What happens to all that debris?

Jonathan_S wrote:There is some risk to using untrusted ships to carry your messages. And we have seen that Honorverse crypto keys can be stolen; which could allow a malicious ship transiting to hand off a forged message, rather than simply "losing" or garbling the message so the digital signature couldn't be verified..

Of course keys can be stolen. The weakest part of any encryption is the humans on either side who are managing the encryption and the messages. That's what allowed the Allies to crack Enigma in WW2, that's still today how most hacks happen: social engineering.

Anyway, there are mitigations possible for all of these. For example, split the content of the key send it over 5 people, with each person carrying 25%, so that if any one is compromised, the entire key can still be retrieved (this is very simplistic, there are better ways of doing that and identifying who was compromised).

They can also send the message using multiple keys for redundancy, so the chance of compromising all keys is small.

It'd be a easier to design a system that was resistant to a dropped or unverifiable message than to a forged one. A message you don't get or can't trust could be dealt with by a protocol that limited the length of time the wormhole could be controlled by a given side, combined with a maximum number of outbound transits before you must pause to allow the other side to send you inbound traffic; which can only be overridden by getting an specific affirmative response to a message requesting a deviation.

The problem of a MAlign ship "dropping" the message is that the next ship will carry a good message. The ship going in the reverse direction will also contain information that the last message wasn't received. Even if the MAlign ship had the stolen keys and sent forged message, the ship in the reverse direction would reveal to ACS that something weird happened and ACS would immediately go on alert.

To make any attack feasible, the MAlign would need to have ships on both sides queued and transiting at the same time. And it would need to send multiple ships so communication didn't happen for a length of time that suits their needs. For example, under normal circumstances, the first 5 ships on the queue will not change, even if ACS has an urgent need to change. The worst I can think of is that one of the ships already in queue has a medical emergency and wants to transit to Manticore for access better hospitals, but that would gain something like 12 minutes out of a three-hour trip (1 hour in hyper, 2 hours from the hyper limit to Manticore).

That brings the question: what is the exploit?

ThinksMarkedly wrote:

Jonathan_S wrote:There is some risk to using untrusted ships to carry your messages. And we have seen that Honorverse crypto keys can be stolen; which could allow a malicious ship transiting to hand off a forged message, rather than simply "losing" or garbling the message so the digital signature couldn't be verified..

Of course keys can be stolen. The weakest part of any encryption is the humans on either side who are managing the encryption and the messages. That's what allowed the Allies to crack Enigma in WW2, that's still today how most hacks happen: social engineering.

Anyway, there are mitigations possible for all of these. For example, split the content of the key send it over 5 people, with each person carrying 25%, so that if any one is compromised, the entire key can still be retrieved (this is very simplistic, there are better ways of doing that and identifying who was compromised).

They can also send the message using multiple keys for redundancy, so the chance of compromising all keys is small.

It'd be a easier to design a system that was resistant to a dropped or unverifiable message than to a forged one. A message you don't get or can't trust could be dealt with by a protocol that limited the length of time the wormhole could be controlled by a given side, combined with a maximum number of outbound transits before you must pause to allow the other side to send you inbound traffic; which can only be overridden by getting an specific affirmative response to a message requesting a deviation.

The problem of a MAlign ship "dropping" the message is that the next ship will carry a good message. The ship going in the reverse direction will also contain information that the last message wasn't received. Even if the MAlign ship had the stolen keys and sent forged message, the ship in the reverse direction would reveal to ACS that something weird happened and ACS would immediately go on alert.

To make any attack feasible, the MAlign would need to have ships on both sides queued and transiting at the same time. And it would need to send multiple ships so communication didn't happen for a length of time that suits their needs. For example, under normal circumstances, the first 5 ships on the queue will not change, even if ACS has an urgent need to change. The worst I can think of is that one of the ships already in queue has a medical emergency and wants to transit to Manticore for access better hospitals, but that would gain something like 12 minutes out of a three-hour trip (1 hour in hyper, 2 hours from the hyper limit to Manticore).

That brings the question: what is the exploit?

It is still too complicated. It violates the KISS principle.

