Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

AntiPatterns Regarding the Application of Cryptographic Primitives by the Example of Ransomware

 
: Heinl, Michael P.; Giehl, Alexander; Graif, Lukas

:
Postprint urn:nbn:de:0011-n-5970808 (724 KByte PDF)
MD5 Fingerprint: ed1203c1874b333675d13ced1793836d
© ACM This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution.
Erstellt am: 20.10.2020


Volkamer, M. ; Association for Computing Machinery -ACM-:
ARES 2020, 15th International Conference on Availability, Reliability and Security : August 25 - August 28, 2020, All-digital Conference
New York: ACM, 2020
ISBN: 978-1-4503-8833-7
Art. 64, 10 S.
International Conference on Availability, Reliability and Security (ARES) <15, 2020, Online>
International Workshop on Secure Software Engineering (SSE) <6, 2020, Online>
Bundesministerium für Bildung und Forschung BMBF (Deutschland)
Selbstbestimmt und sicher in der digitalen Welt; 16KIS0933K; IUNO InSec
Englisch
Konferenzbeitrag, Elektronische Publikation
Fraunhofer AISEC ()
antipatterns; cryptography; Ransomware

Abstract
Cryptographic primitives are the basic building blocks for many cryptographic schemes and protocols. Implementing them incorrectly can lead to flaws, making a system or a product vulnerable to various attacks. As shown in the present paper, this statement also applies to ransomware. The paper surveys common errors occurring during the implementation of cryptographic primitives. Based on already existing research, it establishes a categorization framework to match selected ransomware samples by their respective vulnerabilities and assign them to the corresponding error categories. Subsequently, AntiPatterns are derived from the extracted error categories. These AntiPatterns are meant to support the field of software development by helping to detect and correct errors early during the implementation phase of cryptography.

: http://publica.fraunhofer.de/dokumente/N-597080.html