Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Malicious Cryptography", Adam L. Young/Moti Yung

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKMLCRPT.RVW 20041012 Malicious Cryptography , Adam L. Young/Moti Yung, 2004, 0-7645-4975-8, U$45.00/C$64.99/UK#29.99 %A Adam L. Young %A Moti Yung %C
    Message 1 of 1 , Dec 20, 2004
      BKMLCRPT.RVW 20041012

      "Malicious Cryptography", Adam L. Young/Moti Yung, 2004,
      0-7645-4975-8, U$45.00/C$64.99/UK#29.99
      %A Adam L. Young
      %A Moti Yung
      %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
      %D 2004
      %G 0-7645-4975-8
      %I John Wiley & Sons, Inc.
      %O U$45.00/C$64.99/UK#29.99 416-236-4433 fax: 416-236-4448
      %O http://www.amazon.com/exec/obidos/ASIN/0764549758/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0764549758/robsladesin03-20
      %P 392 p.
      %T "Malicious Cryptography: Exposing Cryptovirology"

      Both the foreword and the introduction are turgid, and bloated with
      excessive verbiage, while never giving a clear indication of what the
      book is actually about. Does it have to do with viruses at all? Is
      it about the use of cryptography in any kind of criminal or unethical
      endeavour? The initial material does not make this clear.
      Occasionally the text becomes so flowery that sentences have no
      meaning at all.

      The lack of clarity is not assisted by the creation of new and
      idiosyncratic terms, or the use of existing jargon in non-standard
      ways. In chapter one, a fictional and glacially slow trip through the
      mind of a virus writer, we are told that self-checking modules that
      some programs use to detect modification in their own code are
      "beneficial Trojans" or "battleprogs." The term multipartite is
      defined in such a way that merely copying the program into RAM (Random
      Access Memory) qualifies: that would make every virus ever written,
      and every program, for that matter, multipartite. "Kleptogram" is
      used throughout the book, but only defined (and not very clearly) in
      the last chapter. Releasing any virus is seen as having something to
      do with "information warfare," which would agree with many
      sensationalistic journalists who have written on the subject, but
      would probably surprise legitimate experts such as Dorothy Denning.
      "Virology" itself (and the more specialized "cryptovirology") is an
      excellent term for computer virus research--it just isn't used very
      widely. There is a glossary: it defines commonly known terms and does
      not define the specialized jargon that the authors have used.

      The confusion is not limited to terminology. There is no technical
      sense to the statement (on page twenty five) that a certain layer of
      the network stack is "high enough to facilitate rapid software
      development" (compilers don't care where their software ends up) but
      low enough to escape detection (files, processes, and network packets
      are all visible). A disk locking program, as described, would have no
      effect on the operations of a remote access trojan. And, of course,
      our fictional protagonist is constantly creating new versions of the
      mythical "undetectable" virus, without there being any indication of
      how this might be done.

      (The fictional aspects of the book are not limited to chapter one.
      Throughout the work, examples are taken from fiction: it certainly
      feels like more illustrations come from works like "Shockwave Rider"
      and "Alien" than from real life.)

      Chapter two starts to get a bit better. The authors introduce the
      idea of using asymmetric cryptography in order to create a virus (or
      other piece of malware) that, rather than merely destroying data,
      provides for a reversible denial of access to data, and therefore the
      possibility of extortion. The idea is academically interesting, but
      there might be a few practical details to be worked out.

      Chapter three seems to move further into the academic realm, with an
      interesting overview of issues in regard to the generation of random,
      or pseudorandom, numbers. There is also an initial exploration of
      anonymity, with an insufficient description of "mix networks" (onion
      routing being one example). A little more discussion of anonymity
      starts off chapter four, which then moves on to another use of
      asymmetric cryptography in malware: the "deniable" recovery of stolen
      information, via distribution over public channels. Cryptocounters,
      which could be used to store generational or other information about
      the spread of a virus, without such data being accessible to virus
      researchers, are discussed in chapter five. Chapter six looks at
      aspects of searching for, and retrieving, information without
      disclosing the fact that an exploration is occurring. However, much
      of the material appears to be some highly abstract solutions rather
      desperately in search of problems. Varying the extortion scenario,
      chapter seven proposes a viral network that could retaliate for
      disinfection of any node by threatening disclosure of sensitive
      information. While the analysis of the structure of the attack is
      sound, the assumption of payoffs, coercion, and undetectability leave
      something to be desired.

      Chapter eight examines the standard antiviral processes (signature
      scanning, activity monitoring, and change detection) with some
      miscellaneous explorations, although the discussion is prejudiced by
      the assumption that we are dealing with traditional (and no longer
      widely used) file infectors. Trojan horse programs are not terribly
      well defined in chapter nine. (I was amused at the disclaimer given
      when the issue of "salami" scams was raised: I have found reliable
      evidence for only one, extremely minor, instance of the device.)
      Subliminal channels are means of passing information via cryptographic
      keys, but chapter ten is not very clear in regard to their use.
      SETUPs (Secretly Embedded Trapdoor with Universal Protection) are
      discussed in chapter eleven, although the authors appear to admit that
      this is only an academic exercise: there are easier attacks. Another
      form is discussed in chapter twelve.

      Does this book fulfill its function? That rather depends on what the
      intent of the work was, which is far from clear. Was the text
      intended to be a reference for some interesting topics in
      cryptography? The verbiage and lack of structure would be a
      difficulty for those seeking to use it so. Is the publication
      directed at the general public? The audience of those who read number
      theoretical manuscripts for fun might be a bit limited. (I've got to
      say that "Algebraic Aspects of Cryptography" [cf. BKALASCR.RVW] was an
      easier read, and it makes no pretence of being other than an
      scholastic paper.)

      Is the volume supposed to be a serious warning against new forms of
      malware? The inclusion of a great deal of extraneous content and the
      lack of clear explanations or examples of some basic concepts limit
      the value of the work in this regard. In addition, much of the
      material concentrates on building more malign malware, rather than
      dealing with defence against it. (I'm not too worried about vxers
      getting ideas from Young and Yung: implementing crypto properly is a
      painstaking task, and from almost twenty years experience of studying
      blackhat products and authors, I'm fairly sure there'd be lots of bugs
      in what might be released. On the other hand, somebody in a
      government office might be working on Magic Lantern version 3.01 ...)

      For those seriously involved in the study of viruses and malware this
      book has some interesting points that should be examined, but little
      of practical use. For ardent students of cryptography, the work notes
      some interesting areas of work. For those seeking examples of writing
      styles to emulate, please look elsewhere.

      copyright Robert M. Slade, 2004 BKMLCRPT.RVW 20041012

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      If you can't be kind, at least have the decency to be vague.
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.