Ing. Simona Buchovecká

Publikace

Active Directory Kerberoasting Attack: Monitoring and Detection Techniques

Autoři
Rok
2020
Publikováno
Proceedings of the 6th International Conference on Information Systems Security and Privacy. Madeira: SciTePress, 2020. p. 432-439. ISSN 2184-4356. ISBN 978-989-758-399-5.
Typ
Stať ve sborníku
Anotace
The paper focus is the detection of Kerberoasting attack in Active Directory environment. The purpose of the attack is to extract service accounts’ passwords without need for any special user access rights or privilege escalation, which makes it suitable for initial phases of network compromise and further pivot for more interesting accounts. The main goal of the paper is to discuss the monitoring possibilities, setting up detection rules built on top of native Active Directory auditing capabilities, including possible ways to minimize false positive alerts.

Lightweight Authentication and Secure Communication Suitable for IoT Devices

Rok
2020
Publikováno
Proceedings of the 6th International Conference on Information Systems Security and Privacy. Madeira: SciTePress, 2020. p. 75-83. ISSN 2184-4356. ISBN 978-989-758-399-5.
Typ
Stať ve sborníku
Anotace
In this paper we present the protocols for lightweight authentication and secure communication for IoT and embedded devices. The protocols are using a PUF/TRNG combined circuit as a basic building block. The goal is to show the possibilities of securing communication and authentication of the embedded systems, using PUF and TRNG for secure key generation, without requirement to store secrets on the device itself, thus allowing to significantly simplify the problem of key management on the simple hardware devices and microcontrollers, while allowing secure communication.

True random number generator based on ring oscillator PUF circuit

Rok
2017
Publikováno
Microprocessors and Microsystems. 2017, 53 33-41. ISSN 0141-9331.
Typ
Článek
Anotace
In this paper we propose the method of generating true random numbers utilizing the circuit primarily designed as Physically Unclonable Function (PUF) based on ring oscillators. The goal is to show that it is possible to design the universal crypto system, that can be used for various applications – the PUF can be utilized for asymmetric cryptography and generating asymmetric keys, True Random Number Generator (TRNG) for symmetric cryptography (generating session and ephemeral keys), nonces and salts. In the paper the results of evaluation of such a circuit utilized for TRNG purpose are presented.

Temperature Dependence of ROPUF on FPGA

Rok
2016
Publikováno
Proceedings of 19th Euromicro Conference on Digital System Design DSD 2016. Los Alamitos, CA: IEEE Computer Soc., 2016. p. 698-702. ISBN 978-1-5090-2816-0.
Typ
Stať ve sborníku
Anotace
This paper continues and extends our previous work introduced in [3], [4], in which we proposed a ring oscillator (RO) based Physical Unclonable Function (PUF) on FPGA. Our approach is able to extract multiple output bits from each RO pair in contrary to the classical approach, where frequencies of ROs are compared. Our original design used asymmetric ROs, i.e. without constrained placement of gates. In this paper, we investigate the behaviour of the proposed ROPUF using symmetric ROs, and compare them against the original approach with asymmetric ROs. The measurement results showed that the ROPUF with symmetric ROs is approximately two times more stable with varying temperature. We have also compared three different methods of information extraction from ROPUF based on frequency measurement. The measured results show that out of these three methods, our one is the most stable against change of temperature. The measurements were performed on Digilent Basys 2 FPGA boards (Xilinx Spartan3E-100 CP132).

True Random Number Generator Based on ROPUF Circuit

Rok
2016
Publikováno
Proceedings of 19th Euromicro Conference on Digital System Design DSD 2016. Los Alamitos, CA: IEEE Computer Soc., 2016. pp. 519-523. ISBN 978-1-5090-2816-0.
Typ
Stať ve sborníku
Anotace
In this paper we propose the method of generating true random numbers utilizing the circuit primarily designed as PUF based on ring oscillators. The goal is to prove that it is possible to design the universal crypto system, that can be used for various applications - the PUF can be utilized for asymmetric cryptography and generating asymmetric keys, TRNG for symmetric cryptography (generating session and ephemeral keys), nonces and salts. In the paper the results of evaluation of such a circuit utilized for TRNG purpose are presented.

Frequency Injection Attack on a Random Number Generator

Autoři
Buchovecká, S.; Hlaváč, J.
Rok
2013
Publikováno
Proc. of the 16th IEEE Symposium on Design and Diagnostics of Electronic Circuits and Systems. Brno: NOVPRESS, 2013. pp. 128-130. ISSN 2334-3133. ISBN 978-1-4673-6135-4.
Typ
Stať ve sborníku
Anotace
In this paper we present a frewuency injection attack on a random number generator implemented in an Atmel AVR microcontroller. Two variants of the attack are attemped: an invasive attack with a direct modification of the power supply, and a non-invasive attack with no modification of the device.

Testing a Random Number Generator

Autoři
Rok
2011
Publikováno
POSTER 2011 - 15th International Student Conference on Electrical Engineering. Praha: České vysoké učení technické v Praze, Fakulta elektrotechnická, 2011, ISBN 978-80-01-04806-1. Available from: http://radio.feld.cvut.cz/conf/poster2011/
Typ
Stať ve sborníku vyzvaná či oceněná
Anotace
In this paper we present the testing of a true random generator implemented on an Atmel AVR microcontroller. This generator uses the jitter of the RC oscillator as the source of entropy. We applied Discrete Fourier Transform to identify component frequencies and to visualize the periodogram of the generated random bit stream. Then we used the ENT and Diehard test suites to identify and pick truly random bits with sufficient entropy, which are secure to use. Finally, we discuss the results and suggest other possible tests.