|
|
System for anonymous transmit of messages
Kislinger, Jan ; Rosenberg, Martin (referee) ; Ležák, Petr (advisor)
Diploma thesis deals with an anonymous transmit of messages using protocol for anonymous authentication. In first part, we introduce theoretical familiarization to the issues and description protocol for anonymous authentication. Further, it describes the suggestion of the communication between the client and the server. Finally, contains a description of the created system for anonymous transmit of messages, which consists of the server and clients, who can leave challenges on the server for other users and they obtains challenges from the server. The thesis explains how to start and control program. There are also discussed methods of computing verification values, encryption keys and messages and authentication of receivers.
|
|
|
Data-efficient security of cloud storages
Elis, Martin ; Fujdiak, Radek (referee) ; Člupek, Vlastimil (advisor)
This work is focused on problematics of a cloud solution, especially on its security side. It describes the current security trends and approaches used by security engineers when creating sophisticated designs of secure cloud systems. As part of it there is a risk analysis and an overview of the most common types of attacks led against the cloud solutions. Also, this document deals with the possibilities, principles, advantages and negatives of different types of cloud distributions. Another text deals with the usual methods used for accessing the cloud. This thesis contains author’s own design of possible realization. In the next part of the document, process of building a safe cloud data storage is described together with principles of ensuring its security. In the conclusion, the author focuses on comparison of cryptographic algorithms and their behavior depending on the length of a used keys.
|
|
| |
|
|
Software support of teaching of cryptography protocols
Marek, Tomáš ; Lambertová, Petra (referee) ; Burda, Karel (advisor)
Document contains informations about authentication, encryption, data integrity and data authenticity. Next part includes description of well know cryptography protocols, their functions and also their weaknesses. All of these acquired informations were used in concept and final software support for teaching of cryptography protocols, which is able to run on clasic web-browser. Thats why the application was designed as web PHP pages using JavaScript and AJAX, which ensures plaform and OS architecture independency. Besides the descripted and ilustrated part of application there are also interactive parts and animations. The last period contains description of education software and its functions. Source code can be found on the appended CD.
|
|
|
Security of wireless computer networks
Jelínek, Martin ; Pelka, Tomáš (referee) ; Doležel, Radek (advisor)
The master's thesis deals with the issue of Wireless Local Area Network (WLAN) from the viewpoint of the security and functional principle of security mechanisms. The transition to the issue concerning the security is accompanied by the methods of wireless data transmission operating on the level of physical layer (FHSS, DSSS, OFDM, MIMO), which is followed by the summary of individual 802.11 standards. The next part deals with the issue of shared transmission medium (CSMA/CA), influence of interference and correcting mechanisms (RTS/CTS). Within the security, the principles of the authentication along with the commonly used methods of security (WEP, WPA, WPA2) are described in detail. The first part concerning security deals with the security in the form of the WEP protocol, which is considered insufficient nowadays and points out the imperfect implementation and the consequent risks. The following part describes the security in the form of WPA which eliminates the implementation weaknesses of the previous WEP security protocol. The description of commonly used mechanisms of authentication (PSK, 802.1x), required temporary key management (PTK, GTK), data integrity (MIC) and encryption which uses TKIP protocol are also included. The last part, possible WLAN security, is aimed at the full support of 802.11i standard, which is called WPA2 (sometimes RSN). That part describes the basic encryption security element CCMP, which is based on the AES block cipher modes. The practical part of the thesis deals with the security verification of current wireless networks. In the process of verification the accessible HW means and programming tools of Open Source Software (OSS) are used. By means of verification it has been pointed out that there are possible security risks resulting from the security method which has been used. Also several recommendations how to reduce the security risks of the used method to minimum are mentioned.
|
|
|
Performance Test Suite for MIT Kerberos
Špaček, Petr ; Müller, Petr (referee) ; Zelený, Jan (advisor)
Tato práce se zaměřuje na vyvinutí nástrojů pro výkonnostní testování, které umožní otestovat infrastrukturu systému MIT Kerberos, zjistit její výkonnostní charakteristiky a detekovat potenciální problémy. Práce shrnuje teoretické základy protokolu Kerberos a analyzuje potenciální výkonnostní problémy v různých konfiguracích MIT Kerberosu. Dále práce obsahuje popis návrhu a implementace sady nástrojů pro distribuované testování. Pomocí implementovaných nástrojů bylo odhaleno několik výkonnostních problémů, které jsou v práci popsány spolu s návrhem jejich řešení.
|
|
|
Web visualization and demonstrator of anonymous credentials
Chwastková, Šárka ; Malina, Lukáš (referee) ; Dzurenda, Petr (advisor)
This thesis deals with the topic of attribute based credentials with revocable anonymous credentials. The main focus of this work is the implementation of this scheme through a web application. The web application serves primarily as a visualization, which shows the functionality of this scheme through animations, and also as a practical demonstrator. Data and cryptographic calculations for individual system protocols are provided by the given cryptographic C application that communicates with the created application. The web application is also able to communicate with the connected smart card reader and the MultOS smart card and thus create the transmission of APDU commands and responses between the smart card and provided C application.
|
|
|
Modern trends in Wi-Fi IEEE 802.11 networks security
Lieskovan, Tomáš ; Škorpil, Vladislav (referee) ; Endrle, Pavel (advisor)
This work treats the matters of wireless networks, Wi-Fi. The paper describes the various principles of coding, such as WEP, WPA and WPA2. At first the WEP security method is analyzed with the view of the fact that it doesn´t meet contemporary safety requirements, further its successor WPA, namely TKIP and AES authentication methods, and last but not least WPA2 which nowadays serve as a safety standard. The work assesses the safety risks of individual security methods and makes several recommendations to achieve maximum security for wireless networks. In the work a commercially available hardware and for free dissemination available software (Open Source) are used.
|
|
|
Web applications for user authentication
Vybíral, Petr ; Dzurenda, Petr (referee) ; Hajný, Jan (advisor)
The thesis deals with the problems of user authentication. The first chapter analyzes the problem of authentication, its methods and its utilization. The second chapter presents the different security options for communication. The chapter describes security, communication and authentication protocols. There is the 2D barcode QR Code described at the end of the chapter. The third chapter is devoted to ASP.NET technology, its development and possibilities of utilization. Attention is focused on web form and server controls. There is an analysis of elements of cookies and possibilities of their use. The last chapter consists of a practical part, which describes the development of a web application. There is a description of the parts of application, such as the database, the Web navigation, master pages and etc. in the following chapter. The cardinal part of the chapter consists of an analysis and implementation of forms authentication, the attribute authentication and authentication with QR code. Finally, there is a description of way how to secure the communication by using a certificate.
|
|
|
Implementation of cryptographic protocols on smart cards
Moravanský, Michal ; Hajný, Jan (referee) ; Dzurenda, Petr (advisor)
The bachelor thesis is focused on cryptographic schemes using Attribute-Based Credentials, which try to minimize the negative impact on the protection of a user's privacy when using authentication systems. The aim of the bachelor's thesis was the implementation of two specified schemes on smart cards as a device with limited performance. Schemes differ only in the ability to revoke user. The practical part of this paper contains the analysis and selection of smart card platform and cryptographic libraries depending on performance. The work also describes the architecture of both schemes and individual protocols, including ongoing communication. The implementation of the Attribute-Based Credentials scheme was performed on a programmable smart card Multos (user side) and Raspberry Pi 2 (issuer and verifier side). The time complexity of the selected algorithms was also compared. In the end, the dependencies affecting the resulting efficiency and speed of the protocol were formulated.
|
guest ::
