So I've been looking, and in short order I can double encrypt a file or message with two separate PGP keys, making it even less likely to be decrypted.

I'm sorry, but I dont think even Quantum Computing can fix this one.

Why was this lost, other than gamebalance? Specifically, *OTHER THAN GAMEBALANCE*

quantum computing can fix that in a heartbeat. all you have to do is add one more molecule to your processor.

I blame William Gibson.

to more directly answer the question, it wasn't dropped at all. you can't really drop something, if you've never picked it up in the first place. the game designers said "okay, encryption makes it impossible to read data unless you decrypt it. here are some rules."

sigh, sometimes you thinks there's blood in the water, but then your get there ans it's just ketchup.

That's because what most people know about encryption, they saw in 'Hackers' or some equally accurate movie/tv show.

Even explainging some of the concepts to someone who does not have a good math background can be a bit tricky.

Since the writers probably neitehr knew too much about encryption, nor did they want to 'bog the game down with it' they just came up with some rules.

Perhaps the very concepts PGP, and all similar encryptions, are based on have no meaning in Shadowrun computer systems. Remember we're talking about a computer network so different from what we're used to the concept of bits and bytes can't even be applied to data, PGP's encryption might be completely incompatible, on the same level as breathing through your ear sockets.

As Crusher Bob said, encryption isn't a widely studied subject for game designers of anything less than something like Cyberpunk.

If you ARE interested in the subject, or just want a good pre-cyberpunk cypherpunk book, read Cryptonomicon, by Neal Stephenson. Interesting for history buffs, mathematicians, and cyberpunkers alike.

I'm sorry, but there really is no legitimate rationale for this other than game balance. You can go off about how SR's computers don't function the same way since they were designed from scratch after '29, but the fact remains that it's really nonsensical and was built out of game balance and sheer ignorance. That's just how it is. No one has ever claimed that the Shadowrun computer rules are realistic without at least two pints of tequila in him.

Higher ratings of encryption probably double encrypt the data, if it's that good. That's why they're high rating.

Quantum computing's only an exception because, in theory, it's faster by more orders of magnitude than most people can comprehend, and would therefore make all present day encryption obsolete by sheer brute force.

More accurately, it can test all possibilities simultaneously instead of sequentially.

~J

I actually was part of a quantum computing group in grad school. Without getting technical, Kage is right in pointing out that quantum computing isn't just a fast version of a regular computer, it is fundamentally different. A quantum computer can perform operations that can't be done on a Turing machine. The basic difference is that bits which can be either 0 or 1 are replaced by qubits, which can be superpositions of 0 and 1 (Think of scrodinger cats which are in a superposition of dead and alive, or, less exotically, electrons whic can be in a superposition of spin up and spin down).

Anyway, the end result is that a quantum computer can chew through public key encryption in an amount of time related to (size of key)^some power as opposed to a classical computer which woud go like 2^( size of key). The moral of the story is that double encrypting would require longer time for a q-computer to crack, but nothing like the exponetially greater time that a classical computer would take.

So, all currently know classical encryption schemes would be hosed once you can make sizable quantum processors (The current state of the art is only 2 or 3 qubits!!!). Of course, there are quantum encryption schemes that can beat quantum computers, but thats is another story.

Whether the game designers knew/cared about all this is beyond me, but there are logical reasons for beleiving that classical encryption will be very much breakable in a quantum computing age.



For trustworthy info on this stuff, I suggent the National Institute of Standards and Technology (NIST) sight. http://qubit.nist.gov/

And here's a plug for som of my old friends in the field http://pantheon.yale.edu/~dpd5/demillegroup.htm

For those of you not to sure about the difference between 2^X and X^2 algorythims. Trying to solve the first once, for non-trivial values of X, the universe will either die of heat death first, or callapse into a singularity. For X^2 you can come back next week and get your answer.

Expect a big rise in the use of 'user friendly' one time pad systems...

