Kurzbeschreibung Cryptography is an effective technology for computer security and this is the first book to reveal its dark side, dubbed cryptovirology, which is the use of cryptographic techniques to subvert computer systems. The material describes recent discoveries of how cryptography can be used to launch sophisticated viral payloads and Trojan horse programs specifically tailored for their hosts.
Aus dem Inhalt Foreword.
Acknowledgments.
Introduction.
1 Through Hacker's Eyes.
2 Cryptovirology.
3 Tools for Security and Insecurity.
3.1 Sources of Entropy.
3.2 Entropy Extraction via Hashing.
3.3 Unbiasing a Biased Coin.
3.4 Combining Weak Sources of Entropy.
3.5 Pseudorandom Number Generators.
3.6 Uniform Sampling.
3.7 Random Permutation Generation.
3.8 Sound Approach to Random Number Generation and Use.
3.9 RNGs Are the Beating Heart of System Security.
3.10 Cryptovirology Benefits from General Advances.
3.11 Anonymizing Program Propagation.
4 The Two Faces of Anonymity.
4.1 Anonymity in a Digital Age.
4.2 Deniable Password Snatching.
5 Cryptocounters.
5.1 Overview of Cryptocounters.
5.2 Implementing Cryptocounters.
5.3 Other Approaches to Cryptocounters.
6 Computationally Secure Information Stealing.
6.1 Using Viruses to Steal Information.
6.2 Private Information Retrieval.
6.3 A Variant of the Phi-Hiding Scheme.
6.4 Tagged Private Information Retrieval.
6.5 Secure Information Stealing Malware.
6.6 Deniable Password Snatching Based on Phi-Hiding.
6.7 Malware Loaders.
6.8 Cryptographic Computing.
7 Non-Zero Sum Games and Survivable Malware.
7.1 Survivable Malware.
7.2 Elements of Game Theory.
7.3 Attacking a Brokerage Firm.
7.4 Other Two-Player Game Attacks.
7.5 Future Possibilities.
8 Coping with Malicious Software.
8.1 Undecidability of Virus Detection.
8.2 Virus Identification and Obfuscation.
8.3 Heuristic Virus Detection.
8.4 Change Detection.
9 The Nature of Trojan Horses.
9.1 Text Editor Trojan Horse.
9.2 Salami Slicing Attacks.
9.3 Thompson's Password Snatcher.
9.4 The Subtle Nature of Trojan Horses.
10 Subliminal Channels.
10.1 Brief History of Subliminal Channels.
10.2 The Difference Between a Subliminal and a Covert Channel.
10.3 The Prisoner's Problem of Gustavus Simmons.
10.4 Subliminal Channels New and Old.
10.5 The Impact of Subliminal Channels on Key Escrow.
11 SETUP Attack on Factoring Based Key Generation.
11.1 Honest Composite Key Generation.
11.2 Weak Backdoor Attacks on Composite Key Generation.
11.3 Probabilistic Bias Removal Method.
11.4 Secretly Embedded Trapdoors.
11.5 Key Generation SETUP Attack.
11.6 Security of the SETUP Attack.
11.7 Detecting the Attack in Code Reviews.
11.8 Countering the SETUP Attack.
11.9 Thinking Outside the Box.
11.10 The Isaac Newton Institute Lecture.
12 SETUP Attacks on Discrete-Log Cryptosystems.
12.1 The Discrete-Log SETUP Primitive.
12.2 Diffie-Hellman SETUP Attack.
12.3 Security of the Diffie-Hellman SETUP Attack.
12.4 Intuition Behind the Attack.
12.5 Kleptogram Attack Methodology.
12.6 PKCS SETUP Attacks.
12.7 SETUP Attacks on Digital Signature Algorithms.
12.8 Rogue Use of DSA for Encryption.
12.9 Other Work in Kleptography.
12.10 Should You Trust Your Smart Card?
Appendix A: Computer Virus Basics.
A.1 Origins of Malicious Software.
A.2 Trojans, Viruses, and Worms: What Is the Difference?
A.3 A Simple DOS COM Infector.
A.4 Viruses Don't Have to Gain Control Before the Host.
Appendix B: Notation and Other Background Information.
B.1 Notation Used Throughout the Book.
B.2 Basic Facts from Number Theory and Algorithmics.
B.3 Intractability: Malware's Biggest Ally.
B.4 Random Oracles and Functions.
Appendix C: Public Key Cryptography in a Nutshell.
