{"id":48662,"date":"2025-07-23T00:15:29","date_gmt":"2025-07-22T22:15:29","guid":{"rendered":"https:\/\/www.derivaty.sk\/?p=48662"},"modified":"2025-07-23T00:15:29","modified_gmt":"2025-07-22T22:15:29","slug":"bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu","status":"publish","type":"post","link":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/","title":{"rendered":"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu"},"content":{"rendered":"<h2>Pre\u010do bezpe\u010dn\u00e9 C2 (command &amp; control) vy\u017eaduje modern\u00fa kryptografiu<\/h2>\n<p>Komunika\u010dn\u00fd kan\u00e1l C2 medzi pozemnou riadiacou stanicou (GCS) a bezpilotn\u00fdm prostriedkom (UAV) je \u017eivotne d\u00f4le\u017eit\u00fd. Porucha integrity alebo dostupnosti C2 m\u00f4\u017ee vies\u0165 k strate stroja \u010di ohrozeniu bezpe\u010dnosti os\u00f4b. Modern\u00e9 C2 mus\u00ed preto sp\u013a\u0148a\u0165 pr\u00edsne po\u017eiadavky na <em>d\u00f4vernos\u0165<\/em>, <em>integritu<\/em>, <em>autentiz\u00e1ciu<\/em>, <em>dostupnos\u0165<\/em> a <em>auditovate\u013enos\u0165<\/em> pri ve\u013emi obmedzenej latencii, premenlivom kan\u00e1li a energetick\u00fdch limitoch. Tento \u010dl\u00e1nok predstavuje n\u00e1vrhov\u00e9 princ\u00edpy, kryptografick\u00e9 primit\u00edva, protokolov\u00e9 stavby a n\u00e1stroje, ktor\u00e9 umo\u017e\u0148uj\u00fa bezpe\u010dn\u00fd C2 stack od fyzickej vrstvy a\u017e po aplik\u00e1ciu \u2013 vr\u00e1tane pripravenosti na post-kvantov\u00e9 hrozby.<\/p>\n<h2>Model hrozieb a \u0161pecifick\u00e9 rizik\u00e1 C2 pre UAV<\/h2>\n<ul>\n<li><strong>Odpo\u010d\u00favanie a deanonymiz\u00e1cia<\/strong>: protivn\u00edk zachyt\u00e1va uplink\/downlink, sna\u017e\u00ed sa extrahova\u0165 povely, telemetriu \u010di polohu.<\/li>\n<li><strong>Vkladanie a modifik\u00e1cia<\/strong>: \u00fatoky typu <em>man-in-the-middle<\/em> a <em>command injection<\/em> s cie\u013eom prevzia\u0165 kontrolu nad UAV.<\/li>\n<li><strong>Replay a roll-back<\/strong>: op\u00e4tovn\u00e9 prehranie legit\u00edmnych paketov na vyvolanie ne\u017eiaducich stavov.<\/li>\n<li><strong>Jamming a spoofing<\/strong>: cielen\u00e9 ru\u0161enie, falo\u0161n\u00e9 maj\u00e1ky, GNSS spoofing a zneu\u017eitie rozhrania na n\u00fadzov\u00e9 re\u017eimy.<\/li>\n<li><strong>Supply-chain a firmware \u00fatoky<\/strong>: vlo\u017eenie \u0161kodliv\u00e9ho k\u00f3du, \u00fanik k\u013e\u00fa\u010dov, neautorizovan\u00e9 moduly.<\/li>\n<li><strong>Post-kvantov\u00fd protivn\u00edk<\/strong>: dlhodob\u00e9 ukladanie prev\u00e1dzky (\u201eharvest-now, decrypt-later\u201c).<\/li>\n<\/ul>\n<h2>Bezpe\u010dnostn\u00e9 a prev\u00e1dzkov\u00e9 po\u017eiadavky na C2 protokol<\/h2>\n<ul>\n<li><strong>Mutu\u00e1lna autentiz\u00e1cia<\/strong> GCS &harr; UAV e\u0161te pred ak\u00fdmko\u013evek povelom.<\/li>\n<li><strong>D\u00f4vernos\u0165 a integrita<\/strong> s <em>AEAD<\/em>, ochrana smerom <em>uplink-first<\/em> (pr\u00edkazy) s najvy\u0161\u0161ou prioritou.<\/li>\n<li><strong>Forward secrecy<\/strong> a <strong>post-kvantov\u00e1 odolnos\u0165<\/strong> aspo\u0148 v hybridnej forme.<\/li>\n<li><strong>Ochrana proti replay<\/strong>: monot\u00f3nne \u010d\u00edta\u010de, nonce, \u010dasov\u00e9 okn\u00e1 a <em>anti-rollback<\/em>.