REVIEW: "Malicious Cryptography", Adam L. Young/Moti Yung

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Dec 20, 2004.

  1. BKMLCRPT.RVW 20041012

    "Malicious Cryptography", Adam L. Young/Moti Yung, 2004,
    0-7645-4975-8, U$45.00/C$64.99/UK#29.99
    %A Adam L. Young
    %A Moti Yung
    %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
    %D 2004
    %G 0-7645-4975-8
    %I John Wiley & Sons, Inc.
    %O U$45.00/C$64.99/UK#29.99 416-236-4433 fax: 416-236-4448
    %O http://www.amazon.com/exec/obidos/ASIN/0764549758/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/0764549758/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/0764549758/robsladesin03-20
    %P 392 p.
    %T "Malicious Cryptography: Exposing Cryptovirology"

    Both the foreword and the introduction are turgid, and bloated with
    excessive verbiage, while never giving a clear indication of what the
    book is actually about. Does it have to do with viruses at all? Is
    it about the use of cryptography in any kind of criminal or unethical
    endeavour? The initial material does not make this clear.
    Occasionally the text becomes so flowery that sentences have no
    meaning at all.

    The lack of clarity is not assisted by the creation of new and
    idiosyncratic terms, or the use of existing jargon in non-standard
    ways. In chapter one, a fictional and glacially slow trip through the
    mind of a virus writer, we are told that self-checking modules that
    some programs use to detect modification in their own code are
    "beneficial Trojans" or "battleprogs." The term multipartite is
    defined in such a way that merely copying the program into RAM (Random
    Access Memory) qualifies: that would make every virus ever written,
    and every program, for that matter, multipartite. "Kleptogram" is
    used throughout the book, but only defined (and not very clearly) in
    the last chapter. Releasing any virus is seen as having something to
    do with "information warfare," which would agree with many
    sensationalistic journalists who have written on the subject, but
    would probably surprise legitimate experts such as Dorothy Denning.
    "Virology" itself (and the more specialized "cryptovirology") is an
    excellent term for computer virus research--it just isn't used very
    widely. There is a glossary: it defines commonly known terms and does
    not define the specialized jargon that the authors have used.

    The confusion is not limited to terminology. There is no technical
    sense to the statement (on page twenty five) that a certain layer of
    the network stack is "high enough to facilitate rapid software
    development" (compilers don't care where their software ends up) but
    low enough to escape detection (files, processes, and network packets
    are all visible). A disk locking program, as described, would have no
    effect on the operations of a remote access trojan. And, of course,
    our fictional protagonist is constantly creating new versions of the
    mythical "undetectable" virus, without there being any indication of
    how this might be done.

    (The fictional aspects of the book are not limited to chapter one.
    Throughout the work, examples are taken from fiction: it certainly
    feels like more illustrations come from works like "Shockwave Rider"
    and "Alien" than from real life.)

    Chapter two starts to get a bit better. The authors introduce the
    idea of using asymmetric cryptography in order to create a virus (or
    other piece of malware) that, rather than merely destroying data,
    provides for a reversible denial of access to data, and therefore the
    possibility of extortion. The idea is academically interesting, but
    there might be a few practical details to be worked out.

    Chapter three seems to move further into the academic realm, with an
    interesting overview of issues in regard to the generation of random,
    or pseudorandom, numbers. There is also an initial exploration of
    anonymity, with an insufficient description of "mix networks" (onion
    routing being one example). A little more discussion of anonymity
    starts off chapter four, which then moves on to another use of
    asymmetric cryptography in malware: the "deniable" recovery of stolen
    information, via distribution over public channels. Cryptocounters,
    which could be used to store generational or other information about
    the spread of a virus, without such data being accessible to virus
    researchers, are discussed in chapter five. Chapter six looks at
    aspects of searching for, and retrieving, information without
    disclosing the fact that an exploration is occurring. However, much
    of the material appears to be some highly abstract solutions rather
    desperately in search of problems. Varying the extortion scenario,
    chapter seven proposes a viral network that could retaliate for
    disinfection of any node by threatening disclosure of sensitive
    information. While the analysis of the structure of the attack is
    sound, the assumption of payoffs, coercion, and undetectability leave
    something to be desired.

