View
226
Download
4
Category
Preview:
Citation preview
430
Book reviews
This book is about cryptovirology – the art of
turning the very methods designed to protect data
into a means of subverting it. As the Foreword
states:
The realisation that a key could be placed in avirus so that part of its payload would be toperform a one-way operation on the hostcomputer that could only be undone using theprivate key held by the virus’ author, was thediscovery from which this book sprang.
The aim of the book, therefore, is to capture the
essence of how security can be subverted in what is
clearly a non standard environment in which security
represents the value of an ongoing competition
between the system designer and its attackers. The
authors argue that since security or integrity is
directly measured by the probability the secret key
can be discovered by unauthorized attackers, the
information content of the key must be great enough
that it is computationally infeasible to simply try all
possible values. But this means that it is also
infeasible for a monitor to tell whether the random
values produced were actually randomly chosen as
supposed or not. The dilemma then is that, if the key
is large enough to be secure, it is also large enough to
make it impossible to detect a bias in the selection
process. It, therefore, becomes possible to hide
information in the keys, to communicate other keys
subliminally, or to subvert information integrity
protocols within. The authors of this book explain
these issues and how to fight against them.
Available from: John Wiley & Sons Limited,
Distribution Centre, 1 Oldlands Way, Bognor
Regis, West Sussex, PO22 9SA. Tel: +44 (0) 1243
843291; email: cs-books@Wiley.co.uk : Internet:
www.wileyeurope.com
CRYPTOGRAPHY
Malicious
Cryptography –
Exposing
Cryptovirology
Dr. Adam L. Young and
Dr. Moti Yung, 2004,
soft-cover, Wiley
Publishing Inc., 392 pp.,
£29.99, ISBN 0 7645
4975 8.
Recommended