Malicious Cryptography: Exposing Cryptovirology
暫譯: 惡意密碼學:揭露密碼病毒學

Adam Young, Moti Yung

  • 出版商: Hungry Minds
  • 出版日期: 2004-02-27
  • 售價: $1,760
  • 貴賓價: 9.5$1,672
  • 語言: 英文
  • 頁數: 416
  • 裝訂: Paperback
  • ISBN: 0764549758
  • ISBN-13: 9780764549755
  • 相關分類: 資訊安全
  • 已過版

買這商品的人也買了...

相關主題

商品描述

Hackers have uncovered the dark side of cryptography—that device developed to defeat Trojan horses, viruses, password theft, and other cyber-crime. It’s called cryptovirology, the art of turning the very methods designed to protect your data into a means of subverting it. In this fascinating, disturbing volume, the experts who first identified cryptovirology show you exactly what you’re up against and how to fight back.

They will take you inside the brilliant and devious mind of a hacker—as much an addict as the vacant-eyed denizen of the crackhouse—so you can feel the rush and recognize your opponent’s power. Then, they will arm you for the counterattack.

This book reads like a futuristic fantasy, but be assured, the threat is ominously real. Vigilance is essential, now.

  • Understand the mechanics of computationally secure information stealing
  • Learn how non-zero sum Game Theory is used to develop survivable malware
  • Discover how hackers use public key cryptography to mount extortion attacks
  • Recognize and combat the danger of kleptographic attacks on smart-card devices
  • Build a strong arsenal against a cryptovirology attack

Table of Contents:

Foreword.

Acknowledgments.

Introduction.

1 Through Hacker’s Eyes.

2 Cryptovirology.

3 Tools for Security and Insecurity.

3.1 Sources of Entropy.

3.2 Entropy Extraction via Hashing.

3.3 Unbiasing a Biased Coin.

3.3.1 Von Neumann’s Coin Flipping Algorithm.

3.3.2 Iterating Neumann’s Algorithm.

3.3.3 Heuristic Bias Matching.

3.4 Combining Weak Sources of Entropy.

3.5 Pseudorandom Number Generators.

3.5.1 Heuristic Pseudorandom Number Generation.

3.5.2 PRNGs Based on Reduction Arguments.

3.6 Uniform Sampling.

3.7 Random Permutation Generation.

3.7.1 Shuffling Cards by Repeated Sampling.

3.7.2 Shuffling Cards Using Trotter-Johnson.

3.8 Sound Approach to Random Number Generation and Use.

3.9 RNGs Are the Beating Heart of System Security.

3.10 Cryptovirology Benefits from General Advances.

3.10.1 Strong Crypto Yields Strong Cryptovi ruses.

3.10.2 Mix Networks and Cryptovirus Extortion.

3.11 Anonymizing Program Propagation.

4 The Two Faces of Anonymity.

4.1 Anonymity in a Digital Age.

4.1.1 From Free Elections to the Unabomber.

4.1.2 Electronic Money and Anonymous Payments.

4.1.3 Anonymous Assassination Lotteries.

4.1.4 Kidnapping and Perfect Crimes.

4.1.5 Conducting Criminal Operations with Mixes.

4.2 Deniable Password Snatching.

4.2.1 Password Snatching and Security by Obscurity.

4.2.2 Solving the Problem Using Cryptovirology.

4.2.3 Zero-Knowledge Proofs to the Rescue.

4.2.4 Improving the Attack Using ElGamal.

5 Cryptocounters.

5.1 Overview of Cryptocounters.

5.2 Implementing Cryptocounters.

5.2.1 A Simple Counter Based on ElGamal.

5.2.2 Drawback to the ElGamal Solution.

5.2.3 Cryptocounter Based on Squaring.

5.2.4 The Paillier Encryption Algorithm.

5.2.5 A Simple Counter Based on Paillier.

5.3 Other Approaches to Cryptocounters.

6 Computationally Secure Information Stealing.

6.1 Using Viruses to Steal Information.

6.2 Private Information Retrieval.

6.2.1 PIR Based on the Phi-Hiding Problem.

6.2.2 Security of the Phi-Hiding PIR.

6.2.3 Application of the Phi-Hiding Technique.

6.3 A Variant of the Phi-Hiding Scheme.

6.4 Tagged Private Information Retrieval.

6.5 Secure Information Stealing Malware.

6.6 Deniable Password Snatching Based on Phi-Hiding.

6.6.1 Improved Password-Snatching Algorithm.

6.6.2 Questionable Encryptions.

6.6.3 Deniable Encryptions.

6.7 Malware Loaders.

6.8 Cryptographic Computing.

7 Non-Zero Sum Games and Survivable Malware.

7.1 Survivable Malware.

7.2 Elements of Game Theory.

7.3 Attacking a Brokerage Firm.

7.3.1 Assumptions for the Attack.

7.3.2 The Distributed Cryptoviral Attack.

7.3.3 Security of the Attack.

7.3.4 Utility of the Attack.

7.4 Other Two-Player Game Attacks.

7.4.1 Key Search via Facehuggers.

7.4.2 Catalyzing Conflict Among Hosts.

7.5 Future Possibilities.

8 Coping with Malicious Software.

8.1 Undecidability of Virus Detection.

8.2 Virus Identification and Obfuscation.

8.2.1 Virus String Matching.

8.2.2 Polymorphic Viruses.

8.3 Heuristic Virus Detection.

8.3.1 Detecting Code Abnormalities.

8.3.2 Detecting Abnormal Program Behavior.

8.3.3 Detecting Cryptographic Code.

8.4 Change Detection.

8.4.1 Integrity Self-Checks.

8.4.2 Program Inoculation.

8.4.3 Kernel Based Signature Verification.

9 The Nature of Trojan Horses.

9.1 Text Editor Trojan Horse.

9.2 Salami Slicing Attacks.

9.3 Thompson’s Password Snatcher.

9.4 The Subtle Nature of Trojan Horses.

9.4.1 Bugs May In Fact Be Trojans.

9.4.2 RNG Biasing Trojan Horse.

10 Subliminal Channels.

10.1 Brief History of Subliminal Channels.

10.2 The Difference Between a Subliminal and a Covert Channel.

10.3 The Prisoner’s Problem of Gustavus Simmons.

10.4 Subliminal Channels New and Old.

