<div dir="ltr">According to Steve Gibson at <a href="https://www.grc.com/sn/sn-427.txt">https://www.grc.com/sn/sn-427.txt</a>, when CryptoLocker contacts the central server(s), the servers generate a unique (per victim) 2048-bit RSA keypair; the public key is sent from the server to the infected machine. The infected machine generates a random 256 bit AES key, which is then encrypted with the public key and sent to the server, and used locally to encrypt the ransomed files. The key stored in the infected machine's registry is the public half of the RSA key. <br>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Nov 21, 2013 at 5:12 PM, Jerry Leichter <span dir="ltr"><<a href="mailto:leichter@lrw.com" target="_blank">leichter@lrw.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">There's some malware making the rounds that applies a technique that's been talked about for years: It (allegedly) generates a public/private key pair, sends the private key off to the mother ship, then starts encrypting all accessible files. When it's done enough, it starts demanding money for the key to decrypt everything. One article about it:<br>
<br>
<a href="http://krebsonsecurity.com/2013/11/cryptolocker-crew-ratchets-up-the-ransom/" target="_blank">http://krebsonsecurity.com/2013/11/cryptolocker-crew-ratchets-up-the-ransom/</a><br>
<br>
Nasty piece of work, apparently - it locates and encrypts accessible network-mounted disks, so it often encrypts people's backups.<br>
<br>
Anyway ... I'll leave the virus analysis and hunting to others. But there's also a crypto question here. Has anyone seen an analysis of what this thing *really* does internally. Obviously, it will *say* it's using all kinds of strong algorithms, but that doesn't mean it actually *is*. (In particular, I'm curious about how they are doing the encryption. Doing bulk encryption in RSA or even using elliptic curves is slow, though it might be fast enough for this purpose. The obvious technique would be to generate a random AES key per file, encrypt *it* with the public key and store that away, then use AES for bulk encryption. But I haven't seen any hints of a store of such keys anywhere; in fact, there are reports that the magic key is stored in one registry entry.<br>
<br>
Anyone following this story from the crypto side?<br>
-- Jerry<br>
<br>
_______________________________________________<br>
The cryptography mailing list<br>
<a href="mailto:cryptography@metzdowd.com">cryptography@metzdowd.com</a><br>
<a href="http://www.metzdowd.com/mailman/listinfo/cryptography" target="_blank">http://www.metzdowd.com/mailman/listinfo/cryptography</a><br>
</blockquote></div><br><br clear="all"><br>-- <br>Greg Broiles, JD, LLM Tax<br><a href="mailto:gbroiles@gmail.com" target="_blank">gbroiles@gmail.com</a> (Lists only. Not for confidential communications.)<br>Legacy Planning Law Group<br>
California Estate Planning Blog: <a href="http://www.estateplanblog.com" target="_blank">http://www.estateplanblog.com</a><br>Certified Specialist- Estate Planning, Trust & Probate Law, California Board of Legal Specialization
</div>