Help - Search - Members - Calendar
Full Version: Encryption
Dumpshock Forums > Discussion > Shadowrun
Rand
As the title says, I would like to know the page numbers of where it gives the encryption rules, such as TN and how you go about breaking it. Thanks.
Johnny B. Good
The rules on encryption are screwy. The book redirects you like three times.

Engrypting: Make an Encryption + EW roll, hits x2 determines threshhold. You can encrypt almost anything. Nodes, subnodes, programs, access logs, databombs, icons.

Decryption: Make an extended Decrypt + EW roll, interval one IP. Once you hit the threshold, you have the decryption key.
sabs
Basically:
Assuming you have a hacker and a sys admin.

Sys Admin
EW 5
Encryption: 8
Math SPU, encephalon 2, Hot VR, Optimised Encryption.
Dice Pool 19:
Net Hits: 5-6 (max of 19)
Threshold of 10 to 12 (potential max of 38)


Hacker:
EW: 5
Encryption: 6
Math SPU, Encephalon 2, Hot Vr, Optimised Decryption
Dice Pool: 17
Net hits: 4-6
So the roughly best encryption in the world is going to take a hacker anywhere from 2 ip, to 9 ip.
3 combat rounds at the very most, assuming some amazingly lucky encryption.
That's some crazy speedy decrypting.

And fo course the Technomancer is rolling closer to 25 dice for the test. And so he's chewing through UV encryptions in a heartbeat.

hobgoblin
i assume the book is SR4a. the actions are described on page 229 if you want to apply the encrypt program described on page 233, or decrypt something by way of a previously acquired key.

if you have no such key, there is the initiate cryptoanalysis action on page 230, using the decrypt program on page 233 (note that if you have the key you dont need to perform this action to gain access. key can be acquired in a number of ways, with at least one involving a love troll).

there are expanded encryption rules on page 65 and 66 of unwired.
CanRay
QUOTE (hobgoblin @ Jul 20 2010, 11:15 AM) *
(...key can be acquired in a number of ways, with at least one involving a love troll).

This also works for passcodes, voice prints, retnal scans, fingerprints, and severe psycological damage.
hobgoblin
QUOTE (CanRay @ Jul 20 2010, 06:20 PM) *
This also works for passcodes, voice prints, retnal scans, fingerprints, and severe psycological damage.

"i'm bubba, and i approve this message"
Traul
QUOTE (Johnny B. Good @ Jul 20 2010, 05:49 PM) *
Engrypting: Make an Encryption + EW roll, hits x2 determines threshhold. You can encrypt almost anything. Nodes, subnodes, programs, access logs, databombs, icons.

Where do you get that from? I don't see any roll for encrypting, and Unwired states that the enryption rating is usually the Encrypt program rating.
Johnny B. Good
QUOTE (Traul @ Jul 20 2010, 06:49 PM) *
Where do you get that from? I don't see any roll for encrypting, and Unwired states that the enryption rating is usually the Encrypt program rating.


Maybe I was wrong, I don't have my books with me. Will check when I get home.

Either way, Encryption is still really weak, unless you have an agent running a dynamic encryption.
sabs
from the book

QUOTE
You have your Decrypt program start working on an encryption to
which you have access. Cryptanalysis is an Electronic Warfare +
Decrypt (encryption rating x 2, 1 Combat Turn) Extended Test.


Which means btw, that SiN info stored on your commlink. You need 10 hits on a decrypt to get access to it. /woo/

Traul
QUOTE (sabs @ Jul 20 2010, 09:09 PM) *
from the book

That's the cryptananalysis roll. It does not describe what the encryption rating is (and since they had to put it in Unwired, I am afraid this cannot be found anywhere in the core book).


sabs
From Unwired
pg# 65
QUOTE
All encryption has a rating, which is used to determine how
difficult it is to break. The higher the rating, the better the encryption.
Usually, the rating of the Encrypt program used is the
rating of the encryption.


