Cryptovirology

Cryptovirology refers to the study of cryptography use in malware, such as ransomware and asymmetric backdoors.^{[citation needed]} Traditionally, cryptography and its applications are defensive in nature, and provide privacy, authentication, and security to users. Cryptovirology employs a twist on cryptography, showing that it can also be used offensively. It can be used to mount extortion based attacks that cause loss of access to information, loss of confidentiality, and information leakage, tasks which cryptography typically prevents.^[1]

The field was born with the observation that public-key cryptography can be used to break the symmetry between what an antivirus analyst sees regarding malware and what the attacker sees. The antivirus analyst sees a public key contained in the malware, whereas the attacker sees the public key contained in the malware as well as the corresponding private key (outside the malware) since the attacker created the key pair for the attack. The public key allows the malware to perform trapdoor one-way operations on the victim's computer that only the attacker can undo.

^ Young, A.; Moti Yung (1996). "Cryptovirology: Extortion-based security threats and countermeasures". Proceedings 1996 IEEE Symposium on Security and Privacy. pp. 129–140. doi:10.1109/SECPRI.1996.502676. ISBN 0-8186-7417-2. S2CID 12179472. Archived from the original on 8 October 2022. Retrieved 8 October 2022.

[:1-1] Young, A.; Moti Yung (1996). "Cryptovirology: Extortion-based security threats and countermeasures". Proceedings 1996 IEEE Symposium on Security and Privacy. pp. 129–140. doi:10.1109/SECPRI.1996.502676. ISBN 0-8186-7417-2. S2CID 12179472. Archived from the original on 8 October 2022. Retrieved 8 October 2022.

[1]