|
|
Hash functions and their usage in user authentication
Piller, Igor ; Stančík, Peter (referee) ; Hajný, Jan (advisor)
This thesis concerns with hash functions and their usage in authentication. It presents basics of hash functions theory and construction elements. In particular the thesis focuses on LMHash, MD4, MD5 and SHA family hash functions, which are compared from the security point of view. The thesis describes in general the most frequently used hash function attacks, points out the weaknesses of current construction and mentions the future perspective of hash functions. Furthermore the thesis outlines the area authentication and describes usage of hash functions in the area. Practical part of the thesis contains an implements of a general authentication framework implemented in programming language C#. The result is client and server applications, in which two selected authentication methods were successfully tested. The result implementation is flexible with respect to the possible future use of other authentication methods.
|
|
|
Modern methods for user authentication
Sýkora, Daniel ; Stančík, Peter (referee) ; Hajný, Jan (advisor)
The main focus of Master’s thesis is modern methods for user authentication. In the first part are briefly described currently used protocols and pointed out thein advantages and disadvantages. The theoretical introduction analyzes the principles of zero-knowledge authentication, password-based protocols and describes the concept of a new generation hash function. The practical part describes the specific implementation of authentication protocols - Ohta-Okamoto protocol as a representative of the zero knowledge protocols and SRP (Secure Remote Password), which represents password-based protocols. In both cases, the installation procedure is described following the analysis of their implementation (at the source code level) and then compared with the transmitted data captured by Wireshark. The SRP protocol is verified by AVISPA tool. There is summary of both protocols security analysis in the conclusion.
|
|
|
Software support of teaching of cryptography protocols
Marek, Tomáš ; Lambertová, Petra (referee) ; Burda, Karel (advisor)
Document contains informations about authentication, encryption, data integrity and data authenticity. Next part includes description of well know cryptography protocols, their functions and also their weaknesses. All of these acquired informations were used in concept and final software support for teaching of cryptography protocols, which is able to run on clasic web-browser. Thats why the application was designed as web PHP pages using JavaScript and AJAX, which ensures plaform and OS architecture independency. Besides the descripted and ilustrated part of application there are also interactive parts and animations. The last period contains description of education software and its functions. Source code can be found on the appended CD.
|
|
|
Solution of the authentification and authorization for wireless local networks
Čížek, Michal ; Pust, Radim (referee) ; Burda, Karel (advisor)
This thesis is about available priciples and methods of authentication and authorization in wireless local area networks. First part is about available methods of authentication with short description each of them and usage analysis for small and middle-sized wireless networks. There is a project of authentication and authorization for school wireless network of three access points in the second part of the thesis, including description of Mikrotik RouterOS configuration and FreeRadius configuration. In the end of the thesis there is a project tests and usage analysis.
|
|
|
Design of user authentication for small and medium networks
Hajný, Jan ; Pust, Radim (referee) ; Burda, Karel (advisor)
The main focus of this Master’s thesis is user authentication and access control in a computer network. I analyze the TCP/IP model in connection with security and describe main stepping stones of authentication protocols (mainly hash functions). The authentication protocol analysis follows. I begin with LANMAN protocol analysis for the reason of a security comparison. The NTLM, Kerberos and Radius follows. The focus is on the Kerberos which is chosen as a main authentication protocol. This is also a reason why the modification used in MS domains is described. The implementation and functional verification is placed in the second part which is more practical. The virtualization technology is used for an easier manipulation. The result is a computer network model requiring user authentication and minimizing the possibility of an attack by unauthorized clients.
|
|
|
Security elements of electronic banking
Blaha, Ondřej ; Albrecht, Jakub (advisor) ; Voříšek, Jiří (referee)
The aim of my bachelorel thesis is to give a comprehensive overview of the electronic banking area and its security, with main focus on safety features used for authentication. The theses describes the available forms of electronic banking and the principles and elements of authentication methods. The main contribution of this work is the analysis of the environment of electronic banking ČSOB Bank and evaluation of authentication methods that the bank offers its clients. The result is an assessment of the current security status and suggestions what should ČSOB bank focus on in this area.
|
|
|
Security elements of e-banking
Mohamed, Radouan ; Albrecht, Jakub (advisor) ; Voříšek, Jiří (referee)
This bachelor thesis provides a summary of currently used security elements in services of electronic banking. There is a description of the electronic banking of two Czech banks - Fio and Era, and those are also compared. In the last chapter there is a description of a theoretical attack on an e-banking service based on the findings of this thesis. The re-sult of the thesis is an evaluation of weaknesses of e-banking services and the description of the theoretical attack.
|
|
|
Biometrics as a security element in banking
Pavliščák, Matúš ; Albrecht, Jakub (advisor) ; Voříšek, Jiří (referee)
The aim of my Bachelor thesis is to provide a comprehensive overview of biometrics as an applied security element within the banking sector. It describes various methods of biometrics-centric identification and data-processing. The main contribution of this thesis is its analysis of the case study conducted by Innovatrics, "The Introduction of Apple Pay and MasterCard Platforms," both of which implement biometrics in banking. The result is an assessment of the current state of usage of biometrics in banks around the world, compared to those within the Czech Republic and Slovakia, and suggestions for what local banks should focus on within the field.
|
|
|
Autentizace síťových portů pomocí protokolu 802.1X ve firemním prostředí
Malinka, Tomáš
This thesis describes the draft and implementation of a new security with 802.1x in the corporate environment. The work is divided into two parts. The first part outlines the topic theoretically and the second part solves specific draft using 802.1x and its implementation in the corporate environment. The implementation is outlined with configuration of end clients, switches including RADIUS server and settings in AD. During the implementation, there is also described the authentication of devices by Mac Authentication Bypass.
|
|
|
Access and communication security in SAP information systems
Karkošková, Soňa ; Bruckner, Tomáš (advisor) ; Holub, Ilja (referee)
This diploma thesis deals with the methods used to ensure access and communication security in large-scale SAP information systems. It deals with the analysis of existing methods, compares them, and identifies how the methods are usable in the operation of large-scale SAP information systems, as well as it identifies methods that fail in this environment. Justification of methods usability is carried out. Attention is focused on the use and implementation of single sign-on safe authentication methods, secure sharing of user identity and secure communication within the framework of a large-scale SAP information system. In this thesis is carried out a design proposal of the architecture in order to ensure access and communication security in SAP information systems using the LDAP service, SNC Kerberos and single sign-on authentication. In the practical example is documented the detailed technical implementation of this architecture. Furthermore, this thesis deals with the specifics which exist especially in large-scale SAP information systems in the area of access and communication security and documents the appropriate ways to address them.
|
guest ::