<\/li>\n<li><strong>1\u20131, 1\u2013N aj N\u2013N<\/strong> re\u017eimy (swarms), \u0161k\u00e1lovate\u013en\u00e1 spr\u00e1va skupinov\u00fdch k\u013e\u00fa\u010dov.<\/li>\n<li><strong>N\u00edzka latencia<\/strong>, deterministick\u00e1 prev\u00e1dzka, mal\u00fd overhead, robustn\u00e1 rekey rutina pri strat\u00e1ch paketov.<\/li>\n<li><strong>Bezpe\u010dn\u00e9 zotavenie<\/strong>: degrad\u00e1cia do <em>failsafe<\/em> re\u017eimu bez straty bezpe\u010dnosti, odvolanie kompromitovan\u00fdch uzlov.<\/li>\n<\/ul>\n<h2>Kryptografick\u00e9 primit\u00edva vhodn\u00e9 pre UAV<\/h2>\n<ul>\n<li><strong>AEAD \u0161ifrovanie<\/strong>: AES-GCM\/GMAC na HW akceler\u00e1toroch; XChaCha20-Poly1305 pre MCU bez AES; Ascon-128a\/Ascon-AEAD (n\u00edzkoenergetick\u00e9, finalist\u00e9 NIST LWC) pre ultra-\u013eahk\u00e9 uzly.<\/li>\n<li><strong>Digit\u00e1lne podpisy<\/strong>: Ed25519\/Ed448 pre r\u00fdchle autentiz\u00e1cie a kr\u00e1tke podpisy; v PKI hierarchii kr\u00e1tke \u017eivotnosti certifik\u00e1tov.<\/li>\n<li><strong>V\u00fdmena k\u013e\u00fa\u010dov<\/strong>: X25519\/ECDH; <em>hybridn\u00e9 KEM<\/em> (napr. X25519+Kyber) pre kvantov\u00fa pripravenos\u0165; pri skupin\u00e1ch MLS (Message Layer Security) s post-kvantov\u00fdm roz\u0161\u00edren\u00edm.<\/li>\n<li><strong>Kvalitn\u00e1 entropia<\/strong>: TRNG\/DRBG pod\u013ea NIST SP 800-90, zdravie RNG testovan\u00e9 on-line (kontinu\u00e1lne testy).<\/li>\n<\/ul>\n<h2>Protokolov\u00e9 r\u00e1mce: TLS 1.3\/DTLS 1.3, QUIC, Noise, COSE\/OSCORE<\/h2>\n<ul>\n<li><strong>TLS 1.3 \/ DTLS 1.3<\/strong>: 1-RTT handshake, 0-RTT iba ak je d\u00f4kladne pos\u00faden\u00fd rizikov\u00fd profil; klientske certifik\u00e1ty alebo EAP-TLS pre sie\u0165ov\u00fd pr\u00edstup.<\/li>\n<li><strong>QUIC<\/strong>: vstavan\u00e9 \u0161ifrovanie, riadenie pre\u0165a\u017eenia a migr\u00e1cia ciest (5G\/LTE\/Wi-Fi) \u2013 vhodn\u00e9 pre mobilitu a <em>bonding<\/em>.<\/li>\n<li><strong>Noise Protocol Framework<\/strong>: priamo\u010diare <em>handshake patterns<\/em> (IK\/XX) pre ultra-\u013eahk\u00e9 linky mimo IP; jednoduch\u00e9 form\u00e1lne argumenty, mal\u00e9 bin\u00e1rky.<\/li>\n<li><strong>CBOR\/COSE + OSCORE<\/strong>: dr\u00f4tovo efekt\u00edvny form\u00e1t pre telemetriu a povely; integrita a d\u00f4vernos\u0165 na aplika\u010dnej vrstve (aj cez ne\u0161ifrovan\u00e9 transporty).<\/li>\n<\/ul>\n<h2>Hybridn\u00fd (PQ) handshake pre C2: odpor\u00fa\u010dan\u00fd n\u00e1vrh<\/h2>\n<p>Prepojenie v\u00fdkonu, latencie a post-kvantovej odolnosti:<\/p>\n<ol>\n<li><strong>Bootstrapping identity<\/strong>: GCS a UAV maj\u00fa dlhodob\u00e9 k\u013e\u00fa\u010de (Ed25519) a zariadenie nesie v\u00fdrobn\u00e9 atesta\u010dn\u00e9 korene (DICE\/TPM\/SE).<\/li>\n<li><strong>1-RTT handshake<\/strong> (Noise IK-psk2 \/ TLS1.3): ECDH (X25519) + PQ KEM (Kyber) \u2192 <em>hybridn\u00fd shared secret<\/em>.<\/li>\n<li><strong>AEAD session keys<\/strong> odvoden\u00e9 cez HKDF; samostatn\u00e9 k\u013e\u00fa\u010de pre uplink a downlink, rozdelen\u00e9 pod\u013ea prior\u00edt.<\/li>\n<li><strong>Rekey<\/strong> po N paketoch alebo T sekund\u00e1ch, s <em>key update<\/em> bez preru\u0161enia toku a s ochranou proti key\/nonce re-use.<\/li>\n<\/ol>\n<h2>Spr\u00e1va k\u013e\u00fa\u010dov a ident\u00edt (PKI, atest\u00e1cia, \u017eivotn\u00fd cyklus)<\/h2>\n<ul>\n<li><strong>V\u00fdrobn\u00e1 personaliz\u00e1cia<\/strong>: bezpe\u010dn\u00fd element (SE\/TPM) s unexportovate\u013en\u00fdm priv\u00e1tnym k\u013e\u00fa\u010dom, zariadenie dostane <em>device cert<\/em> a atesta\u010dn\u00fd re\u0165azec.<\/li>\n<li><strong>Onboarding<\/strong>: overen\u00e1 registr\u00e1cia do flotily (EAP-TLS\/EST\/ACES), mapping identity &rarr; letov\u00e9 opr\u00e1vnenia.<\/li>\n<li><strong>Rot\u00e1cia a odvolanie<\/strong>: kr\u00e1tko\u017eij\u00face certifik\u00e1ty (hodiny\/dni), CRL\/\u201eOCSP-stapling\u201c alebo \u00fapln\u00e1 offline valid\u00e1cia s <em>time-stamping<\/em>.<\/li>\n<li><strong>Skupinov\u00e9 k\u013e\u00fa\u010de<\/strong>: MLS alebo LKH (Logical Key Hierarchy) pre swarm; bezpe\u010dn\u00e9 vyra\u010fovanie kompromitovan\u00e9ho uzla (<em>forward\/backward secrecy<\/em> skupiny).<\/li>\n<\/ul>\n<h2>Strat\u00e9gi\u00e1 proti replay a proti manipul\u00e1cii s r\u00e1mcami<\/h2>\n<ul>\n<li>Per-smery <strong>nonce\/sekven\u010dn\u00e9 \u010d\u00edsla<\/strong> s detekciou medzier; okn\u00e1 pre dobiehaj\u00face pakety bez rizika opakovan\u00ed.<\/li>\n<li><strong>\u010casov\u00e9 pe\u010diatky<\/strong> a <strong>monot\u00f3nne po\u010d\u00edtadl\u00e1<\/strong> viazan\u00e9 na atestovan\u00fd \u010das (GNSS\/PPS alebo PTP) \u2013 s odolnos\u0165ou proti resetu.<\/li>\n<li><strong>AEAD tag<\/strong> pokr\u00fdva aj smerovanie, typ spr\u00e1vy a politiku (napr. prioritu), aby nebol mo\u017en\u00fd <em>cut-and-paste<\/em> \u00fatok.<\/li>\n<\/ul>\n<h2>Jamming, spoofing a viacn\u00e1sobn\u00e9 pr\u00edstupov\u00e9 cesty<\/h2>\n<p>Bezpe\u010dnos\u0165 C2 nie je iba kryptografia. Navrhujte viacn\u00e1sobn\u00e9 pr\u00edstupov\u00e9 cesty:<\/p>\n<ul>\n<li><strong>Diverzita liniek<\/strong>: 5G\/LTE, TDD-RF linka, satelit \u2013 s <em>bondingom<\/em> na QUIC\/MP-TCP a samostatn\u00fdm k\u013e\u00fa\u010dom pre ka\u017ed\u00fa cestu.<\/li>\n<li><strong>Adapt\u00edvne FEC a ARQ<\/strong> pre kompenz\u00e1ciu v\u00fdpadkov bez nav\u00fd\u0161enia latencie (napr. kr\u00e1tke syst\u00e9mov\u00e9 k\u00f3dy na C2, dlh\u0161ie na telemetriu).<\/li>\n<li><strong>FHSS\/LBT<\/strong> a <strong>spektr\u00e1lny doh\u013ead<\/strong> pre detekciu ru\u0161enia; automatick\u00e1 zmena kan\u00e1la so zachovan\u00edm kryptografick\u00e9ho stavu.<\/li>\n<\/ul>\n<h2>Efektivita dr\u00f4tov\u00e9ho form\u00e1tu a prior\u00edt<\/h2>\n<p>C2 spr\u00e1vy musia by\u0165 kr\u00e1tke a deterministick\u00e9. Pou\u017e\u00edvajte CBOR s pevn\u00fdmi k\u013e\u00fa\u010dmi, vyh\u00fdbajte sa JSON. Pove\u013ete kompresiu hlavi\u010diek (QPACK\/HPACK alebo vlastn\u00e9 <em>varint<\/em> sch\u00e9my). D\u00e1vajte pozor, aby \u0161ifrovanie nezv\u00e4\u010d\u0161ovalo r\u00e1mce nad MTU. Uplink povely maj\u00fa pr\u00edsnu prioritiz\u00e1ciu a <em>deadlines<\/em>, downlink telemetria adaptuje r\u00fdchlos\u0165 pod\u013ea za\u0165a\u017eenia kan\u00e1la.<\/p>\n<h2>Bezpe\u010dn\u00fd boot, OTA aktualiz\u00e1cie a supply-chain<\/h2>\n<ul>\n<li><strong>Secure boot<\/strong> so zakotven\u00fdm kore\u0148om d\u00f4very (ROM\/OTP), overenie podpisu FW (Ed25519\/Ed448) a meran\u00e9 sp\u00fa\u0161\u0165anie (TPM PCR\/DICE CDI).