Could ransomware be stalled while encrypting?
Your suggestion is interesting; unfortunately a generic solution is not possible as there is no combination of bits that would cause an encryption algorithm to "stall". Encryption is just math, after all. Perhaps use of a rootkit could trick ransomware into believing that it's encrypting a fake yottabyte-long dummy file handle, or it could have delays built in that hand out the bytes from the file very very slowly, but those kind of approaches are likely to impact normal usage of the computer as well.
There might be specific versions of ransomware that have implementation bugs that you could somehow exploit to make this happen, but that approach has numerous problems. Malware authors and script kiddies evolve and change ransomware programs all the time, so depending on a bug in today's version is no assurance that you'll be infected by the same version of ransomware tomorrow. And there are hundreds or thousands of different ransomware programs out there today; no exploitable flaw is going to be present in all of them.
@HameJames approach is one way of attempting to detect ransomware in action, but there's no guarantee that his trap file will be the first file encrypted by the malware and will shut it down in time, or if it's the last file and the shutdown just makes it worse.
Your best defense at this point is still operational security. Make regular backups of important files and keep them offline. Don't open unexpected email attachments, or click on phishing links. Keep your security software up to date, and your systems patched. All the normal advice still applies.
You could create a watchdog that creates a fake file, C:/A, and looks for changes in it. As soon as a change is detected, shut down the computer immediately. That's most likely the safest.
Encryption can be stopped in certain situations: e.g. if ransomware uses common libraries like CryptoAPI and one can hook their core functions and check the caller. However, this is not a safe approach to fighting ransomware, because, for example, many ransomware variants can embed encryption algorithms in their code or even not use encryption at all.
Using special or trap files is not a safe approach either, because when the trap catches something, it might be too late, or it might be a false positive if there are legit apps (like backup solutions, archiving, synch or even legit encryption solutions) which operate on all files in a volume or multiple folders. Things can get even more complicated if we think about ransomware which doesn't encrypt all the files or don't process all folders.
A solution is to use behavior analysis which tracks and correlates several items including processes, file activity, and other changes. Products which follow this approach can detect and block ransomware with good accuracy, but they usually trigger the alert only after several files (usually at least tens) have been encrypted already. The best solutions can even give those files back.