have strong encryption? Forcing a hacker to work 24 hours before having a chance to enter a node should help extremly to keep it secure... Is there a drawback that I didn't notice?
|
|
|
Jun 26 2008, 01:26 PM
Post
#2
|
|
Running Target Group: Members Posts: 1,263 Joined: 4-March 08 From: Blighty Member No.: 15,736 |
Just a small detail I don't understand: Why doesn't every non-public node have strong encryption? Forcing a hacker to work 24 hours before having a chance to enter a node should help extremly to keep it secure... Is there a drawback that I didn't notice? It increases your reboot times by 24 hours? |
|
|
Jun 26 2008, 01:38 PM
Post
#3
|
|
Moving Target Group: Members Posts: 315 Joined: 12-October 03 From: Germany, Regensburg Member No.: 5,709 |
Why? You reboot the node - now you're as secure as always - and then your spider start encrypting it. Of course, your node is vulnerable after reboot - but only as vulnerable as the node would have been anyway.
Or did I miss a rule that a node that's being encrypted can't be used while encrypting? |
|
|
Jun 26 2008, 01:55 PM
Post
#4
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
It increases your reboot times by 24 hours? Can I get a page number cite to support that?Putting strong encryption in place intially takes 24 hours. Entering a legitimate passcode to decrypt it takes a simple action. If node encryption persists from reboot to reboot, that same legit passcode will only require a simple action after the reboot. If Node Encryption must be applied after each reboot (I believe the books are silent on this matter), then while it'll take a full day to achieve the level of protection you had previously, you can still be operating during that time under a temporary lesser form of encryption. Or did I miss a rule that a node that's being encrypted can't be used while encrypting? Only nodes that have a Processor Limit of 1 and Response of 1 that have no ergonomic programs loaded. To quote noted authority Albert Yankovich, who's well versed on many topics: "You're using a 386 -- don't make me laugh! Your Windows boots up in what, a day and a half?"
|
|
|
Jun 26 2008, 01:58 PM
Post
#5
|
|
Moving Target Group: Members Posts: 315 Joined: 12-October 03 From: Germany, Regensburg Member No.: 5,709 |
There is something about reboot and encryption, but unfortunatly, it's not clear, imho:
QUOTE Node encryption is restored by rebooting the node (a Complex Action, plus boot time), and re-encrypting it (a Simple Action). Either that means that you can restore a strong encryption with a Simple Action or the authors missed a little detail (IMG:style_emoticons/default/smile.gif) |
|
|
Jun 26 2008, 02:00 PM
Post
#6
|
|
Running Target Group: Members Posts: 1,263 Joined: 4-March 08 From: Blighty Member No.: 15,736 |
Why? You reboot the node - now you're as secure as always - and then your spider start encrypting it. Of course, your node is vulnerable after reboot - but only as vulnerable as the node would have been anyway. Or did I miss a rule that a node that's being encrypted can't be used while encrypting? The 24 hour option isn't worth it when most people aren't hackers. Some worried people might do it as a result of the technomancer and AI scares, but generally security isn't about throwing as much in as possible. One has to consider the intended purpose of the node when determining whether the security is actuall worthwhile. When you are going for the 24 hour strong encryption, that 24 hour strong encryption is part of the services offered by the node. Any node offering 24 hour strong encryption is going to be favoured by the extremely paranoid and security over-conscious, they're not going to use it when the encryption is down. Reboot time is the amount of time it takes to reboot and resume full functionality, hence the reboot time is increases by a whole day. From a business perspective, going down even once a month when it takes a whole day to return to full functionality is a terrible loss of profit. |
|
|
Jun 26 2008, 02:02 PM
Post
#7
|
|
Moving Target Group: Members Posts: 315 Joined: 12-October 03 From: Germany, Regensburg Member No.: 5,709 |
Unfortunatly, the rules are unclear here.
|
|
|
Jun 26 2008, 02:11 PM
Post
#8
|
|
Running Target Group: Members Posts: 1,263 Joined: 4-March 08 From: Blighty Member No.: 15,736 |
Either that means that you can restore a strong encryption with a Simple Action or the authors missed a little detail (IMG:style_emoticons/default/smile.gif) Strong encryption is an option you can take on any encryption action that lengthens the encryption process. By default you get weaker encryption, you have to choose to sustain the encryption process for longer to return to the full 24 hour encryption. It still takes a simple action to begin restoring the encryption but it has to be sustained for 24 hours. That's what makes sense to me. The accompanying fluff states that it takes more time and computation; this implies that the process of encrypting is extremely taxing so it shouldn't be restorable with just a few moments of work when the encryption is broken. |
|
|
Jun 26 2008, 02:58 PM
Post
#9
|
|
Moving Target Group: Members Posts: 633 Joined: 23-February 06 Member No.: 8,301 |
Every extra bit of security (including Strong Decryption) costs time, resources and manpower to implement and maintain. While all of that is not necessarily reflected in game rules, you ought to think in those terms as a GM. "How much would this organization commit to matrix security?"
