Has anyone besides me tried it in RL? I mean wireless networks are no problem because as soon as someone connects the key has just been broadcast out to everyone, so your looking at a matter of minutes from the time of the connection. So I decided to encrypt an 80 gig HD it took about 24hrs, then I tried to decrypt it using another computer without the key. Well it took a little longer than a week and I wouldn't call it a full recovery.

[edit] the computers are about the same in terms of cpu and memory. Both are intel dual core aprox 3ghz with 4 gigs of memory.

Based on this do you feel it would be reasonable in SR4 to say decrypting a file is more like cracking a program (Unwired)? Rather than the standard encryption/decryption rules.

Your first mistake is saying SR technology works like today's technology.

I think they indicated that by changing from Decker to Hacker and from Deception to Exploit...

i would suggest reading unwired. specifically the sidebar on page 67.

You're welcome to make some RL inspired rules for Encrypt/Decrypt, but it's clear that the rules in the book are more based around making the game fun than making us all amateur cryptanalysis.

I've used the rules as written both as player and GM and I've been happy with the out comes. The IT engineer in me cringes a bit at people who know SR rules by heart but can't keep a solid password on their email, but what are you gonna do?

Considering that it is possible, someone came up with a way to calculate the prime numbers any particular number is made out of as a product or sum in SR, the way encryption (and thus decryption) works in SR might be vastly different from how it works today.

That's where suspension of disbelif kicks in and we simply use the rules as they are.

If that sidebar is the sidebar I'm thinking of, it's an utterly rubbish reasoning. Some magical math formula that cracks all encryption, past, present, and future.

The consequences of such a formula indicate that this individual has mathematically predicted human thought and that free will does not exist.

In a more mathematical explanation, it seems to me that he proved that P = NP and he developed and algorithm that proved this. Converting this to tell you if a given number is a prime number is just a walk on the park AFTER you have proved this. It could just mean that no one discovered a better way to secure nodes and so we have the Spider-Black ICe duo.

If you choose poorly designed encryption algorithm, like WEP, or choose crappy passphrases encryption is not terribly useful. If you use a well designed encryption like AES and your software implements it correctly and you don't use trivial or guessable keys/passphrases you literally can't break it. Breaking 128 bit AES via brute force requires (via Landauer's principle) that you dissipate an average of 10^17 joules of heat, or about the same energy that you get from setting off a 100 megaton bomb.

All modern encryption is based on prime numbers. The reason that works (with very long numbers, mind you) is because we (currently) have no easy way to determine the prime numbers of which a specific given number consists.
You may also check out some of the millenium prize questions, like the P vs. NP Problem, the Birch and Swinnerton-Dyer Conjecture, or most importantly, the Rieman Hypothesis. Especially the latter one, if solved, would potentialy render our entire modern encryption method obsolete in one fell swoop.
That sidebar is far from rubbish.

Also, check this article.

(Thank you, kzt. My thoughts exactly.)

Yes, your tests indicate that you are using pretty lousy encryption techniques, first and foremost. With a little more work, you could have (still for free) encrypted your hard drive to a degree that it is considered unbreakable by the US government (as has happened).

SR drops the ball completely, presumably in the name of fun. You can come up with your own reasons. Optical technology has somehow eliminated the modular math problem. The tremendously high-bandwidth necessary for full simsense has put a stranglehold on the available lag time due to encryption, making proper encryption unfeasible. Poor encryption implementation due to the complexity of systems has resulted in holes that can be exploited to circumvent the encryption. Whatever. This is currently being addressed in SR3R, so if you want to hop over there and take those ideas for your own game you're welcome to, although I don't think they're really SR4 compatible (and I really don't know how you'd implement it in SR4, since I don't play that game.)

I was told to ask my high school math teacher one time "when he'd get around to proving it."
He thought that was pretty funny.

BTW, IIRC, some anonymous Indian (the country) guy actually wrote a 13 line computer program that can prove if a number is prime or not.

It involved taking two random numbers, raising them by suggested prime, and performing a modulo operation (IIRC). If it came out 0 then there was a 95% or greater chance that it was prime, so doing it twice pretty much insured that yes, it was prime.

I tried implementing it once only to find that my two random numbers couldn't be greater than about 4 if my test prime was less than 16 and couldn't test higher than ~25 at all (limitation on the unsigned longint variable type--doubles and floats could be much larger, but couldn't do modulo).

