|
|
Privacy-Enhancing Technologies and Privacy-Enhancing Cryptography for Wearables
Casanova-Marqués, Raúl ; Pendo,, Cristiano Gonçalves (referee) ; PhD, Lukasz Michal Chmielewski, (referee) ; Hajný, Jan (advisor)
The increasing concern surrounding privacy and the safeguarding of digital identities has emphasized the pressing necessity of establishing secure and confidential communication channels. This concern has led to the development of cryptographic mechanisms aimed at facilitating impervious information exchange. Nevertheless, traditional cryptographic approaches are proving insufficient in dynamic and resource-constrained environments, such as wearable devices. As a result, attribute-based credential schemes have emerged as a promising solution, offering fine-grained access control to digital services based on user-specific attributes. This doctoral thesis examines the efficacy and scalability of attribute-based anonymous credential schemes in ensuring the authenticity and security of users within dynamic architectures of wearable devices. It also explores enhancements to these schemes, with a primary focus on incorporating user revocation while maintaining privacy. Additionally, the thesis presents devised mechanisms to enable attribute-based authentication protocols on smart cards with limited support for elliptic curve cryptography. It addresses specific challenges associated with the usability of smart cards. Moreover, the thesis investigates the integration of anonymous authentication schemes in collaborative indoor positioning systems, aiming to provide privacy and security. Lastly, it explores the implementation of attribute-based authentication schemes in resource-constrained environments, with an emphasis on Internet of Things devices, and evaluates their feasibility within the dynamic architectures of wearable devices. The first contribution of this thesis introduces a purposefully designed protocol for anonymous authentication on smart cards. This protocol combines attribute-based credentials and user revocation while ensuring computational efficiency. To facilitate effective implementation and evaluation, the thesis employs smart cards equipped with the MULTOS operating system. The second contribution focuses on optimizing the capabilities of smart cards using Java Card technology for the implementation of attribute-based credential schemes. These smart cards are presented as a more accessible alternative for a wider consumer base. To overcome limitations in their application programming interface, the thesis devises strategies to augment the constrained support for elliptic curve cryptography and effectively implement such schemes. The third contribution presents the Privacy-Enhancing Authentication System, a robust solution compatible with smart cards, smartphones, and smartwatches. This system addresses the functional challenges associated with smart cards, including the absence of a graphical interface and limited user control over attribute disclosure. Consequently, it offers a practical and deployable solution for real-world scenarios. Finally, the thesis proposes a groundbreaking scheme to safeguard collaborative indoor positioning systems by addressing both privacy and security concerns. This scheme ensures the preservation of privacy and security by eliminating centralized architectures and employing encryption techniques for positioning information. The thesis includes comprehensive details such as protocol use cases, implementation specifics, execution benchmarks, and a comparative analysis with existing protocols.
|
|
|
Quantum and Post-quantum Cryptography
Krivulčík, Andrej ; Ricci, Sara (referee) ; Hajný, Jan (advisor)
S pokrokom v rozvoji kvantových počítačov prichádza hrozba prelomenia algoritmov ktoré sa používajú pri bežnej komunikácii. S týmto vzniklo odvetvie pre post-kvantovú kryptografiu ktoré vyvíja algoritmy odolné voči kvantovým počítačom. Cieľom tejto diplomovej práce naštudovanie metód pre kombináciu a využitie kľúčov ustanovených pomocou kvantových a post-kvantových algoritmov takým spôsobom, keby pri došlo k prelomeniu jedného z daných algoritmov tak výsledný hybridný klúč bude stále bezpečný. Výsledný klúč je následne využitý pri šifrovaní súboru pomocou AES--256 ktorý je zaslaný medzi klientami.
|
|
|
Digital certificates and certificate authorities
Lepa, Ondřej ; Hajný, Jan (referee) ; Člupek, Vlastimil (advisor)
This diploma thesis deals with certification and certification authorities, certification path PKI and principles of its validation and security. Also deals with structure of certificate itself and possible misuse of included information. Moreover, possibility of misues of third party certificates and proclamation of untrusted certificate to client's system.
|
|
|
Security analysis of network protocols
Bednařík, Jan ; Sobotka, Jiří (referee) ; Hajný, Jan (advisor)
The aim of my bachalor’s thesis is security of net protocols analysis. Because of the huge number of net protocols, I’ve decided to choose only a few of them to describe. My task is to describe the TCP/IP model structure in term of security, so I have chosen to devide my thesis into two separate parts. The first part contains describtions of particular TCP/IP layers and adumbration of possibilities of securing. The second part contains more accurate describtions of some chosen protocols, mostly the case of their security. At the close of my work it is my task to describe some utilities and methods which can be used to accomplish an successful attack on chosen net protocols. I have chosen protocols HTTP, FTP and SSL. As the utilities I have chosen programs Wireshark, Brutus and SSLSTRIP.
