Encryption enables ...
 
Notifications
Clear all

Encryption enables ransomware lockdowns

3 Posts
2 Users
0 Likes
256 Views
RolfGutmann
(@rolfgutmann)
Posts: 1185
Noble Member
Topic starter
 

Encryption on mobiles is part of end-to-end communication Snowden initiated. But it enables the risk of ransomware. Same keylengths in encryption based on public-private PKI-RSA will open the attack in the shadow or blindsight of software running encryption. So one can say, mobile encryption enables ransomware - risky but not far from real.

What will be next? Should encryption being forced increasing the problems to law enforce the data if so? Or is two factor authentication enough? How to deal with ransomwared devices to investigate - what about intentionally 'ransomwared' devices by organized crime? Proprietary encryption on mobile devices is looming, not just to use apps downloadable but rooted, moded like Cyanogen? Crime tends more and more to share globally and train each others. So to see 'imported' encryption from another corner of the globe to protect data which is just locally available (crime never will use public cloud)?

Lets think in collaboration about this? Express your mind

 
Posted : 06/02/2016 2:56 am
(@trewmte)
Posts: 1877
Noble Member
 

As a discussion only to develop your original post.

As an argument I don't foresee any major benefit for an attack on smartphones on a one-to-one basis (one attack-one phone). That is in terms of attack time/cost vis-à-vis reward. The attacker requires reward instantly or in the shortest period of time before detection of attacker or release from the mal-threat.

Take a simple case an attacker bricks a smartphone with ransomware? OK, so what, get another phone? An attacker buries a SAT (11.14) attack in a proactive SIM creating DDoS on the smartphone screen. Then get another SIM card?

What are the short term attacker benefits before user is aware something wrong? Financially, the attacker manipulates the mobile station (MS) to send premium rate SMS text messages. Get the operator to set a policy bar premium rate transmissions or use BDN etc.?

Does the phone use, as an example, Google Wallet or NFC payment modules…then don't use payment approaches like these if the user is not able to implement security processes and procedures? Keep your banking system away from your communications system?

Also, threats from/to smartphones needs clearer explanations regarding impact of

1) Smartphone infected and infecting network in relation to -
1.1 BYOD (Bring Your OWN Device)?
1.2 CYOD (Choose Your Own Device)?
1.3 COPE (Corporate Owned Personally Enabled)?
1.4 COBO (Corporate Owned Business Only)?

2) Network infected and infecting devices?

3) Device imaging and storage?

If extorting money is not the mal-threat but information is the goal then are we discussing as a random choice e.g. BB84/BB92 (the Eve, Alice and Bob scenarios) etc?

Or are we discussing Keylength regarding mathematic attacks that take no account of algorithmic attacks, hardware flaws and such like?

You mentioned PKI-DES but not which versions? Here are two useful web-based information sources

https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report/at_download/fullReport

and

http//www.keylength.com/en/

Can you direct us to what you have in mind?

Do you think e.g. DNA Cryptography, Chaotic Cryptography or Dynamic Cryptography could ever be applicable?

 
Posted : 06/02/2016 10:29 am
RolfGutmann
(@rolfgutmann)
Posts: 1185
Noble Member
Topic starter
 

Sorry for not being answering your reply and questions. I guess first we have to clear the mutual strategic view. Smartphones are the new external organ of man. Very private information is on it and mobile payment solutions soon will join. So two things come close 1st personal data of the area of intimacy (user does not want to disclose to the public, high emotional value and tears if lost. Not all data today on users smartphones immediately is replicated in a cloud environment, so can be that data is just on the phone and unique (pictures of events, e.g. wedding).

2nd mobile payment solutions are beside and ready to use but also to misuse. An attacker loading ransomware encryption on a smartphone can press down the timeline e.g. just a few hours to react, no time to go to the police or getting help.

If smartphones encrypt by the settings their content, its no problem for a ransomware to do it in the same way, lets say Bitlocker or Truecrypt in use, the attacker can use the same but exchange the key, so that I mean by 'in the shadow of encryption'. Then the attacker can send home to C&C his key and press ransom.

Am I completely false in my view? Always open to learn, but trying to anticipate crime areas coming because I hate always to hear, that we (law enforcement) are always with delay behind.

May I am wrong in trying to anticipate future crime

 
Posted : 13/02/2016 5:41 pm
Share: