S.

NO CHAPTER NAME PAGE

1. Concept of Layering 2

2. Flow and Error Control Techniques-1 10

3. Routers 22

4. Switching 25

5. Routing Algorithms 30

6. Basics of Wi-Fi 33

7. Application Layer Protocols (DNS, 35

SMTP, POP, FTP, HTTP)
8. LAN Technologies (Ethernet) 39

9. IP Addressing 46

10. TCP/UPD & Sockets 56

11. Congestion Control 62

12. Network Security 67-80

Concept of layering Study Notes

OSI (Open System Interconnection) Model

 The  OSI model is a reference tool for understanding data communication between hosts
with the help of seven layers approaches in the communication process.
 Each layer performs specific functions to support the layers above it and uses services of
the layers below it.

Physical Layer:

 The physical layer coordinates the functions required to transmit a bit stream over a
physical medium.
 It deals with the mechanical and electrical specifications of interface and transmission
medium.
 It also defines the procedures and functions that physical devices and interfaces have to
perform for transmission to occur.
 Ethernet network interface card performs functions at both the physical layer and the data
link layer.

Functions of Physical Layer: 

 The physical layer defines characteristics of the interface between the devices and the
transmission medium.
 It defines the type of transmission medium.
 It defines the transmission rate (the number of bits sent each second).
 It performs synchronization of sender and receiver clocks.
 It is concerned with the connection of devices to the medium.
1. Point-to-point configuration: Two devices are connected together through a
dedicated link.
2. Multipoint configuration: A link is shared between several devices
 It is concerned with the physical topology.
 It defines the direction of transmission called transmission mode (simplex, half-duplex or
duplex).
 It transmits bitstream over the communication channel.
 Hardware Used: Repeater and Hub.
 Data Unit: Bitstream
Data Link Layer:

 The data link layer transforms the physical layer, a raw transmission facility, to a reliable
link.
 It is responsible for Node-to-Node delivery.
 It makes the physical layer appear error-free to the Network layer.

Functions of the Data Link Layer: 

 Data Framing: Division of the stream of bits received from the network layer into

manageable data units called frames. Segmentation of upper layer datagrams (packets)
into frames.
 Flow Control: It is to manage communication between a high-speed transmitter with the
low-speed receiver.
 Error Control: It provides a mechanism to detect and retransmit damaged or lost frames
and to prevent duplication of frames. To achieve error control, a trailer is added at the end
of a frame.
 Access Control: Gives mechanism to determine which device has control over the link at
any given time, if two or more devices are connected to the same link.
 Physical Addressing: Adding a header to the frame to define the physical address of the
sender (source address) and/or receiver (destination address) of the frame.
 Hardware Used: Bridges and switches.
 Data Unit: Frames
 Protocol Used: Simplex protocol, stop and wait protocol, sliding window, HDLC (High-
Level Data Link Control), SDLC, NDP, ISDN, ARP, PSL, OSPF, NDP.

Network Layer:

 The network layer is responsible for source to destination delivery of a packet possibly
across multiple networks (links).
  If the two systems are connected to the same link, there is usually no need for a network
layer.
 If the two systems are attached to different networks (links) with connecting devices
between networks, there is often a need of the network layer to accomplish source to
destination delivery.

Functions of the Network Layer: 

 Logical Addressing: If the packet passes the network boundary, we need

a logical addressing system to distinguish the source and destination systems.
 Routing: Independent networks or links are connected together with the help of routers or
gateways. Routers route the packets to their final destination. Network layer is
responsible for providing a routing mechanism.
 Hardware Used: Routers
 Data Units: Packets
 Protocols Used: IP (Internet, Protocol), NAT (Network Address Translation), ARP
(Address Resolution Protocol), ICMP (Internet control Message Protocol), BGP (Border
Gateway Protocol), RARP (Reverse Address Resolution Protocol), DHCP (Dynamic
Host Configuration Protocol), BOOTP, OSPF.

Transport Layer:

 The transport layer is responsible for- source to destination (end-to-end) delivery of the
entire message.
 The network layer does not recognize any relationship between the packets delivered.
 Network layer treats each packet independently, as though each packet belonging to a
separate message, whether or not it does. The transport layer ensures that the whole
message arrives intact and in order.

Functions of Transport Layer: 

  Service Point Addressing: The transport layer header must include a type of address
called service point address (or part address).
 Segmentation and Reassembly: A message is divided into transmittable segments, each
segment containing a sequence number.
 Flow Control Flow: control at this layer is performed end to end rather than across a
single link.
 Error Control: This layer performs an end to end error control by ensuring that the entire
message at the receiving transport layer without error (damage, loss or duplication). Error
correction is usually achieved through retransmission.
 Connection Control: Transport layer can deliver the segments using either connection-
oriented or connectionless approach. Hardware Used: Transport Gateway Data Unit:
Segments Protocol Used: TCP (Transmission Control Protocol) for connection-oriented
approach and UDP (User Datagram Protocol) for connectionless approach.

Session Layer:

 The session layer is the network dialog controller.

 It establishes, maintains and synchronizes the interaction between communicating
systems.
 It also plays an important role in keeping applications data separate.

Functions of Session Layer: 

 Dialog Control: Session layer allows the communication between two processes to take
place either in half-duplex or full-duplex. It allows applications functioning on devices to
establish, manage and terminate a dialog through a network.
 Synchronization: The session layer allows a process to add checkpoints
(synchronization points) into a stream of data.

Presentation Layer:

 It is responsible for how an application formats data to be sent out onto the network.
  It basically allows an application to read and understand the message.

Functions of Presentation Layer: 

 Translation: Different systems use different encoding system, so the presentation layer
provides interoperability between these different encoding methods. This layer at the
sender end changes the information from sender dependent format into a common format.
The presentation layer at the receiver end changes the common format into its receiver
dependent format.
 Encryption and Decryption: This layer provides encryption and decryption mechanism to
assure privacy to carry sensitive information. Encryption means the sender transforms the
original information to another form and at the receiver end, the decryption mechanism
reverses the new form of data into its original form.
 Compression: This layer uses a compression mechanism to reduce the number of bits to
be transmitted. Data compression becomes important in the transmission of multimedia
such as text, audio and video.

Application Layer:

 This layer enables the user, whether human or software, to access the network.
 It provides user interfaces and support for services such as electronic mail, remote file
access and transfer shared database management and other types of distributed
information services.
 Examples: Telnet, FTP, etc.

Functions of Application Layer: 

 Network Virtual Terminal: It is a software version of a physical terminal and allows a
user to log on to a remote host. To do so, the application creates a software emulation of a
terminal at the remote host.
 File Transfer, Access and Management: It allows a user to access files, retrieve files,
manage files or control files on a remote computer.
 Mail Services: It provides Electronic messaging (e-mail storage and forwarding).
 Directory Services: It provides distributed database sources and access for global
information about various objects and services.
Flow and Error Control Techniques Study
Notes
Flow Control: Flow control coordinates that amount of data that can be sent before receiving an
acknowledgement.

 It is one of the most important duties of the data link layer.

 Flow control tells the sender how much data to send.
 It makes the sender wait for some sort of an acknowledgement (ACK) before continuing
to send more data.
 Flow Control Techniques: Stop-and-wait, and Sliding Window

Error Control: Error control in the data link layer is based on ARQ (automatic repeat request),
which is the retransmission of data.

 The term error control refers to methods of error detection and retransmission.
 Everytime an error is detected in an exchange, specified frames are retransmitted. This
process is called ARQ.

To ensure reliable communication, there needs to exist flow control (managing the amount of
data the sender sends), and error control (that data arrives at the destination error free).

 Flow and error control needs to be done at several layers.

 For node-to-node links, flow and error control is carried out in the data-link layer.
 For end-point to end-point, flow and error control is carried out in the transport layer.

Flow & Error control:

 Error Detection and ARQ (error detection with retransmissions) must be combined with
methods that intelligently limit the number of ‘outstanding’ (unACKed) frames.
 Flow & Error control techniques:  Stop-and-Wait ARQ,  Go-Back-N ARQ, and Selective
Repeat ARQ

Flow Control Techniques:  

 One important aspect of the data link layer is flow control.

 Flow control refers to a set of procedures used to restrict the amount of data the sender
can send before waiting for acknowledgement.
Stop and Wait Flow control:

 The sender has to wait for an acknowledgment of every frame that it sends.

 Only when a acknowledgment has been received is the next frame sent. This process
continues until the sender transmits an End of Transmission (EOT) frame.
 In Stop-and-Wait flow control, the receiver indicates its readiness to receive data for each
frame.

 For every frame that is sent, there needs to be an acknowledgment, which takes a similar
amount of propagation time to get back to the sender.
 Only one frame can be in transmission at a time. This leads to inefficiency if propagation
delay is much longer than the transmission delay
 Advantages of Stop and Wait:
o It's simple and each frame is checked and acknowledged well.
  Disadvantages of Stop and Wait:
o Only one frame can be in transmission at a time.
o It is inefficient, if the distance between devices is long. Reason is propagation
delay is much longer than the transmission delay.
o The time spent for waiting acknowledgements between each frame can add
significant amount to the total transmission time.

Sliding Window Flow Control:

 It works by having the sender and receiver have a “window” of frames.

 Each frame has to be numbered in relation to the sliding window. For a window of size n,
frames get a number from 0 to n - 1.  Subsequent frames get a number mod n.
 The sender can send as many frames as would fit into a window.
 The receiver, upon receiving enough frames, will respond with an acknowledgment of all
frames up to a certain point in the window. It is called slide.
 This window can hold frames at either end and provides the upper limit on the number of
frames that can be transmitted before requiring an acknowledgement.
 For example, if n = 8, the frames are numbered 0, 1, 2, 3, 4, 5, 6, 7, 0, 1, 2, 3, 4, 5, 6, 7, 0,
1...so on. The size of the window is (n -1) = 7.
 When the receiver sends an ACK, it includes the number of the next frame it expects to
receive. When the receiver sends an ACK containing the number 5, it means all frames
upto number 4 have been received.
 If the window size is sufficiently large the sender can continuously transmit packets:
o If W >= (2a+1), sender can transmit continuously. (Efficiency =1)
o If W < (2a+1), sender can transmit W frames every (2a+1) time units. (Efficiency
= W/(1+2a) )

Error Control Techniques:

 Many factors including line noise can alter or wipe out one or more bits of a given data
unit.
  Reliable systems must have mechanism for detecting and correcting such errors.
 Error detection and correction are implemented either at the data link layer or the
transport layer of the OSI model.

