[125752] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Ransomware

daemon@ATHENA.MIT.EDU (Dave Howe)
Tue Jun 10 19:26:37 2008

Date: Tue, 10 Jun 2008 23:41:56 +0100
From: Dave Howe <DaveHowe@gmx.co.uk>
To: "Email List - Cryptography" <cryptography@metzdowd.com>
In-Reply-To: <1545D05A-4725-4B9A-B767-5628CDCBD335@cr-labs.com>

Jim Youll wrote:
> If there's just one key, then Kaspersky could get maximum press by
> paying the ransom and publishing it. If there are many keys, then Kaspersky
> still has reached its press-coverage quota, just not as dramatically.

The key size would imply PKI; that being true, then the ransom may be 
for a session key (specific per machine) rather than the master key it 
is unwrapped with.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[125752] in cryptography@c2.net mail archive

Re: Ransomware

daemon@ATHENA.MIT.EDU (Dave Howe)Tue Jun 10 19:26:37 2008

daemon@ATHENA.MIT.EDU (Dave Howe)
Tue Jun 10 19:26:37 2008