learnedSloth wrote: ↑

Wed Aug 30, 2023 11:13 am

kestasjk wrote: ↑

Wed Aug 30, 2023 1:57 am

learnedSloth wrote: ↑

Sun Aug 27, 2023 6:59 pm

privacy trumps encryption when the former is available.

Hmm, did you get this the wrong way round? Or am I misunderstanding what you mean by privacy? If you mean "privacy" as guaranteed by a company / law / etc I'd say encryption trumps privacy.

I just compare the private channels in full press to encryption in public press. In the latter other players get some info of your correspondence, like message frequency and approximate message length unless you conceal it.

Of course you would prefer this method even in private press if you don't trust webDip to hide your private channels from other players.

kestasjk wrote: ↑

Wed Aug 30, 2023 1:57 am

learnedSloth wrote: ↑

Sun Aug 27, 2023 6:59 pm

privacy trumps encryption when the former is available.

Hmm, did you get this the wrong way round? Or am I misunderstanding what you mean by privacy? If you mean "privacy" as guaranteed by a company / law / etc I'd say encryption trumps privacy.

learnedSloth wrote: ↑

Sun Aug 27, 2023 6:59 pm

privacy trumps encryption when the former is available.

kestasjk wrote: ↑

Sat Aug 26, 2023 9:28 am

I definitely agree using this method is equivalent to private press. It's a very neat trick, but it's using cryptography to work around the game rules, and if the rule of the game is "public press" using these techniques violates that and effectively makes it private press, using some very clever cryptographic techniques

dkarcher wrote: ↑

Sun May 14, 2023 2:54 pm

Can you too convey secret messages to a target player in a public forum?

Hominidae wrote: ↑

Mon Aug 21, 2023 3:58 pm

I'm confused: how does one message some players but not other players using this method?

captainmeme wrote: ↑

Fri Aug 18, 2023 10:35 pm

Going to say here, from a kinda-mod perspective, this is a cool thought experiment but if you do it in a public press game (assuming I'm understanding this correctly), you are essentially communicating privately. If you join a PPO variant game everyone is going in expecting to play a variant in which private communication is banned - if you want to communicate privately, please just join a game where it's allowed instead of trying to introduce it in a variant where it's explicitly not permitted!

I like it as a thought experiment, and hell it could be fun to mess around with in a full press game just for amusement, but please don't do this in a public press only game.

jamesa7171 wrote: ↑

Sun Aug 20, 2023 10:54 pm

learnedSloth wrote: ↑

Sat Aug 19, 2023 8:38 pm

In normal full press you don't see when other players write messages to private press. Nor can you expose your private press to a 3rd player. You can copy/paste the discussion, but you could have copied it from anywhere.

Ok, fair enough, it's a game that is almost identical to a normal full press game, with lots of extra steps. Either way, it's nowhere near the current experience of a public press game.

Also, doesn't that second distinction mean people would be using this in full press games too (for at least some of their messages)? If you send a "normal" private message you can't expose it to a 3rd player, but if you send a "global" private message then you can, which is strictly better except in the case where you don't want people to know that you've sent anything at all.

learnedSloth wrote: ↑

Sat Aug 19, 2023 8:38 pm

jamesa7171 wrote: ↑

Sat Aug 19, 2023 8:14 pm

b) every player is using this technique, in which case you are just playing a normal full press game with lots of extra steps

In normal full press you don't see when other players write messages to private press. Nor can you expose your private press to a 3rd player. You can copy/paste the discussion, but you could have copied it from anywhere.

jamesa7171 wrote: ↑

Sat Aug 19, 2023 8:14 pm

b) every player is using this technique, in which case you are just playing a normal full press game with lots of extra steps

captainmeme wrote: ↑

Fri Aug 18, 2023 10:35 pm

Going to say here, from a kinda-mod perspective, this is a cool thought experiment but if you do it in a public press game (assuming I'm understanding this correctly), you are essentially communicating privately.

If you join a PPO variant game everyone is going in expecting to play a variant in which private communication is banned - if you want to communicate privately, please just join a game where it's allowed instead of trying to introduce it in a variant where it's explicitly not permitted!

I like it as a thought experiment, and hell it could be fun to mess around with in a full press game just for amusement, but please don't do this in a public press only game.

learnedSloth wrote: ↑

Sun May 14, 2023 6:31 pm

Cryptography will undoubtedly give significant advantage to players that use it, so I anticipate that it will be either ubiquitous or banned.

captainmeme wrote: ↑

Fri Aug 18, 2023 10:35 pm

Going to say here, from a kinda-mod perspective, this is a cool thought experiment but if you do it in a public press game (assuming I'm understanding this correctly), you are essentially communicating privately. If you join a PPO variant game everyone is going in expecting to play a variant in which private communication is banned - if you want to communicate privately, please just join a game where it's allowed instead of trying to introduce it in a variant where it's explicitly not permitted!

I like it as a thought experiment, and hell it could be fun to mess around with in a full press game just for amusement, but please don't do this in a public press only game.

kestasjk wrote: ↑

Fri Aug 11, 2023 4:17 pm

Hey it works! Nifty..
> As with a lot of this stuff, very neat, but a bit impractical
< I think more practical and definitely more secure than what was used in that game that inspired this guide. :)

It'd be good if there was decent software that allowed this kind of thing more easily. We use this sort of stuff every day in our web browsers and it's the norm, but between individuals only .. tech enthusiasts.. are going to go to these lengths if it needs these openssl commands and saving binary files etc.

learnedSloth wrote: ↑

Fri Aug 11, 2023 3:46 pm

kestasjk wrote: ↑

Fri Aug 11, 2023 2:15 pm

Eeenteresting.. So here's my confounded contribution:

Code: Select all

-----BEGIN PUBLIC KEY-----
MCowBQYDK2VuAyEAlzaB5x9nLBv47jZ66s0EClFsf2oRqjk+AeIOV5JbtjI=
-----END PUBLIC KEY-----

I now have a common secret with you.. so I guess I can use those 256 raw bits to encrypt something only you can read?

