Table of Contents for
Malicious Cryptography: Exposing Cryptovirology

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Malicious Cryptography: Exposing Cryptovirology by Moti Yung Published by John Wiley & Sons, 2004
  1. Cover Page
  2. Title Page
  3. Copyright
  4. Dedication
  5. Contents
  6. Foreword
  7. Acknowledgments
  8. Introduction
  9. Chapter 1: Through Hacker's Eyes
  10. Chapter 2: Cryptovirology
  11. Chapter 3: Tools for Security and Insecurity
  12. Chapter 4: The Two Faces of Anonymity
  13. Chapter 5: Cryptocounters
  14. Chapter 6: Computationally Secure Information Stealing
  15. Chapter 7: Non-Zero Sum Games and Survivable Malware
  16. Chapter 8: Coping with Malicious Software
  17. Chapter 9: The Nature of Trojan Horses
  18. Chapter 10: Subliminal Channels
  19. Chapter 11: SETUP Attack on Factoring Based Key Generation
  20. Chapter 12: SETUP Attacks on Discrete-Log Cryptosystems
  21. Appendix A: Computer Virus Basics
  22. Appendix B: Notation and Other Background Information
  23. Appendix C: Public Key Cryptography in a Nutshell
  24. Glossary
  25. References
  26. Index

Introduction

This book is a compendium of malicious software and hardware attacks geared towards subverting computer systems. The attacks are not of the sort that exploit software bugs, design flaws, and so forth. The business of bypassing security measures is outside the scope of this work. Rather, we present a series of cryptographic methods for defiling computer systems once internal access is acquired.

Some of the attacks are more technical than others, involving recent advances in the field of cryptology. As a result this book is likely to be received in a variety of different ways. To hackers it may serve as a vade mecum. To security professionals it may serve as a long overdue warning. To science fiction buffs it may serve as a good read, and to intelligence agencies it may serve as a challenge to our First Amendment rights.

Chapter 1 is a motivational chapter that portrays the world through the eyes of a hacker. It reveals the very fabric of a hacker's existence and due to its illicit nature we mention the standard disclaimer that reads, “do not try this at home.” To perform any of the acts described therein is to risk violating the Computer Fraud and Abuse Act of 1986, among others. Hackers face scientific problems when trying to infiltrate computer systems. It was by experiencing these problems first hand that many of these attacks were discovered.

A great number of people share a close kinship with our digital brethren and to hackers it is no different. But whereas to writers it is through text, to artists it is through images, and to musicians it is through music, to hackers it is through the very language that computers speak when speaking with each other, the language of binary. To speak in binary and hear every word they say is to be one with the machine and that feeling can be hopelessly and utterly addictive.

To the uncorrupt of spirit the need to join with the machine can be controlled to a degree. This need is illustrated in Chapter 1 over the course of three short stories. They are written in second person singular and as such force the reader to play the role of the subduer. It is the reader that steals passwords using a Trojan horse program. It is the reader that spends years developing an insidious computer virus, and it is the reader that takes over the local area network of a small company. Yet everywhere in the storyline the privacy and integrity of other people's data is respected. It portrays the pursuit of knowledge and the thrill of the hunt, not the kill.

As Lord Acton once said, “power corrupts; absolute power corrupts absolutely.” This could not be truer with respect to hacking. For this reason we urge readers not to abuse the ideas presented in this book. If our efforts coax so much as a single hacker to embrace the greater mathematical challenges facing system security, then our writing will not have been for naught, for such a hacker is likely to seek recognition in the form of conference papers in lieu of news reports.

Given the clandestine nature of the algorithms and protocols that are presented, it is important to emphasize the nature of secure systems research. Cryptanalysis exists to help make cryptosystems more secure. The goal of cryptanalysis is not to undo the honorable work of others, but to find vulnerabilities and fix them. Many a cryptographer has suffered the disheartening realization that his or her cipher has been broken. Lucky are those who discover this themselves, but many are they who learn the hard way when another researcher publishes the discovery in an academic forum. Cryptanalysis is the mathematician's version of hacking: it is both devil's advocate and antithesis of cryptography. History has proven the need for cryptanalysis and hence the need to find weaknesses in cryptosystems and publish them. It may be reasoned that the need for cryptanalysis extends directly to the need to investigate attacks on modern computer systems. This, we argue, is the realm of cryptovirology and in this treatise we take a first step in this direction.

In the public eye, the word cryptography is virtually synonymous with security. It is a means to an end, a way to send e-mail privately and purchase items securely on-line. If nothing else this book will challenge that view. In the chapters that follow it is shown how modern cryptographic paradigms and tools including semantic security, reduction arguments, polynomial indistinguishability, random oracles, one-way functions, Feistel ciphers, entropy extractors, pseudorandom number generators, etc., can in fact be used to degrade system security.

It is shown how to devise a cryptovirus to usurp data from a host machine without revealing that which is sought, even if the virus is observed at every turn. It is shown how to design a password-snatching cryptotrojan that makes it virtually impossible to identify the author when the encrypted passwords are retrieved. Furthermore, it is intractable to determine if the cryptotrojan is encrypting anything at all even when it is under constant surveillance.

Still other cryptotrojans are described that attack industry-standard cryptosystems. By design, these Trojans give the attacker covert access to the private keys of users and are extremely robust against reverse engineering. When implemented in tamper-resistant devices these transgressions cannot be detected by anyone save the attacker. Such Trojans are ideal for governments that wish to obtain covert access to the encrypted communications of their citizens. These Trojans show how to apply cryptography within cryptography itself to undermine the very trust that cryptosystems were designed to provide. In so doing we will expose the dark side of cryptography and thereby reveal its true dual-edged nature.

Several of the attacks have known countermeasures, some of which are ideal and others that are merely heuristic in nature. These defenses are described in detail to give the book a more balanced presentation to the community at large. It is our belief that these malicious software attacks should be exposed so that security analysts will recognize them in the event that they appear in fielded computer systems. Doing so has the potential of minimizing the malicious software learning curve that practitioners might otherwise face.

In all likelihood the attacks that are described in this book constitute the tip of the iceberg in terms of what is possible. Offensive information warfare is an area of research that is scarcely funded by the U.S. government, for obvious reasons. However, the notion of malicious software as well as cryptography is by no means new to the federal government, and so one would expect that there has been more classified research in this area than unclassified research. This book is our earnest attempt to expose the open research in this area, since corporations, governments, and individuals have a right to know about that which threatens the integrity of their computing machinery.

Some readers will inevitably object to the nature of this book. To this end we remark that these attacks exist, they are real, and that it is perilous to sweep them under the rug. We believe that they will surface sooner or later. It is our hope that this book will encourage the study of cryptography as a whole and at the same time reveal some of the more serious threats that computer systems face, both from within and from without.

A. Y.

M. Y.

October, 2003