|
|
Software and Hardware Based Fault Injection Attacks against the CPU and MCU
Lörinc, Marek ; Hanáček, Petr (referee) ; Perešíni, Martin (advisor)
The thesis deals with attacks that cause faults in CPU and MCU calculations. A short voltage change in CPU or MCU is used to trigger the error. The theoretical part of the thesis deals with the description of how to cause and exploit these errors. This section also describes the most well-known protection against hardware attacks, which is a trusted execution environment (TEE). Inject a fault to TEE is the primary target of fault attacks. The practical part deals with the replication of PlunderVolt and VoltPillager attacks on Intel processors with an activated TEE SGX. Several experiments were performed to trigger faults in RSA and AES encryption within the SGX enclave. To obtain the encryption key from these errors, known analysis methods were used. The practical part also deals with the replication of the attack on ARM microcontrollers with an active TEE TrustZone-M.
|
|
|
Semi-Centralized Cryptocurrency Based on the Blockchain and Trusted Computing
Handzuš, Jakub ; Veselý, Vladimír (referee) ; Homoliak, Ivan (advisor)
The aim of this thesis is to create a concept of semi-centralized cryptocurrency that supports external interoperability. It is assumed that semi-centralized cryptocurrency is the future of cryptocurrencies in the banking sector, because even at the cost of partial centralization, the concept brings the benefits of a decentralized ledger. Since the simultaneous deployment of their own cryptocurrencies by various central authorities, such as central bank, it is necessary to establish a communication protocol for interbank transactions. The work is thus focused on extending the existing Aquareum solution with an interoperability protocol.
|
|
|
Centralized Cryptocurrency Exchange with Trusted Computing
Sasák, Tomáš ; Očenášek, Pavel (referee) ; Homoliak, Ivan (advisor)
Táto práca sa zaoberá návrhom, implementáciou a analýzou centralizovanej zmenárne kryptomien, ktorá pracuje na platforme trusted computing. Aktuálne centralizované zmenárne fungujú na základe plnej dôvery používateľa v operátorov zmenárne. Na opačnej strane, decentralizované zmenárne využívajú jeden blockchain a tým sú limitované iba na mince na danom blockchaine. Použitím trusted computing platformy Intel SGX je možné kód zverejniť (open source) a zákazník si dokáže overiť pomocou SGX atestácie (remote attestation) že tento kód beží na platforme zmenárne. Kombináciou so smart contract platformou na verejnom blockchaine zmenáreň dosahuje odolnosť voči nejednoznačnosti a vytvára lepšiu vrstvu bezpečnosti a transparentnosti pre používateľa. Zmenáreň bola implementovaná ako proof-of-concept pomocou programovacieho jazyka Go, za použitím frameworku EGo pre tvorbu SGX enkláv. Pre ukladanie dát bola použitá databáza PebbleDB a relačná databáza PostgreSQL. Smart contract zmenárne bol implementovaný v jazyku Solidity a nasadený na Ethereum. Implementácia je schopná vyhodnotiť približne 35 vkladov mincí za sekundu a 23 ponúk na výmenu mincí za sekundu. Aktualizácia poslednej verzie ledgeru na kontrakte stojí približne 0.00255 ETH, pri tendencií aktualizácie každú minútu deň behu zmenárne stojí približne 3.6742 ETH.
|
|
|
Software and Hardware Based Fault Injection Attacks against the CPU and MCU
Lörinc, Marek ; Hanáček, Petr (referee) ; Perešíni, Martin (advisor)
The thesis deals with attacks that cause faults in CPU and MCU calculations. A short voltage change in CPU or MCU is used to trigger the error. The theoretical part of the thesis deals with the description of how to cause and exploit these errors. This section also describes the most well-known protection against hardware attacks, which is a trusted execution environment (TEE). Inject a fault to TEE is the primary target of fault attacks. The practical part deals with the replication of PlunderVolt and VoltPillager attacks on Intel processors with an activated TEE SGX. Several experiments were performed to trigger faults in RSA and AES encryption within the SGX enclave. To obtain the encryption key from these errors, known analysis methods were used. The practical part also deals with the replication of the attack on ARM microcontrollers with an active TEE TrustZone-M.
|
|
|
Semi-Centralized Cryptocurrency Based on the Blockchain and Trusted Computing
Handzuš, Jakub ; Veselý, Vladimír (referee) ; Homoliak, Ivan (advisor)
The aim of this thesis is to create a concept of semi-centralized cryptocurrency that supports external interoperability. It is assumed that semi-centralized cryptocurrency is the future of cryptocurrencies in the banking sector, because even at the cost of partial centralization, the concept brings the benefits of a decentralized ledger. Since the simultaneous deployment of their own cryptocurrencies by various central authorities, such as central bank, it is necessary to establish a communication protocol for interbank transactions. The work is thus focused on extending the existing Aquareum solution with an interoperability protocol.
|
guest ::
