Browsing by Subject "Security"

Using password hashes for verification is a common way to secure users’ passwords against a potential data breach. The functions that are used to create these hashes have evolved and changed over time. Hackers and security researchers constantly try to find effective ways to derive the original passwords from these hashes. This thesis focuses on cryptographic hash functions that get passwords as inputs and on the different methods an attacker may use to deduce a password from a hash. The research questions for the thesis are: 1. What kind of password hashing techniques have evolved from the viewpoints of a defender and an attacker? 2. What kind of observations can be made when studying the implementations of the hashing algorithms and the tools that the attackers use against the hashes? The thesis examines some commonly used hash functions for passwords and common attack strategies that are used against them. Hash functions developed especially for passwords such as PBKDF2 and Scrypt will be explained. The password recovery tool Hashcat is introduced and different ways to use the tool against password hashes are demonstrated. Tests are done to show off differences in hash functions, as well as what kind of effect offensive and defensive techniques have against password hashes. These test results are explained and reviewed.

The business applications such as weather forecasting, traffic management, weather forecasting, traffic management, etc., are enormously adopting Internet of Things(IoT). While scaling of these applications are fast, the device/sensor capabilities, particularly in terms of battery life and energy efficiency is limited. Despite of intensive research conducted to address these shortcomings, Wireless IoT Sensor Network(WIoTSN) still cannot assure 100\% efficient network life. Therefore, the core objective of the thesis is to provide an overview of energy efficiency of proactive(OLSR) and reactive(DSR and AODV) data routing protocols by scaling the size of network, i.e. number of sensor nodes, data packet size, data transmission rate and speed of mobile sink node. It also reviews the importance of security in WIoTSN. The two approaches, such as literature review and simulation testing, are used to achieve the objective of the thesis. The literature review provides information about reactive and proactive protocols and their mechanism for route discovery. Similarly, the network simulator tool NS3 is used for running simulation to evaluate the performance of selected routing protocols for energy efficiency. The thesis results showed the effect of scaling the parameters selected for experimental purpose on the energy efficiency of proactive and reactive data routing protocols. The simulation results prove that the reactive protocol DSR outperforms another reactive protocol AODV and proactive protocol OLSR in energy efficiency. From the security perspective, the thesis also emphasizes its need in IoT and suggest to minimize wasteful resources in WIoTSN and use them by restructuring the network for secure energy-efficient data routing protocols.