The MA doesn't have to have ANY ships ready to go. They can simply hijack the mind of key personnel inside ACS. However, if RMN ships are used as tlb suggests as the STOP point in transits, that can be eyed with the naked eye. RMN ships are harder to infiltrate than simple transmissions.

As far as the exploit? You'd have to ask a malignant mind. Mine is simply to point out vulnerabilities in the hardware, software and modus operandi.

But, setting up the Queen, an important envoy, Protector Benjamin, or Honor herself to be the victim of a pile up would be disastrous enough. Say, send a Case Zulu to Trevor's Star and the MBS simultaneously and let them both meet at the gate. Don't ask me how. Ask a malignant mind. If something can be exploited, it will be.

Since there are inbound and outbound lanes shouldn't there be two-way traffic at all times thru the junction? There probably is.

cthia wrote:Since there are inbound and outbound lanes shouldn't there be two-way traffic at all times thru the junction? There probably is.

There can't be simultaneous 2 way traffic because, while there are separate lanes, the wormhole "lock down" is bidirectional and so prevents continuous two-way traffic.


A ship comes through and the next outbound (or inbound) ship physically cannot use the wormhole for 10 seconds (anything up to 2.5 mtons), to 120 seconds (an 8.8 mton Harrington II SD(P)), or more if there are even larger ships out there.


However we don't know if a ship takes any damage from attempting to use the wormhole before it unlocks; so we don't know whether the attempt is dangerous or not.

Jonathan_S wrote:

cthia wrote:Since there are inbound and outbound lanes shouldn't there be two-way traffic at all times thru the junction? There probably is.

There can't be simultaneous 2 way traffic because, while there are separate lanes, the wormhole "lock down" is bidirectional and so prevents continuous two-way traffic.


A ship comes through and the next outbound (or inbound) ship physically cannot use the wormhole for 10 seconds (anything up to 2.5 mtons), to 120 seconds (an 8.8 mton Harrington II SD(P)), or more if there are even larger ships out there.


However we don't know if a ship takes any damage from attempting to use the wormhole before it unlocks; so we don't know whether the attempt is dangerous or not.

I'm not following. If one transit locks the wormhole down for 10 seconds, then how are mass transits effected? My whole reasoning in the first place was akin to *wideloads* using the highway which takes up both lanes. I always thought mass transits had to spread all the ships out across inbound and outbound lanes to fit them all in under one transit.

And if that is the case, let's consider a maximum mass transit. Since I don't know what that is, for the sake of argument let's call it 50 ships. The junction will accept 50 ships at once. Well what's stopping ACS from stacking 'em 25 deep from opposite ends of the junction? At time index "00.00.00"

A mass pileup on Aisle 1 because the flagman was compromised.

Another question.

What happens to that last ship of a mass transit that exceeds the limit by one ship? Or half a ship? Does the junction destroy the whole transit? Is it akin to running into a brick wall? What?

cthia wrote:Another question.

What happens to that last ship of a mass transit that exceeds the limit by one ship? Or half a ship? Does the junction destroy the whole transit? Is it akin to running into a brick wall? What?

If a mass transit exceeds the mass, it shreds the entire transit mass. Not completely certain if it would transit, or stay at the terminus.

cthia wrote:

Jonathan_S wrote:There can't be simultaneous 2 way traffic because, while there are separate lanes, the wormhole "lock down" is bidirectional and so prevents continuous two-way traffic.


A ship comes through and the next outbound (or inbound) ship physically cannot use the wormhole for 10 seconds (anything up to 2.5 mtons), to 120 seconds (an 8.8 mton Harrington II SD(P)), or more if there are even larger ships out there.


However we don't know if a ship takes any damage from attempting to use the wormhole before it unlocks; so we don't know whether the attempt is dangerous or not.

I'm not following. If one transit locks the wormhole down for 10 seconds, then how are mass transits effected? My whole reasoning in the first place was akin to *wideloads* using the highway which takes up both lanes. I always thought mass transits had to spread all the ships out across inbound and outbound lanes to fit them all in under one transit.

