Cryptovirology: extortion-based security threats and countermeasures
作者: Moti Yung , Adam Young
关键词:
摘要: Traditionally, cryptography and its applications are defensive in nature, provide privacy, authentication, security to users. In this paper we present the idea of ``Cryptovirology'' which employs a twist on cryptography, showing that it can also be used offensively. By being offensive mean mount extortion based attacks cause loss access information, confidentiality, information leakage, tasks typically prevents. analyze potential threats rogue use when combined with software (viruses, Trojan horses), demonstrate them experimentally by presenting an implementation ``cryptovirus'' have tested (we took careful precautions process insure virus remained contained). Public-key is essential (which call "cryptovirological attacks''). We suggest countermeasures mechanisms cope prevent such attacks. These implications how cryptographic tools should managed audited general purpose computing environments, imply well controlled. The experimental demonstrates packages condensed into small space, may independent (e.g., module design mobile devices).
acm.org
computer.org
sci-hub.st 参考文章(19)
Markus Stadler, Jean-Marc Piveteau, Jan Camenisch, Fair blind signatures theory and application of cryptographic techniques. pp. 209- 219 ,(1995) , 10.1007/3-540-49264-X_17
Yair Frankel, A practical protocol for large group oriented networks theory and application of cryptographic techniques. pp. 56- 61 ,(1990) , 10.1007/3-540-46885-4_8
David M. Chess, Steve R. White, Chengi Jimmy Kuo, Coping with computer viruses and related problems Rogue programs: viruses, worms and Trojan horses. pp. 7- 28 ,(1990)
Aho AV, JE Hopcroft, JD Ullman, The Design and Analysis of Computer Algorithms ,(1974)
Dorothy Elizabeth Robling Denning, Cryptography and data security ,(1982)
Rafail Ostrovsky, Moti Yung, How to withstand mobile virus attacks (extended abstract) Proceedings of the tenth annual ACM symposium on Principles of distributed computing - PODC '91. pp. 51- 59 ,(1991) , 10.1145/112600.112605
Markus Jakobsson, Moti Yung, Revokable and versatile electronic money (extended abstract) Proceedings of the 3rd ACM conference on Computer and communications security - CCS '96. pp. 76- 87 ,(1996) , 10.1145/238168.238191
Fred Cohen, Computational aspects of computer viruses Computers & Security. ,vol. 8, pp. 297- 298 ,(1989) , 10.1016/0167-4048(89)90089-8
R. L. Rivest, A. Shamir, L. Adleman, A method for obtaining digital signatures and public-key cryptosystems Communications of the ACM. ,vol. 26, pp. 96- 99 ,(1983) , 10.1145/357980.358017