We need real-world inspiration. #10
Comments
|
One that could be good... Thinking on Federated Networks, like Mastodon or Diaspora... A Kingdom uses some "servers" into enemy lines, using encrypted magic systems that replicated vital intel via those lines... However, recently some of the main spies of those kingdoms where found dead... After some intel was sent by them via those networks? The enemies had took the identification of them? Or they had somewhat spoofed the magical systems? I'll refine this idea... It was my speed idea on the concept, and need to ser more about cryptomancer setting for more information. Maybe even I'll do this multi-system. :) |
|
That's very neat, @fabiocosta0305 - server spies. Looking forward to following this idea. |
|
How about something like TOR - groups of people who swap crystals randomly from a bag linking them to others in the group, including some who link this to the public shardnet? Possibly even some sort of mechanism to help them? |
|
These are all awesome ideas, and concepts I haven't really explored before in the text. So run with it! There is one short story in the core book that suggests that the Risk Eaters have figured out how to geo-locate the source of otherwise perfectly untraceable communications on the Shardnet by using geo-graphically dispersed golems. By comparing logs, and seeing how long it took a message created on the Shardscape to reach each of the golems separately, they can theoretically determine the approximate location of the sender. So, if that's the case, then the good guys (?) would need something akin to TOR to avoid being located and snatched up by the Risk Eaters. One idea could be a Proxy Golem. Basically, the good guys never communicate with someone directly over the Shardnet, because the bad guys might be able to geo-locate them (if the sender is using clear-text or encrypting with keyphrase they know)... instead, they send the message to the Proxy Golem (by encrypting with it's true name), who then forwards the message to the recipient (by encrypting with whatever keyphrase or true name specified in the payload of the original message). Because no one, except the proxy golem, can listen for message encrypted with it's True Name, the Risk Eaters would be unable to detect and triangulate the location of the source. Yes, they could absolutely find the location of the Proxy Golem (which is relaying messages with a breakable/guessable keyphrase) and compromise it (which could lead to all kinds of bad/evil man-in-the-middle stuff). Of course, a Proxy Golem would either 1) not keep logs or 2) dispose of logs after a brief period. Anyways, if a group of agents was using this type of system, and it was infiltrated by the bad guys, and now the agents are disappearing because they are being led to their deaths, there ya' go. Edit... wait a sec, I just realized that @tromand designed a roaming/migratory Golem in Issue #15 ... so yeah, we now have the building blocks for a Cryptomancer TOR network! |
|
Ok, I'm gonna' keep riffing with this because I'm excited about it.
|
|
@cryptomancer-actual my idea of the golemphid was inspired by your short story on geolocalisation :) |
|
I wonder, also, about the original idea of a Tor-like network among individual shard holders. Kind of like the anti-Risk Eaters; risk-carriers or risk-holders. A shadow network of people willing to hold/wear multiple shards to keep information moving in ways that are difficult to track. |
|
Might we have something like certificate charms - possibly some kind of spell that could be said in person or over a shardnet link that would enchant - for example - an amulet or a ring to change colour or glow if a message had been encrypted with the correct charm (and presumably do so in another way for a forged charm). |
|
Certificates sound like a cool area of exploration for Cryptomancer, @BrotherPhil. |
|
You need a blind signature. And the people who you get that from -- are
actually blind ! They're a sect of blind magic users. Here's an
opportunity to introduce the ' astral eyes ' psychometry thing too.
…On Fri, Jun 2, 2017 at 3:02 AM, Chad Sansing ***@***.***> wrote:
Certificates sound like a cool area of exploration for Cryptomancer,
@BrotherPhil <https://github.com/brotherphil>.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#10 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AakbRfSZnsXEdQn2RYq6TjsRWisHLA_dks5r_93TgaJpZM4NHxb9>
.
|
|
Thinking on Cryptomancy, anyone had thought on something like blockchain on it? |
|
@fabiocosta0305, that sounds like a question for @cryptomancer-actual.
|
|
@fabiocosta0305 Code & Dagger Vol I, pages 22-23 "Credit Shards and the EchoChain Ledger" has something somewhat similar to a blockchain... |
|
@fabiocosta0305 Great minds clearly think alike - the same thing occurred to me - time to do some reading, if it's finally got to my kindle. |
|
@BrotherPhil I think you're really on to something. Here's sort of where my brain went with the idea... So one of the "problems" in Cryptomancer, when it comes to public/private key crypto in the setting, "True Name / Soul Key" are 1) bound to an individual, 2) cannot be changed/revoked, 3) there is great risk in sharing your "True Name" with someone. From a game design perspective, this is a feature not a bug, but it comes with serious baggage. For example, you may meet someone on the Shardscape and want to share your True Name with them, or vice versa, so you can communicate with maximum privacy. But what if they turn out to be a bad guy? Or what it someone is eavesdropping on that conversation (i.e. they know what keyphrase you are using to have this encrypted conversation in the first place). Or what if your True Name gets harvested from that person via the "Mind Read" spell or an interrogation? Anyways, I think the idea of physical charms (like magic rings, amulets, etc., in most fantasy settings) might be a really interesting way to allow people to participate in public/private key crypto without having to risk giving out their True Name. Basically, you would have a magic ring that has a True Name (public key), and the only person who can decrypt messages encrypted with that True Name is the personal physically wearing the ring. |
|
...to extend this idea into CA territory, assume you have a guild of Dwarven artificers creating these rings. When they sell one to a customer, they add the rings true name and the customer's common name to a registry. So you can have this example. Alice: "My name is Alice, my charm's True Name is dsapoijghdsgaewoigh" Bob, hops on the Shardscape, "Hey Artificer guild, who owns dsapoijghdsgaewoigh?" Artificer Guild: "Chuck owns dsapoijghdsgaewoigh" Bob now knows that 1) Chuck is masquerading as Alice, or 2) Alice stole Chuck's ring. The Artificer Guild is basically the CA now. Just like any SSL certificate, a ring can and will provide a public key for good solid crypto, but unless you have a CA telling you that yes, that certificate saying it's Microsoft really actually belongs to Microsoft, you don't actually know who your recipient really is. |
|
@chadsansing The best candidate for anti-risk-eater-establishment are the Couriers, mentioned briefly in Cryptomancer, but expanded heavily in Code & Dagger vol I as an organization running a powerful anti-conspiracy against the Risk Eaters. They are like the Post Office of Cryptomancer... "Snow, sleet, or hail the messages must get through and they must be private." |
|
That's right, @cryptomancer-actual. |
|
This is what I thought too, that they're like this Secret Post Office
that's helping you, even if you don't know them. ( Sort of like Robert
DeNiro in 'Brazil' as the municipal repair ' terrorist ' , " We're all in
this together ... " )
…On Fri, Jun 2, 2017 at 6:23 AM, Chad Sansing ***@***.***> wrote:
That's right, @cryptomancer-actual
<https://github.com/cryptomancer-actual>.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#10 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AakbRWN_g-C4EW7Ffjnf0FhCEqJT8Ocwks5sAAzlgaJpZM4NHxb9>
.
|
Have you learned about a real-life online safety and inclusion struggle?
Share a general description here (without including personal information) by commenting below to help us make our adventures relevant and timely.
The text was updated successfully, but these errors were encountered: