Welcome! These forums will be deactivated by the end of this year. The conversation continues in a new morph over on Discord! Please join us there for a more active conversation and the occasional opportunity to ask developers questions directly! Go to the PS+ Discord Server.

QE Ego transmission

18 posts / 0 new
Last post
Thu, 2010-07-29 14:30
#1
crizh crizh's picture
QE Ego transmission
This just occurred to me and I had to get it out before I forgot it. So here's the thing. The bandwidth you get from even a large Qbit reservoir isn't enough to Farcast an Ego and while you can send your ego as an encrypted neutrino transmission using your Emergency Farcaster you are still vulnerable to interception and interrogation. So here is the workaround. Split the Ego up into two parts. One tiny part and one large part. The trick would be to make the tiny part crucial to creating a usable ego, you could even introduce errors into the large section that the tiny part identifies and corrects. Transmit the smaller part using QE Comms and the larger using Neutrinos. Only you can ever retrieve the entire ego and any intercepted copies are hopelessly corrupted and might even contain attack code or worse.
Trust the Computer. The Computer is your friend.
Top
Thu, 2010-07-29 15:13
Arenamontanus Arenamontanus's picture
Re: QE Ego transmission
You can make yourself uninterceptable by emergency farcaster by using a one-time pad encryption or even public key encryption. You have an encryption key that can only be unlocked by someone with the right decryption key, and encrypt yourself with it. Quantum encryption might be very safe, but a one time pad is actually unbreakable.
Extropian
Top
Thu, 2010-07-29 15:13
mds mds's picture
Re: QE Ego transmission
Actually, quantum farcasting, in combination with neutrino communicators, is the de facto standard for egocasting. A quantum farcaster doesn't use a qubit reservoir but instead sets up a tamper-evident side channel to establish a one-time pad for use in encrypting the ego in the main channel. This encryption is perfect, so the only concern is that the intended recipient of the signal is sloppy in storing/protecting your ego after it's been decrypted. You only need a qubit reservoir if you're doing quantum entangled communication, which has the advantage of being faster than light, and covert. I wouldn't be too surprised if some hypercorp was working on, or has, a massive qubit reservoir to allow an executive to egocast across the solar system (or perhaps to a world through a Pandora gate?) at an instant's notice, but it would be kept for only the most dire emergencies.
[img]http://alfedenzia.com/eprep/?r=2[/img]
Top
Thu, 2010-07-29 16:15
crizh crizh's picture
Re: QE Ego transmission
Something that caught my attention in Sunward. Just because an encryption scheme is currently unbreakable does not mean that it will always be so. I was trying to come up with something to prevent encrypted copies of your Ego being intercepted and lying around until the technology exists to crack them or being intercepted by Exsurgents that already possess such technology.
Trust the Computer. The Computer is your friend.
Top
Thu, 2010-07-29 16:49
mds mds's picture
Re: QE Ego transmission
If my understanding of the quantum farcasting protocol is correct, it is mathematically unbreakable. By using a One-Time Pad properly, the only way to tell what the original message was is to have the same OTP. Even with infinite computing resources, it would be impossible to decrypt, since every possible message of that length would be a possible value. E.g. if I sent the coded message "VTEKYYCKDB" using a Vigenère cipher, with a key as long as the encoded text, then it's impossible to tell what the original was, other than it's 10 characters long. It could be 'HELLOWORLD' with a key of 'OPTZKCOTSY', or 'EXSURGENTS' with a key of 'RWMQHSYXKJ'. It doesn't matter how many cycles you through at the problem, unless you know the key, you can't tell which plain text is accurate.
[img]http://alfedenzia.com/eprep/?r=2[/img]
Top
Thu, 2010-07-29 16:58
Arenamontanus Arenamontanus's picture
Re: QE Ego transmission
crizh wrote:
Something that caught my attention in Sunward. Just because an encryption scheme is currently unbreakable does not mean that it will always be so.
