|
|
Intercept of the Modern Cryptographic Protocols
Halinár, Petr ; Košař, Vlastimil (referee) ; Kaštil, Jan (advisor)
This paper discusses the security-set used in communication networks. It contains a brief overview of the protocols and architecture description of public keys. Deals in detail with a description of certificates, their backgrounds and SSL protocols. It also represents a number of security shortcomings of these protocols and application design for the interception of HTTPS. Also the results of experiments with this application are stated.
|
|
|
Secure Communication and Data Protection in the Internet of Things
Chadim, Pavel ; Hajný, Jan (referee) ; Malina, Lukáš (advisor)
This Master's thesis „Secure communication and data protection in the internet of things“ is dealing with crypthografy and crypthographic libraries, which are compared with eachother according to supporting algorithm and standard. For comparing therewere used following libraries: openSSL, wolfSSL, nanoSSL and matrixSSL. Practical part of the thesis is focused on testing the productivity of each ciphers and protocols of openSSL and wolfSSL libraries on RaspberryPi 2 device. Further, the thesis shows the design of communication scenario client-server in the Internet of Things (IoT). Simple authentication protocol client-server was implemented and simulated on RaspberryPi 2 device.
|
|
|
Collection of Sensor Data into Cloud
Záhorský, Matej ; Musil, Petr (referee) ; Nosko, Svetozár (advisor)
Primárnym účelom tejto práce je zber dát z vybraných senzorov do vzdialeného Cloudu prostredníctvom platformy STM32MP1. V prvej časti práce je popísaná teória ohľadom možností zberu dát, ich kryptografického zabezpečenia a funkcie daného mikrokontroléra. V druhej časti je navrhnuté a implementované vhodné softvérové riešenie pre efektívne a bezpečné zbieranie dát z vybraných senzorov. Na koniec sú vyhodnotené vlastnosti riešenia, čo zahrňuje i rýchlosť kryptografického podpisovania v reálnej aplikácií.
|
|
|
Web application for data transfer using TLS protocol
Dzadíková, Slavomíra ; Slavíček, Karel (referee) ; Smékal, David (advisor)
The work deals with web application development, implementation possibilities of web application, secure communication between server part and client part. Protocol HTTPS (Hyper Text Transfer Protocol) and TLS (Transport Layer Protocol) are described in more detail way, also the issue of PKI (Public Key Infrastructure). The work also covers authentication and authorization methods which are used in web applications, and the most common attacks according OWASP TOP 10. Technologies, programming languages and environments, which have been used: Python, Flask, Bootstrap, OpenSSL, Nginx, Nessus, JMeter, Lighthouse.
|
|
|
Web application for testing web server vulnerabilities
Šnajdr, Václav ; Burda, Karel (referee) ; Smékal, David (advisor)
The Master’s Thesis deals with the design and implementation of a web application for testing the security of SSL/TLS protocols on a remote server. The web application is developed in the Nette framework. The theoretical part describes SSL/TLS protocols, vulnerabilities, recommendations and technologies used in the practical part. The practical part is devoted to the creation of a web application with the process of using automatic scripts to test and display the results on the website with a rating of A+~to~C. The web application also displays a list of detected vulnerabilities and their recommendations.
|
|
|
The PXA270M ARM module and its usage as private branch exchange
Vojtíšek, Jindřich ; Šilhavý, Pavel (referee) ; Daněček, Vít (advisor)
This work deals with using the operating system Linux on diskless devices. This is solved on the development kit Voipac PXA270M, which is based on the ARM processor. This work deals further with the distributions of the Linux operating system, which are suitable to use for the device based on the ARM processor. The Linux was chosen because it is one of the most flexible operating systems and the Linux is kept as open source software code, except to the distribution of the Red hat and a few special distributions. The NFS protocol and TFTP are described there. The TFTP and NFS are used to deploy the operating system. It describes there, what are the TFTP and NFS and the principle of their use in computer networks. Practical part is as to, what is needed for the functioning of the TFTP and NFS server on the Ubuntu 11.10 plus how configure them. The OpenOCD is another part of this work. The OpenOCD is designed to work in the device memory. There is shown how to install and run the OpenOCD in order to communicate with the development kit Voipac PXA270M. This work shows how to configure the bootloader U-boot for booting the operating system from the network using the NFS and TFTP. There is described how compile and install PBX Asterisk on Voipac PXA270M with use of cross compiler and how cross compile zlib, OpenSSL and ncurses needed to install nad run Asterisk.
|
|
|
Comparison of cryptographic primitives used in elliptic curve cryptograpny on different hardware platforms
Brychta, Josef ; Martinásek, Zdeněk (referee) ; Fujdiak, Radek (advisor)
This master thesis deals with the implementation of variants of cryptographic libraries containing primitives for elliptic curves. By creating custom metering charts to compare each implementation. The main task was not only the implementation of libraries but also the design and implementation of test scenarios together with the creation of measurement methods for different libraries and hardware platforms. As a result, a number of experimental tests were conducted on different curves and their parameters so that the results of the work included complex problems of elliptic curves in cryptography. The main parameters were power, time and memory consumption.
|
|
|
Lab of public key infrastructure
Slavík, Petr ; Lambertová, Petra (referee) ; Burda, Karel (advisor)
The aim of this thesis is to study and describe the theme of Public Key Infrastructure (PKI). Within the scope of minute PKI characterization there is a gradual depiction of particular structural elements, which are above all represented by cryptographic operations (asymetric and symetric cryptography, hash function and digital signature); then, there are also individual PKI subjects that are dealt with, like eg. certification authority, certificates, security protocols, secure heap etc. Last but not least there are a few complete Public Key Infrastructure implementation solutions described (OpenSSL, Microsft CA). The practical part of the thesis, a lab exercise, gives potential students the knowledge of installing OpenSSL system based certification authority. The next task educate students how to secure web server with certificate signed with own CA and also how to secure web server users‘ access control through certificates signed by the previously installed CA.
|
|
|
Client Tools for Accessing DNS Registry
Škorvaga, Vojtěch ; Polčák, Libor (referee) ; Matoušek, Petr (advisor)
This document describes the work solving the extension of a set of registration utilities for registering domains in application Fred (free registry for enum and domains). I added library and programs written in Java and C language that enable communication between central register and clients via XML protocol EPP (RFC 5730) and SSL/STL layer. I used libxml2 library for processing XML and OpenSSL library for processing SSL/STL in C language. In Java I created system of automated creation XML files form XML schema. System is based on ANTLR. This work was solved in cooperation with CZ.NIC (domain registrators).
|
|
|
Anonymous communication on the internet
Hořejš, Jan ; Babnič, Patrik (referee) ; Rosenberg, Martin (advisor)
The objective of this master’s thesis was to describe current capabilities of anonymous browsing over the Internet. The theoretical part focuses on three main methods of anonymization with main focus on Tor network. The master‘s thesis describes advantages and disadvantages of different solutions and possible attacks on them. In the next part is demonstrated Tor network, implementation of Hidden service and secured access to the server for clients and possible attacks against this proposal. The work also includes the results of measurements of all three anonymizers and the effects on their speed.
|
guest ::
