Author ORCID Identifier:
Date of Graduation
5-2026
Document Type
Dissertation
Degree Name
Doctor of Philosophy in Computer Science (PhD)
Degree Level
Graduate
Department
Electrical Engineering and Computer Science
Advisor/Mentor
Thompson, Dale
Committee Member
Panda, Brajendra
Second Committee Member
Ware, Morgan
Third Committee Member
Li, Qinghua
Keywords
Cybersecurity; Game Theory; Malware; Post-Quantum Cryptography; Quantum Computing; Ransomware
Abstract
Ransomware is one of the most pervasive and dangerous threats to cybersecurity today. Attacks involving ransomware have been responsible for the disruption of critical services in many fields including healthcare, education, and government. In the current paradigm, crypto ransomware relies on asymmetric cryptography to perform its operations in a way that ensure the victim’s only chance for file recovery is by paying the attacker’s requested ransom payment. However, advancements in quantum computing threaten the asymmetric cryptography that ransomware relies on. It has been shown that, once developed, a sufficiently powerful quantum computer will have the ability to break asymmetric cryptography standards like RSA, ECC, and Diffie-Hellman. The implications that the compromising of these cryptographic standards has for both ransomware attackers and those defending against them is the focus of this work. The examination of these implications is done in several ways. The first aspect uses game theory to analyze how the introduction of quantum computers will impact the decision making of both attackers and defenders in a more abstract sense. An updated game theoretical model of ransomware attack and defense based on the current technological landscape is created. This model synthesizes assumptions from existing models while introducing new ones that make the model more accurate. An analysis is done on this pre-quantum model that demonstrates the utility of game theoretical modeling and the interesting conclusions that can be reached from it. After this, the possibility of quantum computers being able to break existing asymmetric cryptography standards is introduced into the model. The model is then reanalyzed demonstrating that ransomware attackers will be incentivized to replace existing asymmetric cryptography with the newly developed post-quantum cryptography standards. Based on this, a multifaceted examination of post-quantum cryptography is performed to determine how the adoption of this cryptography into ransomware might impact its detectability. An experimental piece of ransomware software is created that uses post-quantum cryptography and it is compared with ransomware that uses traditional asymmetric cryptography. First, basic performance metrics like memory and CPU usage are contrasted between the two. Following this, a comparison of how well malware scanners are able to detect each type of ransomware is done. Then, a proof of concept is presented that demonstrates targeting the underlying mathematical operations of post-quantum cryptography is likely the best avenue for the detection of post-quantum ransomware. Lastly, machine learning techniques are applied for detecting post-quantum ransomware. It can be seen that instruction level sampling provides data that allows models to easily distinguish post-quantum ransomware from both traditional ransomware as well as benign workloads that include the use of the same post-quantum libraries that are used by the ransomware.
Citation
Denham, B. (2026). The Impact of Quantum Computing on Ransomware. Graduate Theses and Dissertations Retrieved from https://scholarworks.uark.edu/etd/6173