[125668] in cryptography@c2.net mail archive
Re: Ransomware
daemon@ATHENA.MIT.EDU (Jim Youll)
Mon Jun 9 17:37:12 2008
Cc: cryptography@metzdowd.com
From: Jim Youll <jim@cr-labs.com>
To: "Leichter, Jerry" <leichter_jerrold@emc.com>
In-Reply-To: <Pine.SOL.4.61.0806091149400.24323@mental>
Date: Mon, 9 Jun 2008 15:11:01 -0400
On Jun 9, 2008, at 11:54 AM, Leichter, Jerry wrote:
> Computerworld reports:
>
> http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9094818
> [...]
> Apparently earlier versions of this ransomware were broken because
> of a
> faulty implementation of the encryption. This one seems to get it
> right. It uses a 1024-bit RSA key. Vesselin Bontchev, a long-time
> antivirus developer at another company, claims that Kaspersky is just
> looking for publicity: The encryption in this case is done right and
> there's no real hope of breaking it.
If there's just one key, then Kaspersky could get maximum press by
paying the ransom and publishing it. If there are many keys, then
Kaspersky
still has reached its press-coverage quota, just not as dramatically.
> Speculation about this kind of attack has made the rounds for years.
> It appears the speculations have now become reality.
But press gambits from security companies have been in the realm of
reality for
quite some time!
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
