Question

how cryptography is used in malware and other cyber attacks

Answer 1

A cryptographis attack is a method for circumventing the security of a system by finding a weekness in a code,cipher,cryptographic protocol or key management scheme.

this process is also called " cryptanalysis ".

see also category: Computer security exploits

category:malware

This category has sub 6 categories:

1) attack on publlic-key cryptosystem

2)choosen plaintext attacks

3)cryptanalytic software

4)password crecking software

5)ransomewhere

6)side-channel attack

malware encription scheme:-

• In this we present three encryption schemes designed to encrypt and rerandomize malware paylod.the first scheme is a basic proof of concept and the seconf is an extension of the basic scheme capable of encrypting larger payloads.
• the third scheme is the path variant of the first two.we show that it is hard to differential between encypted payload samples by using games.
• as a simplification we donote payload as messageds.encrypted payload as ciphertext,replication of malware as rerandomization of ciphertext and enivironmentaltly derived keys as keys.

--> in each scheme we have an algorithm e encrioting messages.an algoritham D decrypting ciphrtext and an

algoritham R rerandomizing ciphertext.

--> in the path variant of the extended scheme we add a padding functinality to the rerandomize algoritham and rename it to padding algoritham P.

encryption:-

for a message m and jey k the encyption algoritham E(k,m) outputs a ciphertext c.

Decryption:-

for a ciphertext s and a key k the decryption algoritham D(c,k) either outputs a message m or a special symbol indicating decryption failure.

Rerandomization:-

for a ciphertext c,encrypting a message m, the rerandomize algorithm R(c) outputs a ciphertext 0 encypting the same message m.

Crrectness:-

if c was output from E(k,m) then D(k,c) will always output m except with negligible probability.

Key indistinguishability:-

it should be hard to say something about which key a chiphertext has been encypted under.

Insdistingushability:-

it should be hard to decide if two ciphertext,encypted under the same key, decrypts to the same messages or not.