NoCry: No More Secure Encryption Keys for Cryptographic Ransomware

Genç, Ziya Alper; Lenzini, Gabriele; Ryan, Peter

doi:10.1007/978-3-030-39749-4_5

Reference : NoCry: No More Secure Encryption Keys for Cryptographic Ransomware


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/40578

Title :	NoCry: No More Secure Encryption Keys for Cryptographic Ransomware
Language :	English
Author, co-author :	Genç, Ziya Alper [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Lenzini, Gabriele [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Ryan, Peter [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Publication date :	2019
Main document title :	Proceedings of the Second International Workshop on Emerging Technologies for Authorization and Authentication
Publisher :	Springer
Pages :	69-85
Peer reviewed :	Yes
On invitation :	No
Audience :	International
ISBN :	978-3-030-39748-7
City :	Cham
Country :	Switzerland
Event name :	Second International Workshop on Emerging Technologies for Authorization and Authentication (ETAA 2019)
Event date :	27 September 2019
Event organizer :	University of Luxembourg
Event place (city) :	Luxembourg City
Event country :	Luxembourg
Keywords :	[en] Ransomware ; Malware ; Cryptovirus ; CSPRNG
Abstract :	[en] Since the appearance of ransomware in the cyber crime scene, researchers and anti-malware companies have been offering solutions to mitigate the threat. Anti-malware solutions differ on the specific strategy they implement, and all have pros and cons. However, three requirements concern them all: their implementation must be secure, be effective, and be efficient. Recently, Genç et al. proposed to stop a specific class of ransomware, the cryptographically strong one, by blocking unauthorized calls to cryptographically secure pseudo-random number generators, which are required to build strong encryption keys. Here, in adherence to the requirements, we discuss an implementation of that solution that is more secure (with components that are not vulnerable to known attacks), more effective (with less false negatives in the class of ransomware addressed) and more efficient (with minimal false positive rate and negligible overhead) than the original, bringing its security and technological readiness to a higher level.
Research centres :	Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)
Funders :	Fonds National de la Recherche - FnR
Target :	Researchers ; Professionals ; Students ; General public ; Others
Permalink :	http://hdl.handle.net/10993/40578
DOI :	10.1007/978-3-030-39749-4_5
Other URL :	https://link.springer.com/chapter/10.1007/978-3-030-39749-4_5
FnR project :	FnR ; FNR13234766 > Gabriele Lenzini > NoCry PoC > No More Cryptographic Ransomware, Proof of Concept > 01/11/2018 > 31/10/2020 > 2018

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Open access	etaa2019GLR.pdf		Publisher postprint	390.5 kB	View/Open

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices