0

I'm a newbie in this field so forgive me in advance if this question is stupid in anyway.

Say we have a software that is executing on our system and encrypting files using a secret key that is not known to us. Is it possible to somehow gain access to the keys by say accessing what the CPU is executing or through some other means (this could include anything like using additional hardware to monitor the system, no restrictions there)

Since the files are being encrypted on the system and the key is also present there, technically it should be possible to reach it right? What is stopping us from finding the encryption keys in ransomware through this? And is it possible to decode applications to get the key?

Ayush
  • 3
  • 1
  • 1
    Most ransomware uses asymmetric encryption to encrypt the files on the victim's system. The files are encrypted using a *public* key, and the *private* key is needed to decrypt the files. Capturing the public key as you describe in your question is of no use, because it is only used to encrypt the files - it cannot be used to decrypt the files. The victim gets the private key only when they pay the ransom. – mti2935 May 27 '21 at 20:20

1 Answers1

5

You don't say that you're dealing with malware, but I will assume you are.

If the application is doing encryption, then of course it has the key. The fundamental approaches are to either analyze the application binary on disk, or to let it run and analyze the running binary. But be aware that malware authors do not want their applications to be reverse-engineered, and they make that very difficult to do; so you are venturing into the field of "malware reverse engineering" which apparently has a median salary of $125,000 USD, which tells you a bit about how specialized the skillset is.

So when you reverse engineer the malware you may find for example that they use binary obfuscation techniques to make the binary very difficult to understand, for example to figure out what is code and what is data (ie the key you're looking for). Another technique in this direction is whitebox crypto which aims to, for example take a traditional AES implementation and key, and combine them into a custom algorithm, so there actually is no key, just some very complicated code. You may also find that your malware sample is designed to detect when it is being monitored display completely different behaviour when it is being monitored (let's call this the Volkswagen maneuver).

Finally, as @mti2935 points out,with some early ransomware it was actually possible to reverse all this and extract the encryption / decryption key from the malware sample. Then the malware people got wise and started using asymetric crypto where you need the public key to encrypt and the private key to decrypt. The public key would be embedded in the malware, and the private key would be kept on the command&control server (c&c). Therefore the malware contains what it needs to encrypt, but not matter how hard you look, the keys to decrypt are not in there.

To be even more clever, when the malware starts up, it can contact the c&c to get a unique public key so that they can demand separate payment for each instance of the malware because they are all using different keys.

In summary: Not easily. Good luck. If this you are asking about ransomware, sounds like you need to hire a malware specialty firm.

Mike Ounsworth
  • 57,707
  • 21
  • 150
  • 207
  • 2
    Nice answer, as usual,+1. But, thinking more about this, most asymmetric encryption algorithms actually use hybrid encryption at their core. Instead of encrypting the entire file with the public key, a random symmetric key is generated, the file is encrypted using the symmetric key, then the symmetric key is encrypted with the public key (see https://crypto.stackexchange.com/questions/31234/why-is-hybrid-encryption-more-effective-than-other-encryption-scheme). If that's the case, the symmetric key is actually in memory on the victim's system for a short duration. – mti2935 May 27 '21 at 21:03
  • If you can get a memory dump while the encryption is in process, there are tools to help search the dump for encryption key patterns. There is a reasonable chance of grabbing it. – user10216038 May 27 '21 at 22:38
  • 3
    Good point. I wonder. AES keys are cheap. `random_bytes(32)` done. RSA encryption is not super cheap, but cheaker than RSA keygens. If I were writing malware, I would create a fresh AES key for each file or small group of files so that if you "catch me in the act", you would only get a small number of files back. – Mike Ounsworth May 27 '21 at 22:55
  • Thank you very much for all your insights everyone, really cleared up things for me. – Ayush May 28 '21 at 06:59