Welcome! These forums will be deactivated by the end of this year. The conversation continues in a new morph over on Discord! Please join us there for a more active conversation and the occasional opportunity to ask developers questions directly! Go to the PS+ Discord Server.

On Encryption

18 posts / 0 new
Last post
Fri, 2015-03-06 20:01
#1
Noble Pigeon Noble Pigeon's picture
On Encryption
Something I wanted to clarify: if mesh inserts come with encryption software by default, why bother tapping into communications between any two parties? The hypersonic communicator on page 150 on Panopticon mentions mesh transmissions as being "insecure", but as I understand it public key encryption software is so advanced it literally takes an entire week just to decrypt it with an extremely expensive quantum computer.
"Don't believe everything you read on the Internet.” -Abraham Lincoln, State of the Union address
Top
Sun, 2015-03-08 20:09
SHDNick SHDNick's picture
Eavesdropping on people
Eavesdropping on people communicating wirelessly is generally pretty easy, and so is worth doing if it's not too risky. Even if you can't decrypt it now, you can still note that person A talked to person B, at this time, at this place, for this long, and afterwards persons A and/or B might act on whatever was discussed. There's also a non-zero chance that somewhere down the line you might get hold of the secret key used to protect the conversation, and a non-zero chance might be acceptable, if the info's important enough.
Top
Wed, 2015-03-11 17:33
Trappedinwikipedia Trappedinwikipedia's picture
A week is also not a terribly
A week is also not a terribly long time in crypto terms. Modern codes usually take between weeks (RSA-155) and years (larger RSA codes) to break with high end hardware. Of course, with more hardware (expensive, but very possible) or a good roll on the task action, it is possible to break codes much faster. This is also usually for breaking the encryption on files, as un-encryptable communication is possible, which really expands the relevant time frame. The hypersonic communicator is probably best for communication where keeping the metadata a secret is important.
Top
Thu, 2015-03-12 14:39
Noble Pigeon Noble Pigeon's picture
So I guess my question should
So I guess my question should be revised to: why would anyone NOT encrypt their mesh interactions? Or I should say, Firewall sentinels? If it's so trivial as the book makes it out to be then there would be no reason at all not to have every single interaction over the Mesh be encrypted.
"Don't believe everything you read on the Internet.” -Abraham Lincoln, State of the Union address
Top
Thu, 2015-03-12 15:06
ORCACommander ORCACommander's picture
why do people not set wifi
why do people not set wifi passwords today or leave them at factory settings?
Top
Thu, 2015-03-12 21:03
TheGrue TheGrue's picture
Noble Pigeon wrote:So I guess
Noble Pigeon wrote:
So I guess my question should be revised to: why would anyone NOT encrypt their mesh interactions?
But they do. What do you think that Infosec roll is for when you hack someone's tacnet?
Thermonuclear Banana Split - A not-really-weekly Eclipse Phase campaign journal.
Top
Fri, 2015-03-13 00:17
Noble Pigeon Noble Pigeon's picture
TheGrue wrote:Noble Pigeon
TheGrue wrote:
Noble Pigeon wrote:
So I guess my question should be revised to: why would anyone NOT encrypt their mesh interactions?
But they do. What do you think that Infosec roll is for when you hack someone's tacnet?
But I thought you need a public key or a quantum computer to break that kind of crypto, not Infosec?
"Don't believe everything you read on the Internet.” -Abraham Lincoln, State of the Union address
Top
Fri, 2015-03-13 00:39
TheGrue TheGrue's picture
Noble Pigeon wrote:TheGrue
Noble Pigeon wrote:
TheGrue wrote:
Noble Pigeon wrote:
So I guess my question should be revised to: why would anyone NOT encrypt their mesh interactions?
But they do. What do you think that Infosec roll is for when you hack someone's tacnet?
But I thought you need a public key or a quantum computer to break that kind of crypto, not Infosec?
Depends on the kind of crypto you're using. Infosec to hack someone's device is using exploits to trick the system into giving you the key accidentally; see Heartbleed for a contemporary example.
Thermonuclear Banana Split - A not-really-weekly Eclipse Phase campaign journal.
Top
Fri, 2015-03-13 05:15
obsidian razor obsidian razor's picture
This has been a short but
This has been a short but very interesting topic :o
Top
Fri, 2015-03-13 11:07
UnitOmega UnitOmega's picture
So looking at it, encryption
So looking at it, encryption discussed in EP is mostly for data traffic, with a side mention of public key used to encrypt files - which is promptly sidelined later by the quote "Hackers could also find some other method to compromise the system and gain inside access, bypassing the encryption entirely." Basically, unless you're only using a Sniffer to track encrypted data being sent you can work around the actual data file encryption. Also, the book talks about public key like it only works between two systems (users, devices, networks, etc), so I don't know if it covers the encryption on the TacNet VPN. Anyway, look at the hacking sequence. If you're doing a standard hack or a brute force, you need an exploit. Either a piece of external software or the hard earned knowledge of the software tools you're working against. So, when you hack you're not just knocking on the front door asking to be let in, you're sneaking around to that one basement window you know is open, popping the lock and slipping in. If you're on the source side, you can hopefully find the secret key. If you're on the destination side, you can probably just get the decrypted files. If you're spoofing, you're tricking the system into thinking you're a legit user (though, for a TacNet this is probably a bad idea). And if all else fails, there's the rubber hose method. For player characters, they probably should encrypt most of their communications. But that doesn't mean they should say whatever they feel like. Mysteriously encrypted signals will make people curious, and any intelligence agency worth its salt has shelves of quantum codebreaking computers lying around to use. And a whole mess of crypto-nerds to use them. And as noted, a week really isn't that long. So, in comparison, Mesh communication [i]is[/i] insecure. Somebody will always eventually break it. The trick is to not make them want to break it, or say nothing that will be actionable after the week has passed.
H-Rep: An EP Homebrew Blog http://ephrep.blogspot.com/
Top
Fri, 2015-03-13 11:35
eaton eaton's picture
Sniffing, Spoofing, Exploits, Brute-Force
The guy who plays a hacker/infomorph in my current game is a network security guy, so he's had allllll sorts of curious about the detailed mechanisms. I'm not sure if it's canon, but we've been working with some house rules: There are four ways to get into a system:
  1. Stolen or faked credentials: Obtaining someone's network credentials via social engineering, using a stolen fork to make a cloned brainprint, etc. These require no test when they're used to gain access to the system, but generally imply a bunch of adventures and hijinks to obtain the credentials.
  2. Spoofing: 10 minute Infosec task action. Requires access to existing network traffic that can be monitored. Success implies finding vulnerable/insecure traffic and pretending to be the user generating that traffic. VPNs and traffic that users are explicitly encrypting (rather than relying on "standard" network security) can't be spoofed.
  3. Exploit: 10 minute infosec task action. Success varies highly based on the quality of the exploit software the player is using, and how secure the server is. If the player hasn't explicitly purchased exploit software recently, they take a penalty based on the age of the exploit—representing the ephemeral nature of 0day vulnerabilities.
  4. Brute Force: 1 minute infosec task action. +30 but you are spotted when you log in. Pretty standard.
We've also been experimenting with something more concrete for the Sniffing action: We treat it as a one hour Interfacing (not infosec) task action very similar to Spoofing, but instead of getting you direct access, it gets you either stolen credentials or secret information that can be used at a later time. Like Spoofing, it only works on relatively insecure networks—the benefit is that it doesn't leave any traces. Spoofing/sniffing feel like the fuzziest in the core books, and that's what we've tried to figure out some good house rules for.
Top
Fri, 2015-03-13 16:30
ORCACommander ORCACommander's picture
ya the rules in ep are well
ya the rules in ep are well intentioned but its kinda obvious that ep has not network security specialists. Also what is the span of a week to an immortal?
Top
Fri, 2015-03-13 17:49
UnitOmega UnitOmega's picture
I've always assumed the week
I've always assumed the week rule is your dramatic baseline. It's short enough you might actually bother (because who wants to sit on a file for six months?) but long enough that under urgent circumstances, it's not as fast as you'd like, thus pushing player characters to be more proactive to get what they need in 24 hours, or whatever. A lot of the mechanics and rules of EP seem aimed to be player facing, or at least player oriented. Probably because the game-master can have basically unlimited resources in the name of conspiracy and horror.