Error Detection

 Error detection uses the concept of redundancy, which means adding extra bits for
detecting errors at the destination.
  Checking function performs the action that the received bit stream passes the checking
criteria, the data portion of the data unit is accepted else rejected.

Vertical Redundancy Check (VRC)

 In this technique, a redundant bit, called parity bit, is appended to every data unit, so that
the total number of 1's in the unit (including the parity bit) becomes even.
 If number of 1's are already even in data, then parity bit will be 0.
  Some systems may use odd parity checking, where the number of 1's should be odd. The
principle is the same, the calculation is different.

Checksum

 There are two algorithms involved in this process, checksum generator at sender end and
checksum checker at receiver end.
 The sender follows these steps
o The data unit is divided into k sections each of n bits.
o All sections are added together using 1's complement to get the sum.
o The sum is complemented and becomes the checksum.
o The checksum is sent with the data.
 The receiver follows these steps
o The received unit is divided into k sections each of n bits.
o All sections are added together using 1's complement to get the sum.
o The sum is complemented.
o If the result is zero, the data are accepted, otherwise they are rejected.

Limitation of checksum:

 It is not possible to detect the vertical error from the data which is received at receivers
end.
  If noise modify the data in such a way that vertically placed bits can cancel the change
made to them then calculated checksum will always be same as received checksum. Such
errors cannot be detected and they are known as vertical errors.

Cyclic Redundancy Check (CRC):

 CRC is based on binary division.

 A sequence of redundant bits called CRC or the CRC remainder is appended to the end of
a data unit, so that the resulting data unit becomes exactly divisible by a second,
predetermined binary number.
 At its destination, the incoming data unit is divided by the same number. If at this step
there is no remainder, the data unit is assumed to be intact and therefore is accepted.

Selection Criteria for CRC generator:

 Generator shiould be of more than 1 bit.

 when x is part of our generator, than it will detect all the errors. So for a generator to
detect all type of errors, it should not contain x.
 if generator contains x+1, then all the odd bit errors are detected.
 A good generator always contain x other it will bw multiple of x.
 CRC 32 will always detect all type of errors in the network. it is considered as ideal
network detector.

Error Correction:

 Error correction in data link layer is implemented simply anytime.

 An error is detected in an exchange, a negative acknowledgement NAK is returned and
the specified frames are retransmitted. This process is called Automatic Repeat Request
(ARQ).
 Retransmission of data happens in three Cases: Damaged frame, Lost frame and Lost
acknowledgement.

Flow and Error Control Techniques (ARQ schemes):

Stop and Wait ARQ:

 Include re-transmission of data in case of lost or damaged framer.

 It is addition to the basic flow control mechanism with re-transmissions.
 (i) Sender sends an information frame to receiver.
 (ii) Sender waits for an ACK before sending the next frame.
 (iii) Receiver sends an ACK if frame is correctly received.
 (iv) If no ACK arrives within time-out, sender will resend the frame.

Time-out period > Rround trip time

 If an error is discovered in a data frame, indicating that it has been corrupted in transit, a
NAK frame is returned. NAK frames, which are numbered, tell the sender to retransmit
the last frame sent.
 Piggybacking: In bidirectional communications, both parties send & acknowledge data,
i.e. both parties implement flow control. Outstanding ACKs are placed in the header of
information frames, piggybacking can save bandwidth since the overhead from a data
frame and an ACK frame (addresses, CRC, etc) can be combined into just one frame.

Sliding Window ARQ:

 To cover retransmission of lost or damaged frames, some features are added to the basic
flow control mechanism of sliding window.
 A Sender may send multiple frames as allowed by the window size.
  The sending device keeps copies of all transmitted frames, until they have been
acknowledged. .
 In addition to ACK frames, the receiver has the option of returning a NAK frame, if the
data have been received damaged. NAK frame tells the sender to retransmit a damaged
frame.
 Here, both ACK and NAK frames must be numbered for identification.
 ACK frames carry the number of next frame expected.
 NAK frames on the other hand, carry the number of the damaged frame itself.
 If the last ACK was numbered 3, an ACK 6 acknowledges the receipt of frames 3, 4 and
5 as well.
 If data frames 4 and 5 are received damaged, both NAK 4 and NAK 5 must be returned.
 Like stop and wait ARQ, the sending device in sliding window ARQ is equipped with a
timer to enable it to handle lost acknowledgements.
 Sliding window ARQ is two types: Go-back-n ARQ, and Selective Reject ARQ.
 There are two ACK processing methods in sliding windows:
o Selective ACK: The ACK N message acknowledges only the frame with
sequence number N
o Cumulative ACK : The ACK N message acknowledges all frames with sequence
number <= N

(i) Go-back-n ARQ:

 The sliding window method using cumulative ACK is known as the Go-Back-N ARQ

protocol.
 Receiver window size is 1.
 In this method, if one frame is lost or damaged all frames sent, since the last frame
acknowledged are retransmitted.
 For example, sender may send frames 1,2,3,4 and get an NAK with a value of 2. The
NAK acknowledges everything that came before it, and asks for frame 2 (and subsequent
frames) to be resent.
 NAK number refer to the next expected frame number.
 Example: In the following figure, frame 2 has an error, then all subsequent frames are
discarded. After timeout sender sends all frames from frame 2.
 

 Damaged/Error Frame :
o In go-back-n ARQ, The receiver sends the NAK for this frame along with that
frame number, that it expects to be retransmitted.
o After sending NAK, the receiver discards all the frames that it receives, after a
damaged frame.
o The receiver does not send any ACK (acknowledgement) for the discarded
frames.
After the sender receives the NAK for the damaged frame, it retransmits all the
frames onwards the frame number referred by NAK.
 Lost frame:
o In go-back-n ARQ, Receiver easily detects the loss of a frame as the newly
received frame is received out of sequence.
o The receiver sends the NAK for the lost frame and then the receiver discards all
the frames received after a lost frame.
o The receiver does not send any ACK for that discarded frames.
o After the sender receives the NAK for the lost frame, it retransmits the lost frame
referred by NAK and also retransmits all the frames which it has sent after the lost
frame.
 Lost Acknowledgement :
o In go-back-n ARQ, If the sender does not receive any ACK or if the ACK is lost
or damaged in between the transmission.
o The sender waits for the time to run out and as the time run outs, the sender
retransmits all the frames for which it has not received the ACK.
o The sender identifies the loss of ACK with the help of a timer.
o The ACK number, like NAK number, shows the number of the frame, that
receiver expects to be the next in sequence.
o The window size of the receiver is 1 as the data link layer only require the frame
which it has to send next to the network layer.
 o The sender window size is equal to ‘w’. If the error rate is high, a lot of
bandwidth is lost wasted.

(ii) Selective Repeat ARQ:

 Selective Repeat ARQ overcomes the limitations of Go-Back-N by adding two new

features:
o Receiver window > 1 frame: Out-of-order but error-free frames can be accepted
o Retransmission mechanism is modified: Only individual frames are retransmitted

 In this method, only specific damaged or lost frame is retransmitted

 Sender only retransmits frames for which a NAK is received.
 NAK number refer to the frame lost.
 If a frame is corrupted in transmit, a NAK is returned and the frame is resent out of
sequence.
 The sender needs to maintain all data that hasn’t been aknowledged yet.
 The receiving device must be able to sort the frames it has and insert the retransmitted
frame into its proper place in the sequence.
 It has advantage that few re-transmissions than go-back-n. But complexity at sender and
receiver is involved.

 Example: Frame 2 has an error, so receiver maintains buffer to store the next frames.

 Damaged frames :
 o In Selective reject, If a receiver receives a damaged frame, it sends the NAK for
the frame in which error or damage is detected.
o The NAK number, like in go-back-n also indicate the acknowledgement of the
previously received frames and error in the current frame.
o The receiver keeps receiving the new frames while waiting for the damaged frame
to be replaced.
o The frames that are received after the damaged frame are not be acknowledged
until the damaged frame has been replaced.
 Lost Frame :
o As in a selective repeat protocol, a frame can be received out of order and further
they are sorted to maintain a proper sequence of the frames.
o While sorting, if a frame number is skipped, the receiver recognise that a frame is
lost and it sends NAK for that frame to the sender.
o After receiving NAK for the lost frame the sender searches that frame in its
window and retransmits that frame.
o If the last transmitted frame is lost then receiver does not respond and this silence
is a negative acknowledgement for the sender.
 Lost Acknowledgement :
o In Selective reject, If the sender does not receive any ACK or the ACK is lost or
damaged in between the transmission.
o The sender waits for the time to run out and as the time run outs, the sender
retransmit all the frames for which it has not received the ACK.
o The sender identifies the loss of ACK with the help of a timer.
 Routers Study Notes


Router
A router is a hardware component used to interconnect networks. Routers are devices whose primary
purpose is to connect two or more networks and to filter network signals so that only desired information
travels between them. Routers are much more powerful than bridges.

 A router has interfaces on multiple networks

 Networks can use different technologies
 A router forwards packets between networks
 Transforms packets as necessary to meet standards for each network
 Routers are distinguished by the functions they perform:
o Internal routers: Only route packets within one area.
o Area border routers: Connect to areas together
o Backbone routers: Reside only in the backbone area
o AS boundary routers: Routers that connect to a router outside the AS.

Routers can filter traffic so that only authorized personnel can enter restricted areas. They can permit or
deny network communications with a particular Web site. They can recommend the best route for
information to travel. As network traffic changes during the day, routers can redirect information to take
less congested routes.

 Routers operate primarily by examining incoming data for its network routing and transport
information.
 Based on complex, internal tables of network information that it compiles, a router then
determines whether or not it knows how to forward the data packet towards its destination.
 Routers can be programmed to prevent information from being sent to or received from certain
networks or computers based on all or part of their network routing addresses.
 Routers also determine some possible routes to the destination network and then choose the one
that promises to be the fastest.

Two key router functions of Router:

 Run routing algorithms/protocol (RIP, OSPF, BGP)

 Forwarding datagrams from incoming to outgoing link.
Address Resolution Protocol (ARP)
ARP is used to find the physical address of the node when its Internet address is known. Anytime, a host
or a router needs to find the physical address of another has on its network; it formats an ARP query
packet that includes that IP address and broadcasts it over the network. Every host on the network
receives and processes the ARP packet, but the intended recipient recognizes its Internet address and
sends back its physical address.
 

Reverse Address Resolution Protocol (RARP)

This protocol allows a host to discover its Internet address when it has known only its physical address.
RARP works much like ARP. The host wishing to retrieve its Internet address broadcasts a RARP query
packet that contains its physical address to every host of its physical network. A server on the network
recognizes the RARP packet and return the hosts Internet address.
 

Internet Control Massage Protocol (ICMP)

The ICMP is a mechanism used by hosts and routers to send notifications of datagram problems back to
the sender. IP is essentially an unreliable and connectionless protocol. ICMP allows IP (Internet Protocol)
to inform a sender if a datagram is un-deliverable.

ICMP uses each test/reply to test whether a destination is reachable and responding. It also handles both
control and error messages but its sole function is to report problems not correct them.
 

Internet Group Management Protocol(IGMP)

The IP can be involved in two types of communication uni-tasking and multitasking. The IGMP protocol
has been designed to help a multitasking router to identify the hosts in a LAN that are members of a
multicast group.
 

Addressing at Network Layer

In addition to the physical addresses that identify individual devices, the Internet requires an additional
addressing connection to an address that identifies the connection of a host of its network. Every host and
router on the Internet has an IP address which encodes its network number and host number. The
combination is unique in principle; no 2 machines on the Internet have the same IP address.
 
Firewall
A firewall is a device that prevents unauthorized electronic access to your entire network.

The term firewall is generic and includes many different kinds of protective hardware and software
devices. Routers comprise one kind of firewall.

Most firewalls operate by examining incoming or outgoing packets for information at OSI level 3, the
network addressing level.

Firewalls can be divided into 3 general categories: packet-screening firewalls, proxy servers (or
application-level gateways), and stateful inspection proxies.

 Packet-screening firewalls examine incoming and outgoing packets for their network address
information. You can use packet-screening firewalls to restrict access to specific Web sites or to
permit access to your network only from specific Internet sites.
 Proxy servers (also called application-level gateways) operate by examining incoming or
outgoing packets not only for their source or destination addresses but also for information
carried within the data area (as opposed to the address area) of each network packet. The data
area contains information written by the application program that created the packet—for
example, your Web browser, FTP, or TELNET program. Because the proxy server knows how to
examine this application-specific portion of the packet, you can permit or restrict the behaviour of
individual programs.
 The Stateful inspection proxies monitor network signals to ensure that they are part of a
legitimate ongoing conversation (rather than malicious insertions)
Switching Study Notes
The following approaches useful when there are multiple devices in the network. 

 Install a point-to-point connection between each pair of devices, but it is impractical and wasteful
approach when applied to very large network.
 For large network, we can go for switching. A switched network consists of a series of interlinked
nodes, called switches.

Switching:

 Switch switches within the subnet called as switching.

 In switching, packets are transferred from source to destination using MAC address.

 Switching is done within the same network.

Types of Switching:

Circuit Switching:

 Circuit switching was designed for voice communication.

 In a telephone conversation e.g., Once a circuit is established, it remains connected for the
duration of the session.
 It creates a direct physical connection between two devices such as phones or computers.
 In Circuit Switching a dedicated link is established across the sender and the receiver which is
maintained for the entire duration of the conversation.
 In circuit switching the routing, the decision is made when the path is set up across the given
network.
 After the link has been set in between the sender and the receiver then the information is
forwarded continuously over the provided link.
  Communication via circuit switching involves three phases: Circuit Establishment, Data
Transfer, and Circuit Disconnect.
 Connection path must be established before data transmission begins. Nodes must have switching
capacity and channel capacity to establish the connection
 Space Division Switching: Separates the path in the circuit from each other spatially.
 Time Division Switching: Uses time-division multiplexing to achieve switching.

Advantages of circuit switching

 Guaranteed bandwidth
 A reliable communication channel between hosts
 Low per-packet overhead: No IP (and TCP/UDP) header on each packet

Disadvantages of Circuit Switching

 Less suited to data and other non-voice transmissions.

 A circuit switched link creates the equivalent of a single cable between two devices and thereby
assumes a single data rate for both devices. This assumption limits the flexibility and usefulness
of a circuit switched connection.
 Once a circuit has been established, that circuit is the path taken by all parts of the transmission,
whether or not it remains the most efficient or available.
 Circuit switching sees all transmissions as equal. Any request is granted to whatever link is
available. But often with data transmission, we want to be able to prioritise.

 
Packet Switching

 To overcome the disadvantages of circuit switch. Packet switching concept came into the picture.
 In a packet switched network, data are transmitted in discrete units of potentially variable length
blocks called packets.
 Each packet contains not only data but also a header with control information (such as priority
codes and source and destination address).
 A packet contains three major fields: The header, the message, and redundancy check bits.
 The packets are sent over the network node to node.
 At each node, the packet is stored briefly, then routed according to the information in its header.

 There are two popular approaches to packet switching.

o Datagram
o Virtual circuit

Datagram Approach:
  Each packet is treated independently from all others.
 It is also called connection-less packet switching.
 Each packet treated independently.
 Packets can take any practical route in the network.
 Packets may arrive out of order. Packets may go missing.
 Routers in the internet are packet switches that operate in datagram mode.

 
Virtual Circuit Approach:

 Sender divides the data into packets

 Store-and-forward transmission: Multiple packets may arrive at once
 A single route is chosen between sender and receiver at the beginning of the session.
 Network can provide sequencing and error control.
 When the data are sent, all packets of the transmission travel one after another along that route.
 We can implement it into two formats:
o Switched Virtual Circuit (SVC)
o Permanent Virtual Circuit (PVC)

Switched Virtual Circuit:

 This SVC format is comparable conceptually to dial-up lines in circuit switching.

 Here, a virtual circuit is created whenever it is needed and exists only for the duration of the
specific exchange.

Permanent Virtual Circuit: 

 The PVC format is comparable to leased lines in circuit switching.

 In this method, the same virtual circuit is provided between two users on a continuous basis.
 The circuit is dedicated to specific users. No one else can use it and because it is always in place,
it can be used without connection establishment and connection termination.
 
 
Message Switching

 It is also known as store and forward.

 In this mechanism, a node receives a message, stores it, until the appropriate route is free, and
then send it along.
 Store and forward is considered a switching technique because there is no direct link between the
sender and receiver of a transmission.
 A message is delivered to the node along one path, then rerouted along with another to its
destination.
 In message switching, the messages are stored and relayed from secondary storage (disk), while
in packet switching the packets are stored and forwarded from primary storage (RAM).
 Routing Algorithms (Distance Vector, Link
State) Study Notes



Routing:

 Routing is the process of selecting paths in a network along which to send network traffic.
 Goals of routing are correctness, simplicity, Robustness, Stability, Fairness and Optimality.
 Routing is performed for many kinds of network, including the telephone network, electronic data
networks and transportation networks. 
 Routing Algorithms can be classified based on the following:
o Static or Dynamic Routing,
o Distributed or Centralized,
o Single path or Multi-path,
o Flat or Hierarchical,
o Intra Domain or Inter-Domain,
o link State or Distance Vector.
 Algorithms may be static, the routing decisions are made ahead of time, with information about
the network topology and capacity, then loaded into the routers.
 Algorithms may be dynamic, where the routers make decisions based on information they gather,
and the routes change over time, adaptively.
 Routing can be grouped into two categories: Nonadaptive routing, and Adaptive routing.

Nonadaptive Routing 

 Once the pathway to destination has been selected, the router sends all packets for that destination
along that one route.
 The routing decisions are not made based on the condition or topology of the network. 
 Examples: Centralized, Isolated, and Distributed Algorithms

Adaptive Routing

 A router may select a new route for each packet (even packets belonging to the same
transmission) in response to changes in condition and topology of the networks.
 Examples: Flooding, and Random Walk.

Routing Algorithms
Shortest Path Routing:

 Links between routers have a cost associated with them. In general, it could be a function of
distance, bandwidth, average traffic, communication cost, mean queue length, measured delay,
router processing speed, etc.
 The shortest path algorithm just finds the least expensive path through the network, based on the
cost function.
 Examples: Dijkstra's algorithm
Distance Vector Routing:

 In this routing scheme, each router periodically shares its knowledge about the entire network
with its neighbours.
 Each router has a table with information about the network. These tables are updated by
exchanging information with the immediate neighbours.
 It is also known as Belman-Ford or Ford-Fulkerson Algorithm.
 It is used in the original ARPANET, and in the Internet as RIP.
 Neighbouring nodes in the subnet exchange their tables periodically to update each other on the
state of the subnet (which makes this a dynamic algorithm). If a neighbour claims to have a path
to a node which is shorter than your path, you start using that neighbour as the route to that node.
 Distance vector protocols (a vector contains both distance and direction), such as RIP, determine
the path to remote networks using hop count as the metric. A hop count is defined as the number
of times a packet needs to pass through a router to reach a remote destination.
 For IP RIP, the maximum hop is 15. A hop count of 16 indicates an unreachable network. Two
versions of RIP exist version 1 and version 2.
 IGRP is another example of a distance vector protocol with a higher hop count of 255 hops.
 Periodic updates are sent at a set interval. For IP RIP, this interval is 30 seconds.
 Updates are sent to the broadcast address 255.255.255.255. Only devices running routing
algorithms listen to these updates.
 When an update is sent, the entire routing table is sent.

Link State Routing:

 The following sequence of steps can be executed in the Link State Routing.
 The basis of this advertising is a short packed called a Link State Packet (LSP).
 OSPF (Open shortest path first) and IS-IS are examples of Link state routing.
 Link State Packet(LSP) contains the following information:
1. The ID of the node that created the LSP;
2. A list of directly connected neighbours of that node, with the cost of the link to
each one;
3. A sequence number;
4. A time to live(TTL) for this packet.
 When a router floods the network with information about its neighbourhood, it is said to be
advertising.
1. Discover your neighbours
2. Measure delay to your neighbours
3. Bundle all the information about your neighbours together
4. Send this information to all other routers in the subnet
5. Compute the shortest path to every router with the information you receive
6. Each router finds out its own shortest paths to the other routers by using Dijkstra's
algorithm.
 In link-state routing, each router shares its knowledge of its neighbourhood with all routers in the
network.
 Link-state protocols implement an algorithm called the shortest path first (SPF, also known as
Dijkstra's Algorithm) to determine the path to a remote destination.
 There is no hop-count limit. (For an IP datagram, the maximum time to live ensures that loops are
avoided.)
  Only when changes occur, It sends all summary information every 30 minutes by default. Only
devices running routing algorithms listen to these updates. Updates are sent to a multicast
address.
 Updates are faster and convergence times are reduced. Higher CPU and memory requirements to
maintain link-state databases.
 Link-state protocols maintain three separate tables:

1. Neighbour table: It contains a list of all neighbours, and the interface each neighbour is
connected off of. Neighbours are formed by sending Hello packets.
2. Topology table (Link- State table): It contains a map of all links within an area,
including each link’s status.
3. Routing table: It contains the best routes to each particular destination

Flooding Algorithm:

 It is a non-adaptive algorithm or static algorithm.

 When a router receives a packet, it sends a copy of the packet out on each line (except the one on
which it arrived).
 To prevent from looping forever, each router decrements a hop count contained in the packet
header.
 As soon as the hop count decrements to zero, the router discards the packet.

Flow-Based Routing Algorithm:

 It is a non-adaptive routing algorithm.

 It takes into account both the topology and the load in this routing algorithm;
 We can estimate the flow between all pairs of routers.
 From the known average amount of traffic and the average length of a packet, you can compute
the mean packet delays using queuing theory.
 Flow-based routing then seeks to find a routing table to minimize the average packet delay
through the subnet.
 Given the line capacity and the flow, we can determine the delay. It needs to use the formula for
delay time T.

 Where, μ = Mean number of arrivals in packet/sec, 1/μ = The mean packet size in the bits, and c
= Line capacity (bits/s).

 
The Optimality Principal: This simple states that if router J is on the optimal path form router I to router
k, then the optimal path from J to K also falls along this same path.

Basics of Wi-Fi Study Notes

WiFi stands for Wireless Fidelity. WiFi is the marketing name for IEEE standard 802.11. It is a
standard for both Level 1 (physical) and Level 2 (data link) of a wireless data transmission
protocol. It is primarily a local area networking (LAN) technology designed to provide in-
building broadband coverage.

 
Current WiFi systems support a peak physical-layer data rate of 54 Mbps and typically provide indoor
coverage over a distance of 100 feet.
 
WiFi offers remarkably higher peak data rates than do 3G systems, primarily since it operates over a
larger 20 MHz bandwidth, but WiFi systems are not designed to support high-speed mobility.
 
WiFi interfaces are now also being built into a variety of devices, including personal data assistants
(PDAs), cordless phones, cellular phones, cameras, and media players.

 
WiFi is Half Duplex: All WiFi networks are contention-based TDD systems, where the access point and
the mobile stations all vie for use of the same channel. Because of the shared media operation, all Wi-Fi
networks are half duplex.
 
There are equipment vendors who market Wi-Fi mesh configurations, but those implementations
incorporate technologies that are not defined in the standards. Channel Bandwidth: The Wi-Fi standards
define a fixed channel bandwidth of 25 MHz for 802.11b and 20 MHz for either 802.11a or g networks.
 
Wi-Fi - IEEE Standards: The 802.11 standard is defined through several specifications of WLANs. It
defines an over-the-air interface between a wireless client and a base station or between two wireless
clients.

Specifications:

 802.11 − This pertains to wireless LANs and provides 1- or 2-Mbps transmission in the 2.4-GHz
band using either frequency-hopping spread spectrum (FHSS) or direct-sequence spread spectrum
(DSSS).
  802.11a − This is an extension to 802.11 that pertains to wireless LANs and goes as fast as 54
Mbps in the 5-GHz band. 802.11a employs the orthogonal frequency division multiplexing
(OFDM) encoding scheme as opposed to either FHSS or DSSS.
 802.11b − The 802.11 high rate WiFi is an extension to 802.11 that pertains to wireless LANs
and yields a connection as fast as 11 Mbps transmission (with a fallback to 5.5, 2, and 1 Mbps
depending on strength of signal) in the 2.4-GHz band. The 802.11b specification uses only DSSS.
Note that 802.11b was actually an amendment to the original 802.11 standard added in 1999 to
permit wireless functionality to be analogous to hard-wired Ethernet connections.
 802.11g − This pertains to wireless LANs and provides 20+ Mbps in the 2.4-GHz band.

Wi-Fi Concepts: There are two general types of Wi-Fi transmission: DCF (Distributed Coordination
Function) and PCF (Point Coordination Function). DCF is Ethernet in the air. It employs a very similar
packet structure, and many of the same concepts. There are two problems that make wireless different
then wired.

 The hidden substation problem.

 High error rate.

These problems demand that a DCF Wi-Fi be a CSMA/CA network (Collision Avoidance) rather than a
CSMA/CD network (Collision Detect). The results are the following protocol elements,

 Positive Acknowledgement. Every packet sent is positively acknowledged by the receiver. The
next packet is not sent until receiving a positive acknowledgement for the previous packet.
 Channel clearing. A transmission begins with a RTS (Request to Send) and the destination or
receiver responds with a CTS (Clear to Send). Then the data packets flow. For the channel is
cleared by these two messages.
 Channel reservation: Each packet has a NAV (Network Allocation Vector) containing a number
X. The channel is reserved to the correspondents (the sender and receiver of this packet) for an
additional X milliseconds after this packet. Once you have the channel, you can hold it with the
NAV. The last ACK contains NAV zero, to immediately release the channel.

Application Layer Protocols (DNS, SMTP,

POP, FTP, HTTP) Study Notes
An application layer protocol defines how application processes (clients and servers), running on
different end systems, pass messages to each other. In particular, an application layer protocol
defines:

 The types of messages, e.g., request messages and response messages.

 The syntax of the various message types, i.e., the fields in the message and how the fields
are delineated.
 The semantics of the fields, i.e., the meaning of the information that the field is supposed
to contain;
 Rules for determining when and how a process sends messages and responds to
messages.

SMTP (Simple Mail Transfer Protocol):

 One of the most popular network service is electronic mail (e-mail).

 The TCP/IP protocol that supports electronic mail on the Internet is called Simple Mail
Transfer Protocol (SMTP).
 SMTP transfers messages from senders' mail servers to the recipients' mail servers using
TCP connections.
 Users based on e-mail addresses.
  SMTP provides services for mail exchange between users on the same or different
computers.
 Following the client/server model:
o SMTP has two sides: a client side which executes on a sender's mail server, and
server side which executes on recipient's mail server.
o Both the client and server sides of SMTP run on every mail server.
o When a mail server sends mail (to other mail servers), it acts as an SMTP client.
o When a mail server receives mail (from other mail servers) it acts as an SMTP
server.

TELNET (Terminal Network):

 TELNET is client-server application that allows a user to log onto remote machine and
lets the user to access any application program on a remote computer.
 TELNET uses the NVT (Network Virtual Terminal) system to encode characters on the
local system.
 On the server (remote) machine, NVT decodes the characters to a form acceptable to the
remote machine.
 TELNET is a protocol that provides a general, bi-directional, eight-bit byte oriented
communications facility.
 Many application protocols are built upon the TELNET protocol
 Telnet services are used on PORT 23.

FTP (File Transfer Protocol):

 FTP is the standard mechanism provided by TCP/IP for copying a file from one host to
another.
 FTP differs form other client-server applications because it establishes 2 connections
between hosts.
 Two connections are: Data Connection and Control Connection.
 Data Connection uses PORT 20 for the purpose and control connection uses PORT 21 for
the purpose.
 FTP is built on a client-server architecture and uses separate control and data connections
between the client and the server.
 One connection is used for data transfer, the other for control information (commands
and responses).
 It transfer data reliably and efficiently.

Multipurpose Internet Mail Extensions (MIME):

 It is an extension of SMTP that allows the transfer of multimedia messages.

 If binary data is included in a message MIME headers are used to inform the receiving
mail agent:
o  Content-Transfer-Encoding: Header alerts the receiving user agent that the
message body has been ASCII encoded and the type of encoding used.
 o Content-Type: Header informs the receiving mail agent about the type of data
included in the message.

POP (Post Office Protocol):

 POP is also called as POP3 protocol.

 This is a protocol used by a mail server in conjunction with SMTP to receive and holds
mail for hosts.
 POP3 mail server receives e-mails and filters them into the appropriate user folders.
When a user connects to the mail server to retrieve his mail, the messages are
downloaded from mail server to the user's hard disk.

HTTP (Hypertext Transfer Protocol):

 This is a protocol used mainly to access data on the World Wide Web (www).
 The Hypertext Transfer Protocol (HTTP) the Web's main application-layer protocol
although current browsers can access other types of servers
 A respository of information spread all over the world and linked together.
 The HTIP protocol transfer data in the form of plain text, hyper text, audio, video and so
on.
 HTTP utilizes TCP connections to send client requests and server replies.
  it is a synchronous protocol which works by making both persistent and non persistent
connections.

