Decoding BlackBerry: Encryption limit may hit 256 Bits

NEW DELHI: The government is planning to increase the permitted level of encryption for electronic data from 40 to 256 bits. This will allow decoding of electronic mails sent through BlackBerry. The matter is presently being examined by the National Security Advisor (NSA).

The move comes after Research In Motion (RIM), the makers of BlackBerry, expressed their inability to provide a solution to the government for decoding encrypted data, claiming that it itself couldn’t decode the mails sent through its system. RIM has, however, said that they would come with some solution by the end of this month.

“The government would involve third-party agents to crack the encryption code if RIM does not come out with a solution. It is, however, not possible for any third party to bring down the level of encrypted data at the prescribed level. To avoid technical ambiguity, the government may raise the prescribed limit for data encryption to 256 bits,” an official source said, adding that the matter has been referred to the NSA for its comments.

A mail sent in this regard to communication minister A Raja and telecom secretary Siddharth Behura went unanswered. Country’s security agencies have earlier complained that messages transmitted through BlackBerry devices posed a risk as they couldn’t be traced.

Blackmail ransomware returns with 1024-bit encryption key

Virus analysts at Kaspersky Lab intercepted a new variant of Gpcode, a malicious virus that encrypts important files on an infected desktop and demands payment for a key to recover the data.

The biggest change in this variant of the ransomeware is the use of RSA encryption algorithm with a 1024-bit key, making it impossible to crack without without the author’s key. Here’s the explanation:

We recently started getting reports from infected victims, analysed a sample, and added detection for Gpcode.ak to our antivirus databases yesterday, on June 4th. However, although we detect the virus itself, we can’t currently decrypt files encrypted by Gpcode.ak – the RSA encryption implemented in the malware uses a very strong, 1024 bit key.

The RSA encryption algorithm uses two keys: a public key and a private key. Messages can be encrypted using the public key, but can only be decrypted using the private key. And this is how Gpcode works: it encrypts files on victim machines using the public key which is coded into its body. Once encrypted, files can only be decrypted by someone who has the private key – in this case, the author or the owner of the malicious program.

After Gpcode encrypts files on the victim machine, it adds ._CRYPT to the extension of the encrypted files and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a “decryptor”:

«Your files are encrypted with RSA-1024 algorithm.

To recovery your files you need to buy our decryptor.

To buy decrypting tool contact us at: ********@yahoo.com»

There are three Yahoo e-mail addresses associated with the new version of the ransomware.

Sneaky Blackmailing Virus That Encrypts Data

"Kaspersky Lab found a new variant of Gpcode which encrypts files with various extensions using an RSA encryption algorithm with a 1024-bit key. After Gpcode.ak encrypts files on the victim machine, it changes the extension of these files to ._CRYPT and places a text file named !_READ_ME_!.txt in the same folder. In the text file the criminal tells the victims that the file has been encrypted and offers to sell them a decryptor. Is this a look into the future where the majority of malware will function based on extortion?"