$30 off During Our Annual Pro Sale. View Details »

Ruby, Ransomware and Cryptosystem

ZYWU
December 03, 2016

Ruby, Ransomware and Cryptosystem

ZYWU

December 03, 2016
Tweet

Other Decks in Research

Transcript

  1. Ruby, Ransomware and Cryptosystem

    View Slide

  2. hello!
    I am 吳宗育
    You can find me at [email protected]
    https://github.com/zongyuwu/RansomRB

    View Slide

  3. About me
    ✘ Software Engineer/Researcher in
    Trend Micro
    ✘ Interested in: Cryptography,
    Malware, Network Security

    View Slide

  4. Agenda
    ✘ What is ransomware?
    ✘ Build our own ransomware using Ruby
    ✘ Discuss how we use cryptosystem

    View Slide

  5. What is Ransomware?

    View Slide

  6. What is Ransomware
    ✘ Ransomware is a kind of malicious software (or virus)
    ✘ Malicious software will
    Show off
    Steal things
    Control things…
    ✘ In addition, Ransomware also..
    Lock the data/system and ask for
    ransom

    View Slide

  7. Ransomware Samples
    Bromium, Understanding Crypto-Ransomware In-Depth Analysis of the Most Popular Malware Families,
    https://www.bromium.com/sites/default/files/bromium-report-ransomware.pdf
    L. Abrams, Jigsaw Ransomware Decrypted: Will delete your files until you pay the Ransom,
    http://www.bleepingcomputer.com/news/security/jigsaw-ransomware-decrypted-will-delete-your-files-until-you-pay-the-
    ransom/

    View Slide

  8. TrendLabs, The Reign of Ransomware,
    http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-the-reign-of-ransomware.pdf

    View Slide

  9. TrendLabs, The Reign of Ransomware,
    http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-the-reign-of-ransomware.pdf

    View Slide

  10. TrendLabs, The Reign of Ransomware,
    http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-the-reign-of-ransomware.pdf

    View Slide

  11. Why is Ransomware so Popular?
    Growth of
    Data
    Crypto
    Currency
    Ransomware

    View Slide

  12. Build Our Own Ransomware
    ✘ Our goal is to discuss how to securely use cryptosystem
    ✘ Cryptosystem is the core of ransomware
     Build our own ransomware to learn how to use cryptosystem

    View Slide

  13. Introduction to
    Cryptosystem

    View Slide

  14. Symmetric Cipher
    ✘ Advantage
    Fast
    ✘ Limitation
    Pre-share the key
    SSL2Buy, Symmetric vs. Asymmetric Encryption – What are differences?
    https://www.ssl2buy.com/wiki/symmetric-vs-asymmetric-encryption-what-are-differences/

    View Slide

  15. Asymmetric Cipher
    ✘ Advantage
    Open encryption
    ✘ Limitation
    Slow
    SSL2Buy, Symmetric vs. Asymmetric Encryption – What are differences?
    https://www.ssl2buy.com/wiki/symmetric-vs-asymmetric-encryption-what-are-differences/

    View Slide

  16. Asyemmtric Ciphers in Ruby
    OpenSSL::PKey::DH
    OpenSSL::PKey::DSA
    OpenSSL::PKey::EC
    OpenSSL::PKey::RSA

    View Slide

  17. When We Visit a Website

    View Slide

  18. Build Our Ransomware?

    View Slide

  19. Functionalities
    ✘ Encrypt the data of victims
    ✘ Decrypt the data after victims pay the ransome

    View Slide

  20. Functionalities 1
    ✘ How to encrypt the data of victims
    Symmetric?
    Advantage: Fast
    Limitation: Pre-share key
    Asymmetric?
    Advatage: Open encryption
    Limitation: Slow

