[Basic] Skill of the week: Cryptography

[Kromm]

In my secret-agents campaign, the skill sees regular use for reasons that ought to be obvious from the words "secret-agents campaign." It's used mostly to encrypt information in the field with sufficient reliability that enemies in the field can't get at it before it's no longer relevant. It is also used to break enemy encryption, but that works only because the person doing it (1) is unusually skilled, (2) has illicit access to tools and sometimes even keys provided by a shadowy organization, and (3) is typically going up against people working hastily in the field, not the latest and greatest tech.

[johndallman]

Quote:

Originally Posted by Kromm

It's used mostly to encrypt information in the field with sufficient reliability that enemies in the field can't get at it before it's no longer relevant.

Are they rolling Cryptography to use an existing cryptosystem, or to create a new one on the spot? If it's a new one, presumably this is for use within the team?

[johndallman]

Quote:

Originally Posted by RogerBW

... I should probably amend that to "smart people who are aware of the scope of the problem won't use" etc.

Because there are always suckers who end up with sub-par systems.

Another case: Microsoft Word 95 and earlier only used a 16-bit key for their document encryption, which can be brute-forced rapidly. I discovered this while helping a manager clean out an early Word macro virus infection: he was perturbed to see that the anti-virus software was cleaning confidential documents, such as contracts and salary plans. The anti-virus software company said "Yes ... we just break the encryption on the fly. Doesn't slow things down noticeably." Microsoft did improve this in Word 97, and since then.

[Anaraxes]

Quote:

Originally Posted by johndallman

Are they rolling Cryptography to use an existing cryptosystem

For a modern game, it seems to me that would just be Computer Ops or Electronic Ops (Communications). The most you'd have to do would be to enter the key.

Devices like encrypted USB drives are readily available commercial tech. Drag and drop files. Not even any real Computer Op skill required, much less Cryptography.

The problem I have with this narrow interpretation of Cryptography is that it then becomes a fairly useless skill, just another one of those academic background skills that a PC might take just for color, but never actually use. How often do people actually invent new cryptosystems? RSA was invented in 1977, AES 1997, SHA-1 1995, SHA-2 2001, elliptic curves in 2005.

Maybe it should be just a required specialization of Mathematics.

[Kromm]

Quote:

Originally Posted by johndallman

Are they rolling Cryptography to use an existing cryptosystem, or to create a new one on the spot? If it's a new one, presumably this is for use within the team?

A new one for use by the team, usually either among themselves or to get a secure message out to their handlers.

[Eukie]

Quote:

Originally Posted by Anaraxes

The problem I have with this narrow interpretation of Cryptography is that it then becomes a fairly useless skill, just another one of those academic background skills that a PC might take just for color, but never actually use. How often do people actually invent new cryptosystems? RSA was invented in 1977, AES 1997, SHA-1 1995, SHA-2 2001, elliptic curves in 2005.

Maybe it should be just a required specialization of Mathematics.

As a houserule, I tried to adapt the Invention rules to make and break cryptosystems:

Quote:

Developing a new cryptographic protocol uses the New Inventions rules (p. B473) with Mathematics (Cryptography) for the Concept roll, and the lower of Mathematics (Cryptography) and Computer Programming for the Prototype roll. Cryptographic protocols can have any level of Complexity, but ones useful in the modern era are Complex or harder. Many new cryptosystems are simply more secure variants of older systems - if you make one of these, you can claim from +1 (for tenuously related systems) to +5 (for closely related systems).

Cryptographic protocols are largely developed and implemented through liberal use of notepaper and computers, and the risk of catastrophic failure are low. Your computer simply isn’t very likely to explode in your and all of your assistants’ faces when you’re working on a cryptosystem, and your office complex is unlikely to be demolished by errant bugs. On a critical failure, instead of 2d damage to the inventor and each assistant and the loss of facilities, 2d government agents appear and confiscate the inventor’s computers and any suspicious tabletop roleplaying games he is working on. Buying new computers, legal costs, and lost time amounts to the full cost of a new Prototype’s facilities. With the exception of employee wages and the daily costs of running the Prototyping facilities, the cost of attempting to create a Prototype of a cryptographic protocol is essentially zero.