    Chapter eight examines the standard antiviral processes (signature
    scanning, activity monitoring, and change detection) with some
    miscellaneous explorations, although the discussion is prejudiced by
    the assumption that we are dealing with traditional (and no longer
    widely used) file infectors. Trojan horse programs are not terribly
    well defined in chapter nine. (I was amused at the disclaimer given
    when the issue of "salami" scams was raised: I have found reliable
    evidence for only one, extremely minor, instance of the device.)
    Subliminal channels are means of passing information via cryptographic
    keys, but chapter ten is not very clear in regard to their use.
    SETUPs (Secretly Embedded Trapdoor with Universal Protection) are
    discussed in chapter eleven, although the authors appear to admit that
    this is only an academic exercise: there are easier attacks. Another
    form is discussed in chapter twelve.

    Does this book fulfill its function? That rather depends on what the
    intent of the work was, which is far from clear. Was the text
    intended to be a reference for some interesting topics in
    cryptography? The verbiage and lack of structure would be a
    difficulty for those seeking to use it so. Is the publication
    directed at the general public? The audience of those who read number
    theoretical manuscripts for fun might be a bit limited. (I've got to
    say that "Algebraic Aspects of Cryptography" [cf. BKALASCR.RVW] was an
    easier read, and it makes no pretence of being other than an
    scholastic paper.)

    Is the volume supposed to be a serious warning against new forms of
    malware? The inclusion of a great deal of extraneous content and the
    lack of clear explanations or examples of some basic concepts limit
    the value of the work in this regard. In addition, much of the
    material concentrates on building more malign malware, rather than
    dealing with defence against it. (I'm not too worried about vxers
    getting ideas from Young and Yung: implementing crypto properly is a
    painstaking task, and from almost twenty years experience of studying
    blackhat products and authors, I'm fairly sure there'd be lots of bugs
    in what might be released. On the other hand, somebody in a
    government office might be working on Magic Lantern version 3.01 ...)

    For those seriously involved in the study of viruses and malware this
    book has some interesting points that should be examined, but little
    of practical use. For ardent students of cryptography, the work notes
    some interesting areas of work. For those seeking examples of writing
    styles to emulate, please look elsewhere.

    copyright Robert M. Slade, 2004 BKMLCRPT.RVW 20041012

    --
    ======================

    ============= for back issues:
    [Base URL] site http://victoria.tc.ca/techrev/
    or mirror http://sun.soci.niu.edu/~rslade/
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Book reviews: [Base URL]mnbk.htm
    Review mailing list: send mail to
    or
    Rob Slade, doting grandpa of Ryan and Trevor, Dec 20, 2004
    #1
    1. Advertising