And if that is the case, let's consider a maximum mass transit. Since I don't know what that is, for the sake of argument let's call it 50 ships. The junction will accept 50 ships at once. Well what's stopping ACS from stacking 'em 25 deep from opposite ends of the junction? At time index "00.00.00"

A mass pileup on Aisle 1 because the flagman was compromised.

We don't know how mass transits work except that they do seem to require all the ships go simultaneously. But we do know the limit is mass based not based on the number of ships. In the case of Manticore's Junction that limit is that the "maximum possible mass for a single transit was approximately two hundred million tons" [EoH]. That seems to mean, at least in theory, you could send 22 SDs, or about 225 BCs.

I guess since we don't know how it work it might in theory be possible to have clocks synchronized enough that ships on both ends trigger simultaneous transits each way - but I suspect that the synchronization requires more than just timing.

Though the reason ACS wouldn't do mass transits normally (aside from the fact that they're apparently somewhat more dangerous - for reasons that also aren't specified in the books) is that "Unfortunately, any wormhole transit destabilized the termini involved for a minimum of ten seconds, and vessels which massed more than about two and a half million tons destabilized it for a total interval proportional to the square of the transiting mass . . . which meant a maximum-mass transit would lock the route from Manticore to Basilisk solid for over seventeen hours. " [EoH] But send those SDs through one at a time and we're told each locks the route for around 113 seconds - so those same 22 SDs would lock the wormhole down about 42 minutes instead of 17 hours.

Also we're told that that 200 million tons is the highest known mass transit size of any known wormhole. But we're not told how much lower the limits of other wormholes might be. Nor are we told if all wormholes follow the exact same mass vs lockdown exponential curve; or if a lower maximum mass might also translates into longer delays for a given tonnage.

In any case simultaneous mass transits would only increase the Junction's long term throughput when the combined mass of all the mass transiting ships comes to no more than about 6.1 mtons (less than a larger freighter); since that generates a 60 second lock up; which corresponds to ACS's minimum allowable transit window. So it could theoretically speed things up to send light units like destroyers, cruisers, or dispatch boats through in groups - but not the larger ships.

cthia wrote:

Jonathan_S wrote:There can't be simultaneous 2 way traffic because, while there are separate lanes, the wormhole "lock down" is bidirectional and so prevents continuous two-way traffic.


A ship comes through and the next outbound (or inbound) ship physically cannot use the wormhole for 10 seconds (anything up to 2.5 mtons), to 120 seconds (an 8.8 mton Harrington II SD(P)), or more if there are even larger ships out there.


However we don't know if a ship takes any damage from attempting to use the wormhole before it unlocks; so we don't know whether the attempt is dangerous or not.

I'm not following. If one transit locks the wormhole down for 10 seconds, then how are mass transits effected? My whole reasoning in the first place was akin to *wideloads* using the highway which takes up both lanes. I always thought mass transits had to spread all the ships out across inbound and outbound lanes to fit them all in under one transit.

And if that is the case, let's consider a maximum mass transit. Since I don't know what that is, for the sake of argument let's call it 50 ships. The junction will accept 50 ships at once. Well what's stopping ACS from stacking 'em 25 deep from opposite ends of the junction? At time index "00.00.00"

A mass pileup on Aisle 1 because the flagman was compromised.

Jonathan_S wrote:We don't know how mass transits work except that they do seem to require all the ships go simultaneously. But we do know the limit is mass based not based on the number of ships. In the case of Manticore's Junction that limit is that the "maximum possible mass for a single transit was approximately two hundred million tons" [EoH]. That seems to mean, at least in theory, you could send 22 SDs, or about 225 BCs.

I guess since we don't know how it work it might in theory be possible to have clocks synchronized enough that ships on both ends trigger simultaneous transits each way - but I suspect that the synchronization requires more than just timing.

Though the reason ACS wouldn't do mass transits normally (aside from the fact that they're apparently somewhat more dangerous - for reasons that also aren't specified in the books) is that "Unfortunately, any wormhole transit destabilized the termini involved for a minimum of ten seconds, and vessels which massed more than about two and a half million tons destabilized it for a total interval proportional to the square of the transiting mass . . . which meant a maximum-mass transit would lock the route from Manticore to Basilisk solid for over seventeen hours. " [EoH] But send those SDs through one at a time and we're told each locks the route for around 113 seconds - so those same 22 SDs would lock the wormhole down about 42 minutes instead of 17 hours.