H-Rep: An EP Homebrew Blog http://ephrep.blogspot.com/
Top
Sun, 2015-04-05 15:47
Noble Pigeon Noble Pigeon's picture
Something I wanted to ask
Something I wanted to ask that isn't worth making its own thread, I think: on page 252 of the core book, at the bottom right, a sentence says:
Quote:
Actively monitoring a character who is fluctuating their mesh ID with a sniffer program or physically tracking them via the mesh is next to impossible as the continual shifting of IDs and intentional decoys make it too difficult to keep up.
If that's the case, isn't it then super easy to throw off anyone who tries to monitor, sniff or track them via the Mesh at the measly cost of 1,000 credits or a Moderate level Favor? What's the point of even trying then if it's that trivially easy to completely anonymize yourself short of being tracked by Ozma themselves? Doesn't that completely make the muse's ability to falsify or fluctuate your mesh ID obsolete when a sniffer program is all you need?
"Don't believe everything you read on the Internet.” -Abraham Lincoln, State of the Union address
Top
Sun, 2015-04-05 17:49
UnitOmega UnitOmega's picture
I believe that "with a
I believe that "with a sniffer or physically tracking them" is a separate section to the sentence to "fluctuating their mesh ID". Nothing in the Sniffer I recall says about fluctuating, but rather the Sniffer is the software you attach to a meshed device to monitor data input/output. As for the rest of the question, again I assume it's not typical for regular people to do this. If its an active task your Muse does they probably can't help you with other things, and I'm sure the Mesh ID serves some purpose besides the panopticon which continual rotating of IDs frustrates or slows down.
H-Rep: An EP Homebrew Blog http://ephrep.blogspot.com/
Top
Wed, 2015-04-08 02:29
SquireNed SquireNed's picture
Firewall introduces some
Firewall introduces some interesting stuff with the potential for Firewall to have some nice, high-end decryption stuff courtesy of just having the appropriate equipment and
Spoiler: Highlight to view
ASI
Also, the thing about encrypted data is that unless there is some garbage data being transmitted, transmission volume still has something you can look for. You might even be able to use some pattern recognition software to figure out rough format details if you have good pattern recognition and some clue how the (probably low-end if you're able to pull this off at all) encryption works, or notice patterns in how the data was sent. Plus, I think part of the thing with the mesh is that it functions like a middle-layer. Stuff put out on the mesh could be considered to be akin to a website; it's not just running on your device any more, and anyone with access rights can deal with it. In certain habitats, the mesh may require you to submit your stuff to central infosec, if it's a compromised variant with central control. Think of it like the matrix in cyberpunk stuff; if you want your stuff to linger for people other than you, it has to be delivered directly to their device or held on another server if you're offline when they want to see it. Some habitats may even control all mesh devices and require them to refuse information that can't be decrypted by the infosec overlords.
Top
Sun, 2015-04-19 03:00
The Doctor The Doctor's picture
Noble Pigeon wrote:Doesn't
Noble Pigeon wrote:
Doesn't that completely make the muse's ability to falsify or fluctuate your mesh ID obsolete when a sniffer program is all you need?
A sniffer programme is used to capture network traffic. Actually analyzing that traffic to isolate the network activity of a single actor who is constantly changing the hardware and network addresses of their computing equipment is incredibly difficult.
[img]http://drwho.virtadpt.net/graphics/info_userbar.jpg[/img] [img]http://drwho.virtadpt.net/graphics/argo_userbar.jpg[/img] [url=https://drwho.virtadpt.net/graphics/blankbadge.png][img]http://drwho.vir...
Top
Sat, 2015-04-25 15:32
VorlonJoe VorlonJoe's picture
Careful . . .
I'd be careful using the term "break". Modern cryptography, as long as it is properly implemented and keyed, is resistant to exhaustion attacks. (Basically the Sun will go out before even high end computers can go through all of the combinations). Popular media has done everyone a great disservice with the notion that if you just work hard enough you can break back ciphertext to the underlying plaintext.
Top