|
|
Přístupový systém pro aplikaci carsharing
Texl, Filip ; Ilgner, Petr (oponent) ; Dzurenda, Petr (vedoucí práce)
Bakalářská práce se věnuje přístupovým systémům s důrazem na carsharingové aplikace, a to jak z teoretického hlediska, kdy analyzuje jejich výhody, nevýhody a použitá kryptografické primitiva, tak i z hlediska praktického, kdy v praktické části je návrh přístupového systému a jeho následná realizace. V bakalářské práci se též využívá technologie Bluetooth Low Energy a Near Field Communication, které jsou opět popsány z teoretického hlediska, zejména pak klíčové pojmy těchto technologií, tak i jejich praktické využití pro přístupové systémy.
|
|
|
Lightweight Multi-signature schemes for IoT
Jarina, Jakub ; Dzurenda, Petr (oponent) ; Ricci, Sara (vedoucí práce)
The focus of this work is to introduce the topic of multi-signatures and subsequently implement a scheme supported for Internet of Things (IoT) devices. The work analyzes known multi-signature schemes from the perspective of security, computational complexity, and memory requirements. The work includes the implementations of a Flexible Round-Optimized Schnorr Threshold signature and Threshold Signature for Privacy preserving Blockchain in the C programming language.
|
|
|
Analysis and detection of PWS malware
Blažek, Jan ; Ricci, Sara (oponent) ; Dzurenda, Petr (vedoucí práce)
The aim of this bachelor’s thesis is to study the issue of malicious code and its various types, with a specific focus on the type known as Password Stealers (PWS). The thesis presents various methods of analyzing binary executable code, such as static and dynamic analysis, or sandboxing. Using these methods, eleven malware families have been analyzed. Three of them are new discoveries. The thesis also deals with the creation of detection and classification rules and their subsequent implementation in the YARA language. Several detection rules are created in the text to classify specific families of PWS types. The thesis presents the resulting data illustrating the spread of the described malware in the user base of the Avast company. Finally, a laboratory exercise focused on reverse engineering and malware analysis is presented at the end of the thesis.
|
|
|
Webová aplikace pro tvorbu profilu kybernetické bezpečnosti
Stejskal, Michal ; Sikora, Marek (oponent) ; Dzurenda, Petr (vedoucí práce)
Bakalářská práce se zabývá návrhem a implementací optimalizačního programu určeného pro nalezení nejvýhodnějších kombinací kurzů. Cílem práce bylo seznámit se s Evropským rámcem dovedností v oblasti kybernetické bezpečnosti (ECSF), optimalizačními algoritmy a projektem Cybersecurity Skills Alliance – A New Vision for Europe (REWIRE). Práce taktéž zahrnuje webový vývoj a práci s databází. Program je vyvinut v programovacích jazycích Python, PHP a JavaScript. Kritickými požadavky na funkci programu byla optimálnost řešení a doba ve které je řešení nalezeno. Program je spojený s webovým rozhraním, kde je možné vyhledávat optimální kombinace na základě vstupních podmínek.
|
|
|
Group signature based on Secure Multi-party Computation
Klasovitý, Kristián ; Dzurenda, Petr (oponent) ; Ricci, Sara (vedoucí práce)
This thesis aims at implementing a group signature scheme that uses two-party computation to jointly compute a signing value used in the signature. In this way, the user’s secret key is hidden from the manager and it cannot be used to impersonate the user. The signature also supports revocation and opening algorithms. Moreover, a blind issuance attribute-based credential is also presented, where the credential issued by the issuer remains private to the user. Both schemes were run on different devices and the performances were benchmarked. At last, the group signature was used to implement an application allowing one to sign a document on behalf of a group. The implementation is run on multiple devices that use NFC to communicate.
