Systems of Magic, and a request
Recently I've read a few excellent fantasy novels which were written around believable, consistent, and reasonable systems of magic. Believable magic is one of the elements that will sell me on a writer. I've enjoyed The Abhorsen Trilogy, by Garth Nix, and, most recently, The Name of the Wind, by Patrick Rothfuss
( Read more... )
There are certain types of puzzles that are easy to create but hard to solve if you don't know how they were created. Factoring large prime numbers is an example. We have math that lets us quickly test if numbers are prime, but it's really hard to factor composite numbers into the primes that make them up. This means we can quickly find two large (hundreds of digits) prime numbers and multiply them together to get a really big composite number that pretty much only the person who knows the original two primes can factor.
Here's the cool part. You can put up the really big composite number on the web so that anyone can see it. It is so hard to factor that no one will be able to. Now, when anyone needs to authenticate you, all you have to do is prove that you can factor it. You now have a public test that only you can pass and that anyone can use to verify your identity.
The tricky part is making such a test reusable (proving that you know *how* to factor the number without revealing what those factors actually *are*), but that's a whole different topic.
Reply
Can you extrapolate from there to a Factoring problem that can be individuated up and down the mathematics affinity scale? I'm sure the theory can transpose across skill sets.
Reply
I'm all fluttery over here now...
Reply
Reply
(i find your question interesting because it's something i've idly speculated about before-- now i'm going to tie both your threads together-- by wondering if teaching all my friends to juggle would let me figure out whether they'd been replaced by doppelgangers who also stole their memories, if said doppelgangers didn't also have their skills... :) :) :) )
(or more generally, people have distinctive and recognizeable ways of doing a lot of physical skills-- walking, dancing, fighting, tapping morse code-- that might not be duplicated along with their knowledge.) )
Reply
But "how you do what you do" is interesting! I explored "user fist" algorithms at my previous employer's, and for several reasons the system proved unreliable. That is, unreliable for the purposes of securing the information we were securing. But something like the "user fist" (or "user facility" in some other arena, like juggling) must be unique enough...
We need an individuated Turing Test.
Reply
This problem is reminds me a lot of determining whether or not a sequence of number is random. Please pardon the obligatory Dilbert comic:
Any attempt to read a sequence of actions and determine if it was generated by a specific person is going to have to be probabilistic, just like a test for randomness. It seems to me like the trick is accurately calculating that probability. Take identifying someone by their typing style, for instance. We can ask someone to type some passage of text and measure the accuracy and time between keystrokes to try to identify a user. But users will vary, and it is almost certain that in a large enough pool of people there will be two whose variations overlap somewhat. The users won't be identical, but there will exist certain output sequences that will be plausible for either user. Then the trick is determining which user is more likely.
I feel that this is a problem that humans may be a lot better than computers at.
Another point of interest: people change over time, so the authentication will have to change as well. Skills improve or deteriorate. If you ask a user to type a specific passage to identify themselves a lot, they will get better at typing that passage, and maybe at typing in general. When I was researching identifying authors by their writing styles, I found out that authors change style a lot over the course of a lifetime, to the point that an author's early work and later work may be less similar than some different authors are.
On a practical level, how would you maintain the authentication scheme in the face of changing skills? On a philosophical level, if a person's skill changes so much so that they no longer authenticate, is the authentication test right? Are they a different person?
This would make a great discussion over a bottle of wine some day
Reply
It looks like the book has good references in it based on the preview that they put on the web. Maybe it'd be worth checking out. Or at least finding someone with a subscription to their books...
Reply
(The comment has been removed)
That is true of any identity measure. I would argue that those cases illustrate the importance of improving the accuracy and affordability of biometric identity measures, but also, by extension to other kinds of accident or mishap, the importance of layering the modes of measure. I'm all for stacking the modes if it means decreasing the likelihood that someone can pretend to be me.
People know my father-in-law for..
Hmm. This starter might actually be the only real measure: who you know. :)
Reply
I only know of two generally accepted forms of authentication: knowledge of a secret (in many variations) and possession of an object (which many be your body). The idea of authenticating someone based on how the do something is really cool, but I've never seen it actually used. If you've heard of something similar used in practice, I would love to hear about it.
I wonder how consistent people really are and how quickly their skills change. It's like voice recognition: it seems like a great idea, but what if I have a cold?
Reply
That's the next challenge, I suppose: Linking ME to MINE.
but what if I have a cold?
Ah, right. Or a broken finger, or a sore knee, or a momentary bout of forgetting how to play "Danny Boy". (It happens.) This is a good point.
Reply
Leave a comment