You can probably also 'defeat' quantum decryption for a while by using spread spectrum techniques, but I wouldn't bet too much against.

Thats a good way to put the difference CB.

In principle, quantum encryption is unbreakable by any known classical or quantum algorithm. Los Alamos national lab has a working quantum encryption system, and some private companys are working on consumer models. Whether this is a good thing or a bad thing is up for debate

Not only is quantum encryption unbreakable, it's also impossible to nondestructively attempt to crack it. As a result, any attempts to monkey with it will be noticed.

~J

Very true Kage...ah, what nerds we are!

Kage? Did I hear you from boston? I'm looking for local shadowrun people. Drop me an email: fenselau@bc.edu

Dropped.

~J

A few things...

1) Nothing is impossible and nothing is unbreakable. One-time pads come close, but logistics get in the way (and if you can obtain a key, it's not unbreakable since you just broke the code). One-time pads are also next to useless on any major scale, especially for civilian use, since the amount of data you want to encrypt has to have an equal amount of coding to go along with it -- coding you can't transmit with the file, thus you must already have it in your possession. It has its uses for deep-cover spies receiving limited-sized messages, but that's about it. And even then, it's not unbreakable as someone can always find the key and make a copy of it in order to monitor their communications without them knowing.

2) Again, nothing is impossible and nothing is unbreakable. Sure, quantum encryption seems unbreakable by our current understanding of physics, but then again faster-than-light travel and spooky action over long distances seems impossible by our current understanding of physics, too. "Impossible" usually translates to "no one's figured it out yet" or "it hasn't been done yet."

3) Some of you are acting like quantum encryption or quantum computing is a reality. It's not, it's just a theory. Nothing in the game world suggests its possible yet, either (and even magic can't perform teleportation or most other amazing feats of quantum theory). It's little more than a theoretical pipe dream that might work someday if several theories end up being fact and we can figure out how to do it. That's a lot to ask even for 60 years of advancement. Even more so if you accept the huge amounts of information lost in the Crash of '29.

In other words, it sounds good on paper but that's about as far as it goes.

Besides, if encryption in the game was impossible to break, it'd make for some pretty dull and/or tedious gaming.

I'd like to respond to some of those points. First, I'm pretty sure I said that quantum encryption can be broken by an KNOWN classical or quantum algorithms. Of course there could be some unknown physics that beats quantum encryption. However, it is based on some of the best understood and experimentally tested aspects of quantum theory, so the new physics would have to be really weird and unexpected.

Quantum Cryptography is not a theory. Its a reality which has been implemented in several labs. I personally have seen several fully working quantum encryption set ups (Los Alamos has a few, NIST Maryland has one, and at least one priviately owned firm in Boston is working on moving from prototype to production models.

Quantum computers are much farther behind. As I said, the most advanced computer has only 3 quibits. However, dozens of research groups are currently working on quantum computers (Some of the leaders are at NIST Colorado, Yale, MIT, along with Germany and Italy). The government is tossing millions and millions of dollars into these efforts. Its actually kind of a joke in experimental physics that you have to figure out some far fetched way to tie your research into quantum information in order to get funding.

Now, it is definitely possible that all of this will fail miserably, and it will turn out that quantum computers are totally impractical to build. And I don't know of any cannon mention of QC. But QC's aren't purely theoretical objects like wormholes...there are real people in the basements of Universities all over the world actually trying to build these things.

If you steal or otherwise duplicate a guard's key/retinal pattern/fingerprint and get past a gate, you just broke through one of their defensive measures. It doesn't matter how you do it, only that it's done. The same is true of encryption. If there's a key and you obtain it -- through either brute force, decryption methods, or simple theft -- you've still unlocked the message.

But I didn't pick the lock, nor did you break the code. We just stole a key.

And the encryption failed as a result of that vulnerability.

There's no need to bicker over semantics. Yes, all security measures are ultimately pregnable to some degree or another, some moreso than others, and this is balanced by their feasibility in real life conditions and applications. But this is a statement so obvious as to be practically empty.

man, cant people just let this topic rest allready? i have seen 3 threads about this in the same amount of months. one drop of the first page and a new one pops up

one reason i don't think quantum computing exists in SR is that SR's technology is too low-end. with quantum computing, desktop computers wouldn't exist, even as the keyboard-sized units they have in SR. palmtops would be considered bulky. you'd have jewelrytop computers--a pocsec in your ring, an encephalon in your datajack, a cyberdeck in your earring. and the Matrix itself would, at the very least, experience a graphical revolution as simsense became impossible to differentiate from real sensory input.

Not really; usability has to be maintained, after all. Just because something can be smaller doesn't always mean it should be.

~J

Fact does remain, though, that with computing power that is many orders of magnitude beyond (and different from) what we have now, society would be affected dramatically in ways SR canon doesn't begin to lean on. Not that SR canon makes a hell of a lot of sense (420 rpm miniguns), but this reaches much further.

One thing I'd like to put into the semantics argument is something I learned over the Math Modelling contest about security systems. Every security system has to have its effectiveness measured by two basic factors: Type I and Type II errors. I don't remember which is which, but...

One error is the probability that a registered user isn't allowed access. Valid turned invalid. This has to do with how 'nitpicky' the system is. The other is the opposite, the probability that an unregistered user is allowed access. Invalid turned valid.

I think what ACL is trying to say is that, if a given key for the encryption exists, then the second (I'll go ahead and call it Type II) error spikes considerably. By hook or by crook, there's an uncomfortably large probability that an unregistered user (i.e. a hacker) can get registered access. Day-to-day intended users of said key aren't "breaking the system" because they're supposed to be there. But a hacker or a bruiser who obtains the key is breaking the system because he/she is taking advantage of a Type II error and getting access normally not allotted.

In other words, that stealing the key is just as valid a method, albeit a little bit easier in a respective sense, of 'hacking' a system as anything else. Hell, the Decking rules capitalize on this. A really good way to get access to a system is to sneak in and create a Superuser account, so you have registered, danger-free access all the time. You've made your own key, and you don't have to hack anymore, but you've still beat the system.

Yes, you are "hacking" the system or "defeating" the encryption. What you are not doing, what you cannot do is brute-force decrypt it. You get one shot, and one alone.

~J

Definitely, Kagetenshi. Stealing a key is not decrypting the code. It's having a program 100% decrypt it for you. If anyone was insinuating that, and I hope I wasn't, then they should stand corrected.

Yes, you are right that creating your own key (or finding someone else's) is indeed a great way to gain access. In the world of cryptography this is called a compromise (or, more whimsically, a "rubber-hose attack" or sometimes a "purchase-key attack" when bribery is used). In modern-day encryption this is by far the most effective way of getting around encryption.The other way of getting around encryption is cryptoanalysis; that is, the science of recovering the plaintext of a message without reference to a key.

The problem with SR's encryption is that, now only do they not have good rules defining what a "key" to any of their encryption algorithms, which throws compromise into the realm of house rules, but that they make cryptoanalysis so damn easy. In fact, the SR rules only bother with a single type of attack: a cyphertext-only attack, often considered by far the weakest type of cryptoanalytical attack. Such an attack is usually doomed to failure at the very start, since the attacker really has no frame of reference from which to begin his analysis, especially if the algorithm is at all well-written and not some stupid bit-shifting or rotation algorithm. The other three major forms--known-plaintext, chosen-plaintext, and adaptive-chosen-plaintext--are not discussed at all, even though they are usually far more powerful and prone to work.

(Edit): heh, now all motivated to finish reading my borrowed copy of Applied Cryptography.

