{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T05:03:37Z","timestamp":1755839017093,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":53,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,8,25]],"date-time":"2020-08-25T00:00:00Z","timestamp":1598313600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Bundesministerium f\u00fcr Bildung und Forschung","award":["16KIS0933K"],"award-info":[{"award-number":["16KIS0933K"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,8,25]]},"DOI":"10.1145\/3407023.3409182","type":"proceedings-article","created":{"date-parts":[[2020,8,25]],"date-time":"2020-08-25T10:24:32Z","timestamp":1598351072000},"page":"1-10","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["AntiPatterns regarding the application of cryptographic primitives by the example of ransomware"],"prefix":"10.1145","author":[{"given":"Michael P.","family":"Heinl","sequence":"first","affiliation":[{"name":"Fraunhofer AISEC"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Alexander","family":"Giehl","sequence":"additional","affiliation":[{"name":"Fraunhofer AISEC"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lukas","family":"Graif","sequence":"additional","affiliation":[{"name":"Technical University of Munich Fraunhofer AISEC"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,8,25]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Adam Caudill. 2017. Breaking the NemucodAES Ransomware. https:\/\/adamcaudill.com\/2017\/07\/12\/breaking-nemucodaes-ransomware\/  Adam Caudill. 2017. Breaking the NemucodAES Ransomware. https:\/\/adamcaudill.com\/2017\/07\/12\/breaking-nemucodaes-ransomware\/"},{"key":"e_1_3_2_1_4_1","unstructured":"Sabrina Berkenkopf. 2016. Manamecrypt - a ransomware that takes a different route. GDATA. https:\/\/www.gdatasoftware.com\/blog\/2016\/04\/28234-manamecrypt-a-ransomware-that-takes-a-different-route  Sabrina Berkenkopf. 2016. Manamecrypt - a ransomware that takes a different route. GDATA. https:\/\/www.gdatasoftware.com\/blog\/2016\/04\/28234-manamecrypt-a-ransomware-that-takes-a-different-route"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-68351-3_8"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-60590-8_12"},{"key":"e_1_3_2_1_7_1","unstructured":"BloodDolly and Lawrence Abrams. 2015. Decryption Guide for TeslaCrypt Encrypted Files. https:\/\/up2sha.re\/file?l=C5ag0MrQNqAb.pdf  BloodDolly and Lawrence Abrams. 2015. Decryption Guide for TeslaCrypt Encrypted Files. https:\/\/up2sha.re\/file?l=C5ag0MrQNqAb.pdf"},{"volume-title":"Ransomware: Unlocking the lucrative business model. PaloAlto Unit 42. https:\/\/www.paloaltonetworks.com\/resources\/research\/ransomware-report","year":"2017","author":"Lee Bryan","key":"e_1_3_2_1_8_1"},{"key":"e_1_3_2_1_9_1","unstructured":"D. Budgen. 2003. Software Design. Pearson\/Addison-Wesley.  D. Budgen. 2003. Software Design. Pearson\/Addison-Wesley."},{"key":"e_1_3_2_1_11_1","unstructured":"Check Point Software Technologies. 2016. Jigsaw Ransomware Decryption. https:\/\/blog.checkpoint.com\/2016\/07\/08\/jigsaw-ransomware-decryption\/  Check Point Software Technologies. 