Sure, but one time pads are *provably* unbreakable if you use them right. Not just very likely safe, but mathematically safe - even against enemies with unbounded computing power: http://en.wikipedia.org/wiki/Information_theoretic_security Cracking them would need something like being able to ESP the contents of the source or target computer, in which case quantum crypto is also trivially crackable. One time pads work like this: you have a random string of bits, and give a copy (physically) to the message recipient before going off on a mission. When you send a message you xor together your message bit string with the pad. If your message is (say) 10010... and the pad is 11101..., the result is 01111... (flip the message bits where the pad is 1). The recipient does the same and get the cleartext. The reason this is unbreakable is that the enemy has no way of deducing the correct key: any ciphertext can be produced from any plaintext, so there is no information about the key in the message. http://en.wikipedia.org/wiki/One-time_pad Behold perfect security! Except that it is very cumbersome (and hence profitable) to share pads. In my games this is one of the major physical trading commodities. Qubits and quantum crypto are nice, but a properly distributed pad is unconditionally safe. Data remanence can be fixed using nanotech self destruct bits etc.
Extropian
Top
Thu, 2010-07-29 19:22
crizh crizh's picture
Re: QE Ego transmission
Yeah, I was just reading the Wiki page. Trouble with that is that the pad needs to be the same length as the cleartext. I didn't quite understand the problem with using irrational numbers. If you were to use QE comms to transmit a small data packet containing a start point in Pi, for example, and a randomly chosen sample rate you could calculate an infinitely long and genuinely random sequence that couldn't be inferred without intercepting the QE communication. That way you wouldn't need to distribute pairs of pads with all the associated risks.
Trust the Computer. The Computer is your friend.
Top
Fri, 2010-07-30 01:05
Decivre Decivre's picture
Re: QE Ego transmission
Arenamontanus wrote:
You can make yourself uninterceptable by emergency farcaster by using a one-time pad encryption or even public key encryption. You have an encryption key that can only be unlocked by someone with the right decryption key, and encrypt yourself with it. Quantum encryption might be very safe, but a one time pad is actually unbreakable.
Quantum encryption is a one-time pad, effectively using the random nature of particle spin and the linked nature of entangled particles to utilize an encryption scheme only known to two parties. The file is encrypted using recorded spin data as a cypher (and I'd imagine it uses more spin data the larger the file), and comes with a marker tag denoting the time period within which the cypher was recorded. The receiver reads the marker data, knows which recorded particle spin is the cypher, and uses it to decode. They never need use this sequence again, as they can use completely different moments of particle spin at a future date. They may need buffer time for a high-traffic farcaster, however. Thus, farcasters are absolutely unbreakable.
Transhumans will one day be the Luddites of the posthuman age. [url=http://bit.ly/2p3wk7c]Help me get my gaming fix, if you want.[/url]
Top
Fri, 2010-07-30 04:04
Arenamontanus Arenamontanus's picture
Re: QE Ego transmission
Decivre wrote:
Quantum encryption is a one-time pad, effectively using the random nature of particle spin and the linked nature of entangled particles to utilize an encryption scheme only known to two parties. ... Thus, farcasters are absolutely unbreakable.
Well, there are complications. I have seen some papers describing weird quantum computer-based interception that makes can break the system. But that requires you to intercept the superposed particles and do sneaky stuff with them so that your computer is part of the encryption loop (without doing any observations that reveal your presence). In practice I doubt there is a way for non-TITAN/ETI tech to break quantum encryption (in my game there might be transcendent tricks around it). crizh: As for using a starting point and sample rate in pi, that is unsafe because an enemy with huge computing resources could simply try all starting points and rates in order, and detect when they get a plaintext. There are better random numbers available through quantum noise, and carrying around a few petabytes of tamper-proofed random numbers is not that hard with nanostorage. Adventure idea: Firewall really wants to get copies of one-time pads manufactured at a certain site for various groups (that might include Ozma, hypercorps, exhumans or whoever else they want to keep tabs on). Security is of course extreme, but Firewall also has an extreme desire. Guess who gets sent to infiltrate the facility and do a complex con/hack to intercept the pads as they are being manufactured, before they are shipped by courier to their end-users? And what if they discover that the pads are actually bad - somebody else beat them to it, and now has the secrets of a bunch of important fractions?
