|
|
Crytographic attacks on TLS protocol
Oupický, Jan ; Tůma, Jiří (advisor) ; Boháček, Milan (referee)
The aim of this work is to introduce the reader to the protocol TLS and a few selected attacks against the protocol. In the first part we will define the necessary cryptographic definitions used in the following chapters. In the second part we will briefly talk about the history of procotols TLS and SSL and then we will closely look into how they work. The last part is about the analysis of the chosen cryptographically interesting attacks (Padding oracle on CBC mode, POODLE, BEAST and CRIME) against protocols TLS and SSL. 1
|
|
|
Analysis of Virtual Machine based obfuscation
Středa, Adolf ; Boháček, Milan (advisor) ; Bálek, Martin (referee)
Software systems may contain sensitive data that should be protected. In a scenario, where an analyst has full access to the system, it may be desirable to transform the program to become harder to understand and reverse-engineer, while preserving the original functionality of the program. Machine code obfuscation tackles this problem by adding complexity to the pro- gram's control flow, a programming idiom removal, and various abstractions. Specifically, WProtect is an obfuscation engine that utilises a stack virtual ma- chine and its own instruction set to achieve these properties. In this thesis, I will analyse WProtect obfuscation engine, its obfuscation algo- rithms and present a generic approach to an extraction of a code protected by WProtect. Furthermore, I will design a generic framework for a static code ex- traction that is tweakable in order to support different WProtect configurations. Several improvements to WProtect, both in terms of configuration and design, will also be proposed. These proposals mostly intend to mitigate vulnerabilities that are exploited in the code extraction, however, several proposals shall also include improvements specifically targeting static analysis prevention. 1
|
|
|
Looking for Weak States of RC4 by Means of Waiting Tables
Čížek, Jan ; Drápal, Aleš (advisor) ; Boháček, Milan (referee)
AbstractEN.txt 07/23/2018 09:51:19 AM Page 1 of 1 Waiting Tables were introduced by Drápal and Hojsík in 2006 to study weak states of the stream cipher RC4. This thesis revisits Waiting Tables and some of their most important properties. An equivalent model from graph theory, called Waiting Paths, is established in this work and the equivalence of the two models is proved. Afterwards, Waiting Matrices are defined and used for the analysis of a subclass of Waiting Paths.
|
|
|
Audiovisual cryptography
Zpěváček, Marek ; Tůma, Jiří (advisor) ; Boháček, Milan (referee)
This work examines the visual cryptography, which was introduced in 1995 by Moni Naor and Adi Shamir. It is a cryptosystem which allows us to share a secret among many users and reconstruction of secret can be done by human visual system only. Firstly, the relevant notations are defined and related theorems are proved. Additionally, some basic schemes and a general (k, k)-scheme are described. Main part of this work consists of an algorithm for creating general (k, n)-scheme. For every scheme, we prove its security and reconstruction correctness. Finally, we briefly mention a few possible extensions. Powered by TCPDF (www.tcpdf.org)
|
|
|
Key reconstruction from the inner state of RC4
Sladký, Lukáš ; Boháček, Milan (advisor) ; Drápal, Aleš (referee)
In the present work we analyse the key scheduling algorithm of the RC4 stream cipher. The internal permutation generated by the algorithm is biased towards the secret key which can be utilized in the key recovery attempts. Multiple sources were combined to provide proven formulae for these biases. We have completed missing proofs, experimentally verified resulting probabilities and created examples to illustrate usage of the biases in key recovery attempts. This together with methods for extracting information about the secret key gives analysis of the key scheduling algorithm. We have also selected an efficient key retrieval algorithm and implemented an improved version which results in better success probabilities of the key recovery. We have also provided a tool for extracting the key from a permutation obtained by the key scheduling algorithm. Powered by TCPDF (www.tcpdf.org)
|
|
|
Bitcoin digital currency
Deptová, Lucie ; Boháček, Milan (advisor) ; Hojsík, Michal (referee)
In 2009 Satoshi Nakamoto started the electronic payment system and virtual cash Bitcoin for the first time. Bitcoin has to guarantee some level of security as well as other digital currencies. It's necessary to prevent double- spending or it's required to provide anonymity of payments. The diference between Bitcoin and most of the other virtual currencies is absence of any trusted party which would provide demands mentioned above. In this paper we describe the structure and properties of basic elements of this payment system. In the mean time we explain methods how to deal with the fact that Bitcoin is completely decentralized. The paper gives complex and detailed information which you can find only in official source code of bitcoin client or in many separated and particular articles. 1
|
|
|
Analysis of voice over IP protocols
Boháček, Milan ; El Bashir, Robert (advisor) ; Hojsík, Michal (referee)
In the presented work we focus on both implementation and protocol of the voice over IP application Skype. We analyse several versions of Skype clients and deduce inner workings of the Skype protocol. We present details about the cryptographic primitives used by the Skype clients and their impact on the security of the communication. We emphasize several places of suspicious leaks of the internal states of random generators and deduce rules for the detection of the Skype traffic on the firewall. In the end, we mention a simple enhancement of the current Skype clients that, in practice, can detect an ongoing eavesdropping.
|
|
| |
guest ::
RSS feed.