Domain Name System (DNS):

 To identify an entity, TCP/IP protocol uses the IP address which uniquely identifies the
connection of a host to the Internet.
 DNS is a hierarchical system, based on a distributed database, that uses a hierarchy of
Name Servers to resolve Internet host names into the corresponding IP addresses required
for packet routing by issuing a DNS query to a name server.
 However, people refer to use names instead of address. Therefore, we need a system that
can map a name to an address and conversely an address to name.
 In TCP/IP, this is the domain name system.
 DNS in the Internet: DNS is protocol that can be used in different platforms.
 Domain name space is divided into three categories.
 Generic Domain: The generic domain defines registered hosts according, to their generic
behaviour. Each node in the tree defines a domain which is an index to the domain name
space database.
 Country Domain: The country domain section follows the same format as the generic
domain but uses 2 characters country abbreviations (e.g., US for United States) in place
of 3 characters.
 Inverse Domain: The inverse domain is used to map an address to a name.
 Overview of Services



LAN Technologies (Ethernet) Study Notes
Ethernet LANs consist of network nodes and interconnecting media. The network nodes fall into two
major classes:

 Data terminal equipment (DTE) : Devices that are either the source or the destination of data
frames. DTEs are typically devices such as PCs, workstations, file servers, or print servers that,as
a group, are all often referred to as end stations.
 Data communication equipment (DCE) : Intermediate network devices that receive and
forward frames across the network. DCEs may be either standalone devices such as repeaters,
network switches, and routers, or communications interface units such as interface cards and
modems.

Addressing: LAN data transmissions classified into one of three categories: Unicast, Multicast, and
Broadcast.

 Unicast: Addressing is one-to-one, where one computer sends a frame to another computer. Even
though many stations can receive the same data, they should ignore it since it is not addressed to
them. With unicast transmissions, a single packet is sent from the source to a destination on a
network. The source-node addresses the packet by using the network address of the destination
node. The packet is then forwarded to the destination network and the network passes the packet
to its final destination.
 Multicast: Addressing is one-to-many, where one computer is sending a frame to many other
computers. This can be done via a list of addresses, or some masking scheme that selects a subset
of addresses.  With a multicast transmission, a single data packet is copied and forwarded to a
specific subset of nodes on the network. The source node addresses the packet by using a
multicast address.
 Broadcast: Addressing is one-to-all, where one computer sends data to all computers connected
to the LAN. Broadcasts are found in LAN environments. Broadcasts do not traverse a WAN
unless the Layer 3 edge-routing device is configured with a helper address (or the like) to direct
these broadcasts to a specified network address.

LAN Topologies: There are 4 types of LAN topologies are available. (i) Bus, (ii) Ring, (iii) Star, and (iv)
Mesh. Bus: A bus topology consists of devices connected to a common, shared cable.

 Failure of the medium disrupts communication.

 Failure of devices doesn’t effect the communication (passive interface).
 There is a limit on the length of the network (devices don’t amplify/repeat the signal).
 The propagation delay isn’t effected by the number of devices.
 The original Ethernet networks were implemented with a coaxial bus structure.
 Segment lengths were limited to 500 meters with up to 100 stations connected to a single
segment.
 Individual segments could be interconnected with repeaters, as long as multiple paths did not
exist between any two stations on the network and the number of DTEs did not exceed 1024.
 Advantages of Bus:
o Use of cable is economical.
 o Media is inexpensive and easy to work with.
o System is simple and reliable.
o Bus is easy to extend.
 Disadvantages of Bus:
o Network can slow down in heavy traffic.
o Problems are difficult to isolate.
o Cable break can affect many users.

Ring: Connecting computers to a cable that forms a loop is referred to as setting up a ring topology.

 Failure of the medium seriously disrupts communication.

 Malfunctioning of the interface can seriously effect communication (devices are active).
 There is no limitation on the length of the network (devices repeat/retransmit the frame).
 Advantages of Ring:
o System provides equal access for all computers.
o Performance is even despite many users.
 Disadvantages of Ring:
o Failure of one computer can impact the rest of the network.
o Problems are hard to isolate.
o Network reconfiguration disrupts operation.

Star: Connecting computers to cable segments that branch out from a single point, or hub, is referred to
as setting up a star topology.

 Failure of the medium does not seriously disrupt communication.

 Malfunctioning of the station doesn’t seriously effect the communication.
 The network can use guided or unguided media.
 Failure of the hub disrupts the communication.
 The network can use any medium, like twisted pair, coax, or fiber
 The central network unit is either a multiport repeater (also known as a hub) or a network switch.
 All connections in a star network are point-to-point links implemented with either twisted-pair or
optical fiber cable.
 Advantages of Star:
o Modifying system and adding new computers is easy.
o Centralized monitoring and management are possible.
 Disadvantages of Star:
o Failure of one computer does not affect the rest of the network.
o If the centralized point fails, the network fails.

Mesh: A mesh topology connects all computers in a network to each other with separate cables.

 Advantages of Mesh: System provides increased redundancy and reliability as well as ease of

troubleshooting.
 Disadvantages of Mesh: System is expensive to install because it uses a lot of cabling.

LAN Technologies

 LAN Protocols function at the lowest two layers of the OSI reference model between the physical
layer and the data link layer.
  The IEEE 802.3 standard defines Ethernet protocols for (Open Systems Interconnect) OSI’s
Media Access Control (MAC) sublayer and physical layer network characteristics.
 The IEEE 802.2 standard defines protocols for the Logical Link Control (LLC) sublayer.
 Media contention occurs when more than one network device has data to send at the same time.
The following two methods are used to access the network media where multiple devices cannot
talk on the network simultaneously.
o CSMA/CD : This network uses Ethernet technology.
o Token Passing : It uses Token Ring technology.

Carrier Sense Multiple Access with Collision Detect (CSMA/CD):

 The CSMA/CD method is internationally standardized in IEEE 802.3 and ISO 8802.3
 CSMA/CD is a type of contention protocol.
 Standard Ethernet networks use CSMA/CD to physically monitor the traffic on the line at
participating stations.
 It is a set of rules determining how network devices respond when two devices attempt to use a
data channel simultaneously (called a collision).
 If no transmission is taking place at the time, the particular station can transmit.
 If two stations attempt to transmit simultaneously, this causes a collision, which is detected by all
participating stations.
o The stations that collided attempt to transmit again after a random time interval.
o If another collision occurs, the time intervals from which the random waiting time is
selected are increased step by step. This is known as Binary exponential back off.

IEEE Standards

 IEEE 802.1: Standards related to network management.

 IEEE 802.2: Standard for the data link layer in the OSI Reference Model
 IEEE 802.3: Standard for the MAC layer for bus networks that use CSMA/CD. (Ethernet
standard)
 IEEE 802.4: Standard for the MAC layer for bus networks that use a token-passing mechanism
(token bus networks).
 IEEE 802.5: Standard for the MAC layer for token-ring networks.
 IEEE 802.6: Standard for Metropolitan Area Networks (MANs).

Ethernet (IEEE 802.3) :

 The term Ethernet refers to the family of local-area network (LAN) products covered by the IEEE
802.3 standard that defines what is commonly known as the CSMA/CD protocol.
 A standard for a 1-persistent CSMA/CD LAN.
 It operates at 10 Mbps using carrier sense multiple access collision detect (CSMA/CD) to run
over coaxial cable.
 It covers the physical layer and MAC sublayer protocol.
 3 Ethernet uses Manchester Phase Encoding (MPE) for coding the data bits on the outgoing
signal.
 In Ethernet, both the data link and the physical layers are involved in the creation and
transmission of frames.
 The physical layer is related to the type of LAN cabling and how the bits are transmitted and
received on the cable.
  The hardware address, or MAC address is transmitted and stored in Ethernet network devices
in Canonical format i.e. Least significant Bit (LSB) first called as little endian.
 The data link layer is divided into sublayers, the Logical Link Control (LLC) and the Media
Access Control layers (MAC).
 The frames created by these layers contain several fields that are processed by Network Interface
Cards (NICs) in the sending and receiving devices.

Three data rates are currently defined for operation over optical fiber and twisted-pair cables:

 10 Mbps - 10Base-T Ethernet

 100 Mbps - Fast Ethernet
 1000 Mbps - Gigabit Ethernet

Ethernet Specifications:

Advantages of Ethernet over other technologies:

 It is easy to understand, implement, manage, and maintain.

 It allows low-cost network implementations.
 It provides extensive topological flexibility for network installation.
 It guarantees successful interconnection and operation of standards-compliant products,
regardless of manufacturer.

IEEE 802.3 Frame Format: Maximum 802.3 frame size is 1518 bytes and the minimum size is
64
bytes. 
  Preamble field: Establishes bit synchronization and transceiver conditions so that the PLS
circuitry synchs in with the received frame timing.
 Start Frame Delimiter: Sequence 10101011 in a separate field..
 Destination address: Hardware address (MAC address) of the destination station (usually 48 bits
i.e. 6 bytes).
 Source address: Hardware address of the source station (must be of the same length as the
destination address, the 802.3 standard allows for 2 or 6 byte addresses).
 Length: Specifies the length of the data segment, actually the number of LLC data bytes.
 Pad: Zeros added to the data field to 'Pad out' a short data field to 46 bytes.
 Data: Actual data which is allowed anywhere between 46 to 1500 bytes within one frame.
 FCS: Frame Check Sequence to detect errors that occur during transmission.

Propagation Delay: Time taken for a signal to travel from the transmitter to the receiver

 Speed of light is the fastest a signal will propagate

o 3 × 108 m/sec through space
o 2 × 108 m/sec through copper

Transmission Delay (Time): Time taken to put the bits on the transmission media.
Transmission speed of 2Mbps means 2 × 106 bits can be transmitted in 1 second

Processing Delay: Time taken to execute protocols. (check for errors and send Acks etc.)

Queuing Delay: Only in packet switched networks.

 Time spent waiting in buffer for transmission

 Increases as load on network increases

Round Trip Delay: Round trip delay is defined as the time between the first bit of the message
being put onto the transmission medium, and the last bit the acknowledgement being received
back by the transmitter. It is the sum of the all the delays detailed above. The round trip delay is
a critical factor in the performance of packet switched protocols and networks. Indeed, it has
been stated that a good algorithm for estimating the round trip delay is at the heart of a good
packet switch protocol.

