|
|
Remote Client Security
Friedberg, Jiří ; Karásek, Jan (referee) ; Malina, Lukáš (advisor)
This master’s thesis is devoted to safe operating remote station. The security of data and electronic services is very important nowadays because the number of attacks to computer networks is increasing. The security of network services and information can be provided in several different ways which can be combined. The basic security mechanisms are authentication and data encryption. Both these methods are included to the implementation of operating remote station which is the main part of this work. The user of the resulting application will have a choice from several methods of authentication and data encryption. Whole traffic is encryption from the transfer of view of remote desktop to the transfer of files. Safety factor depends only up to the user consequently on that what type of authentication and encryption the user choose. The thesis also deals with analysis of implemented safely functions. Brings the results of analysis of effect of encryption algorithms to data connection of remote desktop.
|
|
|
Current security trends in mobile networks
Jirkovská, Šárka ; Sobotka, Jiří (referee) ; Doležel, Radek (advisor)
This master's thesis deals with the issue of the security of GSM and UMTS mobile communication systems. In the thesis the principles of the authentication and encryption of both the mobile systems are described. Further, the constituent algorithms used for identity verification, key generation and encryption are mentioned. The commonly used algorithms are described along with their weaknesses. In the following part of this thesis, well-known attacks on GSM system are mentioned. In the part where UMTS system is dealt with one can find the algorithms used in this system to increase the security of transmitted data and authentication in comparison with GSM system. Therefore the whole process of authentication and encryption is described separately. In the last part the creation of programming models of authentication and encryption in GSM and encryption in UMTS is described. These models are created in the environment of Matlab version 2009b.
|
|
|
Virtual serial port and its safety conversion to Ethernet
Pokorný, Michal ; Krajsa, Ondřej (referee) ; Koutný, Martin (advisor)
Bachelor´s thesis try to find a solution to make virtual serial port and its safe transfer on Ethernet. Nowdays communications channels don't offer appropriate security of a whole communication. Therefore it depends on get-togethers, in order to realize this security themselves.This means ensure reliable data transfer, these data from among get-togethers encrypt in order to appropriate attacher be unable to read them in real - time, eventually to change them. As a result this Bachelor thesis is the application, which, except transfer between virtual serial port and Ethernet, insure authentication among get - togehthers communication and cipher transfer among them. As an encryption algorithm is used algorithm AES. It is concerned symmetrical cipher, which ciphers data after pages about size 128 byte.
|
|
|
Digital signature
Vaverka, Aleš ; Lambertová, Petra (referee) ; Zeman, Václav (advisor)
Digital signature, the subject of this semester paper, is nowadays very up-to-date. The still rising capabilities of the internet and the vision of lowering the amounts of paper documentation made it necessary to develop a way of signing documents which are transferred through the internet. This is supposed to be equally safe and unassailable as the handwritten signature. This method is called the digital signature. The paper focuses on the explanation of the essential terms connected to digital signature, such as certificate, certification authority, authentication, but in particular on the elementary cryption algorithms, further on applications that make use of digital signature, e.g. post services and electronic banking. In the final chapter, the positive and negative aspects of the electronic signature are discussed.
|
|
|
Internet privacy protection
Malina, Lukáš ; Doležel, Radek (referee) ; Hajný, Jan (advisor)
Anonymous authentication is a mean of authorizing a user without leakage of user personal information. The technology of Anonymous Authentication Systems (AAS) provides privacy of the user and yet preserves the security of the system. This thesis presents the basic cryptographic primitives, which can provide anonymous authentication. Among these primitives there are usually some asymmetric cryptosystems, but an essential part of anonymous authentication is based on zero knowledge protocols, blind signature schemes, threshold group schemes, etc., that are presented in Chapter 1. Generally, Anonymous Authentication Systems have application as electronic coin, electronic cash, group signatures, anonymous access systems, electronic vote, etc., which are analyzed and presented in Chapters 2 and 3. In the practical section, the implementation (in the environment .NET in C#) of the AAS system is presented and described in Chapter 4, which is being developed at the FEEC BUT.
