|
|
Hardware accelerated data transfer using TLS protocol
Zugárek, Adam ; Pokorný, Jiří (referee) ; Smékal, David (advisor)
This paper describes implementation of the whole cryptographic protocol TLS including control logic and used cryptographic systems. The goal is to implement an application in the FPGA technology, so it could be used in hardware accelerated network card. The reason for this is new supported higher transmission speeds that Ethernet is able to operate on, and the absence of implementation of this protocol on FPGA. In the first half of this paper is described theory of cryptography followed by description of TLS protocol, its development, structure and operating workflow. The second half describes the implementation on the chosen technology that is also described here. It is used already existing solutions of given cryptographic systems for the implementation, or at least their parts that are modified if needed for TLS. It was implemented just several parts of whole protocol, such are RSA, Diffie-Hellman, SHA and part of AES. Based on these implementations and continuing studying in this matter it was made conclusion, that FPGA technology is inappropriate for implementation of TLS protocol and its control logic. Recommendation was also made to use FPGA only for making calculations of given cryptographic systems that are controlled by control logic from software implemented on standard processors.
|
|
|
Generator of illegitimate network traffic
Blažek, Ondřej ; Smékal, David (referee) ; Blažek, Petr (advisor)
The diploma thesis deals with the problems of DoS/DDoS attacks and development of a tool, in C lanugage, for generating them. In the first chapter the principles of DoS attacks targeting the internet and transport layers of ISO/OSI model are described and also according to their characteristics divided. Selected attacks on the application layer are also described here in detail togehter with protocols which they are based on. In the following chapter there has been created a comparison of freely available tools, which could be used as a attack generators. The practical part is dedicated to a development of a tool for DoS attacks, especially design, general description and usage. Further there is a summary of the newly created library, including results of web server testing, and extensions of a web interface, which is part of the developed tool.
|
|
|
Mobile Application for Controlling Smart Home Devices
Masár, Andrej ; Smékal, David (referee) ; Hošek, Jiří (advisor)
The objective of this thesis is the issue of the Internet of Things and its application as a Smart Home. The work describes the design and implementation of a native mobile application for Android to control the elements of a Smart Home. The application communicates with the Smart Home using the MQTT protocol. The resulting application demonstrates the control of devices in a Smart Home according to the MQTT2GO convention.
|
|
|
Privacy protection in cloud
Chernikau, Ivan ; Smékal, David (referee) ; Dzurenda, Petr (advisor)
In the Master’s thesis were described privacy protection problems while using cloud technologies. Some of the problems can be solved with help of homomorphic encryption, data splitting or searchable encryption. These techniques were described and compared by provided security, privacy protection and efficiency. The data splitting technique was chosen and implemented in the C language. Afterwards a performance of the implemented solution was compared to AES encryption/decryption performance. An application for secured data storing in cloud was designed and implemented. This application is using the implemented data splitting technique and third-party application CloudCross. The designed application provides command line interface (CLI) and graphical user interface (GUI). GUI extends the capabilities of CLI with an ability to register cloud and with an autodetection of registered clouds. The process of uploading/downloading the data to/from cloud storage is transparent and it does not overload the user with technical details of used data splitting technique.
|
|
|
Localization of interesting points in power analysis
Vaněk, Stanislav ; Smékal, David (referee) ; Martinásek, Zdeněk (advisor)
Nowadays there are very high demands on security of cryptographic devices due to the increasing number of exploitation. Because of these reasons it is necesary to know the principles of security and their flaws. This thesis deals with the method of localization of interesting markers in current analysis. The aim of the thesis is to analyze this methods and their potential implementation in practise.
|
|
|
Applied use of DSP blocks in Intel FPGA
Kondys, Daniel ; Pokorný, Jiří (referee) ; Smékal, David (advisor)
This bachelor's thesis explores the utilization of DSP blocks located particularly on FPGA Stratix 10 DX 2800 for the implementation of a counter and a comparator. In the theoretical part, topics such as the protocol Ethernet, the FPGA technology and its relation with Network Interface Controllers are explained, followed by a~description of general design flow for digital circuits on FPGAs and a detailed insight on DSP blocks in the Virtex UltraScale+ XCVU7P and Stratix 10 DX 2800 FPGAs. The practical part focuses on the design, implementation and testing of the counter and comparator, followed by measurements of their impact on FPGA's resource utilization and maximum frequency. Lastly, it describes the integration of these components into modules that are part of the COMBO-400g1 Network Interface Connector firmware and analyzes their impact on FPGA's resource utilization and maximum frequency.
|
|
|
Web application for data transfer using TLS protocol
Dzadíková, Slavomíra ; Slavíček, Karel (referee) ; Smékal, David (advisor)
The work deals with web application development, implementation possibilities of web application, secure communication between server part and client part. Protocol HTTPS (Hyper Text Transfer Protocol) and TLS (Transport Layer Protocol) are described in more detail way, also the issue of PKI (Public Key Infrastructure). The work also covers authentication and authorization methods which are used in web applications, and the most common attacks according OWASP TOP 10. Technologies, programming languages and environments, which have been used: Python, Flask, Bootstrap, OpenSSL, Nginx, Nessus, JMeter, Lighthouse.
|
|
|
Hardware generation of cryptographic-safe primes.
Kabelková, Barbora ; Smékal, David (referee) ; Cíbik, Peter (advisor)
The bachelor's thesis deals with the topic of prime numbers and their generation. It briefly introduces prime numbers and points out the importance of secure primes in cryptography. It gives examples of asymmetric ciphers and closely analyses RSA algorithm. The thesis then presents some pseudo-random and true-random methods of generating sequences of numbers and compares their properties. It evaluates the most used primality tests, both probabilistic and real, based on their applicability in practice. It suggests several combinations of primality tests with generating methods and chooses one to implement on FPGA. The thesis describes the implementation of a generator that generates a sequence of numbers using the von Neumann middle-square method and subsequently uses the Miller-Rabin test to find primes between those numbers. Key processes of the proposed generator are explained and illustrated. The proposed implementation is simulated and synthesized in the Xilinx Viavado environment. The individual parts of the generator are tested using several behavioral simulations. Finally, the thesis comments on the conducted simulations and evaluates the properties of the proposed implementation.
|
|
|
Priority packet queues in FPGA
Németh, František ; Sládok, Ondřej (referee) ; Smékal, David (advisor)
Master thesis is dealing with issues and problems of packet queue management in high speed packet networks. Design implementation is made in VHDL hardware description language. In theoretical part of thesis are explained different types of mechanism used for providing quality of service in communication networks. Furthermore the brief description o VHDL, FPGA and framework Netcope Development Kit is a piece of theoretical part as well. The outcome of practical part contains a design, limiting packet queues based on Tocken Bucket mechanism. Design verification was made by simulations, synthesis and real implementation on smart NIC NFB-200G2QL. All kind of verificaion results are summerized in last three chapters.
|
|
| |
guest ::
RSS feed.