2016. Jigsaw Ransomware Decryption. https:\/\/blog.checkpoint.com\/2016\/07\/08\/jigsaw-ransomware-decryption\/"},{"volume-title":"Salsa20 design. Department of Mathematics, Statistics, and Computer Science","author":"Bernstein Daniel J.","key":"e_1_3_2_1_14_1"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1515\/9783486859164"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516693"},{"key":"e_1_3_2_1_18_1","unstructured":"Fabien Perigaud and Cedric Pernet. 2014. Bitcrypt broken. Airbus CyberSecurity. https:\/\/airbus-cyber-security.com\/bitcrypt-broken\/  Fabien Perigaud and Cedric Pernet. 2014. Bitcrypt broken. Airbus CyberSecurity. https:\/\/airbus-cyber-security.com\/bitcrypt-broken\/"},{"key":"e_1_3_2_1_19_1","unstructured":"Fedor Sinitsyn. 2015. TeslaCrypt 2.0 disguised as CryptoWall. https:\/\/securelist.com\/teslacrypt-2-0-disguised-as-cryptowall\/71371\/  Fedor Sinitsyn. 2015. TeslaCrypt 2.0 disguised as CryptoWall. https:\/\/securelist.com\/teslacrypt-2-0-disguised-as-cryptowall\/71371\/"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1002\/9781118722367"},{"key":"e_1_3_2_1_21_1","unstructured":"International Organization for Standardization. 2010. ISO\/TR 14742:2010 Recommendations on cryptographic algorithms and their use. https:\/\/www.iso.org\/standard\/54951.html  International Organization for Standardization. 2010. ISO\/TR 14742:2010 Recommendations on cryptographic algorithms and their use. https:\/\/www.iso.org\/standard\/54951.html"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSPIS.2018.8642758"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3192975.3192984"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3313991.3314003"},{"key":"e_1_3_2_1_25_1","unstructured":"Karsten Hahn. 2016. The Rise of Low Quality Ransomware. GDATA. https:\/\/www.gdatasoftware.com\/blog\/2016\/09\/29157-the-rise-of-low-quality-ransomware  Karsten Hahn. 2016. The Rise of Low Quality Ransomware. GDATA. https:\/\/www.gdatasoftware.com\/blog\/2016\/09\/29157-the-rise-of-low-quality-ransomware"},{"key":"e_1_3_2_1_26_1","unstructured":"Hasherezade \/ Malwarebytes Labs. 2016. Uncovering the secrets of malvertising. https:\/\/www.virusbulletin.com\/uploads\/pdf\/conference_slides\/2016\/hasherezade-vb-2016-ransomware.pdf  Hasherezade \/ Malwarebytes Labs. 2016. Uncovering the secrets of malvertising. https:\/\/www.virusbulletin.com\/uploads\/pdf\/conference_slides\/2016\/hasherezade-vb-2016-ransomware.pdf"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.18725\/OPARU-12173"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338466.3358917"},{"key":"e_1_3_2_1_30_1","unstructured":"Ben Herzog and Yaniv Balmas. 2016. Great Crypto Failures. https:\/\/www.youtube.com\/watch?v=loy84K3AJ5Q  Ben Herzog and Yaniv Balmas. 2016. Great Crypto Failures. https:\/\/www.youtube.com\/watch?v=loy84K3AJ5Q"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-31912-9_16"},{"key":"e_1_3_2_1_32_1","unstructured":"Josh Reynolds. 2016. CryptXXX Technical Deep Dive. Cisco. https:\/\/blogs.cisco.com\/security\/cryptxxx-technical-deep-dive  Josh Reynolds. 2016. CryptXXX Technical Deep Dive. Cisco. https:\/\/blogs.cisco.com\/security\/cryptxxx-technical-deep-dive"},{"key":"e_1_3_2_1_33_1","unstructured":"Taneli Kaivola Patrik Nis\u00e9n and Antti Nuopponen. 2014. TorrentLocker Unlocked. SANS Digital Forensics Incident Response. https:\/\/digital-forensics.sans.org\/blog\/2014\/09\/09\/torrentlocker-unlocked  Taneli Kaivola Patrik Nis\u00e9n and Antti Nuopponen. 