|
|
IP traffic performance
Bednář, František ; Martinásek, Zdeněk (referee) ; Mácha, Tomáš (advisor)
The master thesis „IP traffic performance“ is focused on traffic testing in IP networks. Theoretical section explains routing issue in an autonomous system. This work contains a detailed description of OSPF protocol. This work also deals with behavior of a link failure. There are described mechanisms that are used to link failure detection and subsequent traffic rerouting. The next section describes mechanisms to ensure quality of service. In master thesis are explained InterServ and DiffServ mechanisms. A large part is devoted to DiffServ mechanism that ensures distinction of data flows and classification packets into different classes. The routers than can process the individual data streams with different priorities. The practical section includes the design of experimental network and creation of simulation in Opnet Modeler. By using several scenarios are compared the characteristics of routing protocols and impact of QoS on the transmission characteristics of the network. Part of practical section is the improvement of OSPF protocol by adding a new metric and implementing a new metric in software suite Quagga.
|
|
|
Multimedia services in wireless networks
Bučina, Peter ; Martinásek, Zdeněk (referee) ; Mácha, Tomáš (advisor)
The main topic of my diploma thesis is dedicated to the issue of wireless networks mostly aimed at IEEE 802.11 standard. Theoretical part of the thesis is divided into three main chapters. It deals with basic overview of standards, architecture, utilization of radio spectrum and modulating techniques in signal processing. Further, it describes basic security measures and quality of service requirements in WLAN networks. The thesis is complemented by two separate laboratory assignments focused on procedure related to the chosen problematic. The first assignment handles common steps to break ciphered protocols WEP and WPA in WLAN’s. Linux software called Back Track 5 was used to provide complete package of tools for WLAN security tests. The second one is aimed at practical options on video streaming in converged wireless networks and also at remote access of mobile users to wireless IP camera video stream.
|
|
|
The new side channels in cryptography
Machů, Petr ; Stančík, Peter (referee) ; Martinásek, Zdeněk (advisor)
This thesis is focused on the side-channels in the cryptology. The main attention is paid to the side-channels, which allow an attack on a computer keyboard. Especially the acoustic side-channel is focused on. Through this channel are demonstrated two attacks on the keyboard. At first, the method of recognizing is described. The neural network was used for the recognition. Then, the demonstration attacks on the keyboard are described. The first demonstration is an attack in laboratory conditions and the other in terms of household conditions. The thesis describes two attacks from the record, through data recognition by neural networks to evaluate the actual demonstration of attack. The following describes the recommendations for disabling attack. The results are supplemented by graphs and discussed.
|
|
|
High-speed data transmission in mobile and wireless networks
Rosenberg, Martin ; Martinásek, Zdeněk (referee) ; Mácha, Tomáš (advisor)
The goal of the master’s thesis was to propose two laboratory exercises, integrating newly purchased devices HTC Desire and Nokia N900. Designed tasks bring new technologies and services to education process. The first task examines the configuration of branch exchange Asterisk PBX and analyzes SIP protocol. Part of exercise is concentrated on high-speed data transmission in mobile and wireless networks, regarding to usability of VoIP technology. The second exercise introduces to vulnerability of VoIP technology. It contains simulations of attacks on branch exchange Asterisk, DoS attack and discusses methods to secure VoiP communication. The part of this exercise examines usage of HTC Desire phone, instead of ordinary Wi-Fi access point.
|
|
|
Electromagnetic side channel attack
Nečas, Ondřej ; Martinásek, Zdeněk (referee) ; Stančík, Peter (advisor)
The aim of this thesis is, firstly, to design and create the measuring environment for the research of electromagnetic side-channel attacks in cryptography; and secondly, to inform readers about the basics of electromagnetic and power side-channel attacks which present effective ways of the modern cryptosystems’ cryptoanalysis. In the theoretical part, the basic side-channel attacks, including their history and models, are described. The main part is focused on the explanation of the basic principles of power and electromagnetic side-channel attacks. Then, the work describes the basic physical principles of electromagnetic fields; and also the methods which can be used to measure the electromagnetic field. An example of the origination of the electromagnetic field in microprocessors is included. In the next part of the work the theoretical foundation necessary for successful implementation of the measurement of electromagnetic fields on the PIC microprocessor is presented. Next part of the chapter is devoted to the AES encryption standard, the activity of which is examined in the practical part. Furthermore, the magnetic probes, designed according to the theoretical knowledge are described. Also the research environment is described in this chapter. The list of measuring instruments used in the practical part is also included. The practical part of the work deals with the implementation aspects designed to achieve the ideal measurement conditions, such as the choice of appropriate probe, the appropriate location and distance between the probe and the measured system, setup of the oscilloscope and signal synchronization. Furthermore, the measured electromagnetic waveforms for selected instructions are presented. After that follows an analysis of the individual rounds of the AES encryption standard; the analysis of whole AES standard is also included. Then, the methods of simple and differential electromagnetic analysis are implemented. With regard to the knowledge gained in the practical part of the work, the possible countermeasures implemented against the power and electromagnetic side channel attacks are described. The final part of the work comprises a brief review of results.
|
|
|
Cryptanalysis using neural networks
Budík, Lukáš ; Mačák, Jaromír (referee) ; Martinásek, Zdeněk (advisor)
This dissertation deals with analysis of current side canal by means of neural network. First part describes basis of cryptografy and dilemma of side canal. In the second part is theoretickly described neural network and correlative analysis. Third part describes practical analysis of calibres of current side canals by means of classifier which uses neural network in Matlab surrounding. This classifier is confronted with classifier which uses correlative analysis.
|
|
|
Smart Card side channels
Pospíšil, Karel ; Martinásek, Zdeněk (referee) ; Sobotka, Jiří (advisor)
The thesis is dealing with smart cards and describes the known types of side channel attacks. Smart card belongs into the group of the youngest and smartest cards. In the card body, made mostly from PVC, there is a chip inserted which contains a microprocessor.Side channel attacks are trying to use the leaking information from the physical implementation of the system while processing the cryptographic algorithm. The attacker is trying to use the leaking sensitive information because under certain circumstances it can be dependent on the input data. The theoretical part is devoted to description of smart cards, their types and their safety. It describes the classification of attacks on smart cards and includes the overview of selected cryptographic algorithms used in smart cards. It also describes selected physical and logical attacks and the most frequent side channel attacks. The thesis furthermore describes possibilities of measuring the voltage-current side channel. The practical part deals with used software and hardware. This section is devoted to the measurement of power specification of smart cards and to the analysis of processed information, using the oscilloscope and workstation with AD 622 card and Simulink development environment.
|
|
|
Modern cryptanalysis
Petřík, Tomáš ; Morávek, Patrik (referee) ; Martinásek, Zdeněk (advisor)
Issues of this thesis are focused on side-channel cryptanalysis. Particularly attention is paid to differential power analysis, when is simulated an attack on the cryptographic module for different conditions and for different structural features of this module. As the cryptographic module is used a PIC microcontroller, which is operating with AES symmetric encryption algorithm. For this purpose, a design of experimental printed circuit board was created. Then, this PCB was equipped only with the necessary components for the function of the cryptographic module. Cryptanalysis is aimed on current consumption of crypto module that is caused by execution of AddRoundKey instructions. Power consumption of PIC microcontroller is measured in depending on the size of power supply voltage, size of serial resistor, size of bypass capacitor, and this thesis also examines the influence of ambient temperature on power consumption of PIC. The measured values are graphically presented and then discussed.
|
|
|
Distributed systems for cryptoanalysys
Zelinka, Miloslav ; Martinásek, Zdeněk (referee) ; Sobotka, Jiří (advisor)
This work deals with crytpoanalysis, calculation performance and its distribution. It describes the methods of distributing the calculation performance for the needs of crypto analysis. Further it focuses on other methods allowing the speed increasing in breaking the cryptographic algorithms especially by means of the hash functions. The work explains the relatively new term of cloud computing and its consecutive use in cryptography. The examples of its practical utilisation follow. Also this work deals with possibility how to use grid computing for needs of cryptoanalysis. At last part of this work is system design using „cloud computing“ for breaking access password.
|
|
|
Wireless network attacks
Brusnický, Pavel ; Martinásek, Zdeněk (referee) ; Stančík, Peter (advisor)
Objective of this thesis is to point out to almost everywhere present flaw in realization of second level network security access to WiFi networks with using traffic tunneling over DNS protocol. Realization has been accomplished by existing utilities OzymanDNS, DNS2TCP, NSTX, Iodine, Heyoka. Measurements were done on realistic traffic on the network. The effort was to show outline of these implementations. Transfer speeds in some implementations can be marked as applicable thanks to high speeds, which are on the same level as broadband internet. Functionality was tested on WiFi network, where was also compromised PPTP VPN tunnel, its function was to provide security of the communication on wireless network due to absence of first level security mechanisms such as WPA, WPA 2 and so on, with the help of Asleap, which comes out of Cisco LEAP attack. At the end of the work are suggested possible countermeasures for securing network by the topology change of the network infrastructure or by implementing IDS.
|
guest ::
RSS feed.