The GM should make the prototype roll in secret from the players, and if necessary also make the major and minor bug rolls in secret. Minor bugs in a cryptographic system are implementation errors. These errors compromise the cryptographic protocol, but can be fixed. Implementation errors can be found through normal testing, rolling against either Computer Programming or Cryptography, both at -3. Once a minor bug has been found, it is easy to fix; there’s no need to spend extra time or roll the dice. Major bugs are problems with the design of the cryptographic protocol itself, representing mathematical weaknesses that can be exploited to break the cipher. Major bugs can be found through normal testing, rolling against the Cryptography skill at -3. A failure on the Testing roll finds nothing. In cryptosystems, neither minor nor major bugs surface during any form of conventional use, even on critical failures!

The final product is a Complexity 2 computer program, with a retail cost equal to whatever the inventor (or his Patron) desires, including free. If the prototype is without Major Bugs, it is Secure Encryption (p. HT211) at the TL it was developed. If the prototype has one or more Major Bugs, it is Basic Encryption (p. HT211) at the TL it was developed.

As long as major or minor bugs remain in the cryptosystem, it is weak to attack. A cryptanalyst trying to find a weakness in a cipher repeats the process of bug-checking, rolling against either Computer Programming or Cryptography, both at -3. A success on either skill finds a minor bug (if any remain), while only successes on Cryptography rolls can find major bugs. When a minor or major bug is found, the cryptographic protocol and any message sent with the cryptographic protocol can be cracked and read in reasonable time (see HT211).

They're somewhat old, untested, and make bug-testing a cryptosystem far too easy. I'm not really happy with how bugs work either, and the system is probably best suited to TL7-TL8 cryptography. The distinction between Mathematics (Cryptography) and Cryptography used within is also completely arbitrary - just as in the real world, there's no real distinction between the theoretical and practical understanding of cryptography; cryptography is the maths-heavy science of looking for flaws in other people's crypto-math.

[RogerBW]

Quote:

Originally Posted by Eukie

The distinction between Mathematics (Cryptography) and Cryptography used within is also completely arbitrary - just as in the real world, there's no real distinction between the theoretical and practical understanding of cryptography; cryptography is the maths-heavy science of looking for flaws in other people's crypto-math.

It's a truism among security researchers that unless you've designed a few crypto algorithms (and had the flaws pointed out) you're unlikely to be good at finding flaws in other people's ditto.

In my hypothetical GURPS redesign, Cryptography is for algorithm design and finding weaknesses, but it defaults to Maths (Pure) at something like -1 or -2 at TL7+. (Maths (C) is a bit too specialised, and Pure covers a lot of the group theory.) Before TL7 there isn't really mathematical cryptography.

[Eukie]

Quote:

Originally Posted by RogerBW

It's a truism among security researchers that unless you've designed a few crypto algorithms (and had the flaws pointed out) you're unlikely to be good at finding flaws in other people's ditto.

In my hypothetical GURPS redesign, Cryptography is for algorithm design and finding weaknesses, but it defaults to Maths (Pure) at something like -1 or -2 at TL7+. (Maths (C) is a bit too specialised, and Pure covers a lot of the group theory.) Before TL7 there isn't really mathematical cryptography.

Cryptanalysis of the German Enigma was almost entirely mathematical in nature, and its development is also based on the (admittedly simple) math of scrambling a message enough that both brute-forcing the message and trying to find letter frequencies would be near-impossible; the Enigma itself is from the interwar period and the work on cracking it happened during WWII; both TL6. Prior to this, both Kasiski and Babbage had used mathematics to crack Vigenere ciphers in the mid-19C, which is usually treated as TL5. The Vigenere cipher is itself an attempt at masking letter frequencies in encrypted text. The first known published writing on cryptanalysis is from the 9th Century (TL3) and deals with letter frequencies, a form of mathematical attack on encryption.