Modern ransomware often generate and manage cryptographic keys on the
victim’s machine, giving defenders an opportunity to capture exposed keys and
recover encrypted data without paying the ransom. However, recent work has
raised the possibility of future enclave-enhanced malware that could avoid such
mitigations using emerging support for hardware-enforced secure enclaves in
commodity CPUs. Nonetheless, the practicality of such enclave-enhanced malware
and its potential impact on all phases of the ransomware lifecyle remain
unclear. Given the demonstrated capacity of ransomware authors to innovate in
order to better extort their victims (e.g. through the adoption of untraceable
virtual currencies and anonymity networks), it is important to better
understand the risks involved and identify potential mitigations.

360 Mobile Vision - North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

As a basis for comprehensive security and performance analysis of
enclave-enhanced ransomware, we present RansomClave, a family of ransomware
that securely manage their cryptographic keys using an enclave. We use
RansomClave to explore the implications of enclave-enhanced ransomware for the
key generation, encryption and key release phases of the ransomware lifecycle,
and to identify potential limitations and mitigations.

We propose two plausible victim models and analyse, from an attacker’s
perspective, how RansomClave can protect cryptographic keys from each type of
victim. We find that some existing mitigations are likely to be effective
during the key generation and encryption phases, but that RansomClave enables
new trustless key release schemes that could potentially improve attacker’s
profitability and, by extension, make enclaves an attractive target for future

By admin