|
|
|
Smartcard authentication
Juras, Stanislav ; Burda, Karel (referee) ; Hajný, Jan (advisor)
The master’s thesis outlines the problem of authentication. It describes authentication factors like ownership, knowledge and inherent. There are described properties of each of that. Authentication based on ownership focuses on authenticators - the smartcards. The thesis also describes different types of smartcards (contact, contactless and hybrid smartcards) and refers to their basic properties. Emphasis is placed on the description of contact and contactless smartcard, specifically focusing on .NET smartcards. It describes their internal components such as memory (RAM, ROM, EEPROM), crypto processor etc. Smartcards are also examined in terms of support for cryptographic primitives. The thesis also introduces the cryptographic methods and principles describing symmetric and asymmetric ciphers. Symmetric ciphers are divided in to stream and block ciphers. There is description of asymmetric cipher, digital signature etc. This work also touches on the fundamental principles required for safe programming. Part of this work is also practical implementation (programs). Practical part aims to implement the communication between the user and AC (Access Control) AASR system. The first suite of applications provides encrypted communication between the PC and smartcards. These applications should create on smartcard services that will be able to perform operations on the client side, which are necessary to authenticate in the AASR system. The paper also presents algorithms for working with big numbers - addition, subtraction, multiplication, and Montgomery's algorithm for multiplication. The second application implements the functionality of AC components (Access Control). This functionality is for example – authenticate received token, digital signature authentication, generating random numbers, logging etc.
|
|
|
Secure converter for an RS-232 standard to the Internet
Pokorný, Michal ; Mlýnek, Petr (referee) ; Koutný, Martin (advisor)
Master´s thesis tries to find a solution to make a secure transmission channel between virtual serial ports on the personal computer and the serial ports on the Rabbit RCM3700 development KIT. Today’s communications channels don't offer appropriate security of a whole communication. Therefore it depends on get-togethers, in order to realize this security themselves. This security means ensuring reliable transmission of data to be encrypted between parties so that any attacker is not able to read real-time, or eventually change them. As a result of this Master thesis is the design and implementation, which in addition to encryption algorithm provides sufficient security and authenticity of communication between the parties. As an encryption algorithm has been chosen widely used AES algorithm and as authentication algorithm has been chosen algorithm, which for authenticity requires knowledge of the secret key.
|
|
|
Security of wireless computer networks
Jelínek, Martin ; Pelka, Tomáš (referee) ; Doležel, Radek (advisor)
The master's thesis deals with the issue of Wireless Local Area Network (WLAN) from the viewpoint of the security and functional principle of security mechanisms. The transition to the issue concerning the security is accompanied by the methods of wireless data transmission operating on the level of physical layer (FHSS, DSSS, OFDM, MIMO), which is followed by the summary of individual 802.11 standards. The next part deals with the issue of shared transmission medium (CSMA/CA), influence of interference and correcting mechanisms (RTS/CTS). Within the security, the principles of the authentication along with the commonly used methods of security (WEP, WPA, WPA2) are described in detail. The first part concerning security deals with the security in the form of the WEP protocol, which is considered insufficient nowadays and points out the imperfect implementation and the consequent risks. The following part describes the security in the form of WPA which eliminates the implementation weaknesses of the previous WEP security protocol. The description of commonly used mechanisms of authentication (PSK, 802.1x), required temporary key management (PTK, GTK), data integrity (MIC) and encryption which uses TKIP protocol are also included. The last part, possible WLAN security, is aimed at the full support of 802.11i standard, which is called WPA2 (sometimes RSN). That part describes the basic encryption security element CCMP, which is based on the AES block cipher modes. The practical part of the thesis deals with the security verification of current wireless networks. In the process of verification the accessible HW means and programming tools of Open Source Software (OSS) are used. By means of verification it has been pointed out that there are possible security risks resulting from the security method which has been used. Also several recommendations how to reduce the security risks of the used method to minimum are mentioned.
|
|
| |
|
|
Remote data acquisition over the power lines
Neuschl, Martin ; Koutný, Martin (referee) ; Mlýnek, Petr (advisor)
The subject of this paper is „remote data acquisition over the power lines“. The first part is engaged in characteristics of power lines. The other part considers PLC technology, its properties and usage. Base on disturbance and noise in power grid is chosen optimal modulation technique and error handling for PLC. The next part describes options of authentication. It has been designed secure way of authentication for data collection over power lines and attack-resistance is considered as well. Practical purpose is dedicated to simulations and noise measuring during communication of narrowband PLC modems. It deals with long-term power grid testing and its influence on transmission rate between PLC modems and also with the influence on primary parameters of power grid. Packets are investigated during communication as well.
|
guest ::