Ethernet Efficiency

 Let tprop denote the maximum time it takes signal energy to propagate between any two adapters.
 Let ttrans be the time to transmit a maximum-size Ethernet frame (approximately 1.2 msecs for a 10
Mbps Ethernet).
Token Ring (IEEE 802.5):

 Token Ring is formed by the nodes connected in ring.

 The principle used in the token ring network is that a token is circulating in the ring and
whichever node grabs that token will have right to transmit the data.
 Whenever a station wants to transmit a frame it inverts a single bit of the 3-byte token which
instantaneously changes it into a normal data packet. Because there is only one token, there can
atmost be one transmission at a time.
 Since the token rotates in the ring it is guaranteed that every node gets the token with in some
specified time. So there is an upper bound on the time of waiting to grab the token so that
starvation is avoided.
 There is also an upper limit of 250 on the number of nodes in the network.
 To distinguish the normal data packets from token (control packet) a special sequence is assigned
to the token packet.
 When any node gets the token it first sends the data it wants to send, then recirculates the token.
 If a node transmits the token and nobody wants to send the data the token comes back to the
sender.

 Token Ring and FDDI, on the other hand, transmit the MAC address with the Most Significant
Bit (MSB) first, orBig-Endian, This is known as Non-Canonical

If the first bit of the token reaches the sender before the transmission of the last bit, then error situation
araises. To avoid this situation, the following condition should hold.

 Propagation delay + transmission of n-bits (1-bit delay in each node) > transmission of the
token time

Modes of Operation

1. Listen Mode: In this mode the node listens to the data and transmits the data to the next node. In
this mode there is a one-bit delay associated with the transmission.
2. Transmit Mode: In this mode the node just discards the any data and puts the data onto the
network.
3. By-pass Mode: In this mode reached when the node is down. Any data is just bypassed. There is
no one-bit delay in this mode.

A Token Ring network includes the following features:

 Star-wired ring topology

 Token-passing access method
 Shielded and unshielded twisted-pair (IBM Types 1, 2, and 3) cabling
 Transfer rates of 4 and 16 Mbps
 Baseband transmission
 802.5 specifications

IEEE 802.5 Token Ring Frame Format:

  Start delimiter (1 octet): Indicates start of the frame.
 Access control (1 octet): Indicates the frame's priority and whether it is a token or a data frame
 Frame control (1 octet):  Contains either Media Access Control information for all computers or
"end station" information for only one computer
 Destination address (2 or 6 octets ): Indicates the address of the computer to receive the frame
 Source address (2 or 6 octets ): Indicates the computer that sent the frame
 Information or data (0 or more octets up to 4027): Contains the data being sent. No upper limit on
amount of data as such, but it is limited by the token holding time.
 Frame check sequence (4 Octets): Contains CRC error-checking information. The source
computes and sets this value. Destination too calculates this value. If the two are different, it
indicates an error, otherwise the data may be correct.
 End delimiter (1 Octet): Indicates the end of the frame
 Frame status (1 Octet): Tells whether the frame was recognized, copied, or whether the
destination address was available.

IPv4 / IPv6 Study Notes

Internet Protocol
It is a set of technical rules that defines how computers communicate over a network.
IPv4

It is the first version of Internet Protocol to be widely used and accounts for most of today’s
Internet traffic.

 Address Size: 32 bits

 Address Format: Dotted Decimal Notation: 192.149.252.76

 Number of Addresses: 232 = 4,294,967,296 Approximately

 IPv4 header has 20 bytes

 IPv4 header has many fields (13 fields)

 It is subdivided into classes <A-E>.

 The address uses a subnet mask.

 IPv4 has a lack of security.

IPv4:

 Source and destination addresses are 32 bits (4 bytes) in length.

 IPsec support is optional
 Identification of packet flow for QoS handling by routers is absent within the IPv4 header.
 Fragmentation is performed by both routers and the sending host.
 The header includes a checksum.
 The header includes options.
 Address Resolution Protocol (ARP) uses broadcast ARP request frames to resolve an IPv4
address to a link-layer address.
 Internet Group Management Protocol (IGMP) is used to manage local subnet group membership.
 ICMP router discovery is used to determine the IPv4 address of the best default gateway and is
optional.
 Broadcast addresses are used to send traffic to all nodes on a subnet.
 Must be configured either manually or through DHCP.
 Uses host address resource records in the Domain Name System to map host names to IPv4
addresses.
 Uses pointer resource records in the INADDR, ARPA DNS domain to map IPv4 addresses to
host names.
 Must support a 576 byte packet size (possibly fragmented).
IPv6: It is a newer numbering system that provides a much larger address pool than IPv4.

 Address Size: 128 bits

 Address Format: Hexadecimal Notation: 3FFE:F200:0234:AB00:

0123:4567:8901:ABCD

 Number of Addresses: 2128

 IPv6 header is the double, it has 40 bytes

 IPv6 header has fewer fields, it has 8 fields.

 It is classless.

 It uses a prefix and an Identifier ID known as IPv4 network

 It uses a prefix length.

 It has a built-in strong security (Encryption and Authentication)

IPv6:

 Source and destination addresses are 128 bits (16 bytes) in length.
 IPSec is mandatory and end to end.
 Packet flow identification for QoS handling by routers is included in the IPv6 header using the
flow label field.
 Fragmentation is not done by routers, only the sending host.
 The header does not include a checksum.
 All optional data is moved to IPv6 extension headers.
 ARP request frames are replaced with multicast neighbor solicitation messages.
 IGMP is replaced with Multicast Listener Discovery (MLD) messages.
 ICMP router discovery is replaced with ICMPv6 Router solicitation and router advertisement
messages and is required.
 There are no IPv6 broadcast addresses. Instead, a link-local scope all-nodes multicast address is
used.
 Does not require manual configuration or DHCP.
 Uses host address resource records in the Domain Name System to map host names to IPv6
addresses.
 Uses pointer resource records in the IPv6 ARPA DNS domain to map IPv6 addresses to host
names.
 Must support a 1280 byte packet size ( without fragmentation)

Classes and Subnetting

There are currently five different field length pattern in use, each defining a class of address.
An IP address is 32 bit long. One portion of the address indicates a network (Net ID) and the
other portion indicates the host (or router) on the network (i.e., Host ID).

To reach a host on the Internet, we must first reach the network, using the first portion of the
address (Net ID). Then, we must reach the host itself, using the 2nd portion (Host ID).

The further division a network into smaller networks called subnetworks.

For Class A: First bit of Net ID should be 0 like in the following pattern

01111011 . 10001111 . 1111100 . 11001111

For Class B: First 2 bits of Net ID should be 1 and 0 respective, as in below

pattern 10011101 . 10001111 . 11111100 . 11001111

For Class C: First 3 bits Net ID should be 1, 1 and 0 respectively, as follows

11011101 . 10001111 . 11111100 . 11001111

For Class D: First 4 bits should be 1110 respectively, as in pattern

11101011 . 10001111 . 11111100 . 11001111

For Class E: First 4 bits should be 1111 respectively, like

11110101 . 10001111 . 11111100 . 11001111

Class Ranges of Internet Address in Dotted Decimal Format

Three Levels of Hierarchy: Adding subnetworks creates an intermediate level of hierarchy in

the IP addressing system. Now, we have three levels: net ID; subnet ID and host ID. e.g.,
Masking

Masking is a process that extracts the address of the physical network from an IP address.
Masking can be done whether we have subnetting or not. If we have not subnetted the network,
masking extracts the network address form an IP address. If we have subnetted, masking extracts
the subnetwork address form an IP address. 
Masks without Subnetting: To be compatible, routers use a mask even, if there is no
subnetting.

Masks with Subnetting: When there is subnetting, the masks can vary

Masks for Unsubnetted Networks

Masks for Subnetted Networks

Types of Masking

There are two types of masking as given below

Boundary Level Masking: If the masking is at the boundary level (the mask numbers are either
255 or 0), finding the subnetwork address is very easy. Follow these 2 rules

 The bytes in IP address that corresponds to 255 in the mask will be repeated in the
subnetwork address.

 The bytes in IP address that corresponds to 0 in the mask will change to 0 in the
subnetwork address.

Non-boundary Level Masking: If the masking is not at the boundary level (the mask numbers
are not just 255 or 0), finding subnetwork address involves using the bit-wise AND operator,
follow these 3 rules
  The bytes in IP address that corresponds to 255 in the mask will be repeated in the
subnetwork address.

 The bytes in the IP address that correspond to 0 in the mask will be changed to 0 in the
subnetwork address.

 For other bytes, use the bit-wise AND operator

As we can see, 3 bytes are ease {, to determine. However, the 4th bytes needs the bit-wise AND
operation.

Classless Addressing Scheme:

 No classes for the division of IP addresses

 Notation: x.y.z.w/n,  where n denotes the mask value inside the given network.

 No of host id= 2 32-n

 Rules: 1. Addresses in blocks are continuous.

2. The first address of a block should be exactly divisible by no of addresses in a block.

TCP/UDP and Sockets Study Notes
Transport Layer Protocols

There are two transport layer protocols as given below.

1)UDP (User Datagram Protocol)

UDP is a connection less protocol. UDP provides a way for application to send encapsulate IP datagram
and send them without having to establish a connection.

 Datagram oriented
 Unreliable, connectionless
 Simple
 Unicast and multicast
 Useful only for few applications, e.g., multimedia applications
 Used a lot for services: Network management (SNMP), routing (RIP), naming (DNS), etc.

UDP transmitted segments consisting of an 8 byte header followed by the payload. The two parts serve to
identify the end points within the source and destinations machine. When UDP packets arrives, its
payload is handed to the process attached to the destination ports.

 Source Port Address (16 Bits)

Total length of the User Datagram (16 Bits)

 Destination Port Address (16 Bits)

Checksum (used for error detection) (16 Bits

2)TCP (Transmission Control Protocol)

TCP provides full transport layer services to applications. TCP is reliable stream transport port-to-port
protocol. The term stream in this context, means connection-oriented, a connection must be established
between both ends of transmission before either may transmit data. By creating this connection, TCP
generates a virtual circuit between sender and receiver that is active for the duration of transmission.

