Professional Documents
Culture Documents
Cryptovirology: The Use of Cryptography in Virus Attacks
Cryptovirology: The Use of Cryptography in Virus Attacks
Cryptovirology: Extortion-based security threats and countermeasures by Adam Young and Moti Yung
Overview of talk
Introduce
of applications of cryptography to computer viruses How to use crypto tools as weapons in virus attacks Crypto has good intentions in mind
Typically associated with improving systems / user security We will see that certain cryptographic tools can be used to degrade security
Background on viruses
Trojan
Virus
Program within another program executing commands without the owners knowledge Defense: confine programs into small domains with rights appropriate to their intended use Program that can infect other programs by modifying them to include a, possibly evolved, copy of itself Typically perform some disturbing / annoying actions Virus that creates offspring with object code different from that of its parent Developed in response to how virus scanners work (identify viruses by searching for identifying strings)
horse
Polymorphic
virus
Properties of a virus
1) 2)
Consume CPU time and occupy space Need to modify code in host system
Such as to gain control of the program
3)
Virus Code
Original program
Original program
No
Approximation to HS virus
Very
It needs to gain access to data without being detected Needs to be immune to all user analysis Left as an open problem
Approximation
Virus effects can only be removed by virus author (so it is survivable) Based on computational intractable problem Virus has public key, author has private key
Cryptographical attack
Definition:
A denial of service attack using public key cryptosystems performed by a crypto virus/trojan
Attack
Cryptovirus
Computer virus that uses a public key generated by the virus author to encrypt data that resides on the host system The data can only be restored by the virus author (assuming no backup exists) Is survivable
Encrypt data on host using some public key cryptosystem Notify user of attack and demand that he contact the virus author Author demands a ransom in return of the private (decryption) key User either:
Pays ransom, retrieves data Denies ransom, loses data Has a backup, ignores ransom
Corresponds to Extortion
Problems
Cannot free one victim (reveal private key) without possibly freeing all victims
Victim
Solution
Hybrid cryptosystem: combine public and secret key crypto schemes Encrypt data using symmetric crypto scheme (with a session key) Encrypt session key using public crypto scheme Private key is never revealed
Random number generator -> random session key Random seed generator -> Initialization Vector (IV)
Notations
Encrypt data D using session key (symmetric) D = {D}Ks Delete D Create M = {IV, Ks}Kz Notify host/victim display M and contact info Victim gives M and ransom to virus author Author decrypts: D(M )= M = {IV, Ks} and sends M to victim
2) 3) 4) 5)
Attack
is only successful if the cryptovirus can attack critical information for which no backup exists can
Attack
Extension: create checksum of the file to be requested (through extortion) Virus looks for critical data D and desired data H Virus encrypts: D = {D}Ks Checksum: ChkSum = checksum(D, IV, Ks) Plaintext: m = {ChkSum, IV, Ks} Ciphertext: m = {m}Kz Notify user: Display m and request for H Virus author gets H, compares ChkSum, frees victim
Information attack = $
If
If
This
Consider the host to consist of the entire network Use distributed environment to hide the key in virus copies (each node)
Cannot
store entire key in single node access control between network nodes
Each
Knows: p, g Creates: xi, yi = gXi mod p Will collaborate to create encryption and decryption keys
Y
instance of virus
= encryption, X = decryption
Encryption
Each virus publishes its yi anonymously over a public channel (bulletin board) Each virus then reads public channel and computes: Encryption Key = Y = y1 * y2 * * ym (mod p)
Decryption
Each virus reveals their secret xi Decryption key = X = x1 + x2 + + xm (mod p 1) Note: shared decryption is now revealed
Stealing Attack
Securely steal information from a remote location Depend on spread of virus as the communication medium How it works
Virus encrypts data D = D Virus appends D to itself Do not notify the user Kills any ancestor that does not have D Lucky virus author will encounter virus offspring with D and decrypt it
Why not just post information online as in the secret sharing virus?
software
Cryptoviruses propagate in the same way as traditional viruses Same detection methods apply
Access
If strong crypto ciphers and random number generators are available to user processes, then they are available to viruses
Conclusion
We
have seen that cryptographic tools can be used to create a new class of viruses: cryptoviruses need not be aware of underlying cryptography use available functions the virus writer an extortion method
Author
Gives
Authors:
better to make attacks publicly known than to wait for attacks to occur