|
|
Software support of education in cryptography area based on elliptic curves
Szturc, Jakub ; Sobotka, Jiří (referee) ; Burda, Karel (advisor)
The master‘s thesis is focusing on cryptography based on elliptical curves consists of four main parts. The first part provides an overview of the basic cryptographic and mathematical concepts. A key element of this work is the second part which are described in detail the mechanisms of counting two points on elliptic curve and counting point to themselves over the various fields. On this mechanism is based almost the entire issue. In the third section provides the best-known algorithms and protocols for key exchange, encryption and digital signature. The goal of this paper is to devise software to support teaching. This material is created as a web presentation, which described the theoretical foundations and the main characteristics of cryptosystems based on elliptical curves. The whole issue is supported by practical examples of calculations examples, there are also examples for independent work. Additionally, java applets are prepared that allow an interactive opportunity to try the basic parameters of curves, or verify the calculations.
|
|
|
Software support of education in cryptography based on integer factorization
Vychodil, Petr ; Martinásek, Zdeněk (referee) ; Burda, Karel (advisor)
This thesis deals with new teaching software, which supports asymmetric encryption algorithms based on the issue of large numbers´ factorization. A model program was created. It allows to carry out operations related to encryption and decryption with an interactive control. There is a simple way to understand the principle of the RSA encryption method with its help. The encryption of algorithms is generally analysed in chapters 1,2. Chapters 3 and 4 deals with RSA encryption algorithm in much more details, and it also describes the principles of the acquisition, management and usage of encryption keys. Chapters 5 suggest choosing of appropriate technologies for the creation of the final software product, which allow an appropriate way to present the characteristics of the extended RSA encryption algorithm. The final software product is the java applet. Aplet is described in the chaprers 6 and 7. It is divided into a theoretical and practical part. The theoretical part presents general information about the RSA encryption algorithm. The practical part allows the users of the program to have a try at tasks connected with the RSA algorthm in their own computers. The last part of Java applet deals with the users´ work results. The information obtained by the user in the various sections of the program are satisfactory enough to understand the principle of this algorithm´s operations.
|
|
|
Security protection techniques of wireless networks of internet providers
Žiško, Róbert ; Pelka, Tomáš (referee) ; Burda, Karel (advisor)
This master’s thesis can be used as the guidebook for Wi-Fi networks provider in non-licensed zones 2,4GHz and 5GHz. It is good tool to understand wireless technology area and its protection. Reader can follow network design and avoid mistakes that are mentioned in work. This text shouldn’t be a tool or a guide for possible attackers, but an impulse for small providers who provide their networks in unsecured form. In the opening chapter of my work, matters of Wi-Fi networks are thoroughly analyzed. As they are able to get internet connection in a lot of inaccessible places, they are considered to be crucial for the present times. The basic procedure describing Wi-Fi planning is written in thesis and also its legislative that has to be strictly observed. The big disadvantage is riskiness of the wireless connection that allows attackers to attack network in many ways. For mentioned reason it is very important to take utmost account of Wi-Fi network’s security and attack resistance. Unfortunately a lot of networks are either secured partially or unsecured at all. These types of networks are frequently attacked in order to get “free” Internet access or because of competitors fight. In the text below we can find possible Wi-Fi attack forms using by attackers to get Internet access or destroy network hardware what can cause big financial loss to providers. I described design and realization of little-town network using safety tools implementation based on my experience. For that purpose I implemented benchmark tests in graphics as well as practical format.
|
|
|
Hotspot system for more network operators
Strmiska, Roman ; Pust, Radim (referee) ; Burda, Karel (advisor)
Master’s thesis deals with the design and realization of a hotspot system for more Operators, it solves problems of QoS, billing of transferred data and distribution of services via a common wireless interface. The theoretic part is oriented to the selection of a suitable technology and explanation of a legislation, which relates to an activity of the hotspot‘s network. The practical part solves the choice of hardware, design and realization of the experimental network. In conclusion are tested transit parameters of the network and its functionality.
|
|
|
Software design support of burglar alarm system
Vymazal, Michal ; Pelka, Tomáš (referee) ; Burda, Karel (advisor)
This thesis deals with implementation of software support of alarm system design for security levels 1 and 2 based on web technologies. It was created intuitive and interactive graphical interface that allows to create high-quality alarm system design even for laymen. First of all the paper deals with standards and jurisdictions in the Czech Republic, according to which the alarm system design must be followed. In theoretical part there are described in detail characteristics of alarm systems and its components, proper functioning principles, installation principle, advantages and disadvantages of use, individual steps of alarm system design and proposed methodology of alarm system design for security level 1 and 2. In practical part there are described the technologies used for the implementation of this paper, structure of created webpage and detailed steps of alarm system design, as seen by user during creating. The result of this paper is a webpage, which is divided into two parts: theoretical and practical. The theoretical part provides information about the alarm system architecture, alarm system design and established methodology for the alarm system design for security level 1 and 2. In the practical part the user, on the basis of gained information and interactive help, can create high-quality alarm system design that meets all the conditions for reliable function in real traffic.