10.4.1 The Legendre Channel of Gus Simmons.

10.4.2 The Oracle Channel.

10.4.3 Subliminal Card Marking.

10.4.4 The Newton Channel.

10.4.5 Subliminal Channel in Composites.

10.5 The Impact of Subliminal Channels on Key Escrow.

11 SETUP Attack on Factoring Based Key Generation.

11.1 Honest Composite Key Generation.

11.2 Weak Backdoor Attacks on Composite Key Generation.

11.2.1 Using a Fixed Prime.

11.2.2 Using a Pseudorandom Function.

11.2.3 Using a Pseudorandom Generator.

11.3 Probabilistic Bias Removal Method.

11.4 Secretly Embedded Trapdoors.

11.5 Key Generation SETUP Attack.

11.6 Security of the SETUP Attack.

11.6.1 Indistinguishability of Outputs.

11.6.2 Confidentiality of Outputs.

11.7 Detecting the Attack in Code Reviews.

11.8 Countering the SETUP Attack.

11.9 Thinking Outside the Box.

11.10 The Isaac Newton Institute Lecture.

12 SETUP Attacks on Discrete-Log Cryptosystems.

12.1 The Discrete-Log SETUP Primitive.

12.2 Diffie-Hellman SETUP Attack.

12.3 Security of the Diffie-Hellman SETUP Attack.

12.3.1 Indistinguishability of Outputs.

12.3.2 Confidentiality of Outputs.

12.4 Intuition Behind the Attack.

12.5 Kleptogram Attack Methodology.

12.6 PKCS SETUP Attacks.

12.6.1 ElGamal PKCS SETUP Attack.

12.6.2 Cramer-Shoup PKCS SETUP Attack.

12.7 SETUP Attacks on Digital Signature Algorithms.

12.7.1 SETUP in the ElGamal Signature Algorithm.

12.7.2 SETUP in the Pointcheval-Stern Algorithm.

12.7.3 SETUP in DSA.

12.7.4 SETUP in the Schnorr Signature Algorithm.

12.8 Rogue Use of DSA for Encryption.

12.9 Other Work in Kleptography.

12.10 Should You Trust Your Smart Card?

Appendix A: Computer Virus Basics.

A.1 Origins of Malicious Software.

A.2 Trojans, Viruses, and Worms: What Is the Difference?

A.3 A Simple DOS COM Infector.

A.4 Viruses Don’t Have to Gain Control Before the Host.

Appendix B: Notation and Other Background Information.

B.1 Notation Used Throughout the Book.

B.2 Basic Facts from Number Theory and Algorithmics.

B.3 Intractability: Malware’s Biggest Ally.

B.3.1 The Factoring Problem.

B.3.2 The eth Roots Problem.

B.3.3 The Composite Residuosity Problem.

B.3.4 The Decision Composite Residuosity Problem.

B.3.5 The Quadratic Residuosity Problem.

B.3.6 The Phi-Hiding Problem.

B.3.7 The Phi-Sampling Problem.

B.3.8 The Discrete Logarithm Problem.

B.3.9 The Computational Diffie-Hellman Problem.

B.3.10 The Decision Diffie-Hellman Problem.

B.4 Random Oracles and Functions.

Appendix C: Public Key Cryptography in a Nutshell.

C.1 Overview of Cryptography.

C.1.1 Classical Cryptography.

C.1.2 The Diffie-Hellman Key Exchange.

C.1.3 Public Key Cryptography.

C.1.4 Attacks on Cryptosystems.

C.1.5 The Rabin Encryption Algorithm.

C.1.6 The Rabin Signature Algorithm.

C.1.7 The RSA Encryption Algorithm.

C.1.8 The RSA Signature Algorithm.

C.1.9 The Goldwasser-Micali Algorithm.

C.1.10 Public Key Infrastructures.

C.2 Discrete-Log Based Cryptosystems.

C.2.1 The ElGamal Encryption Algorithm.

C.2.2 Security of ElGamal.

C.2.3 The Cramer-Shoup Encryption Algorithm.

C.2.4 The ElGamal Signature Algorithm.

C.2.5 The Pointcheval-Stern Signature Algorithm.

C.2.6 The Schnorr Signature Algorithm.

C.2.7 The Digital Signature Algorithm (DSA).

Glossary.

References.

Index.

商品描述(中文翻譯)

駭客揭露了密碼學的黑暗面——這項技術是為了對抗木馬病毒、病毒、密碼盜竊及其他網路犯罪而開發的。這被稱為密碼病毒學(cryptovirology),它的藝術在於將原本設計用來保護您的數據的方法,轉變為顛覆它的手段。在這本引人入勝且令人不安的書中,最早識別出密碼病毒學的專家將向您展示您所面對的挑戰以及如何反擊。

他們將帶您進入駭客的聰明而狡詐的心智——就像一個對毒品上癮的空洞眼神的居民——讓您感受到那種刺激並認識到對手的力量。然後,他們將為您提供反擊的武器。

這本書讀起來像是一部未來主義的幻想,但請放心,威脅是非常真實的。現在,保持警惕是至關重要的。

- 了解計算上安全的信息竊取機制
- 學習如何利用非零和博弈理論開發可生存的惡意軟體
- 發現駭客如何利用公鑰密碼學發動勒索攻擊
- 認識並對抗對智慧卡設備的盜竊攻擊的危險
- 建立強大的武器庫以對抗密碼病毒學攻擊