Dynamic Encryption:
QUOTE
The user makes an Opposed
Computer + Encrypt Test against the attacker’s Electronic Warfare
+ Decrypt; for every net hit on this test, the threshold for the attacker’s
attempt to break the encryption is increased by one. This
requires a Complex Action.


Strong encryption lets you up the interval by the amount of time you spent encrypting, max 1 day.

I think it's pretty clear that the Encryption rating is = to the Rating of the Encryption program used to encrypt it.
hobgoblin
so a agent performing dynamic encryption, one will continually add to the threshold the attacker is attempting to reach.

i could see that being popular for corps and such, if only they didnt need to spot the attacker first via matrix perception (a mechanic i am unsure how works for automated defenses. Can one spot a hackers persona while he is trying to decrypt some data traffic for instance?).
sabs
Only if you make a non-extended matrix perception test, with the threshhold being the Stealth Program Rating.
hobgoblin
that do still not answer my question, as the person doing the decryption would not be present in any node my persona is present in, but rather in one that the traffic between my home node (comlnk usually) and whatever i am exchanging data with passes through.

from what i can tell there are only two groups of personas i can spot, the ones that are within direct radio range with my comlink (ARO) or those that have a persona present in whatever node(s) i am currently accessing.

and given that, i would say the times one can successfully deploy dynamic encryption (or spoof, as it to relies on first using matrix perception on something that can communicate with the target of the spoof action) are more limited then one first get the impression of.

seriously, i really like the matrix rules in SR4 for its more flexible nature (and its AR), but the conditions for use on some of its more interesting abilities have apparently not been fully contemplated.
Yerameyahu
I don't really see why you couldn't use Dynamic Encryption wherever you are. You just rotate things, you're not interacting with the decrypter.
hobgoblin
read the requirements in unwired, its specifies that to use dynamic encryption one first need to use matrix perception successfully on the persona performing the decryption before one can initiate dynamic encryption.
Yerameyahu
No, no, I don't mean RAW. I mean, 'how you should use it in your game if you want'. smile.gif
hobgoblin
while true, it kinda defeats the reason to discuss rules in the first place wink.gif
Yerameyahu
Psh. We constantly discuss RAW and house rules in the same threads here. I thought it was clear that I wasn't making a claim about RAW, but I'm glad someone pointed out that it wasn't. I wouldn't want to confuse anyone.
Rand
The reason why I am asking is because I want to see if using the more complicated encryption (longer intervals) is really game breaking? As I reason it now, I don't think so. I have been trying to make the game faster at the table, but slower in-game because I think it is rediculous that response time is really un important - if they aren't there, then they won't be. You know what I mean?
Malachi
QUOTE (sabs @ Jul 20 2010, 01:30 PM) *
Only if you make a non-extended matrix perception test, with the threshhold being the Stealth Program Rating.

Not quite. It's actually an Opposed Test: Computer + Analyze vs. Hacking + Stealth (SR4A p. 228).
Yerameyahu
Well, that's why there are optional rules. SR4 intentionally has weak crypto, but you can strong it up. smile.gif
kzt
QUOTE (Rand @ Jul 20 2010, 03:24 PM) *
The reason why I am asking is because I want to see if using the more complicated encryption (longer intervals) is really game breaking? As I reason it now, I don't think so. I have been trying to make the game faster at the table, but slower in-game because I think it is rediculous that response time is really un important - if they aren't there, then they won't be. You know what I mean?

My opinion is that the way SR handles encryption is extra dumb, and it clearly shows that which ever dufus wrote and approved the crypto rules has no idea what crypto does and why it needs to be effectively unbreakable for people to do important to the game things like buy stuff with electronic money. The only area where unbreakable decryption really hoses the players is encrypted files. If every file your hacker gets has unbreakable encryption on it really sucks. But since nobody actually carries around a little book full of thousands of random 43 character keys and manually enters the key every time they want to read any file, assume that the OS decrypts the file for the user automatically if the hacker is in as the user.

If someone wants to decrypt most anything else I'd suggest any of several other approaches, like Rubber-hose cryptanalysis, black bag jobs, stealing/hacking a poorly secured comlink, etc. All of which are a lot more interesting than the hacker rolling dice until he wins.
Rand
This is my idea:

•Harder Encryption: Increased intervals which depend upon the Encryption Rating (ER) and the decrypting System Rating (SR):
ER Interval
< Half SR 1 Combat Turn
> Half SR 1 Minute
= RS 5 Minutes
> RS 1 Hour

Rand
This is my idea:

•Harder Encryption: Increased intervals which depend upon the Encryption Rating (ER) and the decrypting System Rating (SR):
ER Interval
< Half SR 1 Combat Turn
> Half SR 1 Minute
= RS 5 Minutes
> RS 1 Hour

Rand
This is my idea:

Harder Encryption: Increased intervals which depend upon the Encryption Rating (ER) and the decrypting System Rating (SR):
ER vs. Interval
ER< Half SR = 1 Combat Turn
ER> Half SR = 1 Minute
ER= SR = 5 Minutes
ER> SR = 1 Hour

Conversely, the system rating could be the decrypt program rating instead. I think that might be better.
hobgoblin
and thats different in practice from unwired's strong encryption, how exactly?
sabs
QUOTE (hobgoblin @ Jul 21 2010, 05:19 PM) *
and thats different in practice from unwired's strong encryption, how exactly?


Strong encryption says:

Time Spent Encrypting = Interval for Decrypting (Max 24 hours)

example:
I spend a day encrypting file X using a Rating 5 Encryption program. (like say SiN information)
Hacker Bob grabs the files and decides to try and decrypt it.
Hacker Bob rolls an extended test using his computer+decrypt dice pool (including cyber, bio, optimization bonuses)
Threshhold: 10
Interval: 1 day

if I spend 6 hours encrypting file Y then it becomes:
Threshhold:10
Interval: 6 hours.
The rating of the decryption program has no bearing on the threshhold or interval.

Hacker Bob has 18 dice roughly
In the first example it takes him: 2 days to decrypt the file
In the Second example it takes him: 12 hours
If he gets lucky, or spends edge, he can easily get it in one go.

Strong encryption can only be done on Files and possibly Nodes, but never on Signals.
Yerameyahu
I might even want to tweak Strong Encryption to the defender's favor a little more. Maybe (2*Time Spent)=Decrypt Interval? Anyway, whatever is fun for your game. You can even use them together, weak and strong.
sabs
I was thinking it's an interesting way of getting hackers into the meat, and doing more social hacking.

Most real nodes, are strong encrypted.

To hack in from the outside, first you have to break the encryption wrapper.

So, lets say you want to get into Bank of Fragal's network via their matrix portal.

1) hacking+decrypt(or computer+decrypt) against their Encryption*2 with an interval of day.
2) hacking+exploit
3) entry allowed.

Once you're in you have an account and the node is on the fly decrypting for you using the key. So unless there are sections or files that are specifically encrypted with a different key. You're all set.

Lets say you don't have two weeks to decrypt and then slow hack your way in.
You use social engineering.
1) you find a sysadmin or security spider who works from home and you obtain his commlink and direct hack it, or hold a gun to his head while he gives you his encryption keys/access tokens.
2) You get inside the building, and access the node directly.

Allow hackers do to things like:
use hardware+decrypt to build a decrypting gadget that someone just has to plug into a terminal/local commlink/nexus.
A logic+hardware to modify someone's commlink to store and send images of everything that passes through it to a secondary node.
Basically allow hackers to build little gadgets to give them the ability to get around such problems, but that require being in the meat.

Hacker infiltrates a building, and finds a nice wire/junction area to setup in. He taps some matrix fiber, the electrical grid, attaches a gadget into the elevator junction box. Attaches a gadget to the video feed. Voila, he's in. Give him a giant bonus for taking stuff over in the building, or say that the gadget lowers the threshhold or intervals. Depending.

This means that wide spread, I hack from home, is rare, and slow. Only the very best do it, and it takes them /weeks/ to get into certain places.
Shadowrunner Hackers specialize in: Overwatch, In the Meat data infiltrations, and the like.

Yerameyahu
Ditto. Social engineering is a fun element.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012