2014. TorrentLocker Unlocked. SANS Digital Forensics Incident Response. https:\/\/digital-forensics.sans.org\/blog\/2014\/09\/09\/torrentlocker-unlocked"},{"issue":"0","key":"e_1_3_2_1_34_1","first-page":"2898","article-title":"PKCS #5","volume":"2","author":"Kaliski B.","year":"2000","journal-title":"Password-Based Cryptography Specification Version"},{"key":"e_1_3_2_1_35_1","unstructured":"Lawrence Abrams. 2016. Decryptor Released for the Nemucod Trojan's .CRYPTED Ransomware. Bleeping Computer. https:\/\/www.bleepingcomputer.com\/news\/security\/decryptor-released-for-the-nemucod-trojans-crypted-ransomware\/  Lawrence Abrams. 2016. Decryptor Released for the Nemucod Trojan's .CRYPTED Ransomware. Bleeping Computer. https:\/\/www.bleepingcomputer.com\/news\/security\/decryptor-released-for-the-nemucod-trojans-crypted-ransomware\/"},{"key":"e_1_3_2_1_36_1","unstructured":"Lawrence Abrams. 2016. TeslaCrypt Decrypted_ Flaw in TeslaCrypt allows Victim's to Recover their Files. Bleeping Computer. https:\/\/www.bleepingcomputer.com\/news\/security\/teslacrypt-decrypted-flaw-in-teslacrypt-allows-victims-to-recover-their-files\/  Lawrence Abrams. 2016. TeslaCrypt Decrypted_ Flaw in TeslaCrypt allows Victim's to Recover their Files. Bleeping Computer. https:\/\/www.bleepingcomputer.com\/news\/security\/teslacrypt-decrypted-flaw-in-teslacrypt-allows-victims-to-recover-their-files\/"},{"key":"e_1_3_2_1_37_1","unstructured":"Lawrence Abrams. 2016. TeslaCrypt shuts down and Releases Master Decryption Key. Bleeping Computer. https:\/\/www.bleepingcomputer.com\/news\/security\/teslacrypt-shuts-down-and-releases-master-decryption-key\/  Lawrence Abrams. 2016. TeslaCrypt shuts down and Releases Master Decryption Key. Bleeping Computer. https:\/\/www.bleepingcomputer.com\/news\/security\/teslacrypt-shuts-down-and-releases-master-decryption-key\/"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2637166.2637237"},{"key":"e_1_3_2_1_39_1","unstructured":"Lucas Apa and Carlos Mario Penagos Hollman. 2013. Compromising Industrial Facilities from 40 Miles Away. https:\/\/media.blackhat.com\/us-13\/US-13-Apa-Compromising-Industrial-Facilities-From-40-Miles-Away-WP.pdf  Lucas Apa and Carlos Mario Penagos Hollman. 2013. Compromising Industrial Facilities from 40 Miles Away. https:\/\/media.blackhat.com\/us-13\/US-13-Apa-Compromising-Industrial-Facilities-From-40-Miles-Away-WP.pdf"},{"key":"e_1_3_2_1_40_1","unstructured":"Malwarebytes Labs. 2016. TeleCrypt - the ransomware abusing Telegram API - defeated! https:\/\/blog.malwarebytes.com\/threat-analysis\/2016\/11\/telecrypt-the-ransomware-abusing-telegram-api-defeated\/  Malwarebytes Labs. 2016. TeleCrypt - the ransomware abusing Telegram API - defeated! https:\/\/blog.malwarebytes.com\/threat-analysis\/2016\/11\/telecrypt-the-ransomware-abusing-telegram-api-defeated\/"},{"key":"e_1_3_2_1_41_1","unstructured":"Marc-Etienne M. L\u00e9veill\u00e9. 2014. TorrentLocker: Ransomware in a country near you. ESET. https:\/\/www.welivesecurity.com\/wp-content\/uploads\/2014\/12\/torrent_locker.pdf  Marc-Etienne M. L\u00e9veill\u00e9. 2014. TorrentLocker: Ransomware in a country near you. ESET. https:\/\/www.welivesecurity.com\/wp-content\/uploads\/2014\/12\/torrent_locker.pdf"},{"key":"e_1_3_2_1_42_1","unstructured":"McAfee. 2016. McAfee Labs Unlocks LeChiffre Ransomware. https:\/\/securingtomorrow.mcafee.com\/mcafee-labs\/mcafee-labs-unlocks-lechiffre-ransomware\/  McAfee. 2016. McAfee Labs Unlocks LeChiffre Ransomware. https:\/\/securingtomorrow.mcafee.com\/mcafee-labs\/mcafee-labs-unlocks-lechiffre-ransomware\/"},{"key":"e_1_3_2_1_43_1","unstructured":"Microsoft. 2016. RNGCryptoServiceProvider-Klasse (System.Security.Cryptography). https:\/\/msdn.microsoft.com\/de-de\/library\/system.security.cryptography.rngcryptoserviceprovider(v=vs.110).aspx  Microsoft. 2016. RNGCryptoServiceProvider-Klasse (System.Security.Cryptography). https:\/\/msdn.microsoft.com\/de-de\/library\/system.security.cryptography.rngcryptoserviceprovider(v=vs.110).aspx"},{"key":"e_1_3_2_1_44_1","unstructured":"Open Web Application Security Project (OWASP). 2017. Cryptographic Storage Cheat Sheet. https:\/\/www.owasp.org\/index.php\/Cryptographic_Storage_Cheat_Sheet#Providing_Cryptographic_Functionality  Open Web Application Security Project (OWASP). 2017. Cryptographic Storage Cheat Sheet. https:\/\/www.owasp.org\/index.php\/Cryptographic_Storage_Cheat_Sheet#Providing_Cryptographic_Functionality"},{"key":"e_1_3_2_1_45_1","unstructured":"Open Web Application Security Project (OWASP). 2020. OWASP Top Ten. https:\/\/owasp.org\/www-project-top-ten\/  Open Web Application Security Project (OWASP). 2020. OWASP Top Ten. https:\/\/owasp.org\/www-project-top-ten\/"},{"key":"e_1_3_2_1_46_1","unstructured":"Openwall. [n.d.]. php_mt_seed - PHP mt_rand() seed cracker. Openwall. http:\/\/www.openwall.com\/php_mt_seed\/  Openwall. [n.d.]. php_mt_seed - PHP mt_rand() seed cracker. Openwall. http:\/\/www.openwall.com\/php_mt_seed\/"},{"key":"e_1_3_2_1_47_1","unstructured":"Oracle. 2014. Class SecureRandom (Java Platform SE 8). https:\/\/docs.oracle.com\/javase\/8\/docs\/api\/java\/security\/SecureRandom.html  Oracle. 2014. Class SecureRandom (Java Platform SE 8). https:\/\/docs.oracle.com\/javase\/8\/docs\/api\/java\/security\/SecureRandom.html"},{"key":"e_1_3_2_1_48_1","unstructured":"DorkaPalotay. 2016. Ransomware Cryptonite. https:\/\/hsbp.org\/tiki-download_wiki_attachment.php?attId=207&download=y  DorkaPalotay. 2016. Ransomware Cryptonite. https:\/\/hsbp.org\/tiki-download_wiki_attachment.php?attId=207&download=y"},{"key":"e_1_3_2_1_49_1","unstructured":"Pascal Gadient. 2017. Security in Android Applications. Master's Thesis. http:\/\/scg.unibe.ch\/archive\/projects\/Gadi17.pdf  Pascal Gadient. 2017. Security in Android Applications. Master's Thesis. http:\/\/scg.unibe.ch\/archive\/projects\/Gadi17.pdf"},{"key":"e_1_3_2_1_50_1","unstructured":"Roland Dela Paz. 2016. Nemucod Adds Ransomware Routine. Fortinet. https:\/\/blog.fortinet.com\/2016\/03\/16\/nemucod-adds-ransomware-routine  Roland Dela Paz. 2016. Nemucod Adds Ransomware Routine. Fortinet. https:\/\/blog.fortinet.com\/2016\/03\/16\/nemucod-adds-ransomware-routine"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"crossref","unstructured":"Proofpoint Staff. 2016. Doh! New \"Bart\" Ransomware from Threat Actors Spreading Dridex and Locky. Proofpoint. https:\/\/www.proofpoint.com\/us\/threat-insight\/post\/New-Bart-Ransomware-from-Threat-Actors-Spreading-Dridex-and-Locky  Proofpoint Staff. 