Also we're told that that 200 million tons is the highest known mass transit size of any known wormhole. But we're not told how much lower the limits of other wormholes might be. Nor are we told if all wormholes follow the exact same mass vs lockdown exponential curve; or if a lower maximum mass might also translates into longer delays for a given tonnage.

In any case simultaneous mass transits would only increase the Junction's long term throughput when the combined mass of all the mass transiting ships comes to no more than about 6.1 mtons (less than a larger freighter); since that generates a 60 second lock up; which corresponds to ACS's minimum allowable transit window. So it could theoretically speed things up to send light units like destroyers, cruisers, or dispatch boats through in groups - but not the larger ships.

Thanks. I know it is all mass limited. It's just easier to talk ships.

I can see the whole ordeal needing some other requirements other than timing, but by the same token whatever the requirements are, they could be satisfied on both sides.

Depending on the results from the other post fielded by Theemile regarding a mass transit exceeding the mass limit, if the mass transit is destroyed then up to 450 BCs or 44 SDs can be wiped out at the push of the transit button.

"HANDS OFF THAT BUTTON!"

cthia wrote:Thanks. I know it is all mass limited. It's just easier to talk ships.

I can see the whole ordeal needing some other requirements other than timing, but by the same token whatever the requirements are, they could be satisfied on both sides.

Depending on the results from the other post fielded by Theemile regarding a mass transit exceeding the mass limit, if the mass transit is destroyed then up to 450 BCs or 44 SDs can be wiped out at the push of the transit button.

"HANDS OFF THAT BUTTON!"

I don't know if Theemile is correct. I don't recall any specific mention in the books of what happens when you exceed the mass limit.

All I can offer is that the mass limit of wormholes was determined somehow, and yet when talking of wormhole exploration nobody shared a grizzly tale of the first time a mass transit limit was exceeded. That might be the thinnest hint that exceeding the limit might be rather boring; with a bunch of ships simply failing to transit and instead continuing in normal space as their momentum carries them past the entry point.

OTOH lack of such a grizzly story might just mean there hasn't been reason for RFC to think about it or share such a tale. So if it become relevant to his stories we might yet hear of the first folks that discovered wormhole mass transit limits -- and whether that was farce or disaster.

Jonathan_S wrote:

cthia wrote:Thanks. I know it is all mass limited. It's just easier to talk ships.

I can see the whole ordeal needing some other requirements other than timing, but by the same token whatever the requirements are, they could be satisfied on both sides.

Depending on the results from the other post fielded by Theemile regarding a mass transit exceeding the mass limit, if the mass transit is destroyed then up to 450 BCs or 44 SDs can be wiped out at the push of the transit button.

"HANDS OFF THAT BUTTON!"

I don't know if Theemile is correct. I don't recall any specific mention in the books of what happens when you exceed the mass limit.

All I can offer is that the mass limit of wormholes was determined somehow, and yet when talking of wormhole exploration nobody shared a grizzly tale of the first time a mass transit limit was exceeded. That might be the thinnest hint that exceeding the limit might be rather boring; with a bunch of ships simply failing to transit and instead continuing in normal space as their momentum carries them past the entry point.

OTOH lack of such a grizzly story might just mean there hasn't been reason for RFC to think about it or share such a tale. So if it become relevant to his stories we might yet hear of the first folks that discovered wormhole mass transit limits -- and whether that was farce or disaster.

Theemile's thinking may be in tune with my own. I can accept something totally boring happening, like some ships having to catch the next trip.

The problem with that is it seems so arbitrary. To effect a mass transit then the wormhole has to "see" all ships as one whole mass. They must all have crossed a certain threshold or invisible line as it were. Unless the worm has eyes to resolve the "photo finish" it becomes arbitrary to determine which ships make it. And from which, or both, directions. Perhaps the MAlign knows more.

It also begs the question of the limits being exceeded while towing LACs. Does it blow out the tractors, destroy the LACs and/or damage the towing ships, and yadda. All rhetorical questions of course.