|
|
Security and Privacy in IoT
Utěkal, Josef ; Dzurenda, Petr (referee) ; Malina, Lukáš (advisor)
The bachelor's thesis deals with the topic of security and privacy in the field of Internet of Things (IoT), for which resource constrained devices are typical. It is very important to find a suitable operating system that, in addition to low computational requirements, would also offer the desired functionality for these constrained IoT devices, such as real-time capabilities. OS RIOT seems to be the one for IoT. It enables you to run applications written in C language on any supported hardware -- in this bachelor's thesis specifically on Arduino Uno and Arduino Due. The thesis also describes several cryptographic libraries that are supported by OS RIOT. The aim is to implement selected cryptographic libraries and measure their computational and memory requirements on both Arduino devices. This is preceded by a theoretical and practical familiarization with OS RIOT, which is realized by creating the first project, and measuring the computational complexity of each cryptographic function of the WolfSSL library on the Raspberry Pi 4 Model B.
|
|
|
Web application of attribute-based authentication system
Klampár, Roman ; Malina, Lukáš (referee) ; Dzurenda, Petr (advisor)
This bachelor thesis deals with the creation of web applications for the issuer and verifier entities of an Attribute-Based Credentials system Adopsio. The web applications were implemented using the microframework Flask, the Vue.js framework, and the PostgreSQL database. The issuer application allows the creation of new digital certificates containing signed attributes. The second application is the verifier entity, for which a graphical user interface is created to manage the authentication script.
|
|
|
Web application on elliptic curve cryptography
Štark, Daniel ; Dzurenda, Petr (referee) ; Ricci, Sara (advisor)
Kryptografie na eliptických křivkách je v současné době nejpoužívanější formou asymetrické kryptografie. Teoretická část této práce je rozdělena na dvě kapitoly. První kapitola vysvětluje vybraná témata z algebry a teorie čísel, na kterých je kryptografie na eliptických křivkách postavená. Konkrétně se jedná o grupy, konečná tělesa, eliptické křivky a matematické principy dvou známých a hojně používaných protokolů -- ECDH a ECDSA. Druhá kapitola se zabývá popisem nástrojů, které byly použity k implementaci uživatelsky přívětivé webové aplikace, umožňující simulaci jak základních operací na eliptické křivce, tak i dvou výše zmíněných protokolů. Stěžejními nástroji, představenými v této kapitole, jsou matematický systém SageMath a framework Spring, určený k tvorbě webových aplikací v jazyce Java. Třetí kapitola této práce popisuje jak byly představené nástroje použity, tedy samotnou implementaci webové aplikace.
|
|
|
Attribute based authentication
Chwastková, Šárka ; Hajný, Jan (referee) ; Dzurenda, Petr (advisor)
This thesis deals with attribute based credentials. It describes attribute systems, their entities and properties generally. The work concentrates specifically on the attribute system Identity Mixer. The process of communication of the attribute system Identity Mixer is implemented in the language of JavaScript. Application is the web visualization, which describes protocols, entities and generally computes protocols of Identity Mixer with inputs of small numbers or predefined large numbers.
|
|
|
Access control system using multilevel authentication
Cvrček, Tadeáš ; Člupek, Vlastimil (referee) ; Dzurenda, Petr (advisor)
The master's thesis focuses on authenticated key agreement protocols and their implementation on MultOS smart cards platform and devices running Google Android operating system. Implemented applications use NFC (Near Field Communication) interface for communication with cellphone, Bluetooth technology for communication with smart watch and smart card as SAM (Secure Access Module) module in a verifier role. The source code is universal, so it is possible to use it in other projects.
|
|
|
Anonymous certificates for user authentication
Hlinka, Jan ; Malina, Lukáš (referee) ; Dzurenda, Petr (advisor)
Topic of this thesis is privacy protection when using anonymous certificate authentication. Today’s most common case of oversharing private data is proving Covid vaccination or Covid test results. This thesis describes and implements system that is using anonymous certficates. The system solves mentioned issues of current CovidPass authentication methods. The implementation is done on the Android platform in case of the user application and verifier application is run on Raspberry PI, which works as an access terminal.
|
|
|
Secure deployment and testing of oVirt platform
Vágner, Vojtěch ; Martinásek, Zdeněk (referee) ; Dzurenda, Petr (advisor)
Virtualizační platforma oVirt nabízí široké spektrum možných konfigurací. Avšak žádná z~těchto konfigurací není bezpečnou bez předchozího zásahu v kontextu slepého nasazení platformy. Bezpečné konfigurace jsou definovány bezpečnostními standardy, se kterými je daná konfigurace v souladu. Jelikož oVirt je komunitní projekt, není lehké tento typ softwaru certifikovat v oblasti bezpečnostních standardů. Certifikace v oblasti bezpečnostních standardů je drahou záležitostí. Naštěstí, oVirt sdílí stejný základ s produktem Red~Hat~Virtualization, vůči kterému jsou určité bezpečnostní standardy aplikovatelné (FIPS 140-2, DISA STIG, Common Criteria). Most mezi Red~Hat~Virtualization a oVirt dává možnost bezpečných konfigurací i pro oVirt. Záměr této práce je následně určit, které konfigurace jsou podporovány danými standardy, tedy bezpečné, a jak ověřit, že jsou přítomné v dané nasazené platformě. To je realizováno pomocí skriptu ve formě Ansible Playbook, který zahrnuje Ansible Role. Každá role v rámci skriptu obhospodařuje evaluaci shody pro daný bezpečnostní standard.
|
|
|
The security risks of authentication methods
Dzurenda, Petr ; Babnič, Patrik (referee) ; Rosenberg, Martin (advisor)
Master's thesis deals with the security risks of current authentication methods. There are described methods which are based on user's knowledge and ownership of authentication object and biometric authentication method. The practical part of this Master's thesis deals with a specific design of authentication system based on protocol ACP, when the user proves his identity by smart card on provider assets, which is represented by ACP portal on the user's computer.
|
|
| |
|
|
Cryptography on constrained devices
Hlinka, Jan ; Dzurenda, Petr (referee) ; Hajný, Jan (advisor)
This thesis describes the implementation of a verifier, revocation authority and issuer side of an attribute authentication algorithm, using device with limited performance capabilities. Chosen scheme, RKVAC, functions as an attribute authentication protocol. Which are a protocols designed to protect private user data. RKVAC Scheme complies with Privacy by Design and Privacy by Default principles, which are a part of regulations such as GDPR (General Data Protection Regulation) and eIDAS (Electronic Identification and Trust Services).
|
guest ::
