[nl]

> and the botnet uses the domain names of the C&C servers as the encryption keys. ... what? That kind of defeats the entire purpose of encryption when they key is something like that. Besides, what are they using this encryption for. It seems more likely they want a check on the integrity of messages. And even still, a MAC is equally worthless since it's not public/private key.

Maybe it is public/private key, and they use (derive?) the public key from the name of the server?

Either (1) this botnet is really weak or (2) the writers of this article have distorted the truth.

I suspect (2), but I don't think they did it deliberately. I suspect it was an attempt at simplification, but they went too far.

[Xk]

> Maybe it is public/private key, and they use (derive?) the public key from the name of the server?

How would that work though? Maybe I just don't know enough, but I can't think of a way to generate a public key from some known source, and then somehow derive a private key from that source such that no one else can derive that same private key.

I guess you could generate an RSA key pair using the domain name as a seed for your random number generator, but that seems like a terrible idea. As soon as they introduce some real randomness in to it, then you're no longer deriving the key from the domain name.

I also suspect (2), but I wouldn't be surprised if they added some extra distortion to make the article read more like "Look how impressive these guys are! They made their own encryption algorithm!".

[rufibarbatus]

DISCLAIMER: I'm not even a rookie at crypto; I'm just trying to make sense of what I'm reading, like you are.

From [1]:

> The cybercriminals replaced RC4 with their own encryption algorithm using XOR swaps and operations. The domain names to which connections are made and the bsh parameter from the cfg.ini file are used as encryption keys.

A bit later:

> The new protocol encryption algorithm for communications between the botnet control center and infected machines ensures that the botnet will run smoothly, while protecting infected computers from network traffic analysis, and blocking attempts of other cybercriminals to take control of the botnet.

So we have authentication of the C&C through encryption ("block other cybercriminals"), and obfuscation of the payload through encryption ("protect from network traffic analysis"). I suppose the bsh parameter is used for auth, and the domain name just to scramble the payload.

[1] http://www.securelist.com/en/analysis/204792180/TDL4_Top_Bot

[nl]

Maybe the server generates the private key/public key pair, then derives the domain name from the public key (eg, long-random-string-that-comes-from-public-key.dyndns.com)? This derivation process could be the "encryption algorithm" the article refers to?

The client is given the new servername via the P2P network, then derives the public key from the hostname, encrypts using it and communicates with the server which can decode using the private key.

I'm not sure what the max length of a hostname is, which might be a problem.

Another possibility is to put the public key in a TEXT DNS for the server hostname. That could be what they meant maybe?