Security Analysis of Key Acquiring Strategies Used by Cryptographic Ransomware

Genç, Ziya Alper; Lenzini, Gabriele; Ryan, Peter

Reference : Security Analysis of Key Acquiring Strategies Used by Cryptographic Ransomware


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/36627

Title :	Security Analysis of Key Acquiring Strategies Used by Cryptographic Ransomware
Language :	English
Author, co-author :	Genç, Ziya Alper [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Lenzini, Gabriele [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Ryan, Peter [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Publication date :	2018
Main document title :	Advances in Cybersecurity 2018
Peer reviewed :	Yes
On invitation :	No
Audience :	International
Event name :	Central European Cybersecurity Conference
Event date :	15–16 November 2018
Keywords :	[en] ransomware ; key acquiring ; security analysis ; malware
Abstract :	[en] To achieve its goals, ransomware needs to employ strong encryption, which in turn requires access to high-grade encryption keys. Over the evolution of ransomware, various techniques have been observed to accomplish the latter. Understanding the advantages and disadvantages of each method is essential to develop robust defense strategies. In this paper we explain the techniques used by ransomware to derive encryption keys and analyze the security of each approach. We argue that recovery of data might be possible if the ransomware cannot access high entropy randomness sources. As an evidence to support our theoretical results, we provide a decryptor program for a previously undefeated ransomware.
Research centres :	Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)
Funders :	Fonds National de la Recherche - FnR
Target :	Researchers ; Professionals ; Students ; General public
Permalink :	http://hdl.handle.net/10993/36627
FnR project :	FnR ; FNR12536861 > Gabriele Lenzini > NoCry > No more Cryptographic Ransomware > 15/05/2018 > 14/09/2018 > 2018

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Open access	glr2018.pdf		Author postprint	494.47 kB	View/Open

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices