Loading ...
Sorry, an error occurred while loading the content.

Cryptoviral extortion using Microsoft's Crypto API

Expand Messages
  • Joschka Fisher
    from the too important to sit on desk of joschka fischer If you want the pdf...I ll email it to you! Cryptoviral extortion using Microsoft s Crypto API
    Message 1 of 1 , Feb 27 7:46 PM
    • 0 Attachment
      from the "too important to sit on" desk of joschka

      "If you want the pdf...I'll email it to you!"

      Cryptoviral extortion using Microsoft's Crypto API

      International Journal of Information Security
      Publisher Springer Berlin / Heidelberg
      ISSN 1615-5262 (Print) 1615-5270 (Online)

      Subject Computer Science and Mathematics and
      Issue Volume 5, Number 2 / April, 2006
      Category Special Issue Paper
      DOI 10.1007/s10207-006-0082-7
      Pages 67-76
      SpringerLink Date Saturday, March 04, 2006


      Adam L. Young1 Contact Information
      (1) 23 Dudley Court, Sterling, VA 20165, USA

      Published online: 8 March 2006
      Abstract This paper presents the experimental results
      that were obtained by implementing the payload of a
      cryptovirus on the Microsoft Windows platform. The
      attack is based entirely on the Microsoft
      Cryptographic API and the needed API calls are covered
      in detail. More specifically, it is shown that by
      using eight types of API calls and 72 lines of C code,
      the payload can hybrid encrypt sensitive data and hold
      it hostage. Benchmarks are also given. A novel
      countermeasure against cryptoviral extortion attacks
      is shown that forces the API caller to demonstrate
      that an authorized party can recover the
      asymmetrically encrypted data.

      Keywords Cryptovirus - Public key cryptography -
      Hybrid encryption - Cryptographic API - RSA
      Adam L. Young received a B.S. in Electrical
      Engineering from Yale in 1994 and a M.S. and Ph.D. in
      Computer Science from Columbia University in 1996 and
      2002, respectively. He served as a MTS at Lucent under
      Michael Reiter, a Principal Engineer at Lockheed
      Martin, and has conducted research for the US DoD.
      Adam Young and Moti Yung authored the Wiley book
      “Malicious Cryptography:Exposing Cryptovirology,” that
      was published in 2004.

      Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions !
      Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses
    Your message has been successfully submitted and would be delivered to recipients shortly.