Ing. Jiří Buček, Ph.D.

Theses

Bachelor theses

Solving sets of linear equations in modular arithmetic

Author
Jakub Doubek
Year
2012
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.

Audio Watermarking

Author
Jan Herych
Year
2012
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Tomáš Zahradnický, Ph.D.

Educational demonstration of digital steganography

Author
Marek Bartík
Year
2013
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Jiří Dostál, Ph.D.

Development support for Java Card applications

Author
Filip Munzar
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Štěpánek

System for Monitoring of Borrows Using RFID

Author
Peter Guľa
Year
2015
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Jiří Kašpar
Summary
This bachelor thesis deals with an analysis of RFID NFC chips and its use for borrowing items in scope of development boards within the faculty. The theoretical part deals in evaluating the current state of borrowing and analysing chosen technologies. In the practical part I am occupied with the proposal of a prototype and its implementation. The result of the thesis is a prototype system for borrowing items capable of detecting removal and addition.

Methodology of ISMS implementation in small and medium enterprises

Author
Pavel Procházka
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.

Key Exchange Based On Supersingular Elliptic Curve Isogenies

Author
Klára Drhová
Year
2016
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.
Summary
This thesis deals with the implementation of the key exchange based on supersingular elliptic curves isogenies, which belongs to the post-quantum cryptography. With the advent of quantum computers, cryptographic systems that are used today will become broken and will be replaced with the new ones. Post-quantum cryptography offers such candidates. Very widespread programming language C++ was selected for the implementation, along with the PARI - mathematical library. A working application was created that performs key exchange. Its biggest benefit is its simple design, which illustrates the basic principles of the key exchange algorithm and which allows to understand the algorithm easily.

Certificate parameter quality testing on the Czech internet

Author
Martin Černáč
Year
2016
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Josef Kokeš
Summary
The purpose of this bachelor thesis was to analyze the current state of RSA-based digital certificate usage across the Czech Internet spectra and to conduct a study on digital certificate parameter quality using selected well-known RSA attacks. The thesis also includes a brief introduction to the theory behind the RSA cipher, descriptions of the various attacks used and a short interpretation of gathered data.

Analysis of information content retrieved in a side channel attack

Author
Marek Pikna
Year
2016
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Jiří Kašpar
Summary
This bachelor thesis utilizes an information metric known as guessing entropy in order to analyze the information content present in a side channel. The side-channel attack chosen in this thesis is the differential (or more specifically, correlation) power analysis. Utilizing the correlation power analysis attack on a device lacking protection against it, it is discovered how much information content is present in the power measurements. During this process, guessing entropy shows itself as a highly viable security metric when it comes to deciding how well a device is protected against side-channel attacks.

Development Support for Java Card Applications

Author
Valeriya Pak
Year
2018
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.
Summary
This thesis describes secure communication with Smart Card based on GlobalPlatform specification v2.2. It also describes other standards related Smart Cards, general principles of the Java Card technology and NetBeans Platform. As a part of this thesis the Java Card Manager Suite was updated to support SCP02.

3D near Field Acquisition System

Author
Klára Dvořáková
Year
2018
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.
Summary
This thesis describes rebuilding a 3D printer into a device that automatically captures electromagnetic side channel of a microprocessor (smart card). The aim is to measure the signal emitted by a smart card using a digital oscilloscope and to plot a 3D graph displaying the amount of signal radiated by each part of the smart card. The theoretical part of this paper deals with electromagnetic side channel and methods of analysis of measured data, particularly with differential electromagnetic analysis. The practical part of the paper follows with building a positioning device for automated measurements, then with a program that handles communication between a computer, the oscilloscope, the positioning device and the smart card. Finally, the program analyses the measured data. The resulting device offers a cheap alternative to already existing expensive devices measuring electromagnetic emissions.

RFID card emulation using a microcontroller

Author
Štěpán Urbánek
Year
2018
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.
Summary
This bachelor thesis deals with problems of contactless smart cards and their emulation. In the implemantation part I designed and created printed circuit board with microcontroller, that I use to emulate contactless smart cards. Then I programmed mobile application for operating system Android, application allows us to change emulated UID or to load UID from already existing contactless smart card and change it to that one.

Timing Attack on the RSA Cipher

Author
Martin Andrýsek
Year
2018
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.
Summary
This thesis is focused on replication of timing attack on RSA cryptosystem introduced by Paul Kocher, which is done by measuring time of square and multiply algorithm with Montgomery multiplication. The attack is based on measuring execution time of decryption function on messages with different properties. The thesis describe main principles and vulnerabilities of RSA cryptosystem. Implementation should be used for education purposes, mainly in security courses.

Survey and example of trusted platform (TPM)

Author
Andrea Holoubková
Year
2018
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Summary
The bachelor thesis focuses on survey of solutions to implement a trusted platform. A more detailed description is devoted to the standards of Trusted Computing Group (TCG) and GlobalPlatform organizations. It concerns a Trusted Platform Module (TPM) security chip and an integrated secure processor zone called Trusted Execution Environment (TEE). Part of the bachelor thesis is also a practical demonstration of using a TPM chip on a regular PC computer under the Linux operating system. Practical part is devoted to encryption of external media (USB disk) and storing the key in the TPM.

Power side channel information leakage of a microcontroller

Author
Marina Shchavleva
Year
2018
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.
Summary
Through power consumption of a device a lot of information about it internal structure and data it processes can be leaked. Simple and Differential power analysis are well described techniques for such side channel attacks. This work gives brief introduction to the idea of power side channel analysis and methods it uses. The main objective of this Bachelor's thesis is power side channel analysis of a microcontroller's instruction set specifically ATMega163 which is embedded in a smartcard. Important aspects of microcontroller's operation and it's instructions are discussed: instruction execution cycle, address in a Program Memory, operand values and data flow. Also how instruction type affects power consumption, in other words, what does microcontroller internally do to process data or manage program flow.

Side channel attack on the ChaCha cipher

Author
Martin Heinrich
Year
2018
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Josef Kokeš
Summary
Bachelor thesis theoretically analyzes two methods of side channel attack, namely differential power analysis (DPA) and electromagnetic analysis (EMA). It also deals with the application of DPA to a ChaCha stream cipher implemented on a single-chip computer, specifically implemented on an AVR chip on a chip card. In the practical part, the attack on the highly simplified and reduced version of the ChaCha cipher is initially executed with only one round and the attack is then applied to the entire ChaCha cipher.

Contactless card communication in Android

Author
Nikola Karlíková
Year
2019
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Kodýtek
Summary
In the thesis, I focused on the examination and implementation of the solution for relay attack on contactless transactions using the NFC technology and public network with Android mobile devices. I successfully implemented the solution using the NFC enabled Android devices and services and interfaces provided by Android without other specific services. During the testing part, I accomplished 100% of successful attack runs. The measured delay caused by the data relay was not significant and did not affect the transaction. Based on this result, I can deduce, that this solution, despite its simplicity, is efficient and can be used and studied by any user interested in the topic of contactless payment attacks. Attachments are provided at the end of this thesis. CD attachment contain screenshots from the mobile devices and testing logs and scripts.

RFID communication eavesdropping

Author
Jan Havránek
Year
2019
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Jiří Dostál, Ph.D.
Summary
This thesis summarizes the principles of ISO/IEC 14443 type A communication. Next, it researches existing devices for eavesdropping and analysis of RFID communication, analyzes the capabilities of the Proxmark3 hardware device and extends its functionality in the area of eavesdropping RFID communication according to the ISO/IEC 14443A standard. The extension allows for real time eavesdropping of the communication along with a mobile application for the Android operating system that enables the user to view the eavesdropped data and its basic analysis.

Use of physically unclonable function to secure wireless communication

Author
František Kovář
Year
2020
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Kodýtek
Summary
In this bachelor's thesis, we documented the design and the implementation of security devices that use a physically unclonable function to secure wireless communication. The implementation is in C ++ language and VHDL language on Wemos D1 mini device with ESP8266 WiFi chip and on FPGA Digilent Basys 2. Wemos D1 mini communicates with FPGA via serial line and thus obtains data to prove its identity. The device was tested on a local vii WiFi network, and the success of such secure communication reached 96.7% due to the instability of a physically unclonable function.

Timing side-channel attack on AES

Author
Adam Zahumenský
Year
2019
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.
Summary
This work demonstrates a timing side-channel attack on the AES-128 cipher using modern hardware. It provides software which leverages such attack to test a provided AES-128 implementation for vulnerability. The software is provided in a form suitable for use as an InfoSec laboratory assignment. Finally, it demonstrates that the latest OpenSSL release is under certain conditions still vulnerable to the attack.

True random number generator on FPGA

Author
Kryštof Šádek
Year
2020
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Kodýtek
Summary
This thesis deals with the implementation of a true random number generator on FPGA development board building on pair of ring oscillators and explores the influence of temperature and power supply changes on generated output, evaluated by NIST-inspired tests. The results show that environmental changes does not impact the ouput in any significant way.

USB computer interface security

Author
Michal Polák
Year
2020
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Tomáš Zahradnický, Ph.D.
Summary
This thesis is dedicated to the industrial USB standard and its security with focus on structures describing the device. It also describes some risks related to connecting an unknown device and analyses possible USB sniffing. Finally an demonstration of already known vulnerability of USB drivers is included with added validation of fix in up-to-date operating systems.

Kubernetes cluster for password recovery

Author
Tomáš Klas
Year
2020
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Tomáš Vondra, Ph.D.
Summary
The main goal of the thesis is to set up a cluster managed by Kubernetes for password recovery. The next step is to describe used technologies like Docker, Ansible, and Hashcat. The thesis contains a description of how the passwords are stored and the most known attacks to crack them. Successful deployment and password cracking lead to analyzing the speed of the cluster and the particular cracking method.

Security analysis of hardware crypto wallets

Author
Lukáš Kozák
Year
2020
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Jiří Dostál, Ph.D.
Summary
The thesis analyzes the security of modern hardware crypto wallets. Different threat models and threats for users are assessed with some of the current hardware wallets reviewed. Potential users are educated how to choose the right hardware wallet and warned about misleading advertising of some vendors. The original hardware wallet, Trezor One, is thoroughly analyzed from both hardware and software perspective and the security claims of the vendor are verified. A particular emphasis is placed on side-channel attacks and experiments with Trezor One.

Physical unclonable functions on ESP32

Author
Ondřej Staníček
Year
2022
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Kodýtek, Ph.D.
Summary
This thesis analyzes the possibility of implementing a static random access memory (SRAM) physical unclonable function (PUF) on the ESP32 microcontroller. First, literature research on the topic of PUFs is provided with focus on SRAM PUFs. A discussion on which properties the SRAM PUFs possess is presented. Two power-control methods of SRAM memory on the ESP32 are proposed. An analysis of behavior of startup SRAM bit values depending on operating temperature and power-off time is conducted for both methods. Their suitability for the PUF implementation is discussed based on the experimental results. Then, an implementation of SRAM PUF with stable response reconstruction is presented. Two different bit preselection methods are tested and a simple repetition error correction code (ECC) is used to stabilize the responses. The presented PUF design combines the two power-control methods to achieve faster and more reliable response extraction. Reliability testing revealed that it is possible to reach 100 % success rate of response reconstruction across the temperature range of -40 to +70 °C. The responses can be used as cryptographic keys to secure the ESP32 platform. Finally, the proposed PUF design is implemented in an easy-to-use ESP32 library.

Using physical unclonable functions in TLS on ESP32

Author
Matěj Týfa
Year
2022
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Kodýtek, Ph.D.
Summary
This thesis focuses on key generation using a hardware security primitive known as physical unclonable function. Proof of concept application is created to test the functionality of physical unclonable function - inside cryptographic protocol known as Transport Layer Security - on ESP32 platform. The theory behind physical unclonable functions in the context of key generation is examined to define essential properties. An enrollment protocol for the keys generated on ESP32 is proposed to enable the use of generated keys in Transport Layer Security. Available Transport Layer Security libraries are investigated to select the most suitable choice for the proof of concept application. Both a mock-up (simulating ideal properties) and a real physical unclonable function are used inside the proof of concept application to test the functionality on the ESP32 platform. Our application proves that physical unclonable functions can be successfully used to generate keys for Transport Layer Security on ESP32. Mock implementation is working almost perfectly. However, the real physical unclonable function poses some significant implementation challenges that decrease the usability of these solutions.

Demonstration of side chanel analysis methods

Author
Marek Bizík
Year
2023
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Kodýtek, Ph.D.
Summary
In this bachelor's thesis, several side-channel attack methods on the AES encryption algorithm are examined and compared. The focus of the study is on three basic attack methods: Correlation Power Analysis, Template Attack, and a machine learning method, specifically Random Forest. The aim of the work is to analyze and compare the effectiveness of these methods on the ChipWhisperer Nano platform, using the Python programming language and its libraries. In the practical part, the implementation of experiments for each attack method is carried out. The effectiveness of the methods is evaluated based on selected metrics, such as Partial Guessing Entropy, the number of necessary measurements, and computation time. The number of necessary measurements is evaluated to be 32 for Correlation Power Analysis, 17 for Template Attack, and 17 for the Random Forest method. The results of this work show that the machine learning method is the most effective in Partial Guessing Entropy metrics, but it has the worst results in terms of computation time. The Template Attack has the best results in computation time. This work contributes to a better understanding of the effectiveness of individual side-channel attack methods and can serve as a basis for further research in the field of encryption security.

