|
|
Hash functions and their usage in user authentication
Piller, Igor ; Stančík, Peter (referee) ; Hajný, Jan (advisor)
This thesis concerns with hash functions and their usage in authentication. It presents basics of hash functions theory and construction elements. In particular the thesis focuses on LMHash, MD4, MD5 and SHA family hash functions, which are compared from the security point of view. The thesis describes in general the most frequently used hash function attacks, points out the weaknesses of current construction and mentions the future perspective of hash functions. Furthermore the thesis outlines the area authentication and describes usage of hash functions in the area. Practical part of the thesis contains an implements of a general authentication framework implemented in programming language C#. The result is client and server applications, in which two selected authentication methods were successfully tested. The result implementation is flexible with respect to the possible future use of other authentication methods.
|
|
|
Access control system using multilevel authentication
Cvrček, Tadeáš ; Člupek, Vlastimil (referee) ; Dzurenda, Petr (advisor)
The master's thesis focuses on authenticated key agreement protocols and their implementation on MultOS smart cards platform and devices running Google Android operating system. Implemented applications use NFC (Near Field Communication) interface for communication with cellphone, Bluetooth technology for communication with smart watch and smart card as SAM (Secure Access Module) module in a verifier role. The source code is universal, so it is possible to use it in other projects.
|
|
|
User Authentication and Autorization for New Generation Networks
Přibyl, Radek ; Cvrček, Daniel (referee) ; Matoušek, Petr (advisor)
This document describes methods of user authentication and authorisation via a trusted server. There is analysis of the system Kerberos, which is used as an inspiration for desing of a new authentication scheme. There are analysed programming layers and interfaces for specific applications ensuring user authentication and authorisation. The document contains a design and detailed description of a new authentication scheme. This scheme is implemented into the communication between email client and imap server.
|
|
|
The security risks of authentication methods
Dzurenda, Petr ; Babnič, Patrik (referee) ; Rosenberg, Martin (advisor)
Master's thesis deals with the security risks of current authentication methods. There are described methods which are based on user's knowledge and ownership of authentication object and biometric authentication method. The practical part of this Master's thesis deals with a specific design of authentication system based on protocol ACP, when the user proves his identity by smart card on provider assets, which is represented by ACP portal on the user's computer.
|
|
|
Authentication of web service users
Plašil, Matouš ; Ležák, Petr (referee) ; Burda, Karel (advisor)
In this bachelor thesis are presented methods for Single Sign-On from perspective of client application. It takes a closer look at protocols OpenID and OAuth and explains the main differencies. Next part of the thesis is focused on registration of application and communication between server and client application. This is realized by OAuth protocol. In the practical part is described a created web application and used methods are explained.
|
|
|
System for anonymous transmit of messages
Kislinger, Jan ; Rosenberg, Martin (referee) ; Ležák, Petr (advisor)
Diploma thesis deals with an anonymous transmit of messages using protocol for anonymous authentication. In first part, we introduce theoretical familiarization to the issues and description protocol for anonymous authentication. Further, it describes the suggestion of the communication between the client and the server. Finally, contains a description of the created system for anonymous transmit of messages, which consists of the server and clients, who can leave challenges on the server for other users and they obtains challenges from the server. The thesis explains how to start and control program. There are also discussed methods of computing verification values, encryption keys and messages and authentication of receivers.
|
|
|
Data-efficient security of cloud storages
Elis, Martin ; Fujdiak, Radek (referee) ; Člupek, Vlastimil (advisor)
This work is focused on problematics of a cloud solution, especially on its security side. It describes the current security trends and approaches used by security engineers when creating sophisticated designs of secure cloud systems. As part of it there is a risk analysis and an overview of the most common types of attacks led against the cloud solutions. Also, this document deals with the possibilities, principles, advantages and negatives of different types of cloud distributions. Another text deals with the usual methods used for accessing the cloud. This thesis contains author’s own design of possible realization. In the next part of the document, process of building a safe cloud data storage is described together with principles of ensuring its security. In the conclusion, the author focuses on comparison of cryptographic algorithms and their behavior depending on the length of a used keys.
|
|
| |
|
|
Software support of teaching of cryptography protocols
Marek, Tomáš ; Lambertová, Petra (referee) ; Burda, Karel (advisor)
Document contains informations about authentication, encryption, data integrity and data authenticity. Next part includes description of well know cryptography protocols, their functions and also their weaknesses. All of these acquired informations were used in concept and final software support for teaching of cryptography protocols, which is able to run on clasic web-browser. Thats why the application was designed as web PHP pages using JavaScript and AJAX, which ensures plaform and OS architecture independency. Besides the descripted and ilustrated part of application there are also interactive parts and animations. The last period contains description of education software and its functions. Source code can be found on the appended CD.
|
|
|
Security of wireless computer networks
Jelínek, Martin ; Pelka, Tomáš (referee) ; Doležel, Radek (advisor)
The master's thesis deals with the issue of Wireless Local Area Network (WLAN) from the viewpoint of the security and functional principle of security mechanisms. The transition to the issue concerning the security is accompanied by the methods of wireless data transmission operating on the level of physical layer (FHSS, DSSS, OFDM, MIMO), which is followed by the summary of individual 802.11 standards. The next part deals with the issue of shared transmission medium (CSMA/CA), influence of interference and correcting mechanisms (RTS/CTS). Within the security, the principles of the authentication along with the commonly used methods of security (WEP, WPA, WPA2) are described in detail. The first part concerning security deals with the security in the form of the WEP protocol, which is considered insufficient nowadays and points out the imperfect implementation and the consequent risks. The following part describes the security in the form of WPA which eliminates the implementation weaknesses of the previous WEP security protocol. The description of commonly used mechanisms of authentication (PSK, 802.1x), required temporary key management (PTK, GTK), data integrity (MIC) and encryption which uses TKIP protocol are also included. The last part, possible WLAN security, is aimed at the full support of 802.11i standard, which is called WPA2 (sometimes RSN). That part describes the basic encryption security element CCMP, which is based on the AES block cipher modes. The practical part of the thesis deals with the security verification of current wireless networks. In the process of verification the accessible HW means and programming tools of Open Source Software (OSS) are used. By means of verification it has been pointed out that there are possible security risks resulting from the security method which has been used. Also several recommendations how to reduce the security risks of the used method to minimum are mentioned.
|
guest ::
