I start reading this book 2 days ago (135pages read of 412 pages), It is quite interesting, especially the chapter about pseudo-random generator quality and bias, Zero knowledge protocol, polymorphic virus body using relatively small algorithm (TEA)...It also propose some solutions but I did not reach this chapter...

Hackers have uncovered the dark side of cryptography—that device developed to defeat Trojan horses, viruses, password theft, and other cyber-crime. It’s called cryptovirology, the art of turning the very methods designed to protect your data into a means of subverting it.

Malicious Cryptography: Exposing Cryptovirology
Adam Young, Moti Yung
ISBN: 0-7645-4975-8

  • Understand the mechanics of computationally secure information stealing
  • Learn how non-zero sum Game Theory is used to develop survivable malware
  • Discover how hackers use public key cryptography to mount extortion attacks
  • Recognize and combat the danger of kleptographic attacks on smart-card devices
  • Build a strong arsenal against a cryptovirology attack

Preface by security expert Bruce Schneier (Pratical Cryptography a reference)

comments powered by Disqus

You might like also

Researchers Use PlayStation Cluster to Forge Web Skeleton Keys
How to create a rogue CA certificate... We (note Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Weger) have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the …
3830 Days ago
Bluetooth in secure mode vulnerable too
A SECURITY flaw could allow hackers to eavesdrop on cellphone conversations made on Bluetooth-based wireless headsets was revealed in april 2004...But at that time an expensive piece of hardware was needed. Now it is even worse a simple brute force while the device are doing keyring exchange..."Whitehouse showed in 2004 that a hacker could arrive at this link key without knowing the PIN using a piece of equipment called a Bluetooth sniffer. This can record the exchanged messages being used …
5135 Days ago