Key exfiltration is
|“||[t]he transmission of cryptographic keying material for an encrypted communication from a collaborator, deliberately, or unwittingly, to an attacker.||”|
|“||the transfer of keying material for an encrypted communication from the collaborator to the attacker.||”|
Key exfiltration attacks rely on passive attack for access to encrypted data, with the collaborator providing keys to decrypt the data. So the attacker undertakes the cost and risk of a passive attack, as well as additional risk of discovery via the interactions that the attacker has with the collaborator.
In this sense, static exfiltration has a lower risk profile than dynamic. In the static case, the attacker need only interact with the collaborator a small number of times, possibly only once, say to exchange a private key. In the dynamic case, the attacker must have continuing interactions with the collaborator. As noted above these interactions may real, such as in-person meetings, or virtual, such as software modifications that render keys available to the attacker. Both of these types of interactions introduce a risk that they will be discovered, e.g., by employees of the collaborator organization noticing suspicious meetings or suspicious code changes."
- ↑ Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement, at 4.
- ↑ Pervasive Attack: A Threat Model and Problem Statement, at 9.
- "Overview" section: Pervasive Attack: A Threat Model and Problem Statement, at 11.