Each personality owns a bracelet with a combination lock. To prove you’re you, you unlock your bracelet. This is basically the password system, but localized, and now you just have to worry about making combination locks tamper-proof.
Unfortunately, physical locks interact very badly with the magic system. (In brief: “Lockedness” is a thing. If you are about average at magic, it’s a thing you can move from one thing you’re touching that is locked to another thing you are touching that can be locked but isn’t.)
Since it’s the only thing I know about the magic system, I suggest looking closely into what it means that X can be Y. (By “looking closely” I mean “exercise your authorial authority”.) Then tie the procedure to something that can’t be moved to anything that prisoners have around, other than the actual testing thing.
But the thing that keeps returning to my mind is that in our world we do quarantine innocent people if they carry dangerous enough diseases. I think you’d need a pretty high rate of evil-twinniness for a society not to take the easy way out and do the same. Even a very trustworthy person can fail to return to prison (?) by accident.
Anyway, I think pen-and-paper cryptography is your best guess, unless “encryptedness” and related properties are things that can be moved. Neal Stephenson’s Cryptonomicon has an example of a protocol that uses a deck of cards. (Which is imaginary but possible AFAIK.)
Cool! Do you remember the “performance” of the protocol? (That is, how much work it takes to exchange how much information, in approximate human-scale terms, and its approximate security in usual cryptographic language.)
Can you explain how broken it is to this layperson?
Warning: What follows likely has major technical errors—basically all I know about cryptography I learned from Cryptonomicon.
From the description, the random numbers are not evenly generated so that what should have a 1⁄26 chance of happening has a 1⁄22.5. And the output is heavily biased.
How much does that matter? We can easily decrypt Enigma with brute force right now. Is the difference in the amount of computing power to brute force Solitaire all that much different from what is expected?
In other words, encryptions with 256-bit keys are harder to crack than 128-bit keys. But is the problem with Solitaire 20-years-safe vs. 10-years-safe, or is it 20-years-safe vs. 12-months-safe?
Yeah… I guess as long as I’m postulating accomplices, I might as well postulate accomplices who’d kidnap their jailed friend’s cohabitor and wait until they are forced to sleep by sheer exhaustion.
Is there a risk that any authentication scheme could be bypassed by transferring the “Autenticatedness” from someone else, or does the magic system forbid that somehow?
In any case, some kind of magical version of the bracelet lock sounds like a good idea, if you can think of one.
Each personality owns a bracelet with a combination lock. To prove you’re you, you unlock your bracelet. This is basically the password system, but localized, and now you just have to worry about making combination locks tamper-proof.
Unfortunately, physical locks interact very badly with the magic system. (In brief: “Lockedness” is a thing. If you are about average at magic, it’s a thing you can move from one thing you’re touching that is locked to another thing you are touching that can be locked but isn’t.)
Since it’s the only thing I know about the magic system, I suggest looking closely into what it means that X can be Y. (By “looking closely” I mean “exercise your authorial authority”.) Then tie the procedure to something that can’t be moved to anything that prisoners have around, other than the actual testing thing.
But the thing that keeps returning to my mind is that in our world we do quarantine innocent people if they carry dangerous enough diseases. I think you’d need a pretty high rate of evil-twinniness for a society not to take the easy way out and do the same. Even a very trustworthy person can fail to return to prison (?) by accident.
Anyway, I think pen-and-paper cryptography is your best guess, unless “encryptedness” and related properties are things that can be moved. Neal Stephenson’s Cryptonomicon has an example of a protocol that uses a deck of cards. (Which is imaginary but possible AFAIK.)
It’s not imaginary; the protocol is described in one of the appendices, and I’ve implemented it once.
Cool! Do you remember the “performance” of the protocol? (That is, how much work it takes to exchange how much information, in approximate human-scale terms, and its approximate security in usual cryptographic language.)
Sadly, Bruce Schneier’s “Solitaire” is broken. That break was one of the things that got me into crypto!
Can you explain how broken it is to this layperson?
Warning: What follows likely has major technical errors—basically all I know about cryptography I learned from Cryptonomicon.
From the description, the random numbers are not evenly generated so that what should have a 1⁄26 chance of happening has a 1⁄22.5. And the output is heavily biased.
How much does that matter? We can easily decrypt Enigma with brute force right now. Is the difference in the amount of computing power to brute force Solitaire all that much different from what is expected?
In other words, encryptions with 256-bit keys are harder to crack than 128-bit keys. But is the problem with Solitaire 20-years-safe vs. 10-years-safe, or is it 20-years-safe vs. 12-months-safe?
Yeah… I guess as long as I’m postulating accomplices, I might as well postulate accomplices who’d kidnap their jailed friend’s cohabitor and wait until they are forced to sleep by sheer exhaustion.
Is there a risk that any authentication scheme could be bypassed by transferring the “Autenticatedness” from someone else, or does the magic system forbid that somehow?
In any case, some kind of magical version of the bracelet lock sounds like a good idea, if you can think of one.
Transferring authenticatedness doesn’t work, so that’s not going to be an issue.
I can’t think of a way to magic up the bracelet to work like this, unfortunately.
Couldn’t they just each memorise a six digit number and recite it on demand?