Technically speaking, there's no practical benefit to use PQC. So why is it being used?
See full article...
See full article...
Now, even ransomware is using post-quantum cryptography
- Thread starter JournalBot
- Start date
Is it really "marketing" in this case? I mean, they're not actually "selling" anything, they're blackmailing people into giving up money to get their stuff back. I'd just call it.. lying and scaring people.
Upvote
18
(20
/
-2)
Props for good opsec, other ransomware groups have had their lockers neutered by researchers extracting the decryption key. Using standard libraries was also a good choice, too many folks implement their own version of the standard and mess something up and make their implementation weak, much better to use thoroughly tested code from experts in the field.
Now about that being ransomware deploying scum bags....
Now about that being ransomware deploying scum bags....
Upvote
26
(26
/
0)
I guess it depends of the definition of Marketing you choose. If you drop the "consumer" word, it is a strategy aiming at understanding the needs and influence a [victim's] decision.
I believe the term "marketing" was used to emphasize a dismissive tone here. Call it meta-deception
Upvote
7
(7
/
0)
Has there been any confirmed recoveries of ransomed data encrypted by pre-quantum-resistant means, other than by paying up?
Upvote
-3
(0
/
-3)
Resistance
Wise, Aged Ars Veteran
Upvote
14
(14
/
0)
Resistance
Wise, Aged Ars Veteran
So what you're saying is, criminals have better security than my bank? This would be funny if it weren't so sad.
Upvote
37
(37
/
0)
Upvote
24
(24
/
0)
Right. It's not like it costs anything more than maybe an hour of your time to first set it up.
Have we not figured out zero marginal cost economies yet?
Upvote
8
(8
/
0)
For those curious, the "Kyber" comes from the fact that the NIST family of lattice problems is exposed in the CRYptographic SuiTe for Algebraic LatticeS, or the "CRYSTALS" collection ( https://pq-crystals.org/kyber/ )
So there's the two families within it ..... Kyber for key-encapsulation and Dilithium for signatures.
Because the developers were awesome, in other words.
So there's the two families within it ..... Kyber for key-encapsulation and Dilithium for signatures.
Because the developers were awesome, in other words.
Upvote
12
(12
/
0)
There's a very small fringe benefit to using it, because it prevents a victim who otherwise doesn't pay the ransom from holding on to the data in the hopes they can decrypt it in a decade or two.
In practice, I'm positive this doesn't matter at all.
In practice, I'm positive this doesn't matter at all.
Upvote
3
(3
/
0)
Marketing doesn't require selling anything in the way you're thinking. Marketing is about persuading others to adopt a position or idea. Just because it's become associated with money exchanging hands in the vernacular doesn't change the fundamental definition.
In this case, all that's really going on is that cryptography tooling has changed enough that off-the-shelf libraries now have additional functions for certain algorithms that are presumed safe from quantum systems for data in transit (usually TLS - the "S"ecure in HTTPS). However, AES-128 (and 256) has always been safe from cryptographic aligned quantum systems and that's the primary algorithm used for data at rest (disk encryption). So yes, this is marketing. The malware author(s) are trying to convince others that no one can crack their pseudorandomly generated key because ML-KEM is protecting a key that's already quantum safe to begin with. It's complete BS. Those off-the-shelf capabilities is just giving a malware author, who apparently doesn't really know much about encryption algorithms and implementations, an extra-shiny to play with that doesn't meaningfully change the situation. Makes me wonder if the malware is vibecoded because the logic of the situation suggests a verbal, highly naive specification that an LLM dutifully followed.
The original key is still the only key that matters, because the data itself wasn't re-encrypted with a new key and algorithm.* Also, the only reason AES is "fast" on modern AMD64 and (most) ARM64 CPUs is because those processors have built in instructions that handle the heavy lifting part of encryption and decryption. The newer assymetrical algorithms don't have widespread dedicated hardware acceleration yet.
If you want a good, reasonably accessible longer explanation of why the hubbub over symmetrical (as opposed to Asymmetrical) algorithms is misplaced, look here. I came across that article the other day, and I think it's probably one of the best explanations in layman's terms, why some of the blanket hysteria over cryptographically significant quantum systems needs to be refocused.
*The reason you can change the encryption key on some on-disk encryption systems is because the real key is never changed. Only the (hashed) key that unlocks the actual key will change. From an attacker's point of view, if the original key is weak or they manage to leak the key from RAM after it's decrypted or, heaven forbid, it's stored anywhere else unencrypted then the top level key is irrelevant and the protected data is vulnerable.
Last edited:
Upvote
2
(2
/
0)
A properly implemented BCDR solution with block level backups and a proper retention policy for incremental changes blunts these chucklefucks and is far cheaper than whatever shitcoin they ask for to maybe provide a decryption key. Why their targets are so ill prepared confuses me, other than (from experience) many mid-level IT manager types are really bad at their jobs and don't keep up with the times.
Upvote
5
(5
/
0)
Mandaroty (also, this is a two way street if you get the scammers in custody):
Upvote
1
(1
/
0)