TCP is a reliable, point-to-point, connection-oriented, full-duplex protocol.

Flag bits

 URG: Urgent pointer is valid If the bit is set, the following bytes contain an urgent message in the
sequence number range “SeqNo <= urgent message <= SeqNo + urgent pointer”
 ACK: Segment carries a valid acknowledgement
 PSH: PUSH Flag, Notification from sender to the receiver that the receiver should pass all data
that it has to the application. Normally set by sender when the sender’s buffer is empty
 RST: Reset the connection, The flag causes the receiver to reset the connection. Receiver of a
RST terminates the connection and indicates higher layer application about the reset
 SYN: Synchronize sequence numbers, Sent in the first packet when initiating a connection
  FIN: Sender is finished with sending. Used for closing a connection, and both sides of a
connection must send a FIN.

TCP segment format

Each machine supporting TCP has a TCP transport entity either a library procedure, a user process or port
of kernel. In all cases, it manages TCP streams and interfaces to the IP layer. A TCP entities accepts the
user data stream from local processes, breaks them up into pieces not exceeding 64 K bytes and sends
each piece as separate IP datagrams.

Sockets

A socket is one end of an inter-process communication channel. The two processes each establish their
own socket. The system calls for establishing a connection are somewhat different for the client and the
server, but both involve the basic construct of a socket.

The steps involved in establishing a socket on the client side are as follows:

1. Create a socket with the socket() system call

2. Connect the socket to the address of the server using the connect() system call

3. Send and receive data. There are a number of ways to do this, but the simplest is to use
the read() and write() system calls.

The steps involved in establishing a socket on the server side are as follows:

1. Create a socket with the socket() system call

2. Bind the socket to an address using the bind() system call. For a server socket on the Internet,

an address consists of a port number on the host machine.

3. Listen for connections with the listen() system call
4. Accept a connection with the accept() system call. This call typically blocks until a client

connects with the server.

5. Send and receive data
When a socket is created, the program has to specify the address domain and the socket type.

Two processes can communicate with each other only if their sockets are of the same type and in the
same domain.

There are two widely used address domains, the unix domain, in which two processes which share a
common file system communicate, and the Internet domain, in which two processes running on any two
hosts on the Internet communicate. Each of these has its own address format.

The address of a socket in the Unix domain is a character string which is basically an entry in the file
system.

The address of a socket in the Internet domain consists of the Internet address of the host machine (every
computer on the Internet has a unique 32 bit address, often referred to as its IP address). In addition, each
socket needs a port number on that host. Port numbers are 16 bit unsigned integers. The lower numbers
are reserved in Unix for standard services.

For example, the port number for the FTP server is 21. It is important that standard services be at the
same port on all computers so that clients will know their addresses. However, port numbers above 2000
are generally available.

Socket Types

There are two widely used socket types, stream sockets, and datagram sockets.

Stream sockets treat communications as a continuous stream of characters, while datagram sockets have
to read entire messages at once. Each uses its own communications protocol. Stream sockets use TCP
(Transmission Control Protocol), which is a reliable, stream oriented protocol, and datagram sockets use
UDP (Unix Datagram Protocol), which is unreliable and message oriented. A second type of connection
is a datagram socket. You might want to use a datagram socket in cases where there is only one message
being sent from the client to the server, and only one message being sent back. There are several
differences between a datagram socket and a stream socket.
 1. Datagrams are unreliable, which means that if a packet of information gets lost somewhere in the
Internet, the sender is not told (and of course the receiver does not know about the existence of
the message). In contrast, with a stream socket, the underlying TCP protocol will detect that a
message was lost because it was not acknowledged, and it will be retransmitted without the
process at either end knowing about this.
2. Message boundaries are preserved in datagram sockets. If the sender sends a datagram of 100
bytes, the receiver must read all 100 bytes at once. This can be contrasted with a stream socket,
where if the sender wrote a 100 byte message, the receiver could read it in two chunks of 50 bytes
or 100 chunks of one byte.
3. The communication is done using special system calls sendto() and receivefrom() rather
than the more generic read() and write().

4. There is a lot less overhead associated with a datagram socket because connections do not need to
be established and broken down, and packets do not need to be acknowledged. This is why
datagram sockets are often used when the service to be provided is short, such as a time-of-day
service.

 State Transition Diagram at Transport Layer:

Congestion Control Study Notes
When one part of the subnet becomes overloaded, congestions results. Because routers are
receiving packet faster than they can forward them, one of the two must happen. The subnet must
prevent additional packets form entering the congested region until those already present can be
processed. The congested routers can discard queued packets to make room for those that are
arriving. 
Congestion Control Techniques: Several techniques can be employed for congestion control. These
include

Warning Bit: A special bit in the packet header is set by the router to warn the source when congestion is
detected. The bit is copied and piggy-backed on the ACK and sent to sender.

The sender mentions the number of ACK (acknowledgment) packets, it receives with the warning bit set
and adjusts its transmission rate accordingly.

Choke Packets: A choke packet is control packet generated at congested node and transmitted to restrict
traffic flow.

The source, one receiving the choke packet must reduce its transmission rate by a certain percentage.

Load Shedding: When buffers become full routers simply discard packets. Which packet is chosen to be
the victim depends on the application and on the error strategy used in data link layer.
 

Random Early Discarded (RED): This is a proactive approach in which the router discards one or more
packets before the buffer becomes completely full. Each time a packet arrives, the RED algorithm
computes the average queue length.

Traffic Shaping

 Another method to congestion control is to shape the traffic before it enters the network.
 It controls the rate at which packets are sent (not just how many). Used in ATM and integrated
services networks.
 At connections setup time, the sender and carrier negotiate a traffic pattern (shape).
 Two traffic shaping algorithms are as follows
1. Leaky Bucket
2. Token Bucket

The Leaky Bucket (LB) Algorithm

The Leaky Bucket algorithm used to control rate in the network. It is implemented as single-server queue
with constant service time. If the buffer (bucket) overflows, then packets are discarded.
 

The leaky bucket enforces a constant output rate (average rate) regardless of the burstiness of the input.
Does nothing when input is idle.

When packets are of the same size (as in ATM cells), the host should inject one packet per clock tick onto
the network. But for variable length packets, it is better to allow a fixed number of bytes per tick.

Token Bucket (TB) Algorithm

In contrast to LB, the token bucket algorithm, allows the output rate to vary depending on the size of the
burst.
 

According to the Token Bucket Algorithm:

                                                     C+ρs= Ms

          where C= Capacity of the bucket

                      ρ= Token rate

                      s= Bursty traffic time in seconds

                     M= Output Rate 

Congestion control at the transport layer:

There are three steps to control the congestion:

  Slow start algorithm: In this phase, the size of the sender's window will increase exponentially
until it became equal to the threshold value of the congestion network. Afterwards, Congestion
avoidance will be used.
 Congestion Avoidance Algorithm: Here the increase in sender window size is additive i.e.,
increase in window size is based on RTT value.it is also known as linear increase and additive
increase.
 Congestion detection algorithm: It is also known as the multiplicative decrease algorithm as the
window size is getting reduced. It works as follows:

The graph can be shown as:

Network Security on Study Notes
Network security: As millions of ordinary citizens are using networks for banking, shopping,
and filing their tax returns, network security is looming on the horizon as a potentially massive
problem.

Network security problems can be divided roughly into four intervened areas:

1. Secrecy: keep information out of the hands of unauthorized users.

2. Authentication: deal with determining to whom you are talking to before revealing sensitive
information or entering into a business deal.
3. Non-repudiation: deal with signatures.
4. Integrity control: how can you be sure that a message you received was really the one sent and
not something that a malicious adversary modified in transit or concocted?

There is no one single place -- every layer has something to contribute:

 In the physical layer, wiretapping can be foiled by enclosing transmission lines in sealed tubes
containing argon gas at high pressure. Any attempt to drill into a tube will release some gas,
reducing the pressure and triggering an alarm (used in some military systems).
 In the data link layer, packets on a point-to-point line can be encoded.
 In the network layer, firewalls can be installed to keep packets in/out.
 In the transport layer, the entire connection can be encrypted.

Model for Network Security

Network security starts with authenticating, commonly with a username and password since this requires
just one detail authenticating the username i.e., the password this is some times teamed one-factor
authentication.
Using this model require us to

 Design a suitable algorithm for the security transformation.

 Generate the secret in formations (keys) used by the algorithm.
 Develop methods to distribute and share secret information.
 Specify a protocol enabling the principles to use the transformation and secret information for
security service.

Cryptography

It is a science of converting a stream of text into coded form in such a way that only the sender and
receiver of the coded text can decode the text. Nowadays, computer use requires automated tools to
protect files and other stored information. Uses of network and communication links require measures to
protect data during transmission.
Symmetric/Private Key Cryptography (Conventional/Private key/Single key)

Symmetric key algorithms are a class of algorithms to cryptography that uses the same cryptographic key
for both encryptions of plaintext and decryption of ciphertext. The may be identical or there may be a
simple transformation to go between the two keys.

In symmetric private key cryptography, the following key features are involved

 Sender and recipient share a common key.

 It was only prior to the invention of the public key in 1970.
 If this shared key is disclosed to an opponent, communications are compromised.
 Hence, does not protect sender form receiver forging a message and claiming is sent by user.

Advantage of Secret key algorithm: Secret Key algorithms are efficient: it takes less time to encrypt a
message. The reason is that the key is usually smaller. So it is used to encrypt or decrypt long messages.

Disadvantages of Secret key algorithm: Each pair of users must have a secret key. If N people in
the world want to use this method, there needs to be N (N-1)/2 secret keys. For one million people to
communicate, a half-billion secret keys are needed. The distribution of the keys between two parties can
be difficult.
Asymmetric/Public Key Cryptography
Public key cryptography refers to a cryptographic system requiring two separate keys, one of which is a
secret/private and one of which is public although different, the two parts of the key pair are
mathematically linked.