    View Slide

  21. Ciphers in Ruby
    2.3.1 :002 > require 'openssl'
    2.3.1 :003 > puts OpenSSL::Cipher.ciphers
    AES-128-CBC
    AES-128-CBC-HMAC-SHA1
    AES-128-CFB
    ...
    ✘ Provide AES, DES, RC4, RC5, CAMELLIA, BlowFish, …
    Ruby OpenSSL::Cipher, http://ruby-doc.org/stdlib-2.0.0/libdoc/openssl/rdoc/OpenSSL/Cipher.html
    Ruby openssl source code, https://github.com/ruby/openssl/blob/master/lib/openssl/cipher.rb

    View Slide

  22. Which Cipehr Should We Use?
    RC4
    ✘ SSL and WEP early
    version standard
    ✘ Prohibited by IETF,
    Mozilla Firefox
    ✘ Should NOT be used
    DES
    ✘ 1976 FIPS standard
    ✘ Dispute : S-Box
    Backdoor
    ✘ Key length too short
    ✘ Should NOT be used
    AES
    ✘ Current SSL and FIPS
    standard
    A. Popov, Prohibiting RC4 Cipher Suites, https://tools.ietf.org/html/rfc7465
    A. King, Deprecating the RC4 Cipher, https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/
    S. Kumar et al., How to Break DES for BC 8,980, http://www.copacobana.org/paper/copacobana_SHARCS2006.pdf
    Transport Layer Security, https://en.wikipedia.org/wiki/Transport_Layer_Security#Cipher
    E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.3, https://tools.ietf.org/html/draft-ietf-tls-tls13-11

    View Slide

  23. Encrypting Data Using AES

    View Slide

  24. Encrypting Data Using AES

    View Slide

  25. ✘ Encrypt the data of victims
    ✘ Decrypt the data after victims pay the ransome
    Functionalities

    View Slide

  26. Functionalities 2
    Decrypt the data
    Hard Coded
    ✘ Hard coded the key
    ✘ Use the key to decrypt
    ✘ Insecure
    Send key to Server
    ✘ Better
    ✘ Need Network
    Encrypt the key A by
    some other key B?
    ✘ Key(AES) to encrypt
    data
    ✘ Key(PKey) to encrypt
    Key(AES)

    View Slide

  27. Functionalities 2
    Decrypt the data
    ✘ How to encrypt key without pre-share key?
    Symmetric?
    Advantage: Fast
    Limitation: Pre-share key
    Asymmetric?
    Advatage: Open encryption
    Limitation: Slow

    View Slide

  28. Asymmetric Cipher
    ✘ Advantage
    Open encryption
    ✘ Limitation
    Slow
    SSL2Buy, Symmetric vs. Asymmetric Encryption – What are differences?
    https://www.ssl2buy.com/wiki/symmetric-vs-asymmetric-encryption-what-are-differences/

    View Slide

  29. ✘ Hard code PKey in our ransomware
    ✘ Generate AESKey to encrypt data in victim’s host
    ✘ Use PKey to encrypt AESKey
    ✘ Only Private key can decrypt AESKey
    Asymmetric Cipher

    View Slide

  30. ✘ Hard code PKey in our ransomware
    ✘ Generate AESKey to encrypt data in victim’s host
    ✘ Use PKey to encrypt AESKey
    ✘ Only Private key can decrypt AESKey
    Asymmetric Cipher

    View Slide

  31. Asymmetric Cipher
    RSA
    Elliptic
    Curve

    View Slide

  32. Using RSA

    View Slide

  33. N: Modulus
    e: encrypt exponent
    d: decrypt exponent
    p: prime p
    q: prime q
    RSA Parameters
    Public
    Private

    View Slide

  34. ✘ RSA is based on Large integer factorization problem
    ✘ Key length (N length) should >= 2048 (bits)
    ✘ Stop using RSA-512 right now
    ✘ RSA-1024 is vulnerable to super computation resource
    Using RSA Safely
    • Z. Wu et al., A Study on The Misuse of RSA in the Field, 2016
    • L. Valentaet al., Factoring as a Service, in Financial Cryptography and Data Security,Barbados, 2016