**目錄:**

前言

致謝

引言

**1 駭客的視角。**

**2 密碼病毒學。**

**3 安全與不安全的工具。**
3.1 隨機源
3.2 通過哈希提取隨機性
3.3 消除偏見的硬幣
3.3.1 冯·诺依曼的擲幣算法
3.3.2 迭代诺依曼算法
3.3.3 啟發式偏見匹配
3.4 結合弱隨機源
3.5 偽隨機數生成器
3.5.1 啟發式伪隨機數生成
3.5.2 基於簡化論證的PRNG
3.6 均勻抽樣
3.7 隨機排列生成
3.7.1 通過重複抽樣洗牌
3.7.2 使用Trotter-Johnson洗牌
3.8 隨機數生成和使用的正確方法
3.9 RNG是系統安全的核心
3.10 密碼病毒學受益於一般進展
3.10.1 強加密產生強密碼病毒
3.10.2 混合網絡和密碼病毒勒索
3.11 匿名程序傳播

**4 匿名性的兩面。**
4.1 數位時代的匿名性
4.1.1 從自由選舉到無名者
4.1.2 電子貨幣和匿名支付
4.1.3 匿名刺殺彩票
4.1.4 綁架和完美犯罪
4.1.5 使用混合進行犯罪操作
4.2 可否認的密碼竊取
4.2.1 密碼竊取和模糊安全
4.2.2 使用密碼病毒學解決問題
4.2.3 零知識證明的救援
4.2.4 使用ElGamal改進攻擊

**5 密碼計數器。**
5.1 密碼計數器概述
5.2 實現密碼計數器
5.2.1 基於ElGamal的簡單計數器
5.2.2 ElGamal解決方案的缺陷
5.2.3 基於平方的密碼計數器
5.2.4 Paillier加密算法
5.2.5 基於Paillier的簡單計數器
5.3 其他密碼計數器的方法

**6 計算上安全的信息竊取。**
6.1 使用病毒竊取信息
6.2 私人信息檢索
6.2.1 基於Phi隱藏問題的PIR
6.2.2 Phi隱藏PIR的安全性
6.2.3 Phi隱藏技術的應用
6.3 Phi隱藏方案的變體
6.4 標記的私人信息檢索
6.5 安全的信息竊取惡意軟體
6.6 基於Phi隱藏的可否認密碼竊取
6.6.1 改進的密碼竊取算法
6.6.2 可疑的加密
6.6.3 可否認的加密
6.7 惡意軟體加載器
6.8 密碼計算

**7 非零和博弈與可生存的惡意軟體。**
7.1 可生存的惡意軟體
7.2 博弈理論的要素
7.3 攻擊經紀公司
7.3.1 攻擊的假設
7.3.2 分佈式密碼病毒攻擊
7.3.3 攻擊的安全性
7.3.4 攻擊的效用
7.4 其他雙人博弈攻擊
7.4.1 通過面抱器進行密鑰搜索
7.4.2 促進主機之間的衝突
7.5 未來的可能性

**8 應對惡意軟體。**
8.1 病毒檢測的不可決定性
8.2 病毒識別和混淆
8.2.1 病毒字符串匹配
8.2.2 多形態病毒
8.3 啟發式病毒檢測
8.3.1 檢測代碼異常
8.3.2 檢測異常程序行為
8.3.3 檢測密碼學代碼
8.4 變更檢測
8.4.1 完整性自檢
8.4.2 程序接種
8.4.3 基於內核的簽名驗證