<\/li>\n<li><strong>OTA update<\/strong> cez podp\u00edsan\u00e9 bal\u00edky, <em>rollback protection<\/em>, <em>A\/B<\/em> oddiely a atest\u00e1cia verzie pred vytvoren\u00edm C2 session.<\/li>\n<li><strong>Oddelenie k\u013e\u00fa\u010dov<\/strong>: prev\u00e1dzkov\u00e9 k\u013e\u00fa\u010de \u2260 update k\u013e\u00fa\u010de \u2260 v\u00fdrobn\u00e9 k\u013e\u00fa\u010de; minim\u00e1lne opr\u00e1vnenia (<em>least privilege<\/em>).<\/li>\n<\/ul>\n<h2>Form\u00e1lne overenie a testovanie protokolov<\/h2>\n<ul>\n<li><strong>Form\u00e1lne modely<\/strong>: ProVerif\/Tamarin\/Verifpal pre handshake; d\u00f4kaz vlastnost\u00ed (PFS, aliveness, agreement).<\/li>\n<li><strong>Fuzzing<\/strong>: coverage-guided fuzzery (AFL\/LibFuzzer\/Hongfuzz) proti parserom a stavov\u00fdm automatom.<\/li>\n<li><strong>Stranov\u00e9 kan\u00e1ly<\/strong>: kni\u017enice v kon\u0161tantnom \u010dase, ochrana proti DPA\/EMA pri SE\/TPM, audit implement\u00e1cie MISRA-C alebo Rust <em>no_std<\/em>.<\/li>\n<\/ul>\n<h2>Implementa\u010dn\u00fd ekosyst\u00e9m a kni\u017enice<\/h2>\n<ul>\n<li><strong>Embedded C\/C++<\/strong>: mbedTLS, wolfSSL, tinyDTLS, micro-ECC, PQClean\/PQCrypto pre PQ primit\u00edva; Ascon referen\u010dn\u00e9 implement\u00e1cie pre LWC.<\/li>\n<li><strong>Rust<\/strong>: <em>ring<\/em>, <em>rustls<\/em>, <em>quinn<\/em>, <em>heapless<\/em> a <em>embassy<\/em> pre async na MCU; crates s no-std profilmi.<\/li>\n<li><strong>Spr\u00e1va ident\u00edt<\/strong>: est\/CoAP-est, SUIT-Manifest pre OTA, KMS\/CA integr\u00e1cie cez HSM na strane GCS.<\/li>\n<\/ul>\n<h2>Praktick\u00fd pr\u00edklad: \u013eahk\u00fd C2 protokol s Noise IK &amp; AEAD<\/h2>\n<ol>\n<li><strong>Predpoklady<\/strong>: UAV m\u00e1 dlhodob\u00fd k\u013e\u00fa\u010d (Ed25519) v SE; GCS m\u00e1 oper\u00e1torsk\u00fd certifik\u00e1t.<\/li>\n<li><strong>Handshake<\/strong>: Noise IK s <em>prologue<\/em> (kontext misie); ECDH(X25519) + Kyber KEM \u2192 HKDF \u2192 k\u013e\u00fa\u010de (uplink\/downlink).<\/li>\n<li><strong>D\u00e1ta<\/strong>: r\u00e1mce CBOR, COSE_Encrypt0 s AEAD (XChaCha20-Poly1305); sekvencia\/nonce 64-bit, okno 1024 r\u00e1mcov.<\/li>\n<li><strong>Rekey<\/strong>: ka\u017ed\u00fdch 2^20 bajtov alebo 60 s, <em>in-band<\/em> \u201eKeyUpdate\u201c so star\u00fdmi k\u013e\u00fa\u010dmi potvrdzuj\u00facimi prechod.<\/li>\n<li><strong>Failover<\/strong>: pri strate linky migruje cez z\u00e1lo\u017en\u00fa cestu (QUIC), zachov\u00e1va epochu a inkrementuje <em>path id<\/em> v AAD.<\/li>\n<\/ol>\n<h2>Skupinov\u00e9 C2 pre dronov\u00e9 roje (MLS\/LKH)<\/h2>\n<p>Pre skupinov\u00e9 povely sa vyu\u017e\u00edva <strong>Message Layer Security (MLS)<\/strong> s prisp\u00f4soben\u00edm na n\u00edzku latenciu alebo hierarchick\u00e9 LKH stromy. K\u013e\u00fa\u010dov\u00e9 je <strong>eviction<\/strong> kompromitovan\u00e9ho \u010dlena s okam\u017eit\u00fdm <em>rekey<\/em> bez preru\u0161enia ostatn\u00fdch kan\u00e1lov a s garantovanou <em>backward\/forward secrecy<\/em>.<\/p>\n<h2>Metodika merania a prev\u00e1dzkov\u00e9 metriky<\/h2>\n<ul>\n<li><strong>Handshake \u010das<\/strong> (p50\/p95) a <strong>goodput<\/strong> po zapo\u010d\u00edtan\u00ed AEAD a hlavi\u010diek.<\/li>\n<li><strong>Kon\u0161tantnos\u0165 latencie<\/strong> (jitter), <strong>PDR<\/strong> (packet delivery ratio) pri ru\u0161en\u00ed a pre\u0165a\u017een\u00ed.<\/li>\n<li><strong>CPU\/mem\/energia<\/strong> na MCU\/SoC, vyu\u017eitie akceler\u00e1torov AES\/PMULL.<\/li>\n<li><strong>Detekcia anom\u00e1li\u00ed<\/strong> v C2: \u0161tatistiky sekvenci\u00ed, chybn\u00e9 tagy AEAD, miera rekey udalost\u00ed.<\/li>\n<li><strong>Bezpe\u010dnostn\u00e9 KPI<\/strong>: krytie testov fuzzingom, form\u00e1lne overen\u00e9 vlastnosti, intervaly rot\u00e1cie k\u013e\u00fa\u010dov, MTTD\/MTTR na incidenty.<\/li>\n<\/ul>\n<h2>Prev\u00e1dzkov\u00e9 politiky a \u013eudsk\u00e9 faktory<\/h2>\n<ul>\n<li>Spr\u00e1va poveren\u00ed oper\u00e1torov, <strong>du\u00e1lna kontrola<\/strong> pre kritick\u00e9 povely.<\/li>\n<li><strong>Least privilege<\/strong> v GCS aplik\u00e1cii, oddelenie rol\u00ed (pilot, payload op, admin PKI).<\/li>\n<li><strong>Incident response<\/strong>: r\u00fdchle odvolanie certifik\u00e1tov, bezpe\u010dn\u00fd <em>kill-switch<\/em> cez separ\u00e1tny atestovan\u00fd kan\u00e1l.<\/li>\n<\/ul>\n<h2>Naj\u010dastej\u0161ie chyby v n\u00e1vrhu C2 bezpe\u010dnosti<\/h2>\n<ul>\n<li>Opakovan\u00e9 pou\u017eitie <strong>nonce<\/strong> pri AEAD; zmie\u0161anie po\u010d\u00edtadiel medzi smermi.<\/li>\n<li>Nedostato\u010dn\u00e1 kvalita RNG a ignorovanie zdravotn\u00fdch testov DRBG.<\/li>\n<li>Neform\u00e1lne \u0161pecifikovan\u00e9 <strong>AAD<\/strong> \u2192 umo\u017enen\u00e9 <em>cut-and-paste<\/em> \u00fatoky na polia hlavi\u010diek.<\/li>\n<li>0-RTT bez d\u00f4sledn\u00e9ho pos\u00fadenia re-order a replay riz\u00edk.<\/li>\n<li>Ch\u00fdbaj\u00faci <strong>secure boot<\/strong> a atest\u00e1cia \u2192 protokol je zbyto\u010dn\u00fd, ak \u00fato\u010dn\u00edk ovl\u00e1da firmware.<\/li>\n<\/ul>\n<h2>Odpor\u00fa\u010dan\u00e1 cesta adopcie<\/h2>\n<p>Bezpe\u010dn\u00e9 C2 pre UAV vy\u017eaduje s\u00fahru robustnej kryptografie, \u0161etrnej implement\u00e1cie a sie\u0165ovej odolnosti. Praktick\u00e1 cesta: (1) zavies\u0165 TLS1.3\/DTLS1.3 alebo Noise s AEAD, (2) prida\u0165 hybridn\u00fd PQ handshake, (3) formalizova\u0165 PKI a \u017eivotn\u00fd cyklus k\u013e\u00fa\u010dov, (4) zabezpe\u010di\u0165 secure boot a OTA, (5) testova\u0165 form\u00e1lne a fuzzingom, (6) zavies\u0165 multi-link s bondingom a ochranou proti jamovaniu. Takto navrhnut\u00fd protokolov\u00fd stack poskytne n\u00edzku latenciu, kvantov\u00fa pripravenos\u0165 a prev\u00e1dzkov\u00fa spo\u013eahlivos\u0165 aj v n\u00e1ro\u010dn\u00fdch podmienkach dronovej prev\u00e1dzky.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Modern\u00e9 C2 vy\u017eaduje siln\u00fa kryptografiu a spr\u00e1vu k\u013e\u00fa\u010dov. N\u00e1vrh handshake a revok\u00e1ci\u00ed pre odolnos\u0165 vo\u010di \u00fanosu linky.<\/p>\n","protected":false},"author":38,"featured_media":88662,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2629],"tags":[2345,2346,2347,2348,2349,2350,2351,2352],"class_list":["post-48662","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-drony","tag-autentizacia","tag-bezpecne-c2-protokoly","tag-forward-secrecy","tag-handshake","tag-integrita","tag-kluce","tag-kryptografia","tag-revokacia"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu - Podnik\u00e1m, lietam a relaxujem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/\" \/>\n<meta property=\"og:locale\" content=\"sk_SK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu - Podnik\u00e1m, lietam a relaxujem\" \/>\n<meta property=\"og:description\" content=\"Modern\u00e9 C2 vy\u017eaduje siln\u00fa kryptografiu a spr\u00e1vu k\u013e\u00fa\u010dov. N\u00e1vrh handshake a revok\u00e1ci\u00ed pre odolnos\u0165 vo\u010di \u00fanosu linky.