    View Slide

  35. Generate RSA

    View Slide

  36. ✘ Using 3 or 65537 (default) for encrypt expoent (e)
    ✘ Generate RSA key only in high entropy enviroment
    Using RSA Safely
    • Z. Wu et al., A Study on The Misuse of RSA in the Field, 2016
    • S. Yileket al., When private keys are public: results from the 2008 DebianOpenSSLvulnerability, in ACM IMC, 2009
    • Debian OpenSSL Predictable PRNG, https://github.com/g0tmi1k/debian-ssh
    • N. Heninger et al., Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices, in USENIX, 2012
    • A. Everspaugh et al., Not-So-Random Numbers in Virtualized Linux and the Whirlwind RNG View Document, IEEE S&P, 2014
    • L. Valentaet al., Factoring as a Service, in Financial Cryptography and Data Security, 2016
    • D. Boneh, Twenty Years of Attacks on the RSA Cryptosystem, Notices of the AMS, 1999

    View Slide

  37. Encrypt AESKey By RSA

    View Slide

  38. ✘ Send AESKey.enc and AESIV.enc to server
    ✘ Server decrypt them and send back to client
    ✘ Use AESKey and AESIV to decrypt data
    Decrypt

    View Slide

  39. thanks!
    Any questions?
    You can find me at
    [email protected]

    View Slide

  40. Reference
    1. Bromium, Understanding Crypto-Ransomware In-Depth Analysis of the Most Popular Malware Families,
    https://www.bromium.com/sites/default/files/bromium-report-ransomware.pdf
    2. L. Abrams, Jigsaw Ransomware Decrypted: Will delete your files until you pay the Ransom,
    http://www.bleepingcomputer.com/news/security/jigsaw-ransomware-decrypted-will-delete-your-files-until-you-
    pay-the-ransom/
    3. TrendLabs, The Reign of Ransomware, http://www.trendmicro.com/cloud-content/us/pdfs/security-
    intelligence/reports/rpt-the-reign-of-ransomware.pdf
    4. SSL2Buy, Symmetric vs. Asymmetric Encryption – What are differences? , https://www.ssl2buy.com/wiki/symmetric-
    vs-asymmetric-encryption-what-are-differences/
    5. Ruby OpenSSL::Cipher, http://ruby-doc.org/stdlib-2.0.0/libdoc/openssl/rdoc/OpenSSL/Cipher.html
    6. Ruby openssl source code, https://github.com/ruby/openssl/blob/master/lib/openssl/cipher.rb
    7. A. Popov, Prohibiting RC4 Cipher Suites, https://tools.ietf.org/html/rfc7465
    8. A. King, Deprecating the RC4 Cipher, https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/
    9. S. Kumar et al., How to Break DES for BC 8,980, http://www.copacobana.org/paper/copacobana_SHARCS2006.pdf
    10. Transport Layer Security, https://en.wikipedia.org/wiki/Transport_Layer_Security#Cipher
    11. E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.3, https://tools.ietf.org/html/draft-ietf-tls-tls13-11
    12. Z. Wu et al., A Study on The Misuse of RSA in the Field

    View Slide

  41. Reference
    13. L. Valentaet al., Factoring as a Service, in Financial Cryptography and Data Security,Barbados, 2016
    14. S. Yileket al., When private keys are public: results from the 2008 DebianOpenSSLvulnerability, in ACM IMC, 2009
    15. Debian OpenSSL Predictable PRNG, https://github.com/g0tmi1k/debian-ssh
    16. N. Heninger et al., Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices, in USENIX, 2012
    17. A. Everspaugh et al., Not-So-Random Numbers in Virtualized Linux and the Whirlwind RNG View Document, IEEE S&P,
    2014
    18. L. Valentaet al., Factoring as a Service, in Financial Cryptography and Data Security, 2016
    19. D. Boneh, Twenty Years of Attacks on the RSA Cryptosystem, Notices of the AMS, 1999
    20. Dual EC DRBG 後門事件的歷史發展摘要及雜記, http://ckhung0.blogspot.tw/2014/03/dual-ec-drbg.html
    21. J. B. Bos, Selecting Elliptic Curves for Cryptography: An Efficiency and Security Analysis, Selecting Elliptic Curves for
    Cryptography

    View Slide