Global ETD Search

831	Metody optimalizace digitálních podpisů / Methods for optimization of digital signatures Špidla, Aleš January 2013 (has links) The thesis briefly describes the digital signatures and basic methods (RSA, DSA, ECDSA) for the creation and verification of the digital signature. The method of group signatures designed by Boneh, Boyen and Shacham (BBS) is described in more details as well as the method designed by Bonen and Shacham (BS). The thesis further explores related issue of the implementation of batch signing and verification for the above mentioned methods and their practical application, particularly for systems Vehicular ad-hod network (VANET) and cloud storage in the field of forensic IT. The purpose of the thesis is to determine which of the methods BBS and BS is more suitable for these systems in terms of computational complexity. For this reason, the author created the program for the comparison of methods BBS and BS. The programme compares the time consumption of the methods for signing and verification of incoming messages. The results of the measurement are summarized in the conclusion along with the justification why the particular methods are suitable for the systems.
832	Ověření uživatelů pomocí chytrých telefonů / User verification based on smart-phones Bělík, David January 2014 (has links) The main aim of this diploma thesis is to get acquainted with the area of secure authentication and authorization of users in smartphones on the Android platform. Individual types of encoding, authentications, authentication devices and characteristics of QR codes are decribed in the chapters. In the practical part of this thesis the applications are created with an implemented authentication scheme, which is being developed at FEKT VUT in Brno. The client part of the application, that generates QR code, as well as the server part, that verifies the authenticity of the data, are set up.
833	Zabezpečený transportní protokol monitorovacích systémů / Secure Transport Protocol for System Monitoring Halfar, Patrik January 2010 (has links) This paper deals with NetFlow protocol and analysis of its properties. There is focused on confidentiality and reliability of the data's transfer. All of the solution observe requirements for lower resources of devices, and impossibility of changes in the exporter except defined parameters.
834	Analýza šifrovacích metod pro klonování disků / Analysis of Encipherement Methods for Disk Cloning Chromečka, Jiří January 2016 (has links) The presented text deals with designing of a multilingual application and its following implementation in the C++ language. The application encrypts disk volumes with Microsoft Windows system using symmetric cryptography and password authentication, where the password security strength is verified. Securing the sensitive data is one of the important security goals in area of information technology. The symmetric cryptography uses the same key for both the encryption and the decryption and due to its speed it is suitable for the data storage encryption. For the higher security it is possible to encrypt a whole disk volume with sensitive data.
835	Determining the performance costs in establishing cryptography services as part of a secure endpoint device for the Industrial Internet of Things Ledwaba, Lehlogonolo P.I. January 2017 (has links) Endpoint devices are integral in the realisation of any industrial cyber-physical system (ICPS) application. As part of the work of promoting safer and more secure industrial Internet of Things (IIoT) networks and devices, the Industrial Internet Consortium (IIC) and the OpenFog Consortium have developed security framework specifications detailing security techniques and technologies that should be employed during the design of an IIoT network. Previous work in establishing cryptographic services on platforms intended for wireless sensor networks (WSN) and the Internet of Things (IoT) has concluded that security mechanisms cannot be implemented using software libraries owing to the lack of memory and processing resources, the longevity requirements of the processor platforms, and the hard real-time requirements of industrial operations. Over a decade has passed since this body of knowledge was created, however, and IoT processors have seen a vast improvement in the available operating and memory resources while maintaining minimal power consumption. This study aims to update the body of knowledge regarding the provision of security services on an IoT platform by conducting a detailed analysis regarding the performance of new generation IoT platforms when running software cryptographic services. The research considers execution time, power consumption and memory occupation and works towards a general, implementable design of a secure, IIoT edge device. This is realised by identifying security features recommended for IIoT endpoint devices; identifying currently available security standards and technologies for the IIoT; and highlighting the trade-offs that the application of security will have on device size, performance, memory requirements and monetary cost. / Dissertation (MSc)--University of Pretoria, 2017. / Electrical, Electronic and Computer Engineering / MSc / Unrestricted UCTD Cryptography Cyber-Physical Systems Industrial Internet of Things Security Endpoint security Performance evaluation
836	Attacking and securing Network Time Protocol Malhotra, Aanchal 14 February 2020 (has links) Network Time Protocol (NTP) is used to synchronize time between computer systems communicating over unreliable, variable-latency, and untrusted network paths. Time is critical for many applications; in particular it is heavily utilized by cryptographic protocols. Despite its importance, the community still lacks visibility into the robustness of the NTP ecosystem itself, the integrity of the timing information transmitted by NTP, and the impact that any error in NTP might have upon the security of other protocols that rely on timing information. In this thesis, we seek to accomplish the following broad goals: 1. Demonstrate that the current design presents a security risk, by showing that network attackers can exploit NTP and then use it to attack other core Internet protocols that rely on time. 2. Improve NTP to make it more robust, and rigorously analyze the security of the improved protocol. 3. Establish formal and precise security requirements that should be satisfied by a network time-synchronization protocol, and prove that these are sufficient for the security of other protocols that rely on time. We take the following approach to achieve our goals incrementally. 1. We begin by (a) scrutinizing NTP's core protocol (RFC 5905) and (b) statically analyzing code of its reference implementation to identify vulnerabilities in protocol design, ambiguities in specifications, and flaws in reference implementations. We then leverage these observations to show several off- and on-path denial-of-service and time-shifting attacks on NTP clients. We then show cache-flushing and cache-sticking attacks on DNS(SEC) that leverage NTP. We quantify the attack surface using Internet measurements, and suggest simple countermeasures that can improve the security of NTP and DNS(SEC). 