| |
| |
Foreword | |
| |
| |
Acknowledgments | |
| |
| |
Introduction | |
| |
| |
| |
Through Hacker's Eyes | |
| |
| |
| |
Cryptovirology | |
| |
| |
| |
Tools for Security and Insecurity | |
| |
| |
| |
Sources of Entropy | |
| |
| |
| |
Entropy Extraction via Hashing | |
| |
| |
| |
Unbiasing a Biased Coin | |
| |
| |
| |
Von Neumann's Coin Flipping Algorithm | |
| |
| |
| |
Iterating Neumann's Algorithm | |
| |
| |
| |
Heuristic Bias Matching | |
| |
| |
| |
Combining Weak Sources of Entropy | |
| |
| |
| |
Pseudorandom Number Generators | |
| |
| |
| |
Heuristic Pseudorandom Number Generation | |
| |
| |
| |
PRNGs Based on Reduction Arguments | |
| |
| |
| |
Uniform Sampling | |
| |
| |
| |
Random Permutation Generation | |
| |
| |
| |
Shuffling Cards by Repeated Sampling | |
| |
| |
| |
Shuffling Cards Using Trotter-Johnson | |
| |
| |
| |
Sound Approach to Random Number Generation and Use | |
| |
| |
| |
RNGs Are the Beating Heart of System Security | |
| |
| |
| |
Cryptovirology Benefits from General Advances | |
| |
| |
| |
Strong Crypto Yields Strong Cryptovi ruses | |
| |
| |
| |
Mix Networks and Cryptovirus Extortion | |
| |
| |
| |
Anonymizing Program Propagation | |
| |
| |
| |
The Two Faces of Anonymity | |
| |
| |
| |
Anonymity in a Digital Age | |
| |
| |
| |
From Free Elections to the Unabomber | |
| |
| |
| |
Electronic Money and Anonymous Payments | |
| |
| |
| |
Anonymous Assassination Lotteries | |
| |
| |
| |
Kidnapping and Perfect Crimes | |
| |
| |
| |
Conducting Criminal Operations with Mixes | |
| |
| |
| |
Deniable Password Snatching | |
| |
| |
| |
Password Snatching and Security by Obscurity | |
| |
| |
| |
Solving the Problem Using Cryptovirology | |
| |
| |
| |
Zero-Knowledge Proofs to the Rescue | |
| |
| |
| |
Improving the Attack Using ElGamal | |
| |
| |
| |
Cryptocounters | |
| |
| |
| |
Overview of Cryptocounters | |
| |
| |
| |
Implementing Cryptocounters | |
| |
| |
| |
A Simple Counter Based on ElGamal | |
| |
| |
| |
Drawback to the ElGamal Solution | |
| |
| |
| |
Cryptocounter Based on Squaring | |
| |
| |
| |
The Paillier Encryption Algorithm | |
| |
| |
| |
A Simple Counter Based on Paillier | |
| |
| |
| |
Other Approaches to Cryptocounters | |
| |
| |
| |
Computationally Secure Information Stealing | |
| |
| |
| |
Using Viruses to Steal Information | |
| |
| |
| |
Private Information Retrieval | |
| |
| |
| |
PIR Based on the Phi-Hiding Problem | |
| |
| |
| |
Security of the Phi-Hiding PIR | |
| |
| |
| |
Application of the Phi-Hiding Technique | |
| |
| |
| |
A Variant of the Phi-Hiding Scheme | |
| |
| |
| |
Tagged Private Information Retrieval | |
| |
| |
| |
Secure Information Stealing Malware | |
| |
| |
| |
Deniable Password Snatching Based on Phi-Hiding | |
| |
| |
| |
Improved Password-Snatching Algorithm | |
| |
| |
| |
Questionable Encryptions | |
| |
| |
| |
Deniable Encryptions | |
| |
| |
| |
Malware Loaders | |
| |
| |
| |
Cryptographic Computing | |
| |
| |
| |
Non-Zero Sum Games and Survivable Malware | |
| |
| |
| |
Survivable Malware | |
| |
| |
| |
Elements of Game Theory | |
| |
| |
| |
Attacking a Brokerage Firm | |
| |
| |
| |
Assumptions for the Attack | |
| |
| |
| |
The Distributed Cryptoviral Attack | |
| |
| |
| |
Security of the Attack | |
| |
| |
| |
Utility of the Attack | |
| |
| |
| |
Other Two-Player Game Attacks | |
| |
| |
| |
Key Search via Facehuggers | |
| |
| |
| |
Catalyzing Conflict Among Hosts | |
| |
| |
| |
Future Possibilities | |
| |
| |
| |
Coping with Malicious Software | |
| |
| |
| |
Undecidability of Virus Detection | |
| |
| |
| |
Virus Identification and Obfuscation | |
| |
| |
| |
Virus String Matching | |
| |
| |
| |
Polymorphic Viruses | |
| |
| |
| |
Heuristic Virus Detection | |
| |
| |
| |
Detecting Code Abnormalities | |
| |
| |
| |
Detecting Abnormal Program Behavior | |
| |
| |
| |
Detecting Cryptographic Code | |
| |
| |
| |
Change Detection | |
| |
| |
| |
Integrity Self-Checks | |
| |
| |
| |
Program Inoculation | |
| |
| |
| |
Kernel Based Signature Verification | |
| |
| |
| |
The Nature of Trojan Horses | |
| |
| |
| |
Text Editor Trojan Horse | |
| |
| |
| |
Salami Slicing Attacks | |
| |
| |
| |
Thompson's Password Snatcher | |
| |
| |
| |
The Subtle Nature of Trojan Horses | |
| |
| |
| |
Bugs May In Fact Be Trojans | |
| |
| |
| |
RNG Biasing Trojan Horse | |
| |
| |
| |
Subliminal Channels | |
| |
| |
| |
Brief History of Subliminal Channels | |
| |
| |
| |
The Difference Between a Subliminal and a Covert | |