|
|
Network attacks by Cain & Abel
Smékal, Lukáš ; Stančík, Peter (referee) ; Sobotka, Jiří (advisor)
This Master’s thesis is dealt in the local area network security, cryptographic algorithms, particular attacks on computer networks a practical application these attacks in local area networks. To application particular attacks is used the Cain & Abel program. The detailed manual for this program is created from the results of these attacks. This manual contains the exhibits of usage particular program tools and the attack application exhibits. This manual considers consequences of particular attacks and summarises achieved results during work with tools too. Master thesis closely deals with one of the program tools called RSA SecureID Token Calculator. Authentication via hardware tokens is contained in this Master thesis. Thesis contains the way of authentication using RSA SecureID Token Calculator without physical owning of the hardware token. Cain & Abel program shows and interprets why cashed passwords in operation system are dangerous and it shows methods how attacker can reveal this passwords from the operation system memory. This Master thesis is focused on sniffing credentials and passwords in local area networks and it is focused on cryptographic algorithms cracking for username and passwords revealing.
|
|
|
Random number generator
Zouhar, Petr ; Martinásek, Zdeněk (referee) ; Sobotka, Jiří (advisor)
The thesis deals with issues of random numbers, their generating and use in cryptography. Introduction of work is aimed to resolution of random number generators and pseudo--random number generators. There is also included often used dividing generators on software and hardware. We mention advantages and disadvantages of each type and area of their use. Then we describe examples of random and pseudorandom numbers, mainly hardware based on physical phenomenon such as the decay of radioactive material or use atmospheric noise. The following part is devoted to suggestion own random number generator and a description of its functionality. In the second half of the work we devote to the field of cryptography. We know basic types of cryptographic systems, namely symmetric and asymmetric cryptosystems. We introduce a typical representant the various type and their properties. At the end of the work we again return to our random number generator and verify the randomness generated numbers and obtained cryptograms.
|
|
|
Secure converter for an RS-232 standard to the Internet
Pokorný, Michal ; Mlýnek, Petr (referee) ; Koutný, Martin (advisor)
Master´s thesis tries to find a solution to make a secure transmission channel between virtual serial ports on the personal computer and the serial ports on the Rabbit RCM3700 development KIT. Today’s communications channels don't offer appropriate security of a whole communication. Therefore it depends on get-togethers, in order to realize this security themselves. This security means ensuring reliable transmission of data to be encrypted between parties so that any attacker is not able to read real-time, or eventually change them. As a result of this Master thesis is the design and implementation, which in addition to encryption algorithm provides sufficient security and authenticity of communication between the parties. As an encryption algorithm has been chosen widely used AES algorithm and as authentication algorithm has been chosen algorithm, which for authenticity requires knowledge of the secret key.
|
|
|
Cryptographic protocols in practice
Truneček, Petr ; Hajný, Jan (referee) ; Pelka, Tomáš (advisor)
The purpose of this work was first to describe the requirements for cryptographic protocols. Furthermore, the classification of these protocols should have been made with specific examples given. The aim of the next part of the work was to describe the methods which are suitable for description and modeling of cryptographic protocols. This work also addressed the analysis of cryptographic protocols by appropriate analytical means. The CSP method for modeling of the cryptographic protocols was applied in the practical part. The Yahalom protocol was selected as a protocol suitable for modeling. Two analysis was made. The first analysis concerned the standard version of the Yahalom protocol, which was tested to the requirements of cryptographic properties of the secrecy and authenticity. The second analysis was based on the possibility of disclosure of the key, including counterexamples and traces given by FDR. The first analysis did not reveal any weakening, in terms of two cryptographic properties. To demonstrate the possibility of FDR, Yahalom protocol was modified in order to cause the situation when the disclosure of keys appears. FDR then finds the exact procedure that an intruder must make to get the possession of the key.
|
|
|
Software support of education in cryptography area based on elliptic curves
Szturc, Jakub ; Sobotka, Jiří (referee) ; Burda, Karel (advisor)
The master‘s thesis is focusing on cryptography based on elliptical curves consists of four main parts. The first part provides an overview of the basic cryptographic and mathematical concepts. A key element of this work is the second part which are described in detail the mechanisms of counting two points on elliptic curve and counting point to themselves over the various fields. On this mechanism is based almost the entire issue. In the third section provides the best-known algorithms and protocols for key exchange, encryption and digital signature. The goal of this paper is to devise software to support teaching. This material is created as a web presentation, which described the theoretical foundations and the main characteristics of cryptosystems based on elliptical curves. The whole issue is supported by practical examples of calculations examples, there are also examples for independent work. Additionally, java applets are prepared that allow an interactive opportunity to try the basic parameters of curves, or verify the calculations.
|
|
|
Design of hardware cipher module
Bayer, Tomáš ; Stančík, Peter (referee) ; Sobotka, Jiří (advisor)
This diploma’s thesis discourses the cryptographic systems and ciphers, whose function, usage and practical implementation are analysed. In the first chapter basic cryptographic terms, symmetric and asymetric cryptographic algorithms and are mentioned. Also usage and reliability are analysed. Following chapters mention substitution, transposition, block and stream ciphers, which are elementary for most cryptographic algorithms. There are also mentioned the modes, which the ciphers work in. In the fourth chapter are described the principles of some chosen cryptographic algorithms. The objective is to make clear the essence of the algorithms’ behavior. When describing some more difficult algorithms the block scheme is added. At the end of each algorithm’s description the example of practical usage is written. The chapter no. five discusses the hardware implementation. Hardware and software implementation is compared from the practical point of view. Several design instruments are described and different hardware design programming languages with their progress, advantages and disadvantages are mentioned. Chapter six discourses the hardware implementation design of chosen ciphers. Concretely the design of stream cipher with pseudo-random sequence generator is designed in VHDL and also in Matlab. As the second design was chosen the block cipher GOST, which was designed in VHDL too. Both designs were tested and verified and then the results were summarized.
|
|
|
Application for digital signature and timestamping
Remiaš, Miroslav ; Burda, Karel (referee) ; Lambertová, Petra (advisor)
In general, the Internet represents an unsecured medium of data transfer. Besides the rising popularity of the Internet, the matters of safety are getting to the foreground of importance. Anybody would be able to gain access to the computer network or to other valuable information if no algorithm of verifying the genuineness of identity were used. It is necessary to secure not only the access to the documents but also the content itself, which could be modified during the transfer through an unsecured medium. Last but not least, without the discretion provided by cryptography, the information may become literally public. To provide security and protection for the communicating participants the problems mentioned above are solved with the help of cryptographic techniques. The verification of the identity and the integrity of messages, the credibility of document’s ownership and safe data transfer through an unsecured medium are all the aspects, which the field of communication security on the Internet, thus the public key infrastructure, deals with. The electronic signature, as a part of the security area, is one of many advertised themes nowadays in Czech Republic. The aim of this master’s thesis is to acquaint the reader with the necessary technological procedures of digital signature, such as cryptographic techniques, public key infrastructure and timestamp. The practical part of this thesis consists of a suggested implementation of a web application in the programming language ASP.NET, which forms a certification authority with an opportunity of claiming a timestamp to authorize timestamps. After the problematic of cryptography was explained in the first chapter, the term of electronic signature has been introduced in the second chapter. Very important information, as far as the electronic signature of documents is concerned, is the time of the document’s creation and the subsequent signature verification by an appropriate authority. So the following part of the thesis is dedicated to the timestamp and to the authority of its verification. The fourth section deals with the large scale of public key infrastructure. The fifth part focuses on the description of the support for the whole problem mentioned so far using Microsoft’s programming language ASP.NET. The final sixth chapter represents the practical part of the thesis, namely the web application itself, where the individual modules of the application with its functions are described.
|
|
|
Infrastructure of public keys
Bědajánek, Ondřej ; Malý, Jan (referee) ; Pust, Radim (advisor)
The subject of my thesis dscribes function and principles of the public key infrastructure as well as certificate authority. Under the operation system Linux was created self signed certificate authority. Web interface was devoloped in PHP for the purpose of the generation, distribution and rejection certificates. Configuration files for OpenVPN are included in the thesis and wireless security is achived by OpenVPN.
|
|
|
Software support for cryptography education
Stančík, Peter ; Vyoral, Josef (referee) ; Burda, Karel (advisor)
The main aim of this thesis was to study, choose and decribe techniques eligible for cryptography education. A pedagogically appropriate presentation for the selected techniques' principles was to be chosen. Another goal was to create an integrated modular web interface containing a calculator focused on cryptographic operations. The eligibility of techniques was assessed accordingly to the computing processes implied by these techniques and also accordingly to the ability of being presented in an illustrative way. A program simplifying calculations used in symetric and asymetric cryptography was designed and implemented. It disposes of a web interface and one of its parts is focused on steganographic techniques. On the other hand, any pedagogically appropriate presentation interconnecting this program with theoretical findings from this field was not found.
|
|
|
Secure peer-to-peer communication system
Eliáš, Luboš ; Koutný, Martin (referee) ; Cvrk, Lubomír (advisor)
The main aim of this master's thesis is to implement a common, secure and peer-to-peer communication system. The system has ability to automatically establish and run a secure end-to-end connection. It has this ability even if a network address translator is in the way to the destination system, without need of any explicit configuration of this translator. The security procedures of this system are in a transparent manner masked from individual applications, which had to solve this challenge in their own way. A responsibility for a security is delegate to an application-independent subsystem working within the core of an operating system. The security of this subsystem is based on capturing the outbound and inbound IP packets and their authentication and encryption. The system was successfully implemented in MS Windows XP operating system, in programming language C++. Transfer rate of communication tunnel in different network bandwidth speeds was measured. Result shows, that in the case of use the system on standard PC sold nowadays is practically no decrease of the transfer rate in comparison to a common channel.
|
guest ::