If you want to "fix" Encryption in SR to make it closer to RL technology that we have now it's easy: simply change the interval. Make it 1 minute, hour, day, week, month, year, or decade. I'm sure the SR decryption speed was chosen in order to make the game fun. RL hacking and decryption is nowhere near entertaining to watch or roleplay. Rolling dice over and over to determine if a security flaw was found, or rolling dice over and over to simulate a computer attempting to break encryption is boring; breaking in quickly and having to fight an Intrusion Countermeasure that looks like a Cyclops swinging a giant club is fun.

Heh, I can imagine... However, in the article I posted there are several claims mentioned that are currently submitted to peer review, so chances are, someone may actually have figured it out.

Now add 63 years to the mix...

The article you linked also pointed out that finding an algorithm to determine primes isn't a problem. The current encryption method was implemented before it was known if primes would be unbreakable, and there are mathematical methods of performing encryption that are proven unbreakable. Just like IPv4, at the time it was thought to be all that would be necessary. At some point in the near future we're going to have to move up to IPv6.

If, and the keyword is if, modern encryption techniques are broken, the technique will change to a proven unbreakable method. We will essentially use this system until such times as change is forced. In reality, the SR world has faced two Matrix crashes would serve as good resets to redo encryption technology.

Not every formula is the Anti-Life Equation.

SR obviously moved to a stage where the Riehman Hypothesis as well a the N vs NP problem have obviously been solved.
That alone would require a massive change in encoding and decoding methodology and it is questionable, whether a method is even conceivable that can be proven unbreakable under such circumstances.

That in itself could be the reason why SR employs "fluid" security protocols.

Whetever the justification, though: it is obviously not possible to create long-term encryption solutions in SR. As to why does not really matter at that point, even though the speculation about it proves quite interesting.

First off anything transmitted wirelessly is insecure. AES passphrases take longer but still you broadcast the key to anyone who wanted to grab it (FBI proved that theory pretty well at black hat 07'). You can look at the black hat challenges of different years to see how crazy fast some people can get through. My hard drive encryption software was not the best because I wanted to break it fast. You see SR treats wireless encryption and hard drive encryption as the same thing. In reality its a ton easier to crack wireless (that whole broadcasting thing) than to crack open an encrypted file but the rules do not reflect this.

Full stop.

Encoding/Decoding are not the same thing as Encryption/Decryption. Anyone who even has a mild interest in cryptography should know that fact. All you've managed to do is just prove my hypothesis that you really aren't digesting and interpreting what you're reading, but instead just looking for contrary articles specifically to be belligerent.

As I said, there's multiple other mathematical methods that can be used for cryptography. Until such point that Riehman has been proved there is no need to supplant the current system. It's too massive and unwieldy to do so. Trying to convert from IPv4 to IPv6 shows how pointless it would be to try to change the encryption algorithms.

Security will ALWAYS be a concern. There will ALWAYS be a need to keep things secret. This alone will drive a change in cryptography if the prime method becomes obsolete. The world of Shadowrun has seen two Matrix crashes that resulted in large volumes of data loss, likely involving significant portions of all encrypted data. They are two reset events which would allow the entire computing environment to be reset.

As I said, if this magical mathematical formula is the proof for Riehman, then for it make encryption obsolete would require to also prove every other mathematical encryption technique that has already been proven uncrackable.

You are, of course, completely right. My bad. Meant to say encryption/decryption.



The mere fact that SR still uses encryption serves as proof that it is not obsolete.
In addition, I only said current methods could become obsolete. Not that we couldn't come up with new ones. The important aspect here is as to whether those new methods would be as solid as we are used to.

This is a road the forum has been down many times. Some folks are happy to use the rules as written, some make custom ones and some others just let it ruin their fun.

Before WWII computers were people, mostly women, who sat at a desk and did math. True story. Perhaps the methods and techniques that they collectively call Encryption in SR bare about the same resemblance as modern computers to their prewar counterparts?

What you are talking about are poor design and operational practices, not actual vulnerabilities in the encryption. A FIPS 140-2 compliant system doesn't broadcast anything usable to attack and it's actually pretty darn hard to break into. Most of the high-end commercial systems can be set up in FIPS 140-2 mode, but it's painful and typically only done by the Feds. However this is only usable for "For Official Use" or "sensitive but unclassified". For actual classified traffic you have to use Type 1 encryption products. These are vastly more hardened than a commercial grade wireless system and their are very few of them out there. But here is one example. They are very expensive and systems like this are typically a huge pain to operate and maintian.

