The Forged Tablet

The key exchange system allowed private communication. Messages were scrambled, transit was secure, and GlagalCloud could relay without reading. But encryption solved only half the problem. The other half surfaced when Frojj, the manager at Location 1, released fifty cattle to a trader who arrived with a message bearing Glagalbagal's name.

The Forgery

The message read: "Release fifty head of cattle to the bearer. Payment has been arranged. — Glagalbagal." The stone tablet was carved in a style that resembled Glagalbagal's, though upon later examination, the letter forms were slightly different. Frojj did not examine the letter forms. Frojj, who had been managing Location 1 for years and had received dozens of legitimate orders from Glagalbagal via pterodactyl, accepted the message at face value and released the cattle.

The trader was working for Skvelj. The payment had not been arranged. The cattle were gone.

Glagalbagal: I did not send that message.

Frojj: It had your name on it.

Glagalbagal: Anyone can carve my name on a stone tablet.

Frojj: Then how am I supposed to know which messages are actually from you?

This was the authentication problem. Encryption ensured that only the intended recipient could read a message. Authentication ensured that the message actually came from the claimed sender. They were different problems. A perfectly encrypted message from a forger was still a forgery.

The Seal

Glagalbagal's first attempt was a physical seal — a unique carved stamp that he pressed into soft clay attached to each message. The stamp had an intricate pattern that was difficult to replicate. Frojj could compare the seal on an incoming message against a reference impression that Glagalbagal had provided.

This worked for a while. But Blortz identified the vulnerability.

Blortz: Your stamp is a physical object. If someone makes a mould of one of your sealed messages — and there are dozens of them sitting on Frojj's shelf — they can cast a duplicate stamp.

Glagalbagal: The pattern is complex.

Blortz: The pattern is complex to carve from scratch. It is not complex to mould from an existing impression. You are relying on difficulty of creation, but the attacker only needs difficulty of duplication, which is much lower.

The physical seal was, in security terms, easy to forge once you had access to a genuine sealed message. And genuine sealed messages were everywhere — on shelves, in transit, in the hands of velociraptors. The seal was not a secret; it was a stamp that anyone could copy.

The Mathematical Seal

What Glagalbagal needed was a seal that depended on the content of the message — not a generic stamp applied to any message, but a mark that was different for every message and could only be produced by Glagalbagal.

The key exchange from Part 35 had introduced the concept of private keys — secret numbers known only to one party. Glagalbagal realised he could use his private key to create a signature: a pebble arrangement derived from both the message content and his private key.

The signature process:

Step 1: Glagalbagal computes a summary of the message — a short arrangement derived from the full message content (similar to a check sum, but more complex). This is the message digest. Step 2: He applies his private key to the digest, using the same one-directional operation from the key exchange. The result is the signature. Step 3: He attaches the signature to the message.

Verification:

Step 1: Frojj receives the message and the signature. Step 2: Frojj computes the message digest independently (he can do this — the digest procedure is public). Step 3: Frojj applies Glagalbagal's public value (the intermediate result from the key exchange, which everyone can know) to the signature, reversing the one-directional operation just enough to check whether it matches the digest.

If the signature matches the digest, two things are confirmed: the message was signed by someone who knows Glagalbagal's private key (which only Glagalbagal knows), and the message has not been altered since it was signed (because changing even one pebble in the message would change the digest, which would no longer match the signature).

Glagalbagal pressing a mathematical signature onto a message tablet — not a physical stamp, but a computed pebble arrangement derived from the message content and a private key. Frojj on the receiving end verifies the signature by computing the digest and checking it against the public value

The Distinction

Blortz: You now have two tools. Encryption hides the content — only the recipient can read it. The signature proves the sender — only the sender could have produced it.

Glagalbagal: And they are independent. I can sign a message without encrypting it — the content is readable, but the signature proves it came from me. I can encrypt without signing — the content is hidden, but the recipient does not know who sent it. Or I can do both.

Blortz: The forged tablet would have failed the signature check. Frojj would have computed the digest, checked the signature, found a mismatch, and refused to release the cattle.

Frojj: I would need to learn this procedure.

Glagalbagal: The procedure is an instruction tablet. You follow the steps. You do not need to understand the mathematics.

Frojj: That is fortunate, because I do not.

The Usability Problem

The signature system was mathematically sound. It was also, practically, a burden. Every message now required Glagalbagal to compute a digest and a signature — operations that took roughly fifteen minutes each. Every recipient needed to verify the signature — another ten minutes. For routine messages ("move the herd to the north pasture"), the twenty-five minutes of signature overhead exceeded the time required to write the message itself.

Glagalbagal decided on a tiered system. Routine internal messages — those that stayed within GlagalCloud's cave and were handled by trusted velociraptors — did not require signatures. Messages to location managers required signatures but not encryption (the content was not sensitive, but the sender's identity mattered). Customer-to-customer messages through GlagalCloud required both encryption and signatures.

Blortz: The most secure system is one that nobody uses because it is too cumbersome. Security must be proportional to risk, or it will be circumvented by the people it is meant to protect.

This was, Glagalbagal suspected, the most important security principle he had learned. The technically strongest system was useless if it was too slow, too complex, or too annoying for the people who needed it. The right level of security was the one that people would actually follow — which was always a compromise between the ideal and the practical.

Glagalbagal's signature system is the physical analogue of digital signatures, which are used every time your computer downloads a software update, verifies a website's identity, or checks that a document has not been tampered with. The key insight is that encryption and authentication solve different problems: encryption protects the content (confidentiality), while signatures protect the origin and integrity (authenticity). You can have one without the other. A postcard is authenticated (you recognise the sender's handwriting) but not encrypted (anyone can read it). A locked box from an unknown sender is encrypted but not authenticated. Most secure communication on the internet uses both. The usability trade-off Glagalbagal discovered is also real — overly strict security policies lead people to write passwords on sticky notes or share accounts. How would you design a security system that is both strong and convenient?