And, really, it's just about drama. Would it be dramatic for the hacker to decrypt this mid-combat, or would it be dramatic for it to take a while? |
|
|
Jun 26 2008, 03:04 PM
Post
#10
|
|
Immortal Elf Group: Dumpshocked Posts: 14,358 Joined: 2-December 07 From: Winnipeg, Manitoba, Canada Member No.: 14,465 |
In addition, the stronger the encryption, the longer it's going to take to save/load every file on the system with that encryption.
Hey, if we're talking about one user, that's not that big a deal. But we're talking about systems with dozens, if not hundreds or THOUSANDS of users! It adds up very quickly. Processor time is a resource, just like any other, and it's got a cost applied to it. You wouldn't want Bob in Accounting angry at you, would you? Bob has Discretionary Funds! |
|
|
Jun 26 2008, 03:28 PM
Post
#11
|
|
Target Group: Members Posts: 41 Joined: 13-May 08 From: New York City Member No.: 15,973 |
Given that most nodes need to operate dynamically in real time, I would limit strong encryption to stored data, not active nodes or subscriptions.
|
|
|
Jun 26 2008, 07:07 PM
Post
#12
|
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
The 24 hour option isn't worth it when most people aren't hackers. Technically, it's worth it for every runner. But 24h are just an extreme - doing a 1h strong encryption already will protect your commlink from being hacked in mid-combat. Given that most nodes need to operate dynamically in real time, I would limit strong encryption to stored data, not active nodes or subscriptions. Sure, but by RAW, it is only forbidden for Signal encryption. |
|
|
Jun 26 2008, 07:54 PM
Post
#13
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
Sure, but by RAW, it is only forbidden for Signal encryption. Yeah, if you take one statement in isolation without looking at the greater context. What does it mean to encrypt a node? Encryption of a node is premptively placing encryption on all means of access to that node, so that proper pascodes must be presented or the encryption cracked before access can be attempted. Where would you be attempting that access from? Another node. And an encryption between two nodes just happens to be the definition of Signal Encryption. |
|
|
Jun 26 2008, 09:56 PM
Post
#14
|
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
|
|
|
Jun 26 2008, 10:44 PM
Post
#15
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
The greater context is that there are three major kinds of encryption per Unwired: File, Node and Signal. And there are three kinds of pistols in Shadowrun: Light Pistols, Heavy Pistols, And Machine Pistols. Doesn't mean I don't let my players swap ammo between a Light Pistol that fires 4P and a Machine Pistol that fires 4P. If tomorrow Catalyst published a new type of ammo on their website, with a disclaimer that said that it wasn't available for Light Pistols, you can bet I'd have to hear a pretty good explanation as to why I should allow it to be fired from a 4P machine pistol. |
|
|
Jun 26 2008, 11:10 PM
Post
#16
|
|
Moving Target Group: Members Posts: 695 Joined: 2-January 07 From: He has here a minute ago... Member No.: 10,514 |
If a signal is encrypted, you need the key or decrypt to intercept it
If a file is encrypted, you need the key or decrypt to open it If a node is encrypted, you need the key or decrypt to access it If you use strong encryption to encrypt something, you need to spend the same amount of time (up to 24 hours) decrypting it before you can do the above. Therefore if you want to stong encrypt every node in your game, go ahead. This means that the key will be that much easier for the hackers to get. Everyone that accesses it needs that key, sort of like a passcode. Enabled strong encryption makes it synonymous with a second passcode, albeit one that can be avoided by 24 hours of decryption. |
|
|
Jun 26 2008, 11:11 PM
Post
#17
|
|
Hoppelhäschen 5000 Group: Members Posts: 5,807 Joined: 3-January 04 Member No.: 5,951 |
If tomorrow Catalyst published a new type of ammo on their website, with a disclaimer that said that it wasn't available for Light Pistols, you can bet I'd have to hear a pretty good explanation as to why I should allow it to be fired from a 4P machine pistol. The latter would be a houserule, sure... though not quite like treating Nodes like Signals - which they aren't. Therefore if you want to stong encrypt every node in your game, go ahead. This means that the key will be that much easier for the hackers to get. Just you aren't forced to use the same passcode more than once... |
|
|
Jun 27 2008, 04:39 AM
Post
#18
|
|
Moving Target Group: Members Posts: 556 Joined: 28-May 04 From: Moorhead, MN, USA Member No.: 6,367 |
Does the book mention all the nodes interacting with a strongly encrypted node? Say I manage to hack a camera. The camera is talking to the security node. The security node is strongly encrypted. Can I lift the key from the camera, or does that take 24 hrs or more?
|
|
|
Jun 27 2008, 04:52 AM
Post
#19
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
Does the book mention all the nodes interacting with a strongly encrypted node? Say I manage to hack a camera. The camera is talking to the security node. The security node is strongly encrypted. Can I lift the key from the camera, or does that take 24 hrs or more? Depends on the setup. If the Camera somehow has a node account set up for it on the Security Node, then yes, having hacked yourself an admin acount on the camera's node would give you a free pass into the Security Node. However, usually, the node account is setup the other way, with the Security Node having a node account set up for it on the camera. Or the Security Node could just be sending data requests to the camera. |
|
|
Jun 27 2008, 05:01 AM
Post
#20
|
|
Target Group: Members Posts: 11 Joined: 25-June 08 Member No.: 16,085 |
Time mostly, if a node needs to be instantly accessible then encryption is just gonna slow that down. However it does make sense to have some nodes highly encrypted. If the node needs security over access speed, then sure encrypt away.
One thing about encryption, a lot of encryption algorithms use prime numbers as well as something like a totient. The thing about encryption isnt really that people dont know how to crack it, its that we dont know how to find primes and factor numbers quickly. I dont know much off hand about how shadowrun handles divination, but I think a mage might be able to simply ask a spirit if it knows a way to factor the numbers, or if it knows the factors for the totient. If so, I'm pretty sure all deckers should have a mage friend, at least for dealing with encryptions. |
|
|
Jun 27 2008, 05:04 AM
Post
#21
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
|
|
|
Jun 27 2008, 05:27 AM
Post
#22
|
|
Moving Target Group: Members Posts: 353 Joined: 2-February 08 Member No.: 15,618 |
The thing about encryption isnt really that people dont know how to crack it, its that we dont know how to find primes and factor numbers quickly. Presumably this is part of Heinrick's breakthrough; applying the massively advanced computation of 2065, combined with breakthroughs in expert systems and fuzzy logic to factor primes almost instaneously. Throw in a few other breakthroughs in theory that would simply blow our tiny little 2008 minds, and you have your paradigm shift in decryption technique. |
|
|
Jun 27 2008, 06:07 AM
Post
#23
|
|
Running Target Group: Members Posts: 1,263 Joined: 4-March 08 From: Blighty Member No.: 15,736 |
Presumably this is part of Heinrick's breakthrough; applying the massively advanced computation of 2065, combined with breakthroughs in expert systems and fuzzy logic to factor primes almost instaneously. Who would have known that non-probabilistic continuous logical reasoning would be so powerful? It's almost a given that all the corps are devoting significant effort to cracking the algorithms of their rivals and the practice of academic development of cryptography has long since disappeared (lol GRIMNDARK), leading to crappy encryption algorithms becoming mainstream (proprietary algorithms are crappy, it's a fact). The arts of cryptanalysis are probably quite advanced thanks to a number of huge wars happening in recent history. It's in the interests of the corps to release Decrypt programs using SOTA cryptanalysis techniques and harvest their rivals' data from the havens it ends up in. On that note, I wonder if Britain reopened Bletchely Park for a laugh (25% of UK domestic and foreign policy is for entertainment purposes, you heard it here first) during the Euro Wars. |
|
|
Jun 27 2008, 04:45 PM
Post
#24
|
|
Target Group: Members Posts: 11 Joined: 25-June 08 Member No.: 16,085 |
Ah but from 2065 on forward, they do know how to crack it. There's a sidebar in Unwired with the details. o cool, ill have to look at then when I get unwired. Just as a spoiler could you give me a summary or something of how they explain it? (proprietary algorithms are crappy, it's a fact) QFT |
|
|
Jun 27 2008, 09:53 PM
Post
#25
|
|
Neophyte Runner Group: Members Posts: 2,086 Joined: 26-February 02 Member No.: 364 |
Just as a spoiler could you give me a summary or something of how they explain it? Breakthrough algorithm that allows the computational power of the latest generation processors to be leveraged to their full effect. Developed by a researcher named Heinrich Andrews, so naturally the hacker community refers to it as the "Heinrich Maneuver" |
|
|
Lo-Fi Version | Time is now: 25th April 2024 - 06:09 AM |
Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.