I am well aware of FIPS 140-2 and commercial grade wireless systems. FIPS 140-2 has nothing to do with wireless specifically (If you had the wireless in a Lead Shielded room with a big old lock it may be good enough for level 2). Look in 07' the best commercially available non-millitary grade wireless encryption we had (256bit) was compromised in 8 min from when a user logged onto the wireless system by the FBI using a simple IBM laptop with in house scanning and decryption software at black hat. Granted this was not expected by anyone (estimates were in at the low range of a 1/2 hour on up). Seeing how this is the field I work in to an extent (wireless) I'm used to how easy it is to compromise using good tools (granted someone has to log on so you have packets to grab). I also deal with harddrive encryption (to a much lesser degree) and had heard the stuff I use at work takes months to crack if you can recover it at all. I figured this is not a fair test as my wireless is only a cisco 881 at home and not one of the big multi-thousand dollar wireless systems like at work., so I grabbed some hard drive encryption software that came with my personal laptop. Just to compare how long it takes me unauthorized log on to my own wireless network vs decrypt a hard drive. The only real difference in the test is that when it comes to compromising wireless I know what I'm doing and I have great tools. Hard Drives I'm shooting blind, thats not my department I send that to the data recovery guys who work there own magic. Personally at work I have not seen anything even with a sensitive sticker on it have wireless access. Your term of type 1 is confusing me to. Are you trying to refer to 140-2 level 1 or 140-1... Because level 1 is the lowest level of protection as defined by 140-2.

All those attacked WPA, not WPA2. WPA uses TKIP, which is based on RC4, like WEP. WPA2 uses CCMP based on AES, and it's not broken.

Given that there is reliable FOSS out there like cryptsetup-LUKS and TrueCrypt, there's no real point in using something you can break.

missing the whole point of my test.

Shadowrun 4e has all encryption as equal (harddrive vs wireless). I believe this to be a fallacy. I can pull an IP on my own wireless router at home (see above, im not using WEP, I use WPA2) well less than an hour. We shall say my rating (of my router) is about 3 on it in Shadowrun terms as it would be good for a small to midsize business. Using similar grade software to encode my hard drive. After about a week I was able to recover a reasonable amount of data (some of it is corrupted). So in my test harddrives take days where as wireless takes minutes. This shows (really bad science I'll admit) that encryption is not equal between the mediums. There by I was asking based on that evidence would it be ok to use the rules for cracking a program (which takes days) instead of the standard rules (which takes seconds) for decrypting a file.

[edit] and I'm not saying AES is broken, I'm saying anytime you use wireless when a computer connects you have just broadcast all the information someone else needs to connect. Its just like having someone physically on your network but not on the domain scanning packets for logons (actually this is MORE dangerous in most situations as many people don't encrypt their own network or firewall from the inside). You now have all the information you need to get on the network properly. Its just a matter of how long will it take your to dissect the packet.

Sure, you can listen the the traffic and attempt to break the packets. The Russians can listen the all the command and control traffic that STRATCOM uses to communicate with bombers and subs, and all they get is noise unless they have the keys. As decrypting the traffic will take until sometime after the heat death of the universe with any rational amount of computing power (even ignoring the effects of Landauer's principle) it's pretty pointless once you determine the keys are not trivially breakable due to someone being an idiot. You can still record it, because you might someday get the keys via a spy or an operational error, but you can't break it via a brute force.

And no. You don't have to broadcast anything useful. Those are nearly all backwards compatibility crap for old cards or ancient OSs. Like how MS used to try to have you log into the domain prior to building the tunnel, sending your login and password in NT4 format outside the tunnel... The various TLS approaches are just as secure (or insecure) as any other TLS system, like HTTPS.

And you don't even need the wireless system to be "secure" in order to have a secure wireless connection. For example, the most common approach used a few years ago for securing wireless was to have an unsecured wireless system that only connected to a VPN concentrator, so all the non-trivial packets were very strongly encrypted and the trivial had no real information value, as they were just the overhead.

In that case you should either apply for the Turing Prize or use another password than "secret123"



Sure, MAC adresses and stuff like that are transmitted in clear text, only the payload is encrypted (for the same reason you can't encrypt to recipient's address on a letter). However breaking this encription will take something that can be measured in decades.



