zkRansomware: Proof-of-Data Recoverability and Multi-round Game Theoretic Modeling of Ransomware Decisions

TL;DR

This paper introduces zkRansomware, a novel cryptographic ransomware model utilizing zero-knowledge proofs and blockchain smart contracts to enable verifiable data recovery, multi-round payments, and aligned attacker-victim incentives.

Contribution

It presents a new ransomware framework integrating cryptographic and blockchain tools, along with a theoretical decision-making model distinct from existing ransomware analyses.

Findings

zkRansomware is technically feasible with current cryptographic tools.

The model can align attacker and victim incentives.

It offers a new approach for ransomware risk analysis.

Abstract

Ransomware is still one of the most serious cybersecurity threats. Victims often pay but fail to regain access to their data, while also facing the danger of losing data privacy. These uncertainties heavily shape the attacker-victim dynamics in decision-making. In this paper, we introduce and analyze zkRansomware. This new ransomware model integrates zero-knowledge proofs to enable verifiable data recovery and uses smart contracts to enforce multi-round payments while mitigating the risk of data disclosure and privacy loss. We show that zkRansomware is technically feasible using existing cryptographic and blockchain tools and, perhaps counterintuitively, can align incentives between the attacker and the victim. Finally, we develop a theoretical decision-making framework for zkRansomware that distinguishes it from known ransomware decision models and discusses its implications for ransomware risk analysis and response decision support.