**9 木馬的本質。**
9.1 文本編輯器木馬
9.2 香腸切片攻擊
9.3 湯普森的密碼竊取器
9.4 木馬的微妙本質
9.4.1 錯誤實際上可能是木馬
9.4.2 RNG偏見木馬

**10 潛意識通道。**
10.1 潛意識通道的簡史
10.2 潛意識通道與隱蔽通道的區別
10.3 古斯塔夫·西蒙斯的囚徒問題
10.4 新舊潛意識通道
10.4.1 古斯·西蒙斯的勒讓德通道
10.4.2 神諭通道
10.4.3 潛意識卡片標記
10.4.4 牛頓通道
10.4.5 複合體中的潛意識通道
10.5 潛意識通道對密鑰保管的影響

**11 基於因式分解的密鑰生成的SETUP攻擊。**
11.1 誠實的複合密鑰生成
11.2 對複合密鑰生成的弱後門攻擊
11.2.1 使用固定質數
11.2.2 使用伪隨機函數
11.2.3 使用伪隨機生成器
11.3 概率偏見去除方法
11.4 秘密嵌入的陷阱門
11.5 密鑰生成SETUP攻擊
11.6 SETUP攻擊的安全性
11.6.1 輸出的不可區分性
11.6.2 輸出的保密性
11.7 在代碼審查中檢測攻擊
11.8 反制SETUP攻擊
11.9 跳出框架思考
11.10 艾薩克·牛頓研究所講座

**12 對離散對數密碼系統的SETUP攻擊。**
12.1 離散對數SETUP原語
12.2 Diffie-Hellman SETUP攻擊
12.3 Diffie-Hellman SETUP攻擊的安全性
12.3.1 輸出的不可區分性
12.3.2 輸出的保密性
12.4 攻擊背後的直覺
12.5 盜竊圖攻擊方法
12.6 PKCS SETUP攻擊
12.6.1 ElGamal PKCS SETUP攻擊
12.6.2 Cramer-Shoup PKCS SETUP攻擊
12.7 對數位簽名算法的SETUP攻擊
12.7.1 ElGamal簽名算法中的SETUP
12.7.2 Pointcheval-Stern算法中的SETUP
12.7.3 DSA中的SETUP
12.7.4 Schnorr簽名算法中的SETUP
12.8 DSA的惡意使用進行加密
12.9 其他盜竊學的研究
12.10 您應該信任您的智慧卡嗎?

**附錄A:電腦病毒基礎。**
A.1 惡意軟體的起源
A.2 木馬、病毒和蠕蟲:有什麼區別?
A.3 一個簡單的DOS COM感染器
A.4 病毒不必在宿主之前獲得控制權

**附錄B:符號和其他背景信息。**
B.1 本書中使用的符號
B.2 數論和算法的基本事實
B.3 難以處理性:惡意軟體最大的盟友
B.3.1 因式分解問題
B.3.2 eth根問題
B.3.3 複合剩餘性問題
B.3.4 決策複合剩餘性問題
B.3.5 二次剩餘性問題
B.3.6 Phi隱藏問題
B.3.7 Phi抽樣問題
B.3.8 離散對數問題
B.3.9 計算Diffie-Hellman問題
B.3.10 決策Diffie-Hellman問題
B.4 隨機預言機和函數

**附錄C:公鑰密碼學概述。**
C.1 密碼學概述
C.1.1 古典密碼學
C.1.2 Diffie-Hellman密鑰交換
C.1.3 公鑰密碼學
C.1.4 對密碼系統的攻擊
C.1.5 Rabin加密算法
C.1.6 Rabin簽名算法
C.1.7 RSA加密算法
C.1.8 RSA簽名算法
C.1.9 Goldwasser-Micali算法
C.1.10 公鑰基礎設施
C.2 基於離散對數的密碼系統
C.2.1 ElGamal加密算法
C.2.2 ElGamal的安全性
C.2.3 Cramer-Shoup加密算法
C.2.4 ElGamal簽名算法
C.2.5 Pointcheval-Stern簽名算法
C.2.6 Schnorr簽名算法
C.2.7 數位簽名算法(DSA)

詞彙表

參考文獻

索引