Look, when it comes to defeating encryption, it's only the end result that matters. Sure, brute-force and algorithmic decryption tactics are completely useless against a one-time pad. That doesn't make it unbreakable, only impossible to use conventional methods to break the code.

But if you have a copy of a pad or any other encryption key -- whether you got it through brute force or by hook and by crook -- you still have the pad or encryption key and have defeated the encryption. You now have full access to all the information that was once encoded.

If memory serves, that's exactly how the Allies defeated PURPLE and Enigma.

Just because all the math in the world won't help you get past it, that doesn't make an encryption method fullproof unless there's no way to decrypt it. In the case of a one-time pad, it has a significant vulnerability in that it's not something you can memorize, thus limiting who has access to the pad. If a pad exists -- either as a hardcopy or a secure harddrive on a nuclear submarine -- an enemy only need capture it without letting the otherside know that they have it. Once you do, bam, you've beaten the encryption.

It's not exactly unrecoverable, per se. There's always brute force. But, yeah, it's fairly similar. Of course, deletion followed by a few white noise writing passes is far more practical and far more secure.

Not quite. Enigma was defeated because, as a primitive computer, it had a very low randomness and thus was vulnerable to cryptoanalysis.

~J

So much for my memory. Pretty positive about PURPLE, though.

Yes, but that's a vacuous way to define the effectiveness of an encryption algorithm. Encryption isn't designed to keep valid users (eg. those with a valid key) from accessing the plaintext of a ciphertext. If you destroy the ability for a valid access then you're not encrypting a text; you're shredding it.

No it's not, it's perfectly valid. Especially for a method as clumsy as the one-time pad. If it were "the shit," it would be everywhere... but it's not, because it is clumsy and has a large vulnerability in the way of both sides needing a pad of equal size to the encoded information.

I don't even think the navy uses it on its nuclear submarines or aircraft carriers, and that's about the only application I can think of where it might be useful outside of spygames or other deep cover occupations where limited-size messages are about all you need. Everytime a ship comes in to dock, they get a new harddrive (or more likely, a series of harddrives) containing the one-time pads. But that's about it, and woe be it if they run out of a pad before they get a chance to dock again. And, again, if someone happens along and steals a copy of the pad (again, just like what happened with PURPLE), the enemy now has access to all those encrypted transmissions until such a time as the pad runs out.

Again, just because you can't defeat encryption one way, that does not mean it can't be defeated another way. I know you want to so firmly believe in that that it hurts, but it's a simple truth. The only thing vacuous about it beyond your "ignorance is bliss" way of thinking.

Now if you can come up with a method that has no way of being intercepted and decrypted by anyone other than the target, you'll have a full-proof encryption method. But from what little I've read of quantum encryption, it can't even guarantee that, though it comes pretty darn close.

Yes, but then there's the fact that in cryptography "unbreakable" means immune to brute-forcing, so it is, in cryptographic terms, unbreakable. That doesn't mean it can't be bypassed, and we realize that there are ways to do such, but the proper term for such methods is unbreakable.

~J

Very well, I'll accept that. Though from what I recall, the closest term I've ever seen regarding such things is "essentially unbreakable." But I'm willing to accept your definition for the purposes of this thread.

Most of the places I've seen "essentially unbreakable" have been for traditional large-prime encryption, which are breakable by brute-forcing, just not in any reasonable timeframe (varying from hundreds of years to longer than the estimated remaining lifespan of the universe).

But yes. It's clear that quantum cryptography doesn't exist in Shadowrun, or at least isn't practical. What is less clear is whether quantum computing exists; if it did, traditional means of encryption would be useless, but there are other means of encryption that are horribly poorly studied because current methods work so well that may or may not break under quantum computing; I'm not sure if anyone really knows.

~J

Elliptical curves Kagetenshi? Or Something Else?

I'm not particularly familiar with elliptic curves, but the quick search for info that I just did suggests that they're just a variant on large-prime cryptography, in which case they wouldn't be what I'm referring to.

~J