|
|
|
Pokročilé zabezpečení blockchainových transakcí
Tran, Minh ; Člupek, Vlastimil (oponent) ; Dzurenda, Petr (vedoucí práce)
Technologie blockchain, zejména Bitcoin, změnila způsob, jakým přemýšlíme o finančních transakcích a jak je řídíme. S rostoucí poptávkou a používáním technologie blockchain se však bezpečnost kryptoměnových peněženek stala závažnou obavou. Prahové podpisy nabízejí slibné řešení tohoto problému, umožňují více stranám podepsat transakci bez odhalení jejich soukromých klíčů. Tento článek představuje aplikaci pro mobilní Bitcoinovou peněženku pro Android, která používá prahové podpisy založené na Schnorrově podpisu. Aplikace také integruje chytré hodinky pro lepší zabezpečení a použitelnost. Tato integrace poskytuje další vrstvu zabezpečení tím, že vyžaduje fyzické potvrzení od uživatele před schválením jakékoli transakce. Naše implementace poskytuje bezpečnou a efektivní platformu pro správu Bitcoinových aktiv pomocí prahových podpisů a zároveň poskytuje intuitivní a snadno použitelné rozhraní pro interakci s aplikací.
|
|
|
Data and Privacy Protection in Smart Transport Services
Lővinger, Norbert ; Dzurenda, Petr (oponent) ; Malina, Lukáš (vedoucí práce)
Smart Transportation Services are innovative means of user transportation. They offer numerous advantages including improved user comfort, enhanced safety, increased efficiency or better sustainability. A variety of sensors and units are collecting enormous volume of data including users’ private information. This could result in serious consequences, if the data will not be preserved. Whether in services such as Smart Parking Services or Car Sharing Services, which are part of Smart Services, it is necessary to implement tools and techniques to provide protection for these data. In this thesis, Privacy Enhancing Technologies, which could protect data against multiple cyberattacks when implemented correctly, are further elaborated and analyzed in more detail. With the use of these techniques of data privacy protection, several phases of the car sharing process are described, in which these tools have been implemented as proof-of-concept in the Python programming language. Overall, 5 phases have been developed and evaluated, from which the conclusions are made. Privacy Enhancing Technologies are suitable for Car Sharing Services when they are applied in an appropriate way.
|
|
|
Readiness of Anonymous Credentials for Real Environment Deployment
Casanova-Marqués, Raúl ; Dzurenda, Petr
Attribute-based Credentials (ABCs) are a promising technology for protecting users' privacy and digital identity. We can use ABCs in a multitude of contexts. For instance, we can prove the validity of transportation tickets, demonstrate the legal age, prove the health status, or prove access rights in the company environment. All of this, we can do without disclosing complete personal identity. Nevertheless, ABCs generally require computational power that some wearable devices cannot cope with. In this paper, we present our implementation of a privacy-enhancing authentication system based on ABCs technology. The system is suitable for deployment in real-world scenarios and uses a wide range of differently powerful user devices (e.g., smart cards, smartphones, and wearables). Based on our implementation results, we also discuss the implementations aspects of ABCs, their readiness, and usability in real-world applications.
|
|
|
Access Control System Using Multi-factor Authentication
Cvrček, Tadeáš ; Dzurenda, Petr
A secure user authentication process is a key prerequisite for ensuring the security of the entire electronic system. On the other hand, current systems usually deploy many constrained devices with limited computational power, memory space and cryptographic support. This makes it hard to deploy secure cryptographic mechanisms in this environment. In this article, we present our multifactor authentication system using a reader with a secure module represented with MultOS smart card and an Android smart phone acting as a user authentication device. The system supports NFC (Near Field Communication) communication interface for intermediating communication between smart phone and reader, supports additional authentication factors (e.g. PIN code or fingerprint) and is easily implementable even on very constrained devices such as smart cards.
|
|
|
Secure deployment and testing of oVirt platform
Vágner, Vojtěch ; Martinásek, Zdeněk (oponent) ; Dzurenda, Petr (vedoucí práce)
The oVirt virtualization platform offers a wide range of different configurations. All of those configurations are by no means inherently secure when deployed out of the blue. The secure configurations are defined by security standards which the configurations claim conformance to. Since oVirt is a community project, it is hard to get such a software certified in the field of security standards. Certifications in the field of security standards are expensive. Luckily, oVirt shares common ground with Red~Hat~Virtualization to which certain security standards are applicable (FIPS 140-2, DISA STIG, Common Criteria). The link between Red~Hat~Virtualization and oVirt enables secure configurations also for oVirt. The focus of this thesis is then to determine which configurations are supported by the standards, therefore secure, and how to verify that the secure configurations are present. This is done through the use of a script in the form of an Ansible Playbook incorporating Ansible Roles that manage compliance evaluation for each of the presented security standards.
|
host ::
RSS.