  2. Rob Slade, doting grandpa of Ryan and Trevor wrote:

    > BKMLCRPT.RVW 20041012
    >
    > "Malicious Cryptography", Adam L. Young/Moti Yung, 2004,
    > 0-7645-4975-8, U$45.00/C$64.99/UK#29.99
    > %A Adam L. Young
    > %A Moti Yung
    > %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
    > %D 2004
    > %G 0-7645-4975-8
    > %I John Wiley & Sons, Inc.
    > %O U$45.00/C$64.99/UK#29.99 416-236-4433 fax: 416-236-4448
    > %O http://www.amazon.com/exec/obidos/ASIN/0764549758/robsladesinterne
    > http://www.amazon.co.uk/exec/obidos/ASIN/0764549758/robsladesinte-21
    > %O http://www.amazon.ca/exec/obidos/ASIN/0764549758/robsladesin03-20
    > %P 392 p.
    > %T "Malicious Cryptography: Exposing Cryptovirology"
    >
    > Both the foreword and the introduction are turgid, and bloated with
    > excessive verbiage, while never giving a clear indication of what the
    > book is actually about. Does it have to do with viruses at all? Is
    > it about the use of cryptography in any kind of criminal or unethical
    > endeavour? The initial material does not make this clear.
    > Occasionally the text becomes so flowery that sentences have no
    > meaning at all.
    >
    > The lack of clarity is not assisted by the creation of new and
    > idiosyncratic terms, or the use of existing jargon in non-standard
    > ways. In chapter one, a fictional and glacially slow trip through the
    > mind of a virus writer, we are told that self-checking modules that
    > some programs use to detect modification in their own code are
    > "beneficial Trojans" or "battleprogs." The term multipartite is
    > defined in such a way that merely copying the program into RAM (Random
    > Access Memory) qualifies: that would make every virus ever written,
    > and every program, for that matter, multipartite. "Kleptogram" is
    > used throughout the book, but only defined (and not very clearly) in
    > the last chapter. Releasing any virus is seen as having something to
    > do with "information warfare," which would agree with many
    > sensationalistic journalists who have written on the subject, but
    > would probably surprise legitimate experts such as Dorothy Denning.
    > "Virology" itself (and the more specialized "cryptovirology") is an
    > excellent term for computer virus research--it just isn't used very
    > widely. There is a glossary: it defines commonly known terms and does
    > not define the specialized jargon that the authors have used.
    >
    > The confusion is not limited to terminology. There is no technical
    > sense to the statement (on page twenty five) that a certain layer of
    > the network stack is "high enough to facilitate rapid software
    > development" (compilers don't care where their software ends up) but
    > low enough to escape detection (files, processes, and network packets
    > are all visible). A disk locking program, as described, would have no
    > effect on the operations of a remote access trojan. And, of course,
    > our fictional protagonist is constantly creating new versions of the
    > mythical "undetectable" virus, without there being any indication of
    > how this might be done.
    >
    > (The fictional aspects of the book are not limited to chapter one.
    > Throughout the work, examples are taken from fiction: it certainly
    > feels like more illustrations come from works like "Shockwave Rider"
    > and "Alien" than from real life.)
    >
    > Chapter two starts to get a bit better. The authors introduce the
    > idea of using asymmetric cryptography in order to create a virus (or
    > other piece of malware) that, rather than merely destroying data,
    > provides for a reversible denial of access to data, and therefore the
    > possibility of extortion. The idea is academically interesting, but
    > there might be a few practical details to be worked out.
    >
    > Chapter three seems to move further into the academic realm, with an
    > interesting overview of issues in regard to the generation of random,
    > or pseudorandom, numbers. There is also an initial exploration of
    > anonymity, with an insufficient description of "mix networks" (onion
    > routing being one example). A little more discussion of anonymity
    > starts off chapter four, which then moves on to another use of
    > asymmetric cryptography in malware: the "deniable" recovery of stolen
    > information, via distribution over public channels. Cryptocounters,
    > which could be used to store generational or other information about
    > the spread of a virus, without such data being accessible to virus
    > researchers, are discussed in chapter five. Chapter six looks at
    > aspects of searching for, and retrieving, information without
    > disclosing the fact that an exploration is occurring. However, much
    > of the material appears to be some highly abstract solutions rather
    > desperately in search of problems. Varying the extortion scenario,
    > chapter seven proposes a viral network that could retaliate for
    > disinfection of any node by threatening disclosure of sensitive
    > information. While the analysis of the structure of the attack is
    > sound, the assumption of payoffs, coercion, and undetectability leave
    > something to be desired.
    >
    > Chapter eight examines the standard antiviral processes (signature
    > scanning, activity monitoring, and change detection) with some
    > miscellaneous explorations, although the discussion is prejudiced by
    > the assumption that we are dealing with traditional (and no longer
    > widely used) file infectors. Trojan horse programs are not terribly
    > well defined in chapter nine. (I was amused at the disclaimer given
    > when the issue of "salami" scams was raised: I have found reliable
    > evidence for only one, extremely minor, instance of the device.)
    > Subliminal channels are means of passing information via cryptographic
    > keys, but chapter ten is not very clear in regard to their use.
    > SETUPs (Secretly Embedded Trapdoor with Universal Protection) are
    > discussed in chapter eleven, although the authors appear to admit that
    > this is only an academic exercise: there are easier attacks. Another
    > form is discussed in chapter twelve.
    >
    > Does this book fulfill its function? That rather depends on what the
    > intent of the work was, which is far from clear. Was the text
    > intended to be a reference for some interesting topics in
    > cryptography? The verbiage and lack of structure would be a
    > difficulty for those seeking to use it so. Is the publication
    > directed at the general public? The audience of those who read number
    > theoretical manuscripts for fun might be a bit limited. (I've got to
    > say that "Algebraic Aspects of Cryptography" [cf. BKALASCR.RVW] was an
    > easier read, and it makes no pretence of being other than an
    > scholastic paper.)
    >
    > Is the volume supposed to be a serious warning against new forms of
    > malware? The inclusion of a great deal of extraneous content and the
    > lack of clear explanations or examples of some basic concepts limit
    > the value of the work in this regard. In addition, much of the
    > material concentrates on building more malign malware, rather than
    > dealing with defence against it. (I'm not too worried about vxers
    > getting ideas from Young and Yung: implementing crypto properly is a
    > painstaking task, and from almost twenty years experience of studying
    > blackhat products and authors, I'm fairly sure there'd be lots of bugs
    > in what might be released. On the other hand, somebody in a
    > government office might be working on Magic Lantern version 3.01 ...)
    >
    > For those seriously involved in the study of viruses and malware this
    > book has some interesting points that should be examined, but little
    > of practical use. For ardent students of cryptography, the work notes
    > some interesting areas of work. For those seeking examples of writing
    > styles to emulate, please look elsewhere.
    >
    > copyright Robert M. Slade, 2004 BKMLCRPT.RVW 20041012
    >

