Yung research covers primarily the area of
cryptography and its applications to
information security and
data privacy. He has worked on defining and implementing malicious (offensive) cryptography:
cryptovirology information-theoretic security,
secure multi-party computation,
threshold cryptosystems, and
zero-knowledge proofs,
Cryptovirology In 1996, Adam L. Young and Yung coined the term cryptovirology to denote the use of cryptography as an attack weapon via
computer viruses and other
malware in contrast to its traditional protective role. In particular, they described the first instances of
ransomware using public-key cryptography.
Kleptography In 1996, Adam L. Young and Yung introduced the notion of kleptography to show how cryptography could be used to attack host cryptosystems where the malicious resulting system with the embedded cryptologic tool in it resists reverse-engineering and cannot be detected by interacting with the host cryptosystem, as an argument against cryptographic systems and devices given by an external body as "black boxes" as was the
Clipper chip and the
Capstone program. After the 2013
Snowden affair, the
NIST was believed to have mounted the first kleptographic attack against the American
Federal Information Processing Standard detailing the
Dual EC DRBG, essentially exploiting the repeated discrete logarithm based "kleptogram" introduced by Young and Yung. ==Awards==