Andy Jeong (EE ’18) and Kevin Sheng (EE ’18)
On Thursday, February 5th, Bloomberg hosted a talk regarding a somewhat obscure topic, cryptovirology, a field of research focused around the application of modern cryptographic paradigms and tools towards the creation of powerful malicious software. The speaker,, Adam Lucas Young, Ph.D, introduced by Christopher Hong (EE ’13) and his coworkers from Bloomberg, touched on a wide variety of topics, from the birth of the field to the new developments being discovered due to the current efforts of many computer scientists.
One of the pioneers of the field, Young coined the term cryptovirology as he worked with his graduate advisor, Moti M. Yung of Columbia University. This research, which had started before the concept of cryptovirology was conceived, captured the interest of Young and Yung at a time when computer viruses were merely a myth. Experienced in electrical engineering and computer science, Young realized that the two fields he studied could merged through hacking. By 1995, he had subconsciously formulated a number of scientific problems that hackers themselves faced when infiltrating computer systems.
He described two attacks in particular—cryptoviral extortion, or ransomware in modern terms, and the Deniable Password Snatching Attack, which prevents network defenders seeking to thwart attacks from incriminating the attacker when the attacks occur.
In the former attack method, a virus, worm or Trojan hybrid encrypts the victim’s files. The victim must then pay the attacker in order to obtain the session key. This session key is encrypted under the malware creator’s public key within the malware.
The latter method is an attack that can be mounted by a cryptotrojan that allows the attacker to garner information from the victim’s system in a way that, even if the attacker is under surveillance on the local machine at the time of attack and when obtaining the information, he cannot be incriminated due to plausible deniability. This algorithm is derived through a combination of public key cryptography, probabilistic encryption, and the use of public information channels, together forming a secure receiver-anonymous channel. This gives the attacker sole authority to decode and control while the victim cannot have access. Young also discussed the use of hybrid encryption, combining symmetric and asymmetric as well as public and private keys, to increase the effectiveness of these attacks.
To read more about his work, visit www.cryptovirology.com.