|
|
|
Design methods for computer networks
Božek, Martin ; Stančík, Peter (referee) ; Hajný, Jan (advisor)
Bacherol‘s thesis deals with a topic of a suitable computer network design for a mid-sized infrastructure, its security and router and firewall realization. This boundary element is able to manage basic processes of network controlling between inner and outer network. There is a brief analysis of OSI model but we focused our attention on TCP/IP model more closely. Our project includes description and outlines an importance of the most common elements of the particular network type and their contribution to the security. Description of the three most frequent topologies of the infrastructure type follows. On the basis of the found information, we have chosen and analysed the most suitable topology from the security point of view. The result of the theoretical part is a network model proposal. In the practical part, some our findings are tested and implemented in a real setting. We used a technology of virtualization for the final realization and testing. Thanks to the virtualization used for realization and testing, we could configure the router and the firewall, which are boundary elements that separate the inner network from the Internet.
|
|
|
Alternative methods in cryptology
Hampl, Dalibor ; Doležel, Radek (referee) ; Hajný, Jan (advisor)
In the first part of this thesis explains, what is generally cryptography, generally analyze the problem of the current encryption methods. These include asymmetric, symmetric and hybrid encryption methods. The second part focuses on the theory of lattices and their main mathematical problems, then the shortest vector problem, the closest vector problem, the approximate shortest vector problem and the approximate closest vector problem. Mathematically difficult problems of lattice are used in an encryption method GGH for asymmetrically encrypted communications method and GGH for digital signatures. It explains mathematical methods, which use these encryption methods. Another part of this thesis deals with the encryption method and the establishment of XTR on Diffie-Hellman protocol, thus XTR-DH. It explains mathematical methods, which use methods XTR, XTR-DH and Diffie-Hellman protocol. There are shown the main mathematical problems for this part of thesis DHP (Diffie-Hellman problem) and DLP (discrete logarithm problem). The fourth part focuses on a program designed to demonstrate the GGH encryption method for asymmetrically encrypted communications. Describes the structure, functionality, graphical part of the program and shows to a user interface. Students can test how the GGH encryption method behave when entering different input values. During the work with the program, the user should obtain sufficient information to understand the principles of this encryption method.
|
|
|
Legal Aspects of Fighting Cybercrime
Dostál, Otto ; Vlček,, Martin (referee) ; Šárek, Milan (referee) ; Hajný, Jan (advisor)
The thesis deals with the topic of computer crime. Foremost, it demonstrates on an example of the operation of a medical image information processing system some selected aspects of this issue. It shows that it is always necessary to monitor the current state of the technical knowledge at the time, but also the need of addressing the issue within the corresponding legal limits. The thesis presents criminal law reality as a complex system. The links between different parts of the system are examined, and possible shortcomings are considered. The legal instruments and legal limits of the procedures that can be used against cybercrime are evaluated. The thesis focuses especially on the issue of obtaining evidence under the Czech Criminal Procedure Code. It presents a proposal on how to understand individual procedural legal institutes and for what purposes and how to use them. Consequently it suggests legal procedures for specific selected practical situations.
|
|
|
Elliptic curve based cryptosystems
Křivka, Petr ; Hajný, Jan (referee) ; Stančík, Peter (advisor)
In this bachelor thesis is examined problems elliptic curve cryptosystems. It is described mathematical underground, which use these systems. In more details is analyzed arithmetic finite fields. An important part of this work is the analysis of elliptical curves in cryptography. Among analyzed algorithms include e.g. ECDH or ECDSA. In conclusion is designed software solution, which helps in the study cryptosystems based elliptic curves. It allows basic operations over prime field.
|
|
|
Attribute based authentication
Chwastková, Šárka ; Hajný, Jan (referee) ; Dzurenda, Petr (advisor)
This thesis deals with attribute based credentials. It describes attribute systems, their entities and properties generally. The work concentrates specifically on the attribute system Identity Mixer. The process of communication of the attribute system Identity Mixer is implemented in the language of JavaScript. Application is the web visualization, which describes protocols, entities and generally computes protocols of Identity Mixer with inputs of small numbers or predefined large numbers.
|
|
|
Hash functions and their usage in user authentication
Piller, Igor ; Stančík, Peter (referee) ; Hajný, Jan (advisor)
This thesis concerns with hash functions and their usage in authentication. It presents basics of hash functions theory and construction elements. In particular the thesis focuses on LMHash, MD4, MD5 and SHA family hash functions, which are compared from the security point of view. The thesis describes in general the most frequently used hash function attacks, points out the weaknesses of current construction and mentions the future perspective of hash functions. Furthermore the thesis outlines the area authentication and describes usage of hash functions in the area. Practical part of the thesis contains an implements of a general authentication framework implemented in programming language C#. The result is client and server applications, in which two selected authentication methods were successfully tested. The result implementation is flexible with respect to the possible future use of other authentication methods.
|
guest ::
RSS feed.