NoCry: No More Secure Encryption Keys for Cryptographic Ransomware

Interdisciplinary Research Group in Socio-technical Cybersecurity

NoCry: No More Secure Encryption Keys for Cryptographic Ransomware

Ziya Alper Genç, Gabriele Lenzini, Peter Y. A. Ryan
Abstract:
Since the appearance of ransomware in the cyber crime scene, researchers and anti-malware companies have been offering solutions to mitigate the threat. Anti-malware solutions differ on the specific strategy they implement, and all have pros and cons. However, three requirements concern them all: their implementation must be secure, be effective, and be efficient. Recently, Genç et al. proposed to stop a specific class of ransomware, the cryptographically strong one, by blocking unauthorized calls to cryptographically secure pseudo-random number generators, which are required to build strong encryption keys. Here, in adherence to the requirements, we discuss an implementation of that solution that is more secure (with components that are not vulnerable to known attacks), more effective (with less false negatives in the class of ransomware addressed) and more efficient (with minimal false positive rate and negligible overhead) than the original, bringing its security and technological readiness to a higher level.
Authors:
Ziya Alper Genç, Gabriele Lenzini, Peter Y. A. Ryan
Publication date:
Septermber, 2019
Published in:
Lecture Notes in Computer Science
Reference:
Genç Z.A., Lenzini G., Ryan P.Y.A. (2020) NoCry: No More Secure Encryption Keys for Cryptographic Ransomware. In: Saracino A., Mori P. (eds) Emerging Technologies for Authorization and Authentication. ETAA 2019. Lecture Notes in Computer Science, vol 11967. Springer, Cham

Get in touch with us

SnT – Interdisciplinary Centre for Security, Reliability and Trust
29, Avenue J.F Kennedy L-1855 Luxembourg
info-irisc-lab@uni.lu