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/\" \/>\n<meta property=\"og:site_name\" content=\"Podnik\u00e1m, lietam a relaxujem\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/vrtulniky\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-22T22:15:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.vrtulniky.sk\/news\/wp-content\/uploads\/2022\/08\/vrtulniky-sk.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1400\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Luk\u00e1\u0161 Kroc\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Autor\" \/>\n\t<meta name=\"twitter:data1\" content=\"Luk\u00e1\u0161 Kroc\" \/>\n\t<meta name=\"twitter:label2\" content=\"Predpokladan\u00fd \u010das \u010d\u00edtania\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 min\u00fat\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/\"},\"author\":{\"name\":\"Luk\u00e1\u0161 Kroc\",\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/#\\\/schema\\\/person\\\/cb79e77c4df94a6073f4b575fa42fadb\"},\"headline\":\"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu\",\"datePublished\":\"2025-07-22T22:15:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/\"},\"wordCount\":1577,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/vzdelavanie-vysoka-skola-8662.jpg\",\"keywords\":[\"autentiz\u00e1cia\",\"bezpe\u010dn\u00e9 C2 protokoly\",\"forward secrecy\",\"handshake\",\"integrita\",\"k\u013e\u00fa\u010de\",\"kryptografia\",\"revok\u00e1cia\"],\"articleSection\":[\"Drony\"],\"inLanguage\":\"sk-SK\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/\",\"url\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/\",\"name\":\"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu - Podnik\u00e1m, lietam a relaxujem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/vzdelavanie-vysoka-skola-8662.jpg\",\"datePublished\":\"2025-07-22T22:15:29+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/#breadcrumb\"},\"inLanguage\":\"sk-SK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"sk-SK\",\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/vzdelavanie-vysoka-skola-8662.jpg\",\"contentUrl\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/vzdelavanie-vysoka-skola-8662.jpg\",\"width\":1600,\"height\":1066,\"caption\":\"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/#website\",\"url\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/\",\"name\":\"Podnik\u00e1m, lietam a relaxujem\",\"description\":\"Vrtu\u013en\u00edky.sk\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"sk-SK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/#organization\",\"name\":\"Podnik\u00e1m, lietam a relaxujem\",\"url\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"sk-SK\",\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/wp-content\\\/uploads\\\/2022\\\/08\\\/news-vrtulniky-sk-logo-e1660318023553.png\",\"contentUrl\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/wp-content\\\/uploads\\\/2022\\\/08\\\/news-vrtulniky-sk-logo-e1660318023553.png\",\"width\":201,\"height\":200,\"caption\":\"Podnik\u00e1m, lietam a relaxujem\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/vrtulniky\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/#\\\/schema\\\/person\\\/cb79e77c4df94a6073f4b575fa42fadb\",\"name\":\"Luk\u00e1\u0161 Kroc\",\"url\":\"https:\\\/\\\/www.vrtulniky.sk\\\/news\\\/author\\\/lukas-kroc\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu - Podnik\u00e1m, lietam a relaxujem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/","og_locale":"sk_SK","og_type":"article","og_title":"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu - Podnik\u00e1m, lietam a relaxujem","og_description":"Modern\u00e9 C2 vy\u017eaduje siln\u00fa kryptografiu a spr\u00e1vu k\u013e\u00fa\u010dov. N\u00e1vrh handshake a revok\u00e1ci\u00ed pre odolnos\u0165 vo\u010di \u00fanosu linky.","og_url":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/","og_site_name":"Podnik\u00e1m, lietam a relaxujem","article_publisher":"https:\/\/www.facebook.com\/vrtulniky\/","article_published_time":"2025-07-22T22:15:29+00:00","og_image":[{"width":1400,"height":900,"url":"https:\/\/www.vrtulniky.sk\/news\/wp-content\/uploads\/2022\/08\/vrtulniky-sk.jpg","type":"image\/jpeg"}],"author":"Luk\u00e1\u0161 Kroc","twitter_card":"summary_large_image","twitter_misc":{"Autor":"Luk\u00e1\u0161 Kroc","Predpokladan\u00fd \u010das \u010d\u00edtania":"8 min\u00fat"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/#article","isPartOf":{"@id":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/"},"author":{"name":"Luk\u00e1\u0161 Kroc","@id":"https:\/\/www.vrtulniky.sk\/news\/#\/schema\/person\/cb79e77c4df94a6073f4b575fa42fadb"},"headline":"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu","datePublished":"2025-07-22T22:15:29+00:00","mainEntityOfPage":{"@id":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/"},"wordCount":1577,"commentCount":0,"publisher":{"@id":"https:\/\/www.vrtulniky.sk\/news\/#organization"},"image":{"@id":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/#primaryimage"},"thumbnailUrl":"https:\/\/www.vrtulniky.sk\/news\/wp-content\/uploads\/2025\/12\/vzdelavanie-vysoka-skola-8662.jpg","keywords":["autentiz\u00e1cia","bezpe\u010dn\u00e9 C2 protokoly","forward secrecy","handshake","integrita","k\u013e\u00fa\u010de","kryptografia","revok\u00e1cia"],"articleSection":["Drony"],"inLanguage":"sk-SK","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/","url":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/","name":"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu - Podnik\u00e1m, lietam a relaxujem","isPartOf":{"@id":"https:\/\/www.vrtulniky.sk\/news\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/#primaryimage"},"image":{"@id":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/#primaryimage"},"thumbnailUrl":"https:\/\/www.vrtulniky.sk\/news\/wp-content\/uploads\/2025\/12\/vzdelavanie-vysoka-skola-8662.jpg","datePublished":"2025-07-22T22:15:29+00:00","breadcrumb":{"@id":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/#breadcrumb"},"inLanguage":"sk-SK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/"]}]},{"@type":"ImageObject","inLanguage":"sk-SK","@id":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/#primaryimage","url":"https:\/\/www.vrtulniky.sk\/news\/wp-content\/uploads\/2025\/12\/vzdelavanie-vysoka-skola-8662.jpg","contentUrl":"https:\/\/www.vrtulniky.sk\/news\/wp-content\/uploads\/2025\/12\/vzdelavanie-vysoka-skola-8662.jpg","width":1600,"height":1066,"caption":"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu"},{"@type":"BreadcrumbList","@id":"https:\/\/www.vrtulniky.sk\/news\/bezpecne-protokoly-c2-vyuzitie-modernej-kryptografie-pre-integritu-a-autentifikaciu\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.vrtulniky.sk\/news\/"},{"@type":"ListItem","position":2,"name":"Bezpe\u010dn\u00e9 protokoly C2: Vyu\u017eitie modernej kryptografie pre integritu a autentifik\u00e1ciu"}]},{"@type":"WebSite","@id":"https:\/\/www.vrtulniky.sk\/news\/#website","url":"https:\/\/www.vrtulniky.sk\/news\/","name":"Podnik\u00e1m, lietam a relaxujem","description":"Vrtu\u013en\u00edky.sk","publisher":{"@id":"https:\/\/www.vrtulniky.sk\/news\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.vrtulniky.sk\/news\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"sk-SK"},{"@type":"Organization","@id":"https:\/\/www.vrtulniky.sk\/news\/#organization","name":"Podnik\u00e1m, lietam a relaxujem","url":"https:\/\/www.vrtulniky.sk\/news\/","logo":{"@type":"ImageObject","inLanguage":"sk-SK","@id":"https:\/\/www.vrtulniky.sk\/news\/#\/schema\/logo\/image\/","url":"https:\/\/www.vrtulniky.sk\/news\/wp-content\/uploads\/2022\/08\/news-vrtulniky-sk-logo-e1660318023553.png","contentUrl":"https:\/\/www.vrtulniky.sk\/news\/wp-content\/uploads\/2022\/08\/news-vrtulniky-sk-logo-e1660318023553.png","width":201,"height":200,"caption":"Podnik\u00e1m, lietam a relaxujem"},"image":{"@id":"https:\/\/www.vrtulniky.sk\/news\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/vrtulniky\/"]},{"@type":"Person","@id":"https:\/\/www.vrtulniky.sk\/news\/#\/schema\/person\/cb79e77c4df94a6073f4b575fa42fadb","name":"Luk\u00e1\u0161 Kroc","url":"https:\/\/www.vrtulniky.sk\/news\/author\/lukas-kroc\/"}]}},"_links":{"self":[{"href":"https:\/\/www.vrtulniky.sk\/news\/wp-json\/wp\/v2\/posts\/48662","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.vrtulniky.sk\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.vrtulniky.sk\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.vrtulniky.sk\/news\/wp-json\/wp\/v2\/users\/38"}],"replies":[{"embeddable":true,"href":"https:\/\/www.vrtulniky.sk\/news\/wp-json\/wp\/v2\/comments?post=48662"}],"version-history":[{"count":0,"href":"https:\/\/www.vrtulniky.sk\/news\/wp-json\/wp\/v2\/posts\/48662\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.vrtulniky.sk\/news\/wp-json\/wp\/v2\/media\/88662"}],"wp:attachment":[{"href":"https:\/\/www.vrtulniky.sk\/news\/wp-json\/wp\/v2\/media?parent=48662"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.vrtulniky.sk\/news\/wp-json\/wp\/v2\/categories?post=48662"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.vrtulniky.sk\/news\/wp-json\/wp\/v2\/tags?post=48662"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}