Deniable password snatching: on the possibility of evasive electronic espionage

Cryptovirology has recently been introduced as a means of mounting active viral attacks using public key cryptography. It has been shown to be a tool for extortion attacks and “electronic warfare”, where attacks are mounted against information resources. The natural question to ask is whether Cryptovirology is also useful in the area of spying via malware. We demonstrate that Cryptovirology does help in “electronic espionage” and allows the spy to conceal his or her identity (as well as past collected information). Specifically, we present an attack that can be mounted by a cryptotrojan that allows the attacker to gather information (passwords) from a system in such a way that the attacker cannot be proven guilty beyond reasonable doubt. That is, even if the attacker is under surveillance on the local machine from when he first attacks the target machine, to when he obtains the passwords, and even if the leaked information is made available to the attacker exclusively, he still cannot be caught. The threat is made possible by the combination of public key cryptography, probabilistic encryption, and the use of public information (I/O or communication) channels which together form a “secure receiver-anonymous channel”. The machine can be standalone or networked. What we learn from the attack is extracted as general tools and basic principles for “espionage attacks”