|
|
Software support of teaching of cryptography protocols
Marek, Tomáš ; Lambertová, Petra (referee) ; Burda, Karel (advisor)
Document contains informations about authentication, encryption, data integrity and data authenticity. Next part includes description of well know cryptography protocols, their functions and also their weaknesses. All of these acquired informations were used in concept and final software support for teaching of cryptography protocols, which is able to run on clasic web-browser. Thats why the application was designed as web PHP pages using JavaScript and AJAX, which ensures plaform and OS architecture independency. Besides the descripted and ilustrated part of application there are also interactive parts and animations. The last period contains description of education software and its functions. Source code can be found on the appended CD.
|
|
|
Security Protection efficiency improvement for Wireless Networks
Marušek, Michal ; Burda, Karel (referee) ; Škorpil, Vladislav (advisor)
Nowadays every wireless radio-communication services encompass huge type of technology used for transfer video, voice or data. Wireless communication is the most expanded branch and many companies are using this technology because of low cost and simply management. The biggest advantage is easy connection to shared wireless medium and allows users of network to move around whole covered area. The most expanded types of wireless networks are called Wireless LAN (WLAN). With rising number of WLANs is rising chance to attack shared wireless medium by hacker and many sensitive information can be stolen or modified. To avoid this chance was created the first security protocol used in WLAN called WEP. Its goal was protect data transmitted trough WLAN as strong as were protected in wired networks. Unfortunately WEP was hiding a big weakness which can be used in a crack of WLAN in a minute with the aid of special software. Example of this kid of software can be Airsnort constructed to monitor shared medium and captured every packet transferred trough this medium. Based on statistical method Airsnort can obtain hidden password in a few minutes. The second type of this software can be Aircrack-ng, which can crack hidden password without any user connected to WLAN. Aircrack-ng uses active techniques to generate network load and can obtain password more effectively and faster. The result of both cases was successful and protection of WLAN was completely cracked. Later was created new security protocol called WPA, which had to fix the cryptography weakness of previous WEP. WPA was only temporary security protocol, during standard 802.11 was developing which had to offer highest security and integrity protection of transferred data trough WLAN. For this reasons was created new version of WPA called WPA2 which satisfy requirements of standard 802.11i. Both protocols WPA/WPA2 contain weakness, which can crash security of WLAN. This crack is based on authentication PSK. Attacker during authentication is using information from four-way handshake between user of WLAN and access point. Based on this information attacker can crack password with the aid of password list attack which took approximately 30 minutes. Based on previous result is important to chose strong password contains alphanumeric string or special strings with satisfy length.
|
|
|
Security of wireless computer networks IEEE 802.11
Škodák, Jaroslav ; Jeřábek, Jan (referee) ; Koutný, Martin (advisor)
This work describes available and used standards, protocols and mechanisms used to secure IEEE 802.11 wireless networks. In the next section are listed vulnerabilities and possible attacks against different types of security. The principles of individual attacks on authentication, WEP security and WPA/WPA2 personal mode are described and realized using various software especially linux program aircrack-ng. Password for WEP security is obtained by passive eavesdropping data, using ARP replay injection and by creating own frames. The last two methods are used to generate traffic on the network, which is captured and then used to derive the WEP password. By injecting ARP frames, password was found in the number 60 000 captured frames and about 180 000 frames of data was needed for passive method. Decryption of WEP frame was done by fragment and KoreK chopchop attacks. This decrypted frame could be used to create fake frames and obtain WEP password. Brute force attack is realized for security WPA (WPA2) personal mode (often due to lack of strong password) by comparing password (passphrase) from password list. Speed of comparing is about 200 passwords/s.
|
|
|
Security Protection efficiency improvement for Wireless Networks
Marušek, Michal ; Burda, Karel (referee) ; Škorpil, Vladislav (advisor)
Nowadays every wireless radio-communication services encompass huge type of technology used for transfer video, voice or data. Wireless communication is the most expanded branch and many companies are using this technology because of low cost and simply management. The biggest advantage is easy connection to shared wireless medium and allows users of network to move around whole covered area. The most expanded types of wireless networks are called Wireless LAN (WLAN). With rising number of WLANs is rising chance to attack shared wireless medium by hacker and many sensitive information can be stolen or modified. To avoid this chance was created the first security protocol used in WLAN called WEP. Its goal was protect data transmitted trough WLAN as strong as were protected in wired networks. Unfortunately WEP was hiding a big weakness which can be used in a crack of WLAN in a minute with the aid of special software. Example of this kid of software can be Airsnort constructed to monitor shared medium and captured every packet transferred trough this medium. Based on statistical method Airsnort can obtain hidden password in a few minutes. The second type of this software can be Aircrack-ng, which can crack hidden password without any user connected to WLAN. Aircrack-ng uses active techniques to generate network load and can obtain password more effectively and faster. The result of both cases was successful and protection of WLAN was completely cracked. Later was created new security protocol called WPA, which had to fix the cryptography weakness of previous WEP. WPA was only temporary security protocol, during standard 802.11 was developing which had to offer highest security and integrity protection of transferred data trough WLAN. For this reasons was created new version of WPA called WPA2 which satisfy requirements of standard 802.11i. Both protocols WPA/WPA2 contain weakness, which can crash security of WLAN. This crack is based on authentication PSK. Attacker during authentication is using information from four-way handshake between user of WLAN and access point. Based on this information attacker can crack password with the aid of password list attack which took approximately 30 minutes. Based on previous result is important to chose strong password contains alphanumeric string or special strings with satisfy length.
|
|
|
Software support of teaching of cryptography protocols
Marek, Tomáš ; Lambertová, Petra (referee) ; Burda, Karel (advisor)
Document contains informations about authentication, encryption, data integrity and data authenticity. Next part includes description of well know cryptography protocols, their functions and also their weaknesses. All of these acquired informations were used in concept and final software support for teaching of cryptography protocols, which is able to run on clasic web-browser. Thats why the application was designed as web PHP pages using JavaScript and AJAX, which ensures plaform and OS architecture independency. Besides the descripted and ilustrated part of application there are also interactive parts and animations. The last period contains description of education software and its functions. Source code can be found on the appended CD.
|
|
|
Security of wireless computer networks IEEE 802.11
Škodák, Jaroslav ; Jeřábek, Jan (referee) ; Koutný, Martin (advisor)
This work describes available and used standards, protocols and mechanisms used to secure IEEE 802.11 wireless networks. In the next section are listed vulnerabilities and possible attacks against different types of security. The principles of individual attacks on authentication, WEP security and WPA/WPA2 personal mode are described and realized using various software especially linux program aircrack-ng. Password for WEP security is obtained by passive eavesdropping data, using ARP replay injection and by creating own frames. The last two methods are used to generate traffic on the network, which is captured and then used to derive the WEP password. By injecting ARP frames, password was found in the number 60 000 captured frames and about 180 000 frames of data was needed for passive method. Decryption of WEP frame was done by fragment and KoreK chopchop attacks. This decrypted frame could be used to create fake frames and obtain WEP password. Brute force attack is realized for security WPA (WPA2) personal mode (often due to lack of strong password) by comparing password (passphrase) from password list. Speed of comparing is about 200 passwords/s.
|
guest ::