    SPAMMER! Folks ignore anyone who uses SPAM as there medium....This guy is a
    SPAMMER and his book probably sucks...
    Michael J. Pelletier, Dec 20, 2004
    #2
    1. Advertising

  3. "Michael J. Pelletier" <> wrote in message
    news:I6Jxd.60776$ka2.2466@fed1read04...
    > Rob Slade, doting grandpa of Ryan and Trevor wrote:
    >> %T "Malicious Cryptography: Exposing Cryptovirology"
    >>
    >> Both the foreword and the introduction are turgid, and bloated with
    >> excessive verbiage, while never giving a clear indication of what the
    >> book is actually about.


    > SPAMMER! Folks ignore anyone who uses SPAM as there medium....This guy is
    > a
    > SPAMMER and his book probably sucks...


    Do you have to practice to get that dense or does it just come
    naturally? After Mr. Slade gets done slicing and dicing no one in their
    right mind would buy--hell, they wouldn't bother to pick them up if they
    stumbled on them--either of the books I've seen him review. He clearly is
    not urging anyone to buy this book. He's more verbal than you, but he *said*
    the book sucks. Did all those words with more than one sylable confuse you?

    TM
    Technobarbarian, Dec 21, 2004
    #3
  4. "Michael J. Pelletier" <> wrote:

    } Rob Slade, doting grandpa of Ryan and Trevor wrote:
    }
    } > BKMLCRPT.RVW 20041012
    } >
    } > "Malicious Cryptography", Adam L. Young/Moti Yung, 2004,
    } > 0-7645-4975-8, U$45.00/C$64.99/UK#29.99
    } > %A Adam L. Young


    } SPAMMER! Folks ignore anyone who uses SPAM as there medium....This guy is a
    } SPAMMER and his book probably sucks...

    Your reading skills are as poor as your grasp of netiquette [did you HAVE
    to include the *entire* 140 line review to add this comment]? What makes
    you think it is "his" book? And why do you think a [reasonable, IMO] book
    review is spam?

    /Bernie\

    --
    Bernie Cosell Fantasy Farm Fibers
    Pearisburg, VA
    --> Too many people, too few sheep <--
    Bernie Cosell, Dec 22, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Waterperson77

    Adam West and Richard Simmons

    Waterperson77, Feb 23, 2004, in forum: DVD Video
    Replies:
    14
    Views:
    675
    Mark B.
    Feb 24, 2004
  2. Videos from Hell
    Replies:
    0
    Views:
    417
    Videos from Hell
    Apr 20, 2004
  3. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Fighting Spam for Dummies", John R. Levine/Margaret Levine Young/Ray Everett-Church

    Rob Slade, doting grandpa of Ryan and Trevor, Aug 23, 2004, in forum: Computer Security
    Replies:
    0
    Views:
    449
    Rob Slade, doting grandpa of Ryan and Trevor
    Aug 23, 2004
  4. Terry

    Adam computer

    Terry, Dec 22, 2004, in forum: Computer Information
    Replies:
    0
    Views:
    416
    Terry
    Dec 22, 2004
  5. AD.
    Replies:
    2
    Views:
    350
Loading...

Share This Page