Extropian
Top
Fri, 2010-07-30 12:28
crizh crizh's picture
Re: QE Ego transmission
Arenamontanus wrote:
As for using a starting point and sample rate in pi, that is unsafe because an enemy with huge computing resources could simply try all starting points and rates in order
This is the bit I don't understand. It's a random sample of an infinitely long random string. How are you any better working through all the possible combinations you could get from sampling Pi than you are just working through all possible random strings in order? Even if this method does produce a message how the hell are you supposed to know that it is the correct message? You are as likely to get the correct solution by randomly typing whatever pops into your head.
Trust the Computer. The Computer is your friend.
Top
Fri, 2010-07-30 12:39
crizh crizh's picture
Re: QE Ego transmission
Decivre wrote:
Quantum encryption is a one-time pad, effectively using the random nature of particle spin and the linked nature of entangled particles to utilize an encryption scheme only known to two parties. The file is encrypted using recorded spin data as a cypher (and I'd imagine it uses more spin data the larger the file), and comes with a marker tag denoting the time period within which the cypher was recorded. The receiver reads the marker data, knows which recorded particle spin is the cypher, and uses it to decode. They never need use this sequence again, as they can use completely different moments of particle spin at a future date. They may need buffer time for a high-traffic farcaster, however. Thus, farcasters are absolutely unbreakable.
I think I begin to apprehend how this works. No entangled particles are actually transmitted anywhere. Random data acquired from measuring the spin of a pair of entangled particles is used as the key for encrypting the data. As the particles are entangled both parties are able to generate the same key from the same observations. Bandwidth would therefore not be determined by the frequency of the transmission but by the frequency of observation. Increased bandwidth would require more entangled pairs.
Trust the Computer. The Computer is your friend.
Top
Fri, 2010-07-30 15:08
Decivre Decivre's picture
Re: QE Ego transmission
Arenamontanus wrote:
Well, there are complications. I have seen some papers describing weird quantum computer-based interception that makes can break the system. But that requires you to intercept the superposed particles and do sneaky stuff with them so that your computer is part of the encryption loop (without doing any observations that reveal your presence). In practice I doubt there is a way for non-TITAN/ETI tech to break quantum encryption (in my game there might be transcendent tricks around it). crizh: As for using a starting point and sample rate in pi, that is unsafe because an enemy with huge computing resources could simply try all starting points and rates in order, and detect when they get a plaintext. There are better random numbers available through quantum noise, and carrying around a few petabytes of tamper-proofed random numbers is not that hard with nanostorage. Adventure idea: Firewall really wants to get copies of one-time pads manufactured at a certain site for various groups (that might include Ozma, hypercorps, exhumans or whoever else they want to keep tabs on). Security is of course extreme, but Firewall also has an extreme desire. Guess who gets sent to infiltrate the facility and do a complex con/hack to intercept the pads as they are being manufactured, before they are shipped by courier to their end-users? And what if they discover that the pads are actually bad - somebody else beat them to it, and now has the secrets of a bunch of important fractions?
I'd imagine that if computers have achieved speeds so great that they can emulate an entire human brain, producing an extensively long One-Time Pad should be a relatively easy affair. I'd imagine that well-trained teams might do this in lieu of purchasing a farcaster, creating their OTPs at the beginning of a mission before they even think to split up. Friends who require secure communications might do so on every occasion that they meet face-to-face.
crizh wrote:
This is the bit I don't understand. It's a random sample of an infinitely long random string. How are you any better working through all the possible combinations you could get from sampling Pi than you are just working through all possible random strings in order? Even if this method does produce a message how the hell are you supposed to know that it is the correct message? You are as likely to get the correct solution by randomly typing whatever pops into your head.
