TOPOLOGY
The topology of a network is the geometric
representation of the relationship of all the links and
linking devices to one another. o Two or more devices
connected to a link; two or more links form a topology. o
In other words , topology refers to the way in which a
network is laid out physically.
oThere are four basic topologies possible:
Mesh topology
Star topology
Bus topology
Ring topology
Mesh Topology
Point to point connection o In a mesh topology, every
device has a dedicated point-to-point link to every other
device. Easy to install and recon figure. Less cabling needs
to be housed Robustness
Star Topology
Point-to-point connection o In a star topology, each
device has a dedicated point-to-point link only to a
central controller, usually called hub. o The devices are
not directly linked to another. o Star topology does not
allow direct traffic between devices. The controller acts
as an exchange:
Bus Topology
Multi point link o One long cable acts as a backbone to
link all the devices in a network. o Nodes are connect ed
to the bus cable by drop lines and taps.
Ring Topology
In a ring topology, each device has a dedicated point-to-
point connection with only the two dev ices on either side
of it. o A signal is passed along the ring in one direction,
from device to dev ice, until it reaches the destination.
o Each device in the ring incorporates a repeater. When a
device receives a signal intended for another device, its
repeater regenerates the bit s and passes them along.
Hybrid Topology
Combination of two or more topologies is known as
hybrid topology.
NETWORKS:- A network is a set of devices (often In
referred to nodes) connected by communication links.
CATEGORIES OF NETWORKS
1.LAN [ Local Area Network]
LAN is a network which is designed to operate over a
small physical area such as an office, factory or a group of
buildings.
It is usually a privately owned network.
2.MAN [Metropolitan Area Network]
It is a network with a size between a LAN and a WAN. It
normally covers the area inside a town or a city. It is
designed for customers who need a high speed
connectivity, normally to the inter net, and have end
points spread over a city or part of city.
3. WAN [Wide Area Network]
A WAN provides long-distance transmission of data,
image, audio, and video information over large
geographic areas that may comprise a country, a
continent, or even the whole world.
4.PAN [Personal Area Network]
It is a computer network organized around an in dividual
person. It generally consist of a mobile computer, a cell
phone or PDA. It enables the communication among
these devices.
5.CAN [Campus Area Network]
It is made up of an interconnection of LAN with limited
geographical area. Network equipments such as switches,
routers and the transmission media are almost entirely
owned by the campus owner.
INTERNETWORK
When two or more networks are connected, they become
an internetwork or internet. ARPANET (Advanced
Research Project Agency Network) was introduced by
Department of Defence in US.
NETWORK MODELS
OSI MODEL
An ISO standard that covers all aspects of network
communications is the Open System Interconnection
Model.ISO (International Standards Organizaion) is a
multinational body dedicated to worldwide agreement on
international standards.It consists of separate but related
layers, each of which defines a part of the process of
moving info rmation between all types of computer
systems.
Seven layers of the OSI model
Application
Presentation
Session
Transport
Network
Data Link
The passing of the data an d network information do wn
through the layers of the sending device and ba ckup
through the layers of the receiving device is ma de
possible by an interface between each pair of adjacent
layers.
Organization of the layers
The upper OSI layers are almost always im plemented in
software; lower layers are a c ombination of hardware
and software, exc ept for the physical layer, which is
mostly h ardware
LAYERS IN THE OSI MODEL
Physical Layer: The physical layer is responsible for move
ments of individual bits from one node to the next. The
physical layer coordinates the functions required to carry
a bit stream overall physical medium. o It deals with the
mechanical and electrical specifications of the interfaces
and transmission medium. The physical layer is concerned
with the following:
Physical characteristics of interfaces and medíum -
Representation of bits
-Data rate.
-Synchronization of bits
-Line Configuration
Data Link Layer
The data link layer is responsible for moving
frames from one node to the next. o It makes the physical
layer appear error-free to the upper layer.
Framing: The data link layer divides the streams of bits
received from the network layer into manageable data
units called frames. Physical addressing:- If frames are to
be distributed to different systems on the netwo rk, the
data link layer adds a header to the f rame to define the
sender and/or receiver of the frame.
Flow control:-If the rate at which the data are absorbed
by the receiver is less than the rate at which data
produced in the sender, the data link layer imposes a flow
control mechanism to avoid overwhelming the receiver.
Error control:It uses mechanisms to detect and retransm
it damaged or lost frames.
Access control:Data link layer protocols are necessary to
determine which device has control over t he link at any
given time.
Transport Layer:The transport layer is responsible for
proce ss-to process delivery of the entire message oA
process is an application program running on a host.
Responsibilities of transport layer:
Service-point addressing: The network layer gets each
packet to the correct computer; the transport layer gets
the entire message to the correct process In that
computer.
Segmentation and reassembly:
A message is divided into transmittable se gments, with
each segment containing a sequence number.
Connection control: The transport layer can be either
connectionless or connection oriented.
Flow control :End to end flow control
Error control : Process to process error control.
Session Layer : The session layer is responsible for dialog
control and synchronization.
Dialog control:-It allows the communication between two
processes to take place in either half-duplex or full-duplex
mode. Synchronization: The session layer allows a
process to add check points, or synchronization points, to
a stream of data.
Presentation Layer The presentation layer is concerned
with the syntax and semantics of the information
exchanged between two systems.
Responsibilities: Translation: The presentation layer at
the sender changes the information from its s ender-
dependent format into a common format
Encryption:-To ensure privacy, the sender transforms the
original information to another form.
Compression:-It reduces the number of bit s contained in
the information.
Application Layer:The application layer is responsible for
providing services to the user.
Responsibilities:
Network virtual terminal:-It is a software
version of a physical terminal, and it allows a user to log
on to a remote host.
File transfer, access, and management Mail services
Directory services.
TCP/IP PROTOCOL SUITE
The original TCP/IP protocol suite was defined as having
four layers: host-to-network, internet, transport, and
application.TCP/IP is compared to OSI, we can say that
the host-to-network layer is equivalent to the
combination of the physical and data link layers. The
internet layer is equivalent to the network layer,
the application layer is roughly doing the j ob of the
session, presentation, and application layers.
the transport layer in TCP/IP taking care of part of the
duties of the session layer.
The physical and data link layers, TCP/IP do es not define
any specific protocol.
Network Layer
TCP/IP supports the Internetworking Proto col. IP, in turn,
uses four supporting protoc ols: ARP, RARP, ICMP, and
IGMP. Internetworking Protocol (IP) (IP) is the tr
The Internetworking Protocol
The internetworking protocol (IP) is th transmission
mechanism used by the TCP/IP protocols. It is an
unreliable and connectio nless protocol IP assumes the
unreliability of the underlying layers and does its best to
get a transmission through to its destina tion, but with no
guarantees.IP transports data in packets called datag
rams, each of which is transported separate ly. Datagrams
can travel along different rou tes and can arrive out of
sequence or be duplicated.
Reverse Address Resolution Protocol(RARP )
Address Resolution Protocol(ARP)
Internet Control Message Protocol (ICMP)
Internet Group Message Protocol(IGMP)
Time Division Multiplexing(TDM)
Transport Layer
UDP and TCP are transport level protocols responsible for
delivