|
|
Cenzura na Internetu
Kyjovský, Dalibor ; Rychlý, Marek (oponent) ; Očenášek, Pavel (vedoucí práce)
Cenzura na internetu je významným a aktuálním tématem, které ovlivňuje svobodu projevu a přístup k informacím. Tato bakalářská práce se zaměřuje na analýzu internetové cenzury s důrazem na technické aspekty na příkladu Běloruska. Úvodní část práce se zabývá kontextem internetové cenzury ve světě a zdůrazňuje důležitost svobody na internetu. Následně je provedena podrobná analýza cenzorských prostředků v Bělorusku, včetně technických detailů a možností detekce. Práce zkoumá také nástroje, které umožňují uživatelům obcházet internetovou cenzuru. Hlavním výstupem práce je navržená a implementovaná aplikace pro analýzu internetového prostředí v Bělorusku, která umožňuje identifikovat cenzorské mechanismy a poskytuje data pro další výzkum. Získané výsledky podporují lepší porozumění problematice internetové cenzury a nabízejí možnosti pro další monitorování a vývoj této aplikace.
|
|
|
Forensic Analysis of Anonymization Principles of Cryptocurrency Networks
Hromada, Denis ; Zavřel, Jan (oponent) ; Veselý, Vladimír (vedoucí práce)
Anonymity is often a key talking point when presenting the concept of cryptocurrencies. This work first focuses on the building blocks of the Bitcoin cryptocurrency and its relationship cryptocurrencies with Ethereum and Dash. Then it looks at known past and present privacy pitfalls. First it focuses on on-chain anonymity and its shortcomings. Namely address reuse and common input clustering. The work then analyzes these shortcomings and their imperfect existing solutions. The work then shifts focus to off-chain anonymity. That is, the supporting services without which cryptocurrency networks could not function like cryptocurrency wallets. It takes a look at key storage, different types of cryptocurrency wallets and how they communicate with cryptocurrency networks. This is followed by the introduction of an attacker model. The attacker is an eavesdropper that can listen to, but cannot manipulate traffic between a cryptocurrency wallet user and a cryptocurrency node. Properties and capabilities of such an attacker follow. The work then takes a look at three cryptocurrency wallets: Trezor Suite, Ledger Live a Electrum Wallet on which it demonstrates the properties described above in practice. An application in designed and implemented based on all the learned knowledge. The goal of this application is to aid a user in determining, whether captured network traffic contains communication generated by a cryptocurrency wallet. Finally the implemented application is subjugated to testing. The result of these tests is, that it is indeed possible to use the application to determine if and which cryptocurrency wallet was used. If the captured traffic contains traffic generated on the initial launch of the cryptocurrency wallet. This is followed by a conclusion and proposition of future work.
|
|
|
Anonymizace dat v uživatelské aplikaci
Zachoval, Tadeáš ; Komosný, Dan (oponent) ; Benedikt, Jan (vedoucí práce)
Diplomová práce je zaměřena na de-identifikaci osobních údajů. Práce se skládá z teoretické a praktické části. Teoretická část popisuje právní pohled na osobní údaje a~je především zaměřena na pojmy a možné de-identifikační metody a rozdíl mezi nimi. Stěžejní částí teoretické části je popis základních a některých pokročilých anonymizačních a pseudonymizačních technik. V praktické část se pak práce věnuje naprogramování aplikace v programovacích jazyce Python s grafickým uživatelským prostředím. Aplikace implementuje algoritmus na generování zkušebních falešných množin dat, které lze využít pro de-identifikaci. Hlavní funkcionalitou aplikace je však anonymizace a pseudonymizace osobních údajů. K tomuto účelu jsou v aplikaci uplatněny vybrané de-identifikační techniky.
|
|
|
Privacy-Enhancing Technologies and Privacy-Enhancing Cryptography for Wearables
Casanova-Marqués, Raúl ; Pendo,, Cristiano Gonçalves (oponent) ; PhD, Lukasz Michal Chmielewski, (oponent) ; Hajný, Jan (vedoucí práce)
The increasing concern surrounding privacy and the safeguarding of digital identities has emphasized the pressing necessity of establishing secure and confidential communication channels. This concern has led to the development of cryptographic mechanisms aimed at facilitating impervious information exchange. Nevertheless, traditional cryptographic approaches are proving insufficient in dynamic and resource-constrained environments, such as wearable devices. As a result, attribute-based credential schemes have emerged as a promising solution, offering fine-grained access control to digital services based on user-specific attributes. This doctoral thesis examines the efficacy and scalability of attribute-based anonymous credential schemes in ensuring the authenticity and security of users within dynamic architectures of wearable devices. It also explores enhancements to these schemes, with a primary focus on incorporating user revocation while maintaining privacy. Additionally, the thesis presents devised mechanisms to enable attribute-based authentication protocols on smart cards with limited support for elliptic curve cryptography. It addresses specific challenges associated with the usability of smart cards. Moreover, the thesis investigates the integration of anonymous authentication schemes in collaborative indoor positioning systems, aiming to provide privacy and security. Lastly, it explores the implementation of attribute-based authentication schemes in resource-constrained environments, with an emphasis on Internet of Things devices, and evaluates their feasibility within the dynamic architectures of wearable devices. The first contribution of this thesis introduces a purposefully designed protocol for anonymous authentication on smart cards. This protocol combines attribute-based credentials and user revocation while ensuring computational efficiency. To facilitate effective implementation and evaluation, the thesis employs smart cards equipped with the MULTOS operating system. The second contribution focuses on optimizing the capabilities of smart cards using Java Card technology for the implementation of attribute-based credential schemes. These smart cards are presented as a more accessible alternative for a wider consumer base. To overcome limitations in their application programming interface, the thesis devises strategies to augment the constrained support for elliptic curve cryptography and effectively implement such schemes. The third contribution presents the Privacy-Enhancing Authentication System, a robust solution compatible with smart cards, smartphones, and smartwatches. This system addresses the functional challenges associated with smart cards, including the absence of a graphical interface and limited user control over attribute disclosure. Consequently, it offers a practical and deployable solution for real-world scenarios. Finally, the thesis proposes a groundbreaking scheme to safeguard collaborative indoor positioning systems by addressing both privacy and security concerns. This scheme ensures the preservation of privacy and security by eliminating centralized architectures and employing encryption techniques for positioning information. The thesis includes comprehensive details such as protocol use cases, implementation specifics, execution benchmarks, and a comparative analysis with existing protocols.
|
|
|
Decentralized communication tool with anonymity guarantee
Legéň, Michal ; Burget, Radim (oponent) ; Malý, Jan (vedoucí práce)
Anonymity on the internet is becoming a actuall issue nowadays. There are several tools, that can be used to monitor user's activity and it can lead to lose privacy of users. The aim of this master's thesis is to describe different ways of working anonymous systems, especially the method called Onion Routing. The introduction of this work is devoted to the description of this method together with asymmetric cryptosystem RSA. The second part belongs to basics of socket programming and to the implementation of anonymous system in programming language C++. The final part is focussed on analysis of system in terms of security and time complexity. The conditions of anonymity and decentralization are accomplished. There is no presence of central server in the system and the management is handled by signalling messages.
|
|
|
Sběr metadat uživatelů a zařízení z Darkwebu
Gula, Ján ; Matoušek, Petr (oponent) ; Veselý, Vladimír (vedoucí práce)
Táto bakalárska práca rieši problém anonymizácie na Internete, ktorá sa vo veľkej miere využiva na obchodovanie s nelegálnymi substanciami. Tento problém núti zákonodarné zložky zaujímať sa o stránky predstavujúce trhy so zakázaným obsahom skryté za anonymizačnými sieťami. Mojím cieľom je zameriať sa na najväčšie obchody s podobným obsahom a získanie čo najväčšieho množstvá informácií o osobách, ktoré na trhoch figurujú či už ako predajcovia alebo nákupujúci. Daný problém som vyriešil tak, že som na základe počtu uživateľov vybral najvýznamnejšie tržiská stal sa jedným z ich uživateľov, a následne aplikoval algoritmy na vyškriabávanie dát z web stránok na to, aby som informácie zo stránok dostal do štrukturovanej podoby vhodnej na hlbšiu analýzu. Výsledky tejto práce umožnia orgánom činným v trestnom konaní jednoduchšiu analýzu metadat uživateľov dopúšťajúcich sa nelegálnej činnosti nakoľko nebudú musieť manuálne prechádzať jednotlivé nelegálne tržiská, ale všetky prístupné data budú zrhnuté v štruktúrovanej forme v databáze. Zjednotenie dát do štruktúrovanej formy pomôže urýchliť vyšetrovanie a určiť najväčších predajcov drog.
|
|
|
Systém anonymního sběru dat
Troják, David ; Malina, Lukáš (oponent) ; Dzurenda, Petr (vedoucí práce)
V rámci práce jsou analyzovány moderní přístupy k zajištění vyšší ochrany soukromí uživatelů. Zaměřuje se hlavně na skupinové digitální podpisy. V praktické části byl navržen a implementován PS umožňující anonymní sběr informací o síle signálu z mobilního zařízení. Aplikace byla navržena v souladu se základními kryptografickými požadavky jako je autentičnost a integrita přenášených dat. Anonymita uživatelů je zaručena jak na aplikační vrstvě (skupinový podpis) tak na síťové vrstvě (Tor).
