|
Cryptovirology is a field that studies how to use cryptography to design powerful malicious software. The field was born with the observation that public-key cryptography can be used to break the symmetry between what a malware analyst sees regarding malware and what the malware creator sees. The former sees a public key in the malware whereas the latter sees the public key as well as the corresponding private key since the malware designer created the key pair for the attack. The public key allows the malware to perform trapdoor one-way operations on the victim's computer that only the malware creator can undo. The first attack that was identified in the field is called "cryptoviral extortion".〔 (IEEEExplore: Cryptovirology: extortion-based security threats andcountermeasures )〕 In this attack a virus, worm, or trojan hybrid encrypts the victim's files and the victim must pay the malware author to receive the needed session key (which is encrypted under the malware creator's public key that is contained in the malware). The victim needs the session key if the files are needed and there are no backups of them. The field also encompasses covert attacks in which the attacker secretly steals private information such as private keys. An example of the latter type of attack are asymmetric backdoors. An asymmetric backdoor is a backdoor (e.g., in a cryptosystem) that can be used only by the attacker, even after it is found. This contrasts with the traditional backdoor that is symmetric, i.e., anyone that finds it can use it. Kleptography, a subfield of cryptovirology, is the study of asymmetric back doors in key generation algorithms, digital signature algorithms, key exchanges, and other cryptographic algorithms. The NIST Dual EC DRBG random bit generator has an alleged asymmetric backdoor in it. The EC-DRBG algorithm utilizes the discrete-log kleptogram from Kleptography. There is a misconception that cryptovirology is mostly about extortion attacks (overt attacks). In fact, the vast majority of cryptovirology attacks are covert in nature. ==General information== Cryptovirology was born in academia.〔 It is an investigation into how modern cryptographic paradigms and tools can be used to strengthen, improve, and develop new malicious software (malware) attacks. Cryptovirology extends beyond finding protocol failures and design vulnerabilities. It is a forward-engineering discipline that can be used for attacking rather than defending. A "questionable encryption scheme", which was introduced by Young and Yung, is an attack tool in cryptovirology. Informally speaking, a questionable encryption scheme is a public key cryptosystem (3-tuple of algorithms) with two supplementary algorithms, forming a 5-tuple of algorithms. It includes a deliberately bogus yet carefully designed key pair generation algorithm that produces a "fake" public key. The corresponding private key (witness of non-encryption) cannot be used to decipher data "encrypted" using the fake public key. By supplying the key pair to an efficient verification predicate (the 5th algorithm in the 5-tuple) it is proven whether the public key is real or fake. When the public key is fake, it follows that no one can decipher data "enciphered" using the fake public key. A questionable encryption scheme has the property that real public keys are computationally indistinguishable from fake public keys when the private key is not available. The private key forms a poly-sized witness of decipherability or indecipherability, whichever may be the case. An application of a questionable encryption scheme is a trojan that gathers plaintext from the host, "encrypts" it using the trojan's own public key (which may be real or fake), and then exfiltrates the resulting "ciphertext". In this attack it is thoroughly intractable to prove that data theft has occurred. This holds even when all core dumps of the trojan and all the information that it broadcasts is entered into evidence. An analyst that jumps to the conclusion that the trojan "encrypts" data risks being proven wrong by the malware author (e.g., anonymously). When the public key is fake, the attacker gets no plaintext from the trojan. So what's the use? A spoofing attack is possible in which some trojans are released that use real public keys and steal data and some trojans are released that use fake public keys and do not steal data. Many months after the trojans are discovered and analyzed, the attacker anonymously posts the witnesses of non-encryption for the fake public keys. This proves that those trojans never in fact exfiltrated data. This casts doubt on the true nature of future strains of malware that contain such "public keys", since the keys could be real or fake. This attack implies a fundamental limitation on proving data theft. There are many other attacks in the field of cryptovirology that are not mentioned here. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「cryptovirology」の詳細全文を読む スポンサード リンク
|