2016. Doh! New \"Bart\" Ransomware from Threat Actors Spreading Dridex and Locky. Proofpoint. https:\/\/www.proofpoint.com\/us\/threat-insight\/post\/New-Bart-Ransomware-from-Threat-Actors-Spreading-Dridex-and-Locky","DOI":"10.1016\/S1353-4858(16)30097-6"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2017.23"},{"key":"e_1_3_2_1_53_1","unstructured":"ReaQta. 2016. Nemucod meets 7-Zip to launch ransomware attacks. https:\/\/reaqta.com\/2016\/04\/nemucod-meets-7zip-to-launch-ransomware\/  ReaQta. 2016. Nemucod meets 7-Zip to launch ransomware attacks. https:\/\/reaqta.com\/2016\/04\/nemucod-meets-7zip-to-launch-ransomware\/"},{"key":"e_1_3_2_1_56_1","unstructured":"Mark H \/ Shearwater. 2014. Cryptodefense infection some lessons learned. https:\/\/isc.sans.edu\/forums\/diary\/Cryptodefense+infection+some+lessons+learned\/18165\/  Mark H \/ Shearwater. 2014. Cryptodefense infection some lessons learned. https:\/\/isc.sans.edu\/forums\/diary\/Cryptodefense+infection+some+lessons+learned\/18165\/"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.2824\/36822"},{"key":"e_1_3_2_1_58_1","unstructured":"Somak Das Vineet Gopal Kevin King and Amruth Venkatraman. 2014. IV = 0 Security Cryptographic Misuse of Libraries. Technical Report. MIT. https:\/\/courses.csail.mit.edu\/6.857\/2014\/files\/18-das-gopal-king-venkatraman-IV-equals-zero-security.pdf  Somak Das Vineet Gopal Kevin King and Amruth Venkatraman. 2014. IV = 0 Security Cryptographic Misuse of Libraries. Technical Report. MIT. https:\/\/courses.csail.mit.edu\/6.857\/2014\/files\/18-das-gopal-king-venkatraman-IV-equals-zero-security.pdf"},{"key":"e_1_3_2_1_59_1","unstructured":"Trend Micro. 2017. Ransomware - Definition. https:\/\/www.trendmicro.com\/vinfo\/us\/securitty\/definition\/ransomware  Trend Micro. 2017. Ransomware - Definition. https:\/\/www.trendmicro.com\/vinfo\/us\/securitty\/definition\/ransomware"},{"key":"e_1_3_2_1_61_1","unstructured":"Utku Sen. 2015. Destroying The Encryption of Hidden Tear Ransomware. https:\/\/utkusen.com\/blog\/destroying-the-encryption-of-hidden-tear-ransomware.html  Utku Sen. 2015. Destroying The Encryption of Hidden Tear Ransomware. https:\/\/utkusen.com\/blog\/destroying-the-encryption-of-hidden-tear-ransomware.html"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.5555\/647087.715705"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1016\/B978-1-85573-259-9.50003-4"}],"event":{"name":"ARES 2020: The 15th International Conference on Availability, Reliability and Security","acronym":"ARES 2020","location":"Virtual Event Ireland"},"container-title":["Proceedings of the 15th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3407023.3409182","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3407023.3409182","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T21:24:42Z","timestamp":1750195482000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3407023.3409182"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,25]]},"references-count":53,"alternative-id":["10.1145\/3407023.3409182","10.1145\/3407023"],"URL":"https:\/\/doi.org\/10.1145\/3407023.3409182","relation":{},"subject":[],"published":{"date-parts":[[2020,8,25]]},"assertion":[{"value":"2020-08-25","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}