Demonstration of security of industrial control systems with the CIP protocol

Author
Tomáš Plíhal
Year
2024
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Kodýtek, Ph.D.
Summary
The bachelor thesis is about cybersecurity of network communication of industrial control systems using CIP protocol. It includes a vulnerability demonstration using an attack on a vulnerable system (with a focus on integrity and confidentiality of messages), followed by a demonstration of security countermeasures. The specific devices on which I demonstrate the attack and security countermeasures are a programmable control PLC, network adapter, and control panel manufactured by Rockwell Automation.

Power side channel attack with a controllable power supply

Author
Adam Verner
Year
2023
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Jan Bělohoubek, Ph.D.
Summary
The thesis applies Correlation Power Analysis (CPA) attack against AES implementation running on a dedicated microcontroller and explores how the success depends on the operating voltage of the microcontroller. Part of the work deals with instrumentation required to execute the CPA attack on the target device. Data acquisition framework QCoDeS was extended to support the Aim-TTi QL355TP power supply. The CPA attack was applied on an Atmega microcontroller and proved to be successful although no direct correlation between operating voltage and attack success was found. Future work exploring the attack success against other types of crypto hardware was proposed.

Active non-invasive attack on a microcontroller by fault injection

Author
Jakub Kučera
Year
2024
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Mgr. Tomáš Rabas
Summary
This bachelor's thesis deals with the implementation of a platform for voltage glitching and clock glitching. The platform is used to introduce fault insertion mechanisms with a minimal level of abstraction. The work contains an implementation of hardware in the Verilog language with firmware written in C and an interface in Python for controlling the platform from a computer. Next, an attack on AES is performed with the implemented platform by injecting faults between the 7th and the 8th MixColumns operation and also between the 8th and the 9th. The resulting platform is capable of injecting glitches into the power supply as well as a clock signal and also supports the insertion of multiple glitches after one trigger event. The attacks carried out on the AES cipher via fault injection with the implemented platform successfully recovered the secret key. The contribution of this work is the development of a fault injection tool on the Cmod S7 platform and of a programming interface that enable users to understand the mechanisms of fault injection in detail.

Implementation of CRYSTALS-Kyber with a physical unclonable function on ESP32 microcontrollers

Author
Egon Procházka
Year
2024
Type
Bachelor thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Kodýtek, Ph.D.
Summary
This work focuses on the efficient implementation of the CRYSTALS-Kyber post-quantum cryptographic algorithm on the ESP32 family of microcontrollers where the source of entropy is a physically unclonable function with the goal of generating a microcontroller-dependent key pair.

Master theses

Security analysis of smart cards using Proxmark3

Author
Tomáš Altman
Year
2012
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Tomáš Vaňát, Ph.D.

Implementation of safe storage for electronic signature keys usable within Java Cryptographic Architecture

Author
Filip Michl
Year
2012
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Petr Budiš, Ph.D.

Simulation of solver of systems of linear congruences

Author
Jiří Jahn
Year
2012
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.

Security analysis of contactless smart cards

Author
Tomáš Fornůsek
Year
2013
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Tomáš Vaňát, Ph.D.

Measurement on contact smart cards

Author
Ondřej Hofierka
Year
2013
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Josef Hlaváč, Ph.D.

Example Attack on RC4

Author
Pavel Kocka
Year
2014
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Josef Kokeš, Ph.D.

Architecture of a linear system solver in modular arithmetic

Author
Michal Daňhelka
Year
2015
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.
Summary
This thesis deals with analysis of architecture used for solving linear equations in modular arithmetic. Works also deals with design and simulation one such architecture. Based on design of this architecure is created software simulation. This simulation is evaluated. This evalution is based on design assumptions. Standalone application is created to show the steps of this simulation. This visualization helps to understand behaviour of the designed architecture.

Contactless Smart Card Emulator in FPGA

Author
Stanislav Jeřábek
Year
2016
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Štěpánek
Summary
This diploma thesis describes implementation of contactless chip card emulator compliant with ISO/IEC 14443. It differs in way of emulation when almost everything is done in hardware - FPGA - using VHDL language.

Attacks on White-Box AES

Author
Jean-Gaël Rigot
Year
2016
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Jiří Kašpar
Summary
Cryptography is used to prevent people accessing data they are not authorized to access. However in some case the algorithm used for encrypting data are performed on an untrusted device for example in the case of access to copyrighted content on a personal computer (music, films...). In this case the traditional cryptographic model is not enough to assure the security of the data and the study of protection under this context is called white-box cryptography. This thesis presents different designs found in the llitterature as well as attacks to break those implementation. The recently proposed design by Luo et al. to protect AES (Advance Encryption Standard) has been implemented in C and studied in regards to the types of attacks introduced by Bos et al.

Software Countermeasures Against Differential Power Analysis

Author
Alena Nohová
Year
2016
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.
Summary
This work explores possible software countermeasures against differential power analysis for AES-128 algorithm implemented on an AVR micro-controller. The implementation of several countermeasures is compared with unprotected version in both security and efficiency.

Masked AES cipher on a microcontroller and Second-order DPA

Author
Abdullah Bhatti
Year
2019
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Dr.-Ing. Martin Novotný
Summary
The thesis is focused on possible attacks using differential power analysis on a masked AES-128 implementation onto an AVR microcontroller. The implementation is divided into three parts. The first part comprises of an unmasked version of AES-128. The second part uses a constant value of mask used throughout the code. The third part generates a random mask which is then applied to the 10 rounds. Finally, first order DPA and second order DPA are used to try and break the cipher and find the key.

Security analysis of USB drive

Author
David Jagoš
Year
2019
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Josef Kokeš
Summary
This thesis provides an overview of the security of flash drives with hardware encryption support and a security analysis of Kingston DataTraveler Vault Privacy.

Multivariate cryptography

Author
Jan Rahm
Year
2020
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
prof. Ing. Róbert Lórencz, CSc.
Summary
This Master's thesis deals with the selected algorithms of multivariate cryptography, especially Unbalanced Oil & Vinegar and Rainbow. The aim of this work is the implementation of the algorithms in Wolfram Mathematica, the investigation of existing solutions and their implementation on the ESP32 microcontroller. The algorithms are tested and measured against the RSA and ECDSA algorithms.

Side-channel Attacks on Supersingular Isogeny Diffie-Hellman Key Exchange

Author
František Kovář
Year
2022
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. David Pokorný
Summary
In this master's thesis, we aimed at the currently alternative candidate for the NIST post-quantum standardization process. Supersingular Ksogeny Key Encapsulation (SIKE) is the only isogeny-based cryptosystem in the standardization process. The main focus was on the side-channel analysis (SCA) of SIKE and experimentally testing the possible attack vectors, using CPA, in the officially submitted reference implementation. For that, we used ChipWhisperer-Lite, which features an STM32F303. Apart from that, we also focused on the possible countermeasures against SCA. Although the attack was unsuccessful, we have gathered a lot of interesting information regarding SCA against SIKE.

On-line key management for the ETCS train control system

Author
Michal Kunert
Year
2023
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Jaroslav Súkup
Summary
The main aim of this diploma thesis is to design and implement an on-line key management system for the ETCS train control system. The thesis starts with the analysis, which contains a description of ETCS and the key management options for this train control system. The analysis also contains specification of requirements for the solution with regard to ERTMS/ETCS SUBSET-137 and this chapter also contains a description of suitable technologies for implementation. The next chapters deal with the design of the application and description of the implementation. The final system is composed of a few components, namely the key management centre, the component for storing keys on the end entity and the certification authority. The TLS protocol is used for the transmission of key management related messages. The Certificate Management Protocol is used to communicate with a certification authority. The last part of the thesis deals with testing the functionality of the implemented system.

Side-channel attack using a real-time spectrum analyzer.

Author
Martin Kubeša
Year
2023
Type
Master thesis
Supervisor
Ing. Jiří Buček, Ph.D.
Reviewers
Ing. Filip Kodýtek, Ph.D.
Summary
Despite the increasingly complex physical protection of critical cryptographic devices, differential attacks based both on power side-channel analysis and electromagnetic side-channel analysis can be attractive for their simplicity of implementation -- when the device is susceptible to them. This thesis tries to summarize the basic principles needed to understand the correlation differential electromagnetic analysis on the side channel, to implement and describe the attack on real equipment -- targeting smart card and measuring using spectrum analyzer. We compare the effectiveness of the attack according to various parameters set during the measurement of electromagnetic emissions was carried out. And finally, based on the results, we propose a conceptual procedure for practical lesson which will help students to become more familiar with the issue of similar attacks.