If I generate an AES key from our common secret, then use that to encrypt some text, and base64 encode it, with a little help from chatgpt:

Code: Select all

openssl dgst -sha256 -binary -out derived_key.bin common_secret
echo "[redacted, super interesting message]" > message.txt
openssl enc -aes-256-cbc -salt -in message.txt -out encrypted_message.bin -pass file:derived_key.bin
openssl base64 -in encrypted_message.bin -out encrypted_message_base64.txt

You and only you should be able to decrypt this super interesting message: (?)

Code: Select all

U2FsdGVkX18uQxnaYjc0xc2NfrEMIYcOtHnDtOgA48iVG7VXpvobCqPoYHue1qZK
zK3FDt6drOV1B/bYcVK+qtMb5aA3ASygEQcIvapxZQw=

I can see this catching on

Luckily I still had the contribution I used lying around. Here's my super sensitive response:

Code: Select all

U2FsdGVkX1+LVOdAuYvHGZ2zDUIU8hLwozJyZFir0VYfqX4TWXEkZPX+ULmCPY8U
wPjdQpWhsfd9P9yM1r0wtZu0ZXP/BCM1UnRUAYe5J9f7FezRrMaUTl9wGz1YQM3c
vxHQhZJdnzgiF1QHfj8HgEZCJnAvwPTopfmGs1iyiBk=

edit: Where does the common paint come from though? Or is that common for everyone?

From the contribution generation algorithm (X25519) I think. Idk if it can be changed. OpenSSL seems to embed some metadata (our "public keys" start identically), but it could be just for sanity checks or something like that.

kestasjk wrote: ↑

Fri Aug 11, 2023 2:15 pm

Eeenteresting.. So here's my confounded contribution:

Code: Select all

-----BEGIN PUBLIC KEY-----
MCowBQYDK2VuAyEAlzaB5x9nLBv47jZ66s0EClFsf2oRqjk+AeIOV5JbtjI=
-----END PUBLIC KEY-----

I now have a common secret with you.. so I guess I can use those 256 raw bits to encrypt something only you can read?

If I generate an AES key from our common secret, then use that to encrypt some text, and base64 encode it, with a little help from chatgpt:

Code: Select all

openssl dgst -sha256 -binary -out derived_key.bin common_secret
echo "[redacted, super interesting message]" > message.txt
openssl enc -aes-256-cbc -salt -in message.txt -out encrypted_message.bin -pass file:derived_key.bin
openssl base64 -in encrypted_message.bin -out encrypted_message_base64.txt

You and only you should be able to decrypt this super interesting message: (?)

Code: Select all

U2FsdGVkX18uQxnaYjc0xc2NfrEMIYcOtHnDtOgA48iVG7VXpvobCqPoYHue1qZK
zK3FDt6drOV1B/bYcVK+qtMb5aA3ASygEQcIvapxZQw=

I can see this catching on

U2FsdGVkX1+LVOdAuYvHGZ2zDUIU8hLwozJyZFir0VYfqX4TWXEkZPX+ULmCPY8U
wPjdQpWhsfd9P9yM1r0wtZu0ZXP/BCM1UnRUAYe5J9f7FezRrMaUTl9wGz1YQM3c
vxHQhZJdnzgiF1QHfj8HgEZCJnAvwPTopfmGs1iyiBk=

edit: Where does the common paint come from though? Or is that common for everyone?

learnedSloth wrote: ↑

Mon Aug 07, 2023 11:42 am

It can be done with significantly shorter cipher than I assumed in Cryptic messages and intrigue, as encrypting arbitrary messages isn't necessary.
Both players must contribute to the secret and a confounding factor is required to exchange the contributions without revealing them.

Commanding OpenSSL to do the hard work

First your secret contribution:

Code: Select all

openssl genpkey -algorithm X25519 -out contribution

Keep it safe, for computing the secret with it is fast, but too slow without it.
Now the confounded version for sharing:

Code: Select all

openssl pkey -in contribution -pubout -out confounded

It looks like this:

Code: Select all

-----BEGIN PUBLIC KEY-----
MCowBQYDK2VuAyEAIA2nOyv2LtvlcLqEHQz6owx9dBQ7Ie74U+B7qmXnqEk=
-----END PUBLIC KEY-----

If other players can be trusted to reproduce the header and footer by hand, you need to paste just that 1 line of cipher, which is shorter than some gibberish used in the game linked above!

When 2 players have pasted their confounded contributions, they can compute their common secret:

Code: Select all

openssl pkeyutl -derive -inkey contribution -peerkey another_confounded -out common_secret

It's 256 raw bits, so you may have to convert it depending on how you plan to use it.

-----BEGIN PUBLIC KEY-----
MCowBQYDK2VuAyEAlzaB5x9nLBv47jZ66s0EClFsf2oRqjk+AeIOV5JbtjI=
-----END PUBLIC KEY-----

openssl dgst -sha256 -binary -out derived_key.bin common_secret
echo "[redacted, super interesting message]" > message.txt
openssl enc -aes-256-cbc -salt -in message.txt -out encrypted_message.bin -pass file:derived_key.bin
openssl base64 -in encrypted_message.bin -out encrypted_message_base64.txt

U2FsdGVkX18uQxnaYjc0xc2NfrEMIYcOtHnDtOgA48iVG7VXpvobCqPoYHue1qZK
zK3FDt6drOV1B/bYcVK+qtMb5aA3ASygEQcIvapxZQw=