[148213] in cryptography@c2.net mail archive
Re: [Cryptography] Cryptolocker
daemon@ATHENA.MIT.EDU (Max Kington)
Fri Nov 22 09:18:01 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <528ECF23.2090601@kjro.se>
Date: Fri, 22 Nov 2013 11:37:44 +0000
From: Max Kington <mkington@webhanger.com>
To: Kelly John Rose <iam@kjro.se>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============3763784027188509283==
Content-Type: multipart/alternative; boundary=047d7bd758e852ba3b04ebc271a1
--047d7bd758e852ba3b04ebc271a1
Content-Type: text/plain; charset=ISO-8859-1
On 22 Nov 2013 03:31, "Kelly John Rose" <iam@kjro.se> wrote:
>
> On 11/21/2013 10:18 PM, Paul Wouters wrote:
> > On Thu, 21 Nov 2013, Greg Broiles wrote:
> >
> >> According to Steve Gibson at https://www.grc.com/sn/sn-427.txt, when
> >> CryptoLocker contacts the central server(s), the servers generate a
> >> unique (per victim) 2048-bit RSA keypair; the public key is sent from
> >> the server to the infected machine. The infected machine generates
> >> a random 256 bit AES key, which is then encrypted with the public key
> >> and sent to the server, and used locally to encrypt the ransomed
> >> files. The key stored in the infected machine's registry is the public
> >> half of the RSA key.
> >
> > I'm confused.
> >
> > If the files are encrypted with a symmetric key, that key should still
> > be on the server and can be used to decrypt everything? It would make
> > more sense to encrypt it using the public key received, so nothing on
> > the infected machine could decrypt the data?
> >
> > Paul
> > _______________________________________________
>
> It makes sense, except for the fact that encrypting files with a RSA
> Public key is far slower than encrypting them with a 256-bit AES key.
And the maximum amount of data is 117 bytes using 2048bit rsa. Just about
nothing encrypts anything other than a symmetric key or other nonce with
rsa alone.
Even if you did it's the private key operations which are an order of
magnitude slower than the public key operations which are slower still than
symmetric key operations.
--047d7bd758e852ba3b04ebc271a1
Content-Type: text/html; charset=ISO-8859-1
<p dir="ltr"><br>
On 22 Nov 2013 03:31, "Kelly John Rose" <<a href="mailto:iam@kjro.se">iam@kjro.se</a>> wrote:<br>
><br>
> On 11/21/2013 10:18 PM, Paul Wouters wrote:<br>
> > On Thu, 21 Nov 2013, Greg Broiles wrote:<br>
> ><br>
> >> According to Steve Gibson at <a href="https://www.grc.com/sn/sn-427.txt">https://www.grc.com/sn/sn-427.txt</a>, when<br>
> >> CryptoLocker contacts the central server(s), the servers generate a<br>
> >> unique (per victim) 2048-bit RSA keypair; the public key is sent from<br>
> >> the server to the infected machine. The infected machine generates<br>
> >> a random 256 bit AES key, which is then encrypted with the public key<br>
> >> and sent to the server, and used locally to encrypt the ransomed<br>
> >> files. The key stored in the infected machine's registry is the public<br>
> >> half of the RSA key.<br>
> ><br>
> > I'm confused.<br>
> ><br>
> > If the files are encrypted with a symmetric key, that key should still<br>
> > be on the server and can be used to decrypt everything? It would make<br>
> > more sense to encrypt it using the public key received, so nothing on<br>
> > the infected machine could decrypt the data?<br>
> ><br>
> > Paul<br>
> > _______________________________________________<br>
><br>
> It makes sense, except for the fact that encrypting files with a RSA<br>
> Public key is far slower than encrypting them with a 256-bit AES key.</p>
<p dir="ltr">And the maximum amount of data is 117 bytes using 2048bit rsa. Just about nothing encrypts anything other than a symmetric key or other nonce with rsa alone. </p>
<p dir="ltr">Even if you did it's the private key operations which are an order of magnitude slower than the public key operations which are slower still than symmetric key operations. <br>
</p>
--047d7bd758e852ba3b04ebc271a1--
--===============3763784027188509283==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============3763784027188509283==--
