This was an interesting find because it wasn’t too long ago I published a post about Mediggo, a Tool To Detect Weak Or Insecure Cryptosystems Using Generic Cryptanalysis Techniques.

Requirements

Windows Binaries included in this distribution as well as supporting libraries were compiled using gcc, Mingw and Msys.

Linux binaries were compiled using gcc 4.1.2. They were tested from command line in machine with Windows Vista Home Premium (32 bit + SP1) and on Linux Gentoo 2008.0 X86 operating systems.

Compiling

Version 1.02 includes standard configuration scripts for Unix like systems. The old Makefile (Makefile.linux32) is still included; if you use Windows I suggest you use MINGW+MSYS.

You can download CIAT v1.02 here:

ciat-1.02.zip

Or read more here.

This library is open source (LGPL licence) and written in C programming language. Samples and test cases are provided with each techniques:

• the solution is not always given to make people practice
• the solution can always be obtained by contacting the development team

Current Features

• Detection and cryptanalysis of weakly implemented or trapped systems

Future Features

• Automatic detection of statistical biases in cryptographic algorithms.
• Specific cryptanalysis tools.

You can download Mediggo here:

megiddo-0.4.0.tar.gz

Or read more here.

I know this maybe old news for some of you, however, I just got the chance of reading this great article on Security Focus (it’s been 2 weeks since I add it to my Favorites)

This two part article discusses some good points of Cryptology, more precisely in the field of Cryptovirology.

Writing a virus is just like writing any other piece of software, unfortunately. The designer tries to put some cleverness in the application to improve its function (or stealth), its robustness, its replication strategies, or even its payload. However, when an anti-virus analyst gets ahold of such a piece of code, he learns how it works, what it does, and so on. In the end, both the writer and the analyst share the same view of the virus, in what amounts to a Turing machine (we have a state-transition table and a starting state).

You read about the WoW Trojan and the Trojan Writers Coding for Money here at Darknet. This article will give you a clear idea of how things work.

To open your appetite, let me give you a little excerpt from the article:

A basic model seen today

This basic model can be seen according to intended targets:

• The virus writer creates an RSA key:
• The public key appears in the body of the virus.
• The private key is kept by the author.
• The virus spreads and the payload uses the public key. For example, it ciphers the data (hard drives, files, e-mail, whatever) of the targets with the public key.
• The virus writer requires a ransom before sending the private key.

Even if you’re not into Cryptology, I strongly recommended this reading.

Part 1 & Part 2

Source: Security Focus