Pi is not random, it's irrational. There is a significant difference between these two things. The advantage of a truly random cipher in cryptography is that it is irreproducible by any other means. However, pi is reproducible... it never changes, and anyone who knows that you are using pi as a cipher can get a copy of pi. Granted, it has some similarities to one-time pads... and so long as no one ever figures out that you are using pi as a cipher, it is potentially unbreakable. However, that small chance that someone could find out that you are using pi is the reason it isn't as secure as an actually random value.
crizh wrote:
I think I begin to apprehend how this works. No entangled particles are actually transmitted anywhere. Random data acquired from measuring the spin of a pair of entangled particles is used as the key for encrypting the data. As the particles are entangled both parties are able to generate the same key from the same observations. Bandwidth would therefore not be determined by the frequency of the transmission but by the frequency of observation. Increased bandwidth would require more entangled pairs.
Exactly this. It doesn't necessarily require more entangled pairs for higher transmission rates, though. As observing a particle actually influences it's spin, observing it more often may cause it to shift and move more often (on both ends, of course) allowing you to create more cipher values at a faster rate.
Transhumans will one day be the Luddites of the posthuman age. [url=http://bit.ly/2p3wk7c]Help me get my gaming fix, if you want.[/url]
Top
Sat, 2010-07-31 10:05
crizh crizh's picture
Re: QE Ego transmission
I was more implying that there is probably a limit to how often you can observe the entangled pair. Planck time if nothing else. By observing two or more pairs you increase your maximum theoretical bandwidth.
Trust the Computer. The Computer is your friend.
Top
Sat, 2010-07-31 14:41
Decivre Decivre's picture
Re: QE Ego transmission
crizh wrote:
I was more implying that there is probably a limit to how often you can observe the entangled pair. Planck time if nothing else. By observing two or more pairs you increase your maximum theoretical bandwidth.
Even if there is a limit, the bandwidth capabilities of the time imply that farcasting, and data transfer in general is already pretty damn fast even without an increased bandwidth. An entire ego can be sent near-instantaneously, which I'd imagine could be an amount of data in the petabyte range and likely one of the largest things you can send in a transmission.
Transhumans will one day be the Luddites of the posthuman age. [url=http://bit.ly/2p3wk7c]Help me get my gaming fix, if you want.[/url]
Top
Mon, 2010-08-02 14:22
The Doctor The Doctor's picture
Re: QE Ego transmission
Arenamontanus wrote:
You can make yourself uninterceptable by emergency farcaster by using a one-time pad encryption or even public key encryption. You have an encryption key that can only be unlocked by someone with the right decryption key, and encrypt yourself with it. Quantum encryption might be very safe, but a one time pad is actually unbreakable.
Assuming proper operational security ("Shit! It's coming! It's coming! Wait, which keysheet did I use last time...?") and length of the key (for optimal OTP security your key needs to be as large as or larger than the plaintext which, for an ego, would likely be huge). Plot seed: Someone is after a recording of an egocast by someone encrypted with an OTP prior to transmission. Unfortunately, they got their key sequencing wrong and whomever received the transmission cannot decrypt the ego. The PCs are sent to locate and recover the pad of one-time keys.
[img]http://drwho.virtadpt.net/graphics/info_userbar.jpg[/img] [img]http://drwho.virtadpt.net/graphics/argo_userbar.jpg[/img] [url=https://drwho.virtadpt.net/graphics/blankbadge.png][img]http://drwho.vir...
Top
Mon, 2010-08-02 14:32
The Doctor The Doctor's picture
Re: QE Ego transmission
crizh wrote:
This is the bit I don't understand. It's a random sample of an infinitely long random string. How are you any better working through all the possible combinations you could get from sampling Pi than you are just working through all possible random strings in order?
Pi is a approximate value which is computable to arbitrary numbers of decimal digits by anyone who has enough CPU time to run the software. An attacker could start generating digits of Pi and use each sequence in a brute-force attack against the cyphertext.
crizh wrote:
Even if this method does produce a message how the hell are you supposed to know that it is the correct message? You are as likely to get the correct solution by randomly typing whatever pops into your head.
There are techniques for determining whether or not you have recovered plaintext, such as sampling segments of what you think is plaintext and running statistical analyses against them, examining file headers to see if you have a known pattern (i.e., .png, .mp3, .xvid, ELF executables, shared library function indices), and if worse comes to worse searching for printable strings to see if they correspond to anything known.
[img]http://drwho.virtadpt.net/graphics/info_userbar.jpg[/img] [img]http://drwho.virtadpt.net/graphics/argo_userbar.jpg[/img] [url=https://drwho.virtadpt.net/graphics/blankbadge.png][img]http://drwho.vir...
Top
Mon, 2010-08-02 14:38
The Doctor The Doctor's picture
Re: QE Ego transmission
Decivre wrote:
I'd imagine that if computers have achieved speeds so great that they can emulate an entire human brain, producing an extensively long One-Time Pad should be a relatively easy affair. I'd imagine that well-trained teams might do this in lieu of purchasing a farcaster, creating their OTPs at the beginning of a mission before they even think to split up. Friends who require secure communications might do so on every occasion that they meet face-to-face.
Generating solid amounts of entropy for use as keying information is difficult even now. The PRNGs widely in use today are actually seeded using the system clock and run through known mishmashes of mathematical operations to generate something which looks random, but if you perform some analysis on the values really is not. Timing the intervals between certain system events (keypresses, disk access requests, interrupts, what have you) adds a little entropy but is still considered a little dodgy. Hashes of files are deterministic and can be guessed with some detective work. Ultimately, something like a geiger counter timing the intervals between detections of, for example, beta particles used to seed a PRNG, the output of which is then whitened is the best that could be managed, though one wonders how well that would work on a habitat. Then one wonders about the efficiency of the whitening algorithms employed... of such things are whitepapers and dissertations written.
[img]http://drwho.virtadpt.net/graphics/info_userbar.jpg[/img] [img]http://drwho.virtadpt.net/graphics/argo_userbar.jpg[/img] [url=https://drwho.virtadpt.net/graphics/blankbadge.png][img]http://drwho.vir...
Top
Mon, 2010-08-02 18:39
Decivre Decivre's picture
Re: QE Ego transmission
The Doctor wrote:
Generating solid amounts of entropy for use as keying information is difficult even now. The PRNGs widely in use today are actually seeded using the system clock and run through known mishmashes of mathematical operations to generate something which looks random, but if you perform some analysis on the values really is not. Timing the intervals between certain system events (keypresses, disk access requests, interrupts, what have you) adds a little entropy but is still considered a little dodgy. Hashes of files are deterministic and can be guessed with some detective work. Ultimately, something like a geiger counter timing the intervals between detections of, for example, beta particles used to seed a PRNG, the output of which is then whitened is the best that could be managed, though one wonders how well that would work on a habitat. Then one wonders about the efficiency of the whitening algorithms employed... of such things are whitepapers and dissertations written.
Actually, there are ways to use input to generate decent amounts of random data, most of which rely on noise data. One of the most common ones today utilizes random user input: it will ask the user to take the mouse and jiggle it around for a certain amount of time to make sufficiently large seed data. Other methods exist as well... taking a snapshot from the webcam, a quick white noise transcription from the microphone, or even asking the user to go apeshit on the keyboard. In the future of Eclipse Phase, this would be even easier; generating an input-based seed file would be as easy as taking encephalographic data (or maybe some XP data) from the users brain and using it to generate a seed file.
Transhumans will one day be the Luddites of the posthuman age. [url=http://bit.ly/2p3wk7c]Help me get my gaming fix, if you want.[/url]
Top