|
|
Digital certificates and certificate authorities
Lepa, Ondřej ; Hajný, Jan (referee) ; Člupek, Vlastimil (advisor)
This diploma thesis deals with certification and certification authorities, certification path PKI and principles of its validation and security. Also deals with structure of certificate itself and possible misuse of included information. Moreover, possibility of misues of third party certificates and proclamation of untrusted certificate to client's system.
|
|
|
Infrastructure of public keys
Bědajánek, Ondřej ; Malý, Jan (referee) ; Pust, Radim (advisor)
The subject of my thesis dscribes function and principles of the public key infrastructure as well as certificate authority. Under the operation system Linux was created self signed certificate authority. Web interface was devoloped in PHP for the purpose of the generation, distribution and rejection certificates. Configuration files for OpenVPN are included in the thesis and wireless security is achived by OpenVPN.
|
|
|
Certification authority
Herinek, Denis ; Sikora, Marek (referee) ; Zeman, Václav (advisor)
There is a lot of available services on the internet those need to be more secured and trusted. Public key infrastructure is used in sectors where are higher expectations in case of authentication, integrity and confidentality. It is almost impossible to imagine how internet banking or electronic signatures of important documents would work without PKI. There is a lot of open-source realisations of PKI created by users. Digital certificates as a part of PKI are issued by certificate authorities. This diploma thesis consists of open- source realisation of certificate authority and timestamping authority to demonstrate services which they provide.
|
|
|
Design of security infrastructure for electronic archive
Doležel, Radek ; Lattenberg, Ivo (referee) ; Zeman, Václav (advisor)
This master's thesis deals with design of security infrastructure for electronic archive. In theoretical part is disscus about technical resources which are based on security services and protocols and methods which are used for protection. On basics of theoretical part is designed model of security infrastructure and it is built in laboratory. Model of security infrastructure is based on Open Source Software and as safety storages for private user authentication data are used cryptographic USB tokens. This master's thesis includes design and construction of real infrastructure of secured electronic archive. In each part of master's thesis is put main emphases on security and clear explanation from the beginning of desing of model of security infrastructure for electronic archive to finish of construction.
|
|
|
The Cryptographic Protocol for Management and Approval of Document Versions
Lacko, Peter ; Hanáček, Petr (referee) ; Homoliak, Ivan (advisor)
This work deals with design and implementation of the system for document management and versioning. The first part contains description of related work. In the second part, information security concepts and security model, upon which application is build, is discussed. Third part contains description of designed system and its typical use in a form of sequence diagram. Fourth part introduces cryptographic protocol used in this work. Next follows the description of implementation and security analysis of developed system. The output of this work is cryptographic protocol for document management and versioning, and client-server application implementing this protocol.
|
|
|
Web application for data transfer using TLS protocol
Dzadíková, Slavomíra ; Slavíček, Karel (referee) ; Smékal, David (advisor)
The work deals with web application development, implementation possibilities of web application, secure communication between server part and client part. Protocol HTTPS (Hyper Text Transfer Protocol) and TLS (Transport Layer Protocol) are described in more detail way, also the issue of PKI (Public Key Infrastructure). The work also covers authentication and authorization methods which are used in web applications, and the most common attacks according OWASP TOP 10. Technologies, programming languages and environments, which have been used: Python, Flask, Bootstrap, OpenSSL, Nginx, Nessus, JMeter, Lighthouse.
|
|
|
Implementation of certification authority and digital signature
Troják, Martin ; Koutný, Martin (referee) ; Lambertová, Petra (advisor)
This master´s thesis deals with problems of certification authorities and digital signature. There are analyzed principles of digital certificates and certification authorities. It describes the the most widely used cryptosystems and hash functions, which are used in communications with certificates and digital signature. Analysis is focused on Public key infrastructure standard, which describes rules of creating of certification authority and digital signature. There is also described detailed principle of digital signature. Next chapters deals with studying of protocol SSL, principles of functions and usage of SSL. Practical part of this thesis realizes certification authority and information system. There is shown used software and configuration of it. Last part describes procedures during using aplication and her realization.
|
|
|
Attacks in Network Environment Using a Programmable Wireless Router
Štrbian, Jaroslav ; Malinka, Kamil (referee) ; Kumpošt, Marek (advisor)
The goal of this thesis was design and realization of "man-in-the-middle" network attack. The attack was directed on the SSL protocol in order to obtain login information of a client. A wireless router with linux distribution firmware was used as an access point. The attack was realized by installed software dsniff. The thesis contains theoretical description of the SSL protocol and practical realization of the attack.
|
|
|
Cryptographic modules for network protection
Tenora, Lukáš ; Pust, Radim (referee) ; Zeman, Václav (advisor)
This work deals with virtual private network (VPN) and authentication. The first section gives the modern cryptographic methods, the work of dealing with problems of authentication and authentication of objects and the issue of VPN. The second part describes the implementation of its own secure network-based technology company SafeNet.
|
|
|
Application for digital signature and timestamping
Remiaš, Miroslav ; Burda, Karel (referee) ; Lambertová, Petra (advisor)
In general, the Internet represents an unsecured medium of data transfer. Besides the rising popularity of the Internet, the matters of safety are getting to the foreground of importance. Anybody would be able to gain access to the computer network or to other valuable information if no algorithm of verifying the genuineness of identity were used. It is necessary to secure not only the access to the documents but also the content itself, which could be modified during the transfer through an unsecured medium. Last but not least, without the discretion provided by cryptography, the information may become literally public. To provide security and protection for the communicating participants the problems mentioned above are solved with the help of cryptographic techniques. The verification of the identity and the integrity of messages, the credibility of document’s ownership and safe data transfer through an unsecured medium are all the aspects, which the field of communication security on the Internet, thus the public key infrastructure, deals with. The electronic signature, as a part of the security area, is one of many advertised themes nowadays in Czech Republic. The aim of this master’s thesis is to acquaint the reader with the necessary technological procedures of digital signature, such as cryptographic techniques, public key infrastructure and timestamp. The practical part of this thesis consists of a suggested implementation of a web application in the programming language ASP.NET, which forms a certification authority with an opportunity of claiming a timestamp to authorize timestamps. After the problematic of cryptography was explained in the first chapter, the term of electronic signature has been introduced in the second chapter. Very important information, as far as the electronic signature of documents is concerned, is the time of the document’s creation and the subsequent signature verification by an appropriate authority. So the following part of the thesis is dedicated to the timestamp and to the authority of its verification. The fourth section deals with the large scale of public key infrastructure. The fifth part focuses on the description of the support for the whole problem mentioned so far using Microsoft’s programming language ASP.NET. The final sixth chapter represents the practical part of the thesis, namely the web application itself, where the individual modules of the application with its functions are described.
|
guest ::
