From the CISR video library (http://www.cisr.us)
Dr. Adam Young, Cigital
Malicious Cryptography - Exposing Cryptovirology
February 27, 2004
Naval Postgraduate School
Cryptography is commonly regarded as an enabling technology. It allows for confidential information transmission over untrusted networks as well as the ability to prove the origin of messages. It is a technology that is critical in an on-line world. However, cryptography is also a very powerful disabling technology. In recent years there has been a significant amount of research into using well-known cryptographic paradigms and tools for the purposes of undermining the security of computer systems once internal access is acquired. This talk will give an overview of a new book that details this dark side of cryptography. The book is entitled "Malicious Cryptography: Exposing Cryptovirology," and is authored by Adam Young and Moti Yung (published by John Wiley & Sons).
Some of the more noteworthy attacks that are described in the book are the following. It is shown how to use public key cryptography to mount reversible denial-of-service attacks. A virus attack is detailed in which the virus asymmetrically encrypts host data (that has not been backed-up). The effects of the attack can only be reversed if the attacker agrees to use his or her own private decryption key. It is shown how to devise a cryptovirus that steals data from a host machine without revealing that which is sought, even if the virus is under constant surveillance. It is shown how to design a password snatching cryptotrojan that makes it virtually impossible to identify the author when the encrypted passwords are retrieved. Furthermore, it is intractable to determine if the cryptotrojan is encrypting anything at all when all even when all of its actions are recorded and analyzed. Finally, cryptotrojans are described that attack industry-standard cryptosystems. By design, these Trojans give the attacker covert access to the private keys of users and are extremely robust against reverse-engineering. When implemented in tamper-resistant devices the theft cannot be detected by anyone save the attacker. The book also covers various countermeasures that can help protect against these attacks.
About Dr. Adam Young
Dr. Adam Young is a Research Scientist at Cigital. He is responsible for researching and developing software and techniques to help support the research goals for Cigital's research contracts. In his first year at Cigital, Adam has served as a primary investigator on a research project for the DoD. Adam Young recently worked for Lockheed Martin Global Telecommunications. Prior to this he was a Member of Technical Staff (MTS) at Lucent Technologies in the Secure Systems Research Division. Before joining Lucent he worked as a cryptography consultant for CertoCo (a spin-off of Banker's Trust).
Dr. Young holds a BS in Electrical Engineering from Yale University, an MS in Computer Science from Columbia University, and a PhD in Computer Science from Columbia University that was awarded with Distinction. He gives invited talks regularly and will be giving an upcoming talk at the Palo Alto Research Center (PARC) on his forthcoming book [[i]]. He will also be giving an invited talk at the Sixth International Joint Meeting of the AMS and the Sociedad Matematica Mexicana (SMM), Special Session on Coding Theory and Cryptography, in Houston. The session is being held by Neal Koblitz. Dr. Young has also given invited talks at NYU, Bell Labs, and Sandia National Labs. He has taught computer science courses at Columbia University and is a member of the International Association for Cryptologic Research (IACR). He has published numerous papers on cryptography, computer security, and algorithmic number theory and his next paper will be presented in the Cryptographer's Track of the RSA Conference, 2004 [[ii]].
[[i]] Adam Young, Moti Yung, "Malicious Cryptography: Exposing Cryptovirology," John Wiley & Sons, ISBN: 0-7645-4975-8, Feb. 2004.
[[ii]] Adam Young, Moti Yung, "A Key Recovery System as Secure as Factoring," CT-RSA Conference, 2004.