|
|
Cryptanalysis of modern cryptographic devices
Fördős, András ; Člupek, Vlastimil (referee) ; Martinásek, Zdeněk (advisor)
The thesis focuses on power analysis of modern cryptographic modules. The first part contains a brief introduction to the topic of the power side channel and basic methods of analyzes. The text describes the process of comparison of modules and a short description of devices found. In the practical part two modules has been selected for the implementation of the encryption algorithm AES-128. The first module was the chip card Gemalto .NET v2 and the second one was the Raspberry Pi. A workplace has been created for these modules which allowed to measure the power consumption of the algorithm AES. Differential Power Analysis has been made using the captured results. In its conclusion the work presents the results in tables and samples of source codes. Graphs were made from the results captured on the Raspberry Pi and from the results of the Differential Power Analysis.
|
|
| |
|
|
The security risks of authentication methods
Dzurenda, Petr ; Babnič, Patrik (referee) ; Rosenberg, Martin (advisor)
Master's thesis deals with the security risks of current authentication methods. There are described methods which are based on user's knowledge and ownership of authentication object and biometric authentication method. The practical part of this Master's thesis deals with a specific design of authentication system based on protocol ACP, when the user proves his identity by smart card on provider assets, which is represented by ACP portal on the user's computer.
|
|
|
Payment card systems
Flégl, Jan ; Pelka, Tomáš (referee) ; Morský, Ondřej (advisor)
The work is about payment card systems. We’d like to describe infrastructure of credit cards, ATMs, POS terminals , focusing on the EMV standard. In theoretical part we will be introduced with the history and development of credit cards, ATMs and POS terminals. Then we focus on a detailed description of payments terminals and possibilities of payment via the Internet. The most extensive theoretical part deals width EMV standard. In practical part we will make our own program, which authenticates the user based on his credit card and it will allow the user to login in the system. Source codes of this application can be found on enclosed CD.
|
|
|
Smart Card side channels
Pospíšil, Karel ; Martinásek, Zdeněk (referee) ; Sobotka, Jiří (advisor)
The thesis is dealing with smart cards and describes the known types of side channel attacks. Smart card belongs into the group of the youngest and smartest cards. In the card body, made mostly from PVC, there is a chip inserted which contains a microprocessor.Side channel attacks are trying to use the leaking information from the physical implementation of the system while processing the cryptographic algorithm. The attacker is trying to use the leaking sensitive information because under certain circumstances it can be dependent on the input data. The theoretical part is devoted to description of smart cards, their types and their safety. It describes the classification of attacks on smart cards and includes the overview of selected cryptographic algorithms used in smart cards. It also describes selected physical and logical attacks and the most frequent side channel attacks. The thesis furthermore describes possibilities of measuring the voltage-current side channel. The practical part deals with used software and hardware. This section is devoted to the measurement of power specification of smart cards and to the analysis of processed information, using the oscilloscope and workstation with AD 622 card and Simulink development environment.
|
|
|
Side channel attacks on chip cards
Matějka, Jiří ; Morský, Ondřej (referee) ; Martinásek, Zdeněk (advisor)
This master thesis deals about the issues of chip cards’ side channels. Side channels are new method in cryptanalysis. Unlike classical cryptanalysis, which looks for weaknesses of mathematical structure of algorithms, side channel’s analysis use weaknesses of physical implementation of these algorithms. First part describes chip cards, their usage a security. There is mentioned the issue of cryptographic algorithms and their implementation on smart cards. There are described well-known side channels and examples of their abuse. Practical part of this thesis is focused on a proposal of a laboratory task, which demonstrates power-based side channel attack on smart card. There is designed laboratory workplace for this task, software for measurement and analysis is implemented in development tool LabVIEW. In the last part is this attack realized, the target of this attack is a standard SIM card.
|
|
|
Payment cards on the Internet
Škop, Roman ; Matuštík, Ondřej (advisor) ; Zaoral, Ondřej (referee)
The bachelor thesis brings the view of the historic, current and the future development of this payment instrument, a typology of credit cards, complete with the introduction of new contactless payment cards. Furthermore, the thesis focuses on their use and also deals with topics closely related to payment cards since their beginnings, which are security and risks, whether in cash withdrawals from ATMs, during the payment at merchants or at a convinient and increasingly popular shopping on the Internet. The final part of the thesis provides an analysis of current state of payment cards in the Czech republic, including an overview of current payment card offers from leading Czech banks.
|
|
|
Internal Certification Authority
Kolb, Jiří ; Pavlíček, Luboš (advisor) ; Bumbala, Jan (referee)
With the rising number of internet users emerged the need for mutual authentication and secure communication. In the open environment of the Internet, this service is provided by a trusted third party using asymetric cryptography. This trusted third party - called Certification Authority - provides identification of the communication partners and the security of their communication through certificates it issues. Many large companies use certification authorities today. The goal of my thesis is the design and implementation of a CA for a small company, along with an evaluation of the benefits of introducing this new technology.
|
|
|
Čipová karta jako elektronický identifikátor pojištěnce v ČR a EU.
Němcová, Eva ; Lešetický, Ondřej (advisor) ; Střítecký, Rudolf (referee)
This diploma work analytically examines data resources and conditions for the implementation of an electronic identifier for an insured person in the Czech Republic with relation to the Europian Union. It describes the concept of a single electronic identification method and the possibilities for the utilization of different technologies and extreme situations that may arise in connection with the deficiencies of the judicial code, that would clearly work manipulation with the personal data, its security and access to it. Here compared in this work are the merits and disadvantages of the implementation or adversely the non-implementation of the electronic identifier via a cost-benetfit analysis that gives an answer to the economic question about the implementation of the project, and also describes the benefits for each group of beneficiaries.
|
|
|
The Usage of Smart Cards in the Area of Digital Signature
Jirovský, Tomáš ; Toman, Prokop (advisor) ; Obruča, Jan (referee)
This master thesis deals with the usage of smart cards in the area of digital signature. The descriptive part of this work outlines the basic principles of digital signature, smart cards typology and current most important application areas of smart cards. The first aim of the analytic part of this work is to evaluate actual situation on the smart cards market and to estimate future market trends. The second aim is to provide summary of new technological trends and areas, in which the usage of smart cards can be expected. These new technological trends and areas are described on the basis of survey, which was realized in the company OKsystem. Part of this work serves information about practical solution OKsmart and the analysis of its future development trends.
|
guest ::
