Text

Malicious cryptography: exposing cryptovirology

---

Contents

1. Through Hacker’s Eyes
2. Cryptovirology
3. Tools for Security and Insecurity
3.1 Sources of Entropy
3.2 Entropy Extraction via Hashing
3.3 Unbiasing a Biased Coin
3.4 Combining Weak Sources of Entropy
3.5 Pseudorandom Number Generators
3.6 Uniform Sampling
3.7 Random Permutation Generation
3.8 Sound Approach to Random Number Generation and Use
3.9 RNGs Are the Beating Heart of System Security
3.10 Cryptovirology Benefits from General Advances
3.11 Anonymizing Program Propagation

4. The Two Faces of Anonymity
4.1 Anonymity in a Digital Age
4.2 Deniable Password Snatching

5. Cryptocounters
5.1 Overview of Cryptocounters
5.2 Implementing Cryptocounters
5.3 Other Approaches to Cryptocounters

6. Computationally Secure Information Stealing
6.1 Using Viruses to Steal Information
6.2 Private Information Retrieval
6.3 A Variant of the Phi-Hiding Scheme
6.4 Tagged Private Information Retrieval
6.5 Secure Information Stealing Malware
6.6 Deniable Password Snatching Based on Phi-Hiding
6.7 Malware Loaders
6.8 Cryptographic Computing

7 Non-Zero Sum Games and Survivable Malware
7.1 Survivable Malware
7.2 Elements of Game Theory
7.3 Attacking a Brokerage Firm
7.4 Other Two-Player Game Attacks
7.5 Future Possibilities

8 Coping with Malicious Software
8.1 Undecidability of Virus Detection
8.2 Virus Identification and Obfuscation
8.3 Heuristic Virus Detection
8.4 Change Detection

9 The Nature of Trojan Horses
9.1 Text Editor Trojan Horse
9.2 Salami Slicing Attacks
9.3 Thompson’s Password Snatcher
9.4 The Subtle Nature of Trojan Horses

10 Subliminal Channels
10.1 Brief History of Subliminal Channels
10.2 The Difference Between a Subliminal and a Covert Channel
10.3 The Prisoner’s Problem of Gustavus Simmons
10.4 Subliminal Channels New and Old
10.5 The Impact of Subliminal Channels on Key Escrow

11 Setup Attack on Factoring Based Key Generation
11.1 Honest Composite Key Generation
11.2 Weak Backdoor Attacks on Composite Key Generation
11.3 Probabilistic Bias Removal Method
11.4 Secretly Embedded Trapdoors
11.5 Key Generation SETUP Attack
11.6 Security of the SETUP Attack
11.7 Detecting the Attack in Code Reviews
11.8 Countering the SETUP Attack
11.9 Thinking Outside the Box
11.10 The Isaac Newton Institute Lecture

12 Setup Attacks on Discrete-Log Cryptosystems
12.1 The Discrete-Log SETUP Primitive
12.2 Diffie-Hellman SETUP Attack
12.3 Security of the Diffie-Hellman SETUP Attack
12.4 Intuition Behind the Attack
12.5 Kleptogram Attack Methodology
12.6 PKCS SETUP Attacks
12.7 SETUP Attacks on Digital Signature Algorithms
12.8 Rogue Use of DSA for Encryption
12.9 Other Work in Kleptography
12.10 Should You Trust Your Smart Card?

Appendix A: Computer Virus Basics
A.1 Origins of Malicious Software
A.2 Trojans, Viruses, and Worms: What Is the Difference?
A.3 A Simple DOS COM Infector
A.4 Viruses Don’t Have to Gain Control Before the Host

Appendix B: Notation and Other Background Information
B.1 Notation Used Throughout the Book
B.2 Basic Facts from Number Theory and Algorithmics
B.3 Intractability: Malware’s Biggest Ally
B.4 Random Oracles and Functions

Appendix C: Public Key Cryptography in a Nutshell
C.1 Overview of Cryptography
C.2 Discrete-Log Based Cryptosystems

---

Availability

Detail Information

Series Title

--

Call Number

005.82 YOU m

Publisher

Canada : Wiley., 2004

Collation

xxiv, 392 hlm.; ilus.; 25 cm.

Language

English

ISBN/ISSN

764549758

Classification

005.82

Content Type

-

Media Type

-

Carrier Type

-

Edition

--

Subject(s)

Cryptography
Data Encryptions
Computer viruses - protection

Specific Detail Info

--

Statement of Responsibility

Adam Young dan Moti Yung

Other version/related

File Attachment

Comments

---

You must be logged in to post a comment