Also, proving that P=NP would not affect symmetric cryptosystems like AES and even the effect on assymetric (public-key) cryptography would be very limited, because the underlying assumptions are far more complex.

The point of you test is pointless.

It doesn't, see Strong Encryption.

WPA2 uses 128bit AES as base, the very same used as base to encrypt harddrives.

This is the fallacy - there are no such ratings in real life.

If you can break your router or harddrive encryption, you are using crap-grade implementations, commonly called snake oil. Then there is stuff that works, and then there is the tin-foil faction, doing insane chaining like AES-Serpent-Twofish...

Uh... yeah. That's the whole point of the OSI layers.

Nope. It's one layer deeper, and, like kzt pointed out, it's irrelevant as long as the data is secure.

On WPA2 with sufficient PSK or RADIUS - untill you die or somebody has a revelation.

I feel like I'm talking to brick walls. Here AGAIN is the whole point of the test in the form of a question so as to hopefully gain a meaningful answer and not a "your encryption sucks".

In Real Life does it take an equal amount of TIME to join a laptop to a wireless connection (not log onto the domain, just trick the router into giving you an IP) that you do not have the passkey for as it would for you to decrypt a file, assuming both are using the aprox same level of security? If not which one takes less time?




Yes, I fully agree with you but it has no baring on the question.

The really strange part about the SR4 cryptography rules is that they don't deal with one-time pads. Even if public key encryption is ineffective, many users will have one-time pads in place instead. A one-time pad doesn't take up more space than the data being transmitted, so even jumped in rigging wouldn't take more storage than a simsense recording.

Schemes allowing secure non-public key encryption between previously unknown parties are also easy to devise with third party one-time pad providers. Alice tells the provider she wants to communicate with Bob - the provider has previously exhanged one-time pads with both. Alice sends data to the provider, encrypted with her one-time pad, the provider decrypts it, encrypts it with Bob's one-time pad, and sends it to him. Even if Bob and Alice don't use the same crypto provider, different providers could communicate between eachother one-time pads also, giving the same result.

Bottom line is, cryptography will always work.

Trusted parties - aren't.

Where would I find this strong encryption in SR4? book? page? pls

just like we will never need more than 640k of memory, or a video card to handle graphics processing, etc, etc. With current technology distributed net has brute forced up to 56bit and I think they are grinding away on 72 bit right now (its been years since I was involved with the project.)They estimate 600 years to complete. Computers double in power every 5-6 years, assuming we never actually hit the end game of cpu power (which has been a threat for ages but we always get a solution in time). I would say they are probably going to break it within 25 years (I'd be surprised if it takes more than 10). Encryption does stay ahead of Decryption but WPA2 will be nothing for the next gen of Network Admins to crack (like WEP is now)

I would expect that quantum computing is at work /somewhere/ in the decryption end of it--and my layman's understanding of q-bits and the like, is that with enough bits any encryption can be broken fairly easily.

Unwired, p. 66

Awesome, Thanks!

[edit] LOL well ok... That was not at all what I was expecting, the description may tea go all over my desk but I suppose it is something to say yes stronger stuff does exist. Better than nothing, thanks again!

Not really true. What quantum computers allow, in theory, (aka if anyone ever gets a working large-scale quantum computer) is to attack many public key systems. Apparently there are some public key concepts that don't use problems that are attackable by quantum computers. Quantum computers also don't really effectively attack symmetric key systems.

Well, that's not true, quantum computers reduce the keyspace by half, so a 256 bit AES can be attacked as it it's a 128 bit AES. This would be a huge accomplishment, but unfortunately it takes geologic time for even them most powerful computer conceivable to attack 128 bit AES via brute force. When you consider that it would also generate about 100 megatons of waste heat in the attack process it makes it doubtful that anyone would try.

BTW, I'm essentially taking on trust what people who have looked at quantum computers and encryption and fully understand that math have said. I can't follow it.

It's often faster to get an IP on a unsecured network than it takes to decrypt a file when you have the key.

Running decryption on several gigbits of data takes time.

In terms of breaking security on a well protected wireless system, the wireless IDS will pick you up long before you can brute force your way in. At which point it stops talking to you and you can pick up your marbles and go home, or you can try another mac etc. But the longer you try the better the location accuracy becomes...

The nice thing about a file is that it's passive. It won't react to your incorrect passphrases.

Of course that doesn't really take in to consideration using Quantum computing for the Encryption process. Heisenberg Uncertainty principle pretty much means that as soon as you capture the data and try to decrypt it you've changed it. Which means the only way you would be able to decrypt it accurately would be if you actually had the key. Which means if we have advanced quantum computing to the point where its being used on a regular basis then you better believe its being used for Encryption as well.

You don't trust them for the heck of it - you trust them because of the economic incentives for them to honor your trust.

Imagine everyone uses these types of service providers for encryption. This will be BIG business. Getting caught distributing someone's one-time pad or cleartext will lose the company all their future profits. For the company to do this a single time, then the payoff will have to be larger than the risk of getting caught times all your future profits. It doesn't work as a company strategy, unless perhaps you're a really small player that hit major paydata. That's why people won't use small, unknown crypto providers.

For individuals in the company, they'd probably need several people in on it (since the company has safeguards in place for the above reason), and they'd probably never work again if caught, perhaps even face jail.

Finally, the point isn't that this is 100% secure. The point is that it offers huge amounts of additional security (you can send the provider standard encrypted data if you want) for very little cost. Perhaps someone who was really determined could get hold of your one-time pad through bribes and infiltration, but it would be extremely difficult - most likely it will never happen and you'll have secure encryption your entire life. Even if someone did get your one-time pad, the second you suspected, you could just switch provider. In fact, you could switch providers routinely to preempt such compromising of your pad.

WTF is a ton of heat?

If observing your data changes it, you're screwed well before you get to the decryption--writing it would change it, reading would change it. Whatever you are storing your data in/on will operate on a level higher than the uncertainty principle so that, you know, your data doesn't change on you while you are looking at it.

Key distribution is a huge issue if one-time pads are used. Essentially you need to physically deliver the one-time pad to each person that wants to talk, and ensure that it isn't intercepted in the process.

Which I'm sorry for not elaborating on and only hinting at. That is actually last I heard one of the hurdles with quantum computing in general. But if by the 2070's they've managed to get to the point where true quantum computing is common place, then its not only going to be used for decryption but also encryption.

Johnny Mnemonic?

Here's the thing--encrypting isn't really a process that is bound by computing power (yes if you are talking about terrapulses of data under heavy encryption it becomes computationally bound). Decrypting without the key takes lots and lots of computing.

Yes, quantum computing has to deal with uncertainty and somehow entangling 128+ qbits is a non-trivial exercise but, given we are positing that it works, it works.

This of course, assumes that there isn't some sort of super-encryption that quantum computing allows. That type of thing has been posited but no one knows if such a beast exists.

Thanks! that is a reasonable answer. Though personally I don't see anyone trying to brute force a secure wireless system. Brute force some packets they captured from a user who logged in... maybe.

Because we all know - datasteals never happen in SR.
Icing on the cake: For your system to work, it needs to be online... and thus can be hacked. Gives paydata a whole new meaning, really.

The NSA and the various signal security commands in the military branches are extremely hard-core about the design of the equipment they buy, how they buy it, how they control it and how they control the keying material. They have no sense of humor about accidents. Very few commercial organizations have any possibility of being able to do this as effectively.

One of the most disturbing events in my military career was getting to the field and finding that my unit was unable to account for a piece of crypto gear. This was just a minor piece, with no keys involved, but that didn't matter. I was not looking forward to the call to Fort Huachuca and getting to discuss how this happened with the battalion commander, the brigade commander and a 2 star from Fort Huachuca, but it turned out we'd left it locked in the unit vault.

They are pretty successful at maintaining very secure networks, with exceptions like CPO John Walker. Walker is an example of how you penetrate really secure encryption, you bypass it by directly obtaining the keys.

And the latter is why storing the keys of everyone on an online system just is disaster waiting to happen.

Where I work the technical security staff keeps pointing out to the security policy management people that encryption does NOTHING if the machine is owned. The system can and will decrypt all the files as requested for an intruder just as effectively as they do for us. The only way encryption of a system helps is when someone steals the computer and needs the crypto variable to access the hard drive. Then it's hellishly effective, if the passphrase is well chosen and not written on the system with a sharpie....

That reminds me how it would be nice if one of the developers had a clue how encryption really works and how it's used.

QFT...
The Military has no sense of Humor when it comes to their Crypto...

Keep the Faith