 Public Key: A public key, which may be known by anybody and can be used to encrypt
messages and verify signatures.
 Private Key: A private key, known only to the recipient, used to decrypt messages and sign
(create) signatures. It is symmetric because those who encrypt messages or verify the signature
cannot decrypt messages or create signatures. It is computationally infeasible to find decryption
key knowing only algorithm and encryption key. Either of the two related keys can be used for
encryption, with the other used for decryption (in some schemes).

In the above public key cryptography mode

 Bob encrypts a plaintext message using Alice's public key using encryption algorithm and sends
it over communication channel.
 On the receiving end side, only Alice can decrypt this text as she only is having Alice’s private
key.
Advantages of public key algorithm:

1. Remove the restriction of a shared secret key between two entities. Here each entity can create a
pair of keys, keep the private one, and publicly distribute the other one.
2. The no. of keys needed is reduced tremendously. For one million users to communicate, only two
million keys are needed.

The disadvantage of the public key algorithm: If you use large numbers the method to be effective.
Calculating the cipher text using the long keys takes a lot of time. So it is not recommended for large
amounts of text.

Message Authentication Codes (MAC)

In cryptography, a Message Authentication Code (MAC) is a short piece of information used to

authenticate a message and to provide integrity and authenticity assurance on the message. Integrity
assurance detects accidental and international message changes, while authenticity assurance affirms the
message’s origin.

A keyed function of a message sender of a message m computers MAC (m) and appends it to the
message.

Verification: The receiver also computers MAC (m) and compares it to the received value.

Security of MAC: An attacker should not be able to generate a valid (m, MAC (m)), even after seeing
many valid messages MAC pairs, possible of his choice.

MAC from a Block Cipher

MAC from a block cipher can be obtained by using the following suggestions

 Divide a massage into blocks.

 Compute a checksum by adding (or XORing) them.
 Encrypt the checksum.
  MAC keys are symmetric. Hence, does not provide non-repudiation (unlike digital signatures).
 MAC function does not need to be invertible.
 A MACed message is not necessarily encrypted.

RSA Algorithm

RSA is an algorithm for public-key cryptography RSA (Rivest Shamir Adleman) algorithm was publicly
described in 1977.

Mathematical Background of RSA Algorithm

Extended Euclidean algorithm: Given x, find y, such that x . y = 1 mod m.

The extended Eucledian algorithm can efficiently find the solution to this problem.

Euler's Theorem: For any number, a relatively prime to

n = pq, a(p-l)(q-1) = 1 mod pq

1. Why this is very useful?

2. Let Z = k(p-1) (q-1) + r, we have a2 = ak(p-1)(q-1) × ar ... = ar mod pq
3. In other words, If z = r mod (p - 1) (q -1), then az = ar mod pq

Special case: If z = 1mod (p - 1) (q - 1), then az = a mod pq

We can use Euler's theorem to simplify az mod pq

RSA Algorithm

1. Let n = pq, where p and q are 2 large primes.

2. Public key (e, n), where e is relatively prime to (p -1) (q -1)
3. Private key (d, n), such that ed = 1mod (p - 1). (q - 1) d can be calculated using extended
Euclidean Algorithm
Encryption: c = me mod n

Decryption: cd = (me)d = med mod n

Security of RSA: depends on the hardness of factoring.

factoring n = p × q is hard when n is large.

DES (Data Encryption Standard)

 The data encryption standard was developed in IBM.

 DES is a symmetric key cryptosystem.
 It has a 56-bit key.
 It is block cipher, encrypts 64-bit plain text to 64-bit ciphertexts.
 Symmetric cipher: uses the same key for encryption and decryption
 It Uses 16 rounds which all perform the identical operation.
 Different subkey in each round derived from the main key
 Depends on 4 functions: Expansion E, XOR with round key, S-box substitution, and Permutation.
 DES results in a permutation among the 264 possible arrangements of 64 bits, each of which may
be either 0 or 1. Each block of 64 bits is divided into two blocks of 32 bits each, a left half-
block L and a right half R. (This division is only used in certain operations.)

DES is a block cipher--meaning it operates on plaintext blocks of a given size (64-bits) and returns
ciphertext blocks of the same size. Thus DES results in a permutation among the 264 possible
arrangements of 64 bits, each of which may be either 0 or 1. Each block of 64 bits is divided into two
blocks of 32 bits each, a left half-block L and a right half R. (This division is only used in certain
operations.)

Authentication protocols
Authentication: It is the technique by which a process verifies that its communication partner is who it is
supposed to be and not an imposter. Verifying the identity of a remote process in the face of a malicious,
active intruder is surprisingly difficult and requires complex protocols based on cryptography.

The general model that all authentication protocols use is the following:

 An initiating user A (for Alice) wants to establish a secure connection with a second user B (for
Bob). Both and are sometimes called principals.
 Starts out by sending a message either to or to a trusted key distribution centre (KDC), which is
always honest. Several other message exchanges follow in various directions.
 As these messages are being sent, a nasty intruder, T (for Trudy), may intercept, modify, or
replay them in order to trick and When the protocol has been completed, is sure she is talking to
and is sure he is talking to. Furthermore, in most cases, the two of them will also have established
a secret session key for use in the upcoming conversation.

In practice, for performance reasons, all data traffic is encrypted using secret-key cryptography, although
public-key cryptography is widely used for the authentication protocols themselves and for establishing
the (secret) session key.

Authentication based on a shared secret key

Assumption: and share a secret key, agreed upon in person or by phone.

This protocol is based on a principle found in many (challenge-response) authentication protocols: one

party sends a random number to the other, who then transforms it in a special way and then returns the
result.

Three general rules that often help are as follows:

1. Have the initiator prove who she is before the responder has to.
2. Have the initiator and responder use different keys for proof, even if this means having two
shared keys, and .
 3. Have the initiator and responder draw their challenges from different sets.

Authentication using public-key cryptography

Assume that and already know each other's public keys (a nontrivial issue).

Digital signatures: For computerized message systems to replace the physical transport of paper and
documents, a way must be found to send a “signed” message in such a way that

1. The receiver can verify the claimed identity of the sender.

2. The sender cannot later repudiate the message.
3. The receiver cannot possibly have concocted the message himself.

Secret-key signatures: Assume there is a central authority, Big Brother (BB), that knows everything and
whom everyone trusts.

If later denies sending the message, how could prove that indeed sent the message?

 First points out that will not accept a message from unless it is encrypted with.
 Then produces, and says this is a message signed by which proves sent to.
 Is asked to decrypt and testifies that is telling the truth.

What happens if replays either message?

 Can check all recent messages to see if was used in any of them (in the past hour).
 The timestamp is used throughout, so that very old messages will be rejected based on the
timestamp.

Public-key signatures: It would be nice if signing documents did not require a trusted authority (e.g.,
governments, banks, or lawyers, which do not inspire total confidence in all citizens).

Under this condition,

 sends a signed message to by transmitting .

  When receives the message, he applies his secret key to get , and saves it in a safe place, then
applies the public key to get .
 How to verify that indeed sent a message to ?
 Produces both and The judge can easily verify that indeed has a valid message encrypted by
simply applying to it. Since is private, the only way could have acquired a message encrypted by
it is if did indeed send it.

Another new standard is the Digital Signature Standard (DSS) based on the EI Gamal public-key
algorithm, which gets its security from the difficulty of computing discrete logarithms, rather than
factoring large numbers.

Message digest

 It is easy to compute.
 No one can generate two messages that have the same message digest.
 To sign a plain text, first computer, and performs, and then sends both and to.
 When everything arrives, applies the public key to the signature part to yield, and applies the
well-known to see if the so computed agrees with what was received (in order to reject the forged
message).

Firewall:
 A firewall is a network security device that monitors incoming and outgoing network traffic and
decides whether to allow or block specific traffic based on a defined set of security rules.
 A firewall can be hardware, software, or both.
 Types of firewalls

 Packet-filtering firewalls operate at the router and compare each packet received to a set of
established criteria (such as allowed IP addresses, packet type, port number, etc.) before being
either dropped or forwarded.
 Multilayer inspection firewalls combine packet filtering with circuit monitoring, while still
enabling direct connections between the local and remote hosts, which are transparent to the
network. They accomplish this by relying on algorithms to recognize which service is being
requested, rather than by simply providing a proxy for each protected service. 
 Circuit-level gateways monitor the TCP handshaking going on between the local and remote
hosts to determine whether the session being initiated is legitimate -- whether the remote system
is considered "trusted." They don't inspect the packets themselves, however.
 Stateful inspection firewalls, on the other hand, not only examine each packet, but also keep
track of whether or not that packet is part of an established TCP session. This offers more
security than either packet filtering or circuit monitoring alone, but exacts a greater toll on
network performance.

Cryptography
Keys: 

 Public Key: Keys which can be transmitted on the channel

 Private Key: keys Which cannot be transmitted to the channel.

Cryptography

 Symmetric Key Cryptography: When a single key is used for both encryption and decryption of
the data. Example: Diffie Hellman KEy Exchange Algorithm.
 Asymmetric Key Cryptography: when different keys are used for both encryption and decryption
of the data.

Diffie Hellman Key Exchange Algorithm:

 Choose two prime NO g and n (and) x and y be the secret of both senders and receiver
respectively.
 Calculate R1= gxmodn at receiver's end.
 Calculate R2= gymodn at sender end.
 Both will exchange the keys at their end with each other. Then the new calculated key will be

                     {KAB= gxymodn}
RSA Algorithm

 It comes under asymmetric key cryptography.

 the step for generation of keys are:
o Choose two prime no. P and Q.
o Calculate n= P*Q
o Calculate Eulers totient function, 
o Choose (d,e) such that 
o Receiver will send (e, n) to the sender which is known as reciever's public key.
o Now client will encrypt the data with the receiver's public key as C= P emodn
o Ciphertext C is placed on the channel which is decrypted by the receiver by using his
own private key. 
o The Plain text P will be P= Cdmodn

Digital Signature

It is done to provide both

 Confidentiality to data
 Authentication of user