QUOTE (Karoline @ Jul 29 2010, 05:32 PM)
Even back in the Cold War one time pads were too much hassle for the CIA (and others) to use even on its most secure communications. Russia made use of it from my understanding though.
To use a one time pad the message must be (hand) encoded using a big page of switcharoos, this could literally take hours for even a fairly short message. The message was then encoded (again) and sent to whoever. Whoever would then have to do a standard decode to get the one time encoded message, which included a pad number. Whoever would then have to look through their stacks of pads to find that particular pad, then spend hours decoding the message. I'm not sure if the pad was burned (With a witness) at this point, or if they were two part ordeals that included another code for the return message. Either way they were burned and required a witness to the burning (and a destruction of the ashes). So, after a few hours and alot of pain in the ass, you managed to get one message through. Very very slow, and generally communication needed to be faster than that to be effective.
So yeah, one time pads aren't used in SR because no one wants to spend half an hour to decode "Hi, how are you doing today?", and no one wants to have to carry around massive stacks of pads so that they can send and receive stuff. Keep in mind you really can't do any of this digitally, because if you do, then the pad might get hacked, making the entire effort worthless.
Look, in the age of computers, you don't have to do any of this by hand. You don't have to carry around "stacks of pads". You just both have the same copy of very long random string. It is very easy and computationally A LOT faster than any other type of encryption.
Storage isn't a problem either. Want to encrypt the video feed from a drone? A one-time pad that takes up as much space as 100 hours of video (totally insignificant in SR4) allows for 100 hours of video to be transmitted securely.
Exchanging keys? Not a problem either. For drones, you exchange them when they refuel/recharge. Teams exchange OTPs when during mission briefing. Etc. Arguing that we now think it is too much hassle doesn't hold - today we have solid alternatives, in SR4 you either go through the absolutely minor hassle of exchanging OTPs, or you suffer totally unsecure comms.
Afraid of someone on your team getting hacked and the OTP gets stolen? That will only happen if his system accepts non-encrypted channels, which of course they're set to not allow. Any hostile commands doesn't have the proper OTP encoding so it is garbled. And if someone should manage it anyway - well, you're really no worse off than you are today anyway.
There is absolutely no reason why cops, security teams, shadowrunners etc. wouldn't use OTPs - it is very simple, and it gives unbreakable comms.
If you want to talk about standard, long range communication, then a 3rd party OTP provider could solve this. This provider sells sealed data chips with OTPs on it. I want to send a message to Eve, I encode my message with the OTP and sends it to provider along with Eve's ID. They then decrypt it with my OTP, encrypt it with Eve's OTP, and sends it to Eve. If we're feeling really paranoid, Eve and I could encrypt the message normally first. So, you ask, doesn't this require a lot of trust in the provider? No, not anymore than you already trust all the owners of all the nodes your data goes through. This is a risk you're already living with. The only risk here is if someone manages to break into the provider, but for one, the entire world would rely on encryption from these providers and you can bet the only ones in business are the ones with the hottest matrix security available. Secondly, even if someone managed to do it, then do you think the guys who did that are the ones who want to listen to your comms, are you that important? And if that one group happens to be the ones on your tail, ok then that one group can do to you what everyone can do to you if you weren't using the OTP provider. Even the hottest datasteal on the planet wouldn't make you worse off than you already are.
Bottom line is, OTPs will allow for near perfect encryption. You can handwave it away, or you can make something up that explains why OTPs aren't in use. I thought, hey this is shadowrun, its magic! Random strings attract things from the resonance realms that screw operations with them up, problem solved.