Ruby, Ransomware and Cryptosystem 

hello! I am 吳宗育 You can find me at [email protected] https://github.com/zongyuwu/RansomRB 

About me ✘ Software Engineer/Researcher in Trend Micro ✘ Interested in: Cryptography, Malware, Network Security 

Agenda ✘ What is ransomware? ✘ Build our own ransomware using Ruby ✘ Discuss how we use cryptosystem 

What is Ransomware? 

What is Ransomware ✘ Ransomware is a kind of malicious software (or virus) ✘ Malicious software will Show off Steal things Control things… ✘ In addition, Ransomware also.. Lock the data/system and ask for ransom 

Ransomware Samples Bromium, Understanding Crypto-Ransomware In-Depth Analysis of the Most Popular Malware Families, https://www.bromium.com/sites/default/files/bromium-report-ransomware.pdf L. Abrams, Jigsaw Ransomware Decrypted: Will delete your files until you pay the Ransom, http://www.bleepingcomputer.com/news/security/jigsaw-ransomware-decrypted-will-delete-your-files-until-you-pay-the- ransom/ 

TrendLabs, The Reign of Ransomware, http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-the-reign-of-ransomware.pdf 

TrendLabs, The Reign of Ransomware, http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-the-reign-of-ransomware.pdf 

TrendLabs, The Reign of Ransomware, http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-the-reign-of-ransomware.pdf 

Why is Ransomware so Popular? Growth of Data Crypto Currency Ransomware 

Build Our Own Ransomware ✘ Our goal is to discuss how to securely use cryptosystem ✘ Cryptosystem is the core of ransomware  Build our own ransomware to learn how to use cryptosystem 

Introduction to Cryptosystem 

Symmetric Cipher ✘ Advantage Fast ✘ Limitation Pre-share the key SSL2Buy, Symmetric vs. Asymmetric Encryption – What are differences? https://www.ssl2buy.com/wiki/symmetric-vs-asymmetric-encryption-what-are-differences/ 

Asymmetric Cipher ✘ Advantage Open encryption ✘ Limitation Slow SSL2Buy, Symmetric vs. Asymmetric Encryption – What are differences? https://www.ssl2buy.com/wiki/symmetric-vs-asymmetric-encryption-what-are-differences/ 

Asyemmtric Ciphers in Ruby OpenSSL::PKey::DH OpenSSL::PKey::DSA OpenSSL::PKey::EC OpenSSL::PKey::RSA 

When We Visit a Website 

Build Our Ransomware? 

Functionalities ✘ Encrypt the data of victims ✘ Decrypt the data after victims pay the ransome 

Functionalities 1 ✘ How to encrypt the data of victims Symmetric? Advantage: Fast Limitation: Pre-share key Asymmetric? Advatage: Open encryption Limitation: Slow 

Ciphers in Ruby 2.3.1 :002 > require 'openssl' 2.3.1 :003 > puts OpenSSL::Cipher.ciphers AES-128-CBC AES-128-CBC-HMAC-SHA1 AES-128-CFB ... ✘ Provide AES, DES, RC4, RC5, CAMELLIA, BlowFish, … Ruby OpenSSL::Cipher, http://ruby-doc.org/stdlib-2.0.0/libdoc/openssl/rdoc/OpenSSL/Cipher.html Ruby openssl source code, https://github.com/ruby/openssl/blob/master/lib/openssl/cipher.rb 

Which Cipehr Should We Use? RC4 ✘ SSL and WEP early version standard ✘ Prohibited by IETF, Mozilla Firefox ✘ Should NOT be used DES ✘ 1976 FIPS standard ✘ Dispute : S-Box Backdoor ✘ Key length too short ✘ Should NOT be used AES ✘ Current SSL and FIPS standard A. Popov, Prohibiting RC4 Cipher Suites, https://tools.ietf.org/html/rfc7465 A. King, Deprecating the RC4 Cipher, https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/ S. Kumar et al., How to Break DES for BC 8,980, http://www.copacobana.org/paper/copacobana_SHARCS2006.pdf Transport Layer Security, https://en.wikipedia.org/wiki/Transport_Layer_Security#Cipher E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.3, https://tools.ietf.org/html/draft-ietf-tls-tls13-11 

Encrypting Data Using AES 

Encrypting Data Using AES 

✘ Encrypt the data of victims ✘ Decrypt the data after victims pay the ransome Functionalities 

Functionalities 2 Decrypt the data Hard Coded ✘ Hard coded the key ✘ Use the key to decrypt ✘ Insecure Send key to Server ✘ Better ✘ Need Network Encrypt the key A by some other key B? ✘ Key(AES) to encrypt data ✘ Key(PKey) to encrypt Key(AES) 

Functionalities 2 Decrypt the data ✘ How to encrypt key without pre-share key? Symmetric? Advantage: Fast Limitation: Pre-share key Asymmetric? Advatage: Open encryption Limitation: Slow 

Asymmetric Cipher ✘ Advantage Open encryption ✘ Limitation Slow SSL2Buy, Symmetric vs. Asymmetric Encryption – What are differences? https://www.ssl2buy.com/wiki/symmetric-vs-asymmetric-encryption-what-are-differences/ 

✘ Hard code PKey in our ransomware ✘ Generate AESKey to encrypt data in victim’s host ✘ Use PKey to encrypt AESKey ✘ Only Private key can decrypt AESKey Asymmetric Cipher 

✘ Hard code PKey in our ransomware ✘ Generate AESKey to encrypt data in victim’s host ✘ Use PKey to encrypt AESKey ✘ Only Private key can decrypt AESKey Asymmetric Cipher 

Asymmetric Cipher RSA Elliptic Curve 

Using RSA 

N: Modulus e: encrypt exponent d: decrypt exponent p: prime p q: prime q RSA Parameters Public Private 

✘ RSA is based on Large integer factorization problem ✘ Key length (N length) should >= 2048 (bits) ✘ Stop using RSA-512 right now ✘ RSA-1024 is vulnerable to super computation resource Using RSA Safely • Z. Wu et al., A Study on The Misuse of RSA in the Field, 2016 • L. Valentaet al., Factoring as a Service, in Financial Cryptography and Data Security,Barbados, 2016 

Generate RSA 

✘ Using 3 or 65537 (default) for encrypt expoent (e) ✘ Generate RSA key only in high entropy enviroment Using RSA Safely • Z. Wu et al., A Study on The Misuse of RSA in the Field, 2016 • S. Yileket al., When private keys are public: results from the 2008 DebianOpenSSLvulnerability, in ACM IMC, 2009 • Debian OpenSSL Predictable PRNG, https://github.com/g0tmi1k/debian-ssh • N. Heninger et al., Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices, in USENIX, 2012 • A. Everspaugh et al., Not-So-Random Numbers in Virtualized Linux and the Whirlwind RNG View Document, IEEE S&P, 2014 • L. Valentaet al., Factoring as a Service, in Financial Cryptography and Data Security, 2016 • D. Boneh, Twenty Years of Attacks on the RSA Cryptosystem, Notices of the AMS, 1999 

Encrypt AESKey By RSA 

✘ Send AESKey.enc and AESIV.enc to server ✘ Server decrypt them and send back to client ✘ Use AESKey and AESIV to decrypt data Decrypt 

thanks! Any questions? You can find me at [email protected] 

Reference 1. Bromium, Understanding Crypto-Ransomware In-Depth Analysis of the Most Popular Malware Families, https://www.bromium.com/sites/default/files/bromium-report-ransomware.pdf 2. L. Abrams, Jigsaw Ransomware Decrypted: Will delete your files until you pay the Ransom, http://www.bleepingcomputer.com/news/security/jigsaw-ransomware-decrypted-will-delete-your-files-until-you- pay-the-ransom/ 3. TrendLabs, The Reign of Ransomware, http://www.trendmicro.com/cloud-content/us/pdfs/security- intelligence/reports/rpt-the-reign-of-ransomware.pdf 4. SSL2Buy, Symmetric vs. Asymmetric Encryption – What are differences? , https://www.ssl2buy.com/wiki/symmetric- vs-asymmetric-encryption-what-are-differences/ 5. Ruby OpenSSL::Cipher, http://ruby-doc.org/stdlib-2.0.0/libdoc/openssl/rdoc/OpenSSL/Cipher.html 6. Ruby openssl source code, https://github.com/ruby/openssl/blob/master/lib/openssl/cipher.rb 7. A. Popov, Prohibiting RC4 Cipher Suites, https://tools.ietf.org/html/rfc7465 8. A. King, Deprecating the RC4 Cipher, https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/ 9. S. Kumar et al., How to Break DES for BC 8,980, http://www.copacobana.org/paper/copacobana_SHARCS2006.pdf 10. Transport Layer Security, https://en.wikipedia.org/wiki/Transport_Layer_Security#Cipher 11. E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.3, https://tools.ietf.org/html/draft-ietf-tls-tls13-11 12. Z. Wu et al., A Study on The Misuse of RSA in the Field 

Reference 13. L. Valentaet al., Factoring as a Service, in Financial Cryptography and Data Security,Barbados, 2016 14. S. Yileket al., When private keys are public: results from the 2008 DebianOpenSSLvulnerability, in ACM IMC, 2009 15. Debian OpenSSL Predictable PRNG, https://github.com/g0tmi1k/debian-ssh 16. N. Heninger et al., Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices, in USENIX, 2012 17. A. Everspaugh et al., Not-So-Random Numbers in Virtualized Linux and the Whirlwind RNG View Document, IEEE S&P, 2014 18. L. Valentaet al., Factoring as a Service, in Financial Cryptography and Data Security, 2016 19. D. Boneh, Twenty Years of Attacks on the RSA Cryptosystem, Notices of the AMS, 1999 20. Dual EC DRBG 後門事件的歷史發展摘要及雜記, http://ckhung0.blogspot.tw/2014/03/dual-ec-drbg.html 21. J. B. Bos, Selecting Elliptic Curves for Cryptography: An Efficiency and Security Analysis, Selecting Elliptic Curves for Cryptography