2. Next we move beyond identifying attacks and leverage ideas from Universal Composability (UC) security framework to develop a cryptographic model for attacks on NTP's datagram protocol. We use this model to prove the security of a new backwards-compatible protocol that correctly synchronizes time in the face of both off- and on-path network attackers. 3. Next, we propose general security notions for network time-synchronization protocols within the UC framework and formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols (including but not limited to NTP), and how they can be used to assert security of time-reliant applications-specifically, cryptographic certificates with revocation and expiration times. Our security framework allows for a clear and modular treatment of the use of time in security-sensitive systems. Our work makes the core NTP protocol and its implementations more robust and secure, thus improving the security of applications and protocols that rely on time. Computer science Cryptography Domain name system (DNS) Network attacks Network protocols Network Time Protocol Security
837	Secure Key Agreement for Wearable Medical Devices Kasparek, Alexander J 05 December 2019 (has links) In this thesis we explore if a proposed random binary sequence generation algorithm can be combined with a separately proposed symmetric key agreement protocol to provide usable security for communications in Wireless Body Area Networks (WBAN). Other previous works in this area fall short by only considering key generation between two of the same signals or allowing for key generation between two different types of signals but with the cost of a significant signal collection time requirement. We hoped to advance this area of research by making secure key generation more efficient with less signal collection time and allowing keys to be generated between two sensors that measure two different physiological signals. However, while the binary sequence generation algorithm and key agreement protocol perform well separately, they do not perform well together. The combined approach yields keys that have good properties for use in a WBAN, but the generation rate is low. WBAN Body Area Network Security Bio-cryptography Physiological signals Symmetric key agreement
838	A Web-Based Application for the Secure Transfer of NGS data Odén Österbo, Ina January 2019 (has links) During the last decade, the use of Next-Generation Sequencing(NGS) technologies has sky-rocketed. The vast amount of data produced by these platforms require processing and analysis. This is usually performed at locations remote from the sequencing facilities thereby introducing the need for data-transportation to the place of analysis. The use of internet transfer would greatly facilitate the process, however since NGS data is considered to be personal sensitive information the handling of the data is highly regulated by the General Data Protection Regulation(GDPR). During this project, a web-based application was developed for the privacy-protecting transfer of personal sensitive data, implementing an in-motion encryption scheme which ensures data integrity and authenticity. The application consists of three scripts: the HTML web page with JavaScript functionality, a PHP script responsible for connection establishment and integrity verification, and a Python script executing the majority of the server-side operations. The resulting application uses the symmetric encryption algorithm AES in GCM mode, using a key size of 128 bits and transfers 60 Kibibytes of the file at a time. The key is established by using the asymmetric RSA encryption scheme with a 4096 bit key pair. SHA-256 is used for verifying the integrity of the transferred files. The JavaScript encryption speed is 584 MB/s and the Python decryption speed 251 MB/s. While the focus of the project was to optimize the application for NGS data, it is not limited to this type of file and can transfer different formats, enabling the use in multiple different fields. NGS next generation sequencing security transfer cryptography AES RSA Bioinformatics and Systems Biology Bioinformatik och systembiologi
839	Formal security verification of the Drone Remote Identification Protocol using Tamarin / Formell säkerhetsverifiering av Drone Remote Identification Protocol med hjälp av Tamarin Ahokas, Jakob, Persson, Jonathan January 2022 (has links) The current standard for remote identification of unmanned aircraft does not contain anyform of security considerations, opening up possibilities for impersonation attacks. Thenewly proposed Drone Remote Identification Protocol aims to change this. To fully ensurethat the protocol is secure before real world implementation, we conduct a formal verification using the Tamarin Prover tool, with the goal of detecting possible vulnerabilities. Theunderlying technologies of the protocol are studied and important aspects are identified.The main contribution of this thesis is the formal verification of session key secrecy andmessage authenticity within the proposed protocol. Certain aspects of protocol securityare still missing from the scripts, but the protocol is deemed secure to the extent of themodel. Many features of both the protocol and Tamarin Prover are presented in detail,serving as a potential base for the continued work toward a complete formal verificationof the protocol in the future. Cybersecurity Formal verification Unmanned aircraft Cryptography Other Computer and Information Science Annan data- och informationsvetenskap
840	Anonymous Javascript Cryptography and CoverTraffic in Whistleblowing Applications / Anonym Javascript-kryptogra och täckningstrakför visselblåsarsystem Uddholm, Joakim January 2016 (has links) In recent years, whistleblowing has lead to big headlines aroundthe world. This thesis looks at whistleblower systems, which are systems specically created for whistleblowers to submit tips anonymously. The problem is how to engineer such a system asto maximize the anonymity for the whistleblower whilst at the same time remain usable.The thesis evaluates existing implementations for the whistle-blowing problem. Eleven Swedish newspapers are evaluated for potential threats against their whistleblowing service.I suggest a new system that tries to improve on existing systems. New features includes the introduction of JavaScript cryptography to lessen the reliance of trust for a hosted server. Use of anonymous encryption and cover traffic to partially anonymize the recipient, size and timing metadata on submissions sent by the whistleblowers. I explore the implementations of these features and the viability to address threats against JavaScript integrity by use of cover traffic.The results show that JavaScript encrypted submissions are viable. The tamper detection system can provide some integrity for the JavaScript client. Cover traffic for the initial submissions to the journalists was also shown to be feasible. However, cover traffic for replies sent back-and-forth between whistleblower and journalist consumed too much data transfer and was too slow to be useful. anonymity whistleblowing cryptography tor indistinguishability anonymous encryption Computer Sciences Datavetenskap (datalogi)

Search results