|
|
|
Security Protection efficiency improvement for Wireless Networks
Marušek, Michal ; Burda, Karel (referee) ; Škorpil, Vladislav (advisor)
Nowadays every wireless radio-communication services encompass huge type of technology used for transfer video, voice or data. Wireless communication is the most expanded branch and many companies are using this technology because of low cost and simply management. The biggest advantage is easy connection to shared wireless medium and allows users of network to move around whole covered area. The most expanded types of wireless networks are called Wireless LAN (WLAN). With rising number of WLANs is rising chance to attack shared wireless medium by hacker and many sensitive information can be stolen or modified. To avoid this chance was created the first security protocol used in WLAN called WEP. Its goal was protect data transmitted trough WLAN as strong as were protected in wired networks. Unfortunately WEP was hiding a big weakness which can be used in a crack of WLAN in a minute with the aid of special software. Example of this kid of software can be Airsnort constructed to monitor shared medium and captured every packet transferred trough this medium. Based on statistical method Airsnort can obtain hidden password in a few minutes. The second type of this software can be Aircrack-ng, which can crack hidden password without any user connected to WLAN. Aircrack-ng uses active techniques to generate network load and can obtain password more effectively and faster. The result of both cases was successful and protection of WLAN was completely cracked. Later was created new security protocol called WPA, which had to fix the cryptography weakness of previous WEP. WPA was only temporary security protocol, during standard 802.11 was developing which had to offer highest security and integrity protection of transferred data trough WLAN. For this reasons was created new version of WPA called WPA2 which satisfy requirements of standard 802.11i. Both protocols WPA/WPA2 contain weakness, which can crash security of WLAN. This crack is based on authentication PSK. Attacker during authentication is using information from four-way handshake between user of WLAN and access point. Based on this information attacker can crack password with the aid of password list attack which took approximately 30 minutes. Based on previous result is important to chose strong password contains alphanumeric string or special strings with satisfy length.
|
|
|
Application for digital signature and timestamping
Remiaš, Miroslav ; Burda, Karel (referee) ; Lambertová, Petra (advisor)
In general, the Internet represents an unsecured medium of data transfer. Besides the rising popularity of the Internet, the matters of safety are getting to the foreground of importance. Anybody would be able to gain access to the computer network or to other valuable information if no algorithm of verifying the genuineness of identity were used. It is necessary to secure not only the access to the documents but also the content itself, which could be modified during the transfer through an unsecured medium. Last but not least, without the discretion provided by cryptography, the information may become literally public. To provide security and protection for the communicating participants the problems mentioned above are solved with the help of cryptographic techniques. The verification of the identity and the integrity of messages, the credibility of document’s ownership and safe data transfer through an unsecured medium are all the aspects, which the field of communication security on the Internet, thus the public key infrastructure, deals with. The electronic signature, as a part of the security area, is one of many advertised themes nowadays in Czech Republic. The aim of this master’s thesis is to acquaint the reader with the necessary technological procedures of digital signature, such as cryptographic techniques, public key infrastructure and timestamp. The practical part of this thesis consists of a suggested implementation of a web application in the programming language ASP.NET, which forms a certification authority with an opportunity of claiming a timestamp to authorize timestamps. After the problematic of cryptography was explained in the first chapter, the term of electronic signature has been introduced in the second chapter. Very important information, as far as the electronic signature of documents is concerned, is the time of the document’s creation and the subsequent signature verification by an appropriate authority. So the following part of the thesis is dedicated to the timestamp and to the authority of its verification. The fourth section deals with the large scale of public key infrastructure. The fifth part focuses on the description of the support for the whole problem mentioned so far using Microsoft’s programming language ASP.NET. The final sixth chapter represents the practical part of the thesis, namely the web application itself, where the individual modules of the application with its functions are described.
|
|
|
Lab of public key infrastructure
Slavík, Petr ; Lambertová, Petra (referee) ; Burda, Karel (advisor)
The aim of this thesis is to study and describe the theme of Public Key Infrastructure (PKI). Within the scope of minute PKI characterization there is a gradual depiction of particular structural elements, which are above all represented by cryptographic operations (asymetric and symetric cryptography, hash function and digital signature); then, there are also individual PKI subjects that are dealt with, like eg. certification authority, certificates, security protocols, secure heap etc. Last but not least there are a few complete Public Key Infrastructure implementation solutions described (OpenSSL, Microsft CA). The practical part of the thesis, a lab exercise, gives potential students the knowledge of installing OpenSSL system based certification authority. The next task educate students how to secure web server with certificate signed with own CA and also how to secure web server users‘ access control through certificates signed by the previously installed CA.
|
|
|
Software support of teaching of cryptography protocols
Marek, Tomáš ; Lambertová, Petra (referee) ; Burda, Karel (advisor)
Document contains informations about authentication, encryption, data integrity and data authenticity. Next part includes description of well know cryptography protocols, their functions and also their weaknesses. All of these acquired informations were used in concept and final software support for teaching of cryptography protocols, which is able to run on clasic web-browser. Thats why the application was designed as web PHP pages using JavaScript and AJAX, which ensures plaform and OS architecture independency. Besides the descripted and ilustrated part of application there are also interactive parts and animations. The last period contains description of education software and its functions. Source code can be found on the appended CD.
|
|
| |
guest ::