|
|
|
ID - IDENTITY (UN) KNOWN (time specific in-cognito in-stant id - entity)
Janečková, Zuzana ; Babák, Petr (oponent) ; Rozbořil, Blahoslav (oponent) ; Chamonikolasová, Kaliopi (oponent) ; Ruller, Tomáš (vedoucí práce)
This dissertation focuses on va-rious strategies of presenting identity in contemporary art and the current trend of forming its mutations and mystifications. It deals with approaches such as when the name of an artist is absent from his performance, various forms of concealment, and the subsequent detection of an artist. The term “anonymity” is not examined as its mere literal definition, but it subsequently forks into other related meanings. The introduction points at our daily meetings with anonymity, the condensation of information stemming from all spheres including the sphere of visual arts. The subject of the dissertation is explored though the influence of media operating at a given time (time-specific) and a given place (site-specific): here and now. The text primarily deals with the phenomenon of being “anonymous”. While examining this topic, the period starting with the 1990s is discussed and supplemented by examples from the history of Slovak, Czech, and international visual art with extensions to literature, music and film. It closely focuses on the following four bi-polar forms of anonymity: celebrity / anonymous artist, art groups / collective exhibitions, street art / net art, signature art / untitled art. These terms are defined and organized into dictionary entries (containing both names of artists and definitions of terms). Comprising of over two hundred words, a hybrid thematic dictionary has been produced. It consists of already existing definitions taken from the Slovak and Czech mutations of Wikipedia which are quoted with consistence with each entry. The collaboration with Wikipedia is based on subsequent addition of the author’s definitions and thus supplements it with missing information from the sphere of visual arts. The text also deals with a current trend of renaming as a symbol of a hegemonic tool of power. The terms a.k.a., name, monogram, nick, and pseudonym are explored.
|
|
|
Implementace kryptografických protokolů na čipové karty
Moravanský, Michal ; Hajný, Jan (oponent) ; Dzurenda, Petr (vedoucí práce)
Bakalářská práce je zaměřena na kryptografická schémata využívající atributová pověření, která se snaží minimalizovat negativní dopady na ochranu soukromí uživatelů při používání autentizačních systémů. Cílem bakalářské práce byla implementace dvou zadaných schémat na čipové karty jakožto zařízení s omezeným výkonem. Schémata se liší pouze ve schopnosti revokovat uživatele. Praktická část práce obsahuje analýzu a výběr platformy čipových karet a kryptografických knihoven v závislosti na výkonnosti. Práce dále popisuje architekturu obou schémat a jednotlivé protokoly včetně probíhající komunikace. Implementace atributového schématu byla provedena na programovatelnou čipovou kartu Multos (strana uživatele) a Raspberry Pi 2 (strana vydavatele a ověřovatele). Je také porovnávána časová náročnost vybraných algoritmů. V závěru jsou formulovány závislosti mající vliv na výslednou efektivitu a rychlost protokolu.
|
|
|
Cryptographic Protection of Digital Identity
Dzurenda, Petr ; Švenda,, Petr (oponent) ; Castella-Roca, Jordi (oponent) ; Hajný, Jan (vedoucí práce)
The doctoral thesis deals with privacy-preserving cryptographic schemes in access control and data collection areas. Currently, card-based physical access control systems are used by most people on a daily basis, for example, at work, in public transportation and at hotels. However, these systems have often very poor cryptographic protection. For instance, user identifiers and keys can be easily eavesdropped and counterfeited. Furthermore, privacy-preserving features are almost missing and, therefore, user’s movement and behavior can by easily tracked. Service providers (and even eavesdroppers) can profile users, know what they do, where they go, and what they are interested in. In order to improve this state, we propose four novel cryptographic schemes based on efficient zero-knowledge proofs and elliptic curve cryptography. In particular, the thesis presents three novel privacy-friendly authentication schemes for access control and one for data collection application scenarios. The first scheme supports distributed multi-device authentication with multiple Radio-Frequency IDentification (RFID) user’s devices. This feature is particularly important in applications for controlling access to dangerous areas where the presence of protective equipment is checked during each access control session. The other two presented schemes use attribute-based approach to protect user’s privacy, i.e. these schemes allow users to anonymously prove the ownership of their attributes, such as age, citizenship, and gender. While one of our scheme brings efficient revocation and identification mechanisms, the other one provides the fastest authentication phase among the current state of the art solutions. The last (fourth) proposed scheme is a novel short group signature scheme for data collection scenarios. Data collection schemes are used for secure and reliable data transfer from multiple remote nodes to a central unit. With the increasing importance of smart meters in energy distribution, smart house installations and various sensor networks, the need for secure data collection schemes becomes very urgent. Such schemes must provide standard security features, such as confidentiality and authenticity of transferred data, as well as novel features, such as strong protection of user’s privacy and identification of malicious users. The proposed schemes are provably secure and provide the full set of privacy-enhancing features, namely anonymity, untraceability and unlinkability of users. Besides the full cryptographic specification and security analysis, we also show the results of our implementations on devices commonly used in access control and data collection applications.
|
host ::
RSS.