[125802] in cryptography@c2.net mail archive
Re: Ransomware
daemon@ATHENA.MIT.EDU (Dave Howe)
Wed Jun 11 14:18:32 2008
Date: Wed, 11 Jun 2008 19:13:25 +0100
From: Dave Howe <DaveHowe@gmx.co.uk>
To: Email List - Cryptography <cryptography@metzdowd.com>
In-Reply-To: <20080610234050.GU6146@yuggoth.org>
The Fungi wrote:
> On Tue, Jun 10, 2008 at 11:41:56PM +0100, Dave Howe wrote:
>> The key size would imply PKI; that being true, then the ransom may
>> be for a session key (specific per machine) rather than the
>> master key it is unwrapped with.
>
> Per the computerworld.com article:
>
> "Kaspersky has the public key in hand ? it is included in the
> Trojan's code ? but not the associated private key necessary to
> unlock the encrypted files."
>
> http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9094818
>
> This would seem to imply they already verified the public key was
> constant in the trojan and didn't differ between machines (or that
> I'm giving Kaspersky's team too much credit with my assumptions).
Sure. however, if the virus (once infecting the machine) generated a
random session key, symmetric-encrypted the files, then encrypted the
session key with the public key as part of the "ransom note" then that
would allow a single public key to be used to issue multiple ransom
demands, without the unlocking of any one machine revealing the "master
key" that could unlock all of them.
giving away your entire extortion capability to the first person to pay
up doesn't seem sane, if you could as easily make each machine a unique
proposition...
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
