|
|
Authentication protocols on restricted devices
Šebesta, David ; Člupek, Vlastimil (referee) ; Malina, Lukáš (advisor)
This thesis deals with authentication methods, especially about authentication based on knowledge. In the thesis, the hash functions such as MD hash function, SHA hash function, Keccak, Blake, Grostl, Jh, Skein are described and shown their compilation on low frequency microcontrollers. Into the microcontroller MSP430F2274 are Keccak, Blake, Grostl, JH, md5, SHA–1, SHA–224, SHA–256 a Skein hashing algorithms implemented and measured. Also simple authentication protocols client–server are designed and their implementation and measuring was done. Protocols are focused on low memory requirement and the smallest number of measured messages during authentication. The first solution is determined for the beginning of the communication from client and the second from server.
|
|
|
Modern access control system
Vomáčka, Martin ; Hajný, Jan (referee) ; Malina, Lukáš (advisor)
The thesis describes the design of scheme for access system with user authentication via smart cards. The first chapter explains various types of identification items used for authentication of users and different types of readers and terminals, followed by chapter 2 with a deeper insight on smart cards with focus on their types, what internal structure and principle of communication with card readers are used, etc. with primary focus on Java cards. The third chapter describes Java Card cryptography - especially elliptic curve cryptography used on this platform. The fourth part focuses on PACE protocol with subsections dedicated to the individual parts of the protocol and its applicability to smart cards environment. Chapter 5 explains the proposed design of the authentication scheme elaborated in the thesis, including a detailed description of specific parts, their funcionality and exemplary usage in the created applications.
|
|
|
Application for Demonstration of Hash Algorithms SHA-1 and SHA-2
Siska, Josef ; Petrlík, Jiří (referee) ; Novotňák, Jiří (advisor)
In this thesis, the theory related to the hash algorithms SHA-1 and SHA-2 is presented, along with a description of possible implementation of an application that demonstrates how these algorithms work. The first part of this thesis describes the principles of construction of hash functions, their use and history of selected hash functions. The two following chapters present conventions and algorithms of the SHA-1 and SHA-2. The next chapter describes the general concepts related to the attacks on the hash functions and selected attacks are presented in more detail. The last two chapters outline the design and implementation of an application that was created as part of this work. In the end the evaluation of results of this thesis and proposals for its possible continuation are presented.
|
|
|
Secure Transport of NetFlow Data
Ručka, Tomáš ; Halfar, Patrik (referee) ; Grégr, Matěj (advisor)
The aim of my bachalor's thesis is secure transport NetFlow data. Communication in NetFlow is not protected against unauthorized intrusion, in addition works over UDP protocol which is protocol that allows data loss. The aim of this work is to create an encrypted tunnel through which communication will take place between the exporter and collector.
|
|
| |
|
|
Interception of Modern Encrypted Protocols
Marček, Ján ; Korček, Pavol (referee) ; Kajan, Michal (advisor)
This thesis deals with the introduction to the security mechanism.The procedure explains the basic concepts, principles of cryptography and security of modern protocols and basic principles that are used for information transmission network. The work also describes the most common types of attacks targeting the eavesdropping of communication. The result is a design of the eavesdropping and the implementation of an attack on the secure communication of the SSL protocol..The attacker uses a false certificate and attacks based on poisoning the ARP and DNS tables for this purpose. The thesis discusses the principles of the SSL protocol and methodology of attacks on the ARP and DNS tables.
|
|
|
Safe Cryptography Algorithms
Zbránek, Lukáš ; Schäfer, Jiří (referee) ; Chmelař, Petr (advisor)
In this thesis there is description of cryptographic algorithms. Their properties are being compared, weak and strong points and right usage of particular algorithms. The main topics are safeness of algorithms, their bugs and improvements and difficulty of breaching. As a complement to ciphers there are also hash functions taken in consideration. There are also showed the most common methods of cryptanalysis. As a practical application of described algorithms I analyze systems for secure data transfer SSH and SSL/TLS and demonstrate an attack on SSL connection. In conclusion there is recommendation of safe algorithms for further usage and safe parameters of SSH and SSL/TLS connections.
|
|
|
Duplicate Text Identification
Pekař, Tomáš ; Kouřil, Jan (referee) ; Smrž, Pavel (advisor)
The aim of this work is to design and implement a system for duplicate text identification. The application should be able to index documents and also searching documents at index. In our work we deal with preprocessing documents, their fragmentation and indexing. Furthermore we analyze methods for duplicate text identification, that are also linked with strategies for selecting substrings. The thesis includes a description of the basic data structures that can be used to index n-grams.
|
|
|
User verification based on smart-phones
Bělík, David ; Malina, Lukáš (referee) ; Hajný, Jan (advisor)
The main aim of this diploma thesis is to get acquainted with the area of secure authentication and authorization of users in smartphones on the Android platform. Individual types of encoding, authentications, authentication devices and characteristics of QR codes are decribed in the chapters. In the practical part of this thesis the applications are created with an implemented authentication scheme, which is being developed at FEKT VUT in Brno. The client part of the application, that generates QR code, as well as the server part, that verifies the authenticity of the data, are set up.
|
|
|
Using of the attack "Pass the hash attack" for the compromising of high privileged accounts.
Jakab, Vojtěch ; Rosenberg, Martin (referee) ; Babnič, Patrik (advisor)
The master thesis deals with the attack "‘pass the hash"’ on high privileged accounts. Within the theoretical part is discussed creating hashes and its use. Next is a descrip- tion of the authentication in Windows operating system. There are also pointed out weaknesses in the design of authentication mechanisms. The last part deals with the individual attack and security options for mitigating the impacts. In the practical part are tested available tools for retrieving hashes from the files of the operating systems and tools which allow the attack itself. The output of this section is selection of the appropriate tools to demonstrate the attack in a proposed real environ- ment. The last topic is about designing the experimental environment, demostration of the attack with the possibility of getting through the network. The last steps deal with mitigating the impact of the attack.
|
guest ::
