Member-only story

When Random Is Not Quite Random: Beating Ransomware

Prof Bill Buchanan OBE FRSE
3 min readJan 27, 2025

Isn’t it a nice feeling when the bad guys get it wrong? Well, in a new research paper, the authors have discovered that it is possible to recover ransomware files without the need for the adversary’s private key [here]:

Overall, the Rhysida ransomware uses a fairly standard approach to the encryption of files, and where a random symmetric key (from AES-CTR) is used to encrypt the files. This random key is then encrypted with the adversary's RSA-4096 public key:

Figure [here]

The encrypted symmetric key is then added to the encrypted file, and where they can then discover the key used by decrypting this with their private RSA-4096 key. After the target has paid the ransom, the adversary can then send back the correct AES-CTR key to the target and then use this to recover the files. It would be almost impossible to recover the symmetrical key used, as RSA-4096 and AES-CTR are strong encryption methods.

The core method used by the ransomware is to generate a 32-byte (256-bit) symmetric key…

--

--

Prof Bill Buchanan OBE FRSE
Prof Bill Buchanan OBE FRSE

Written by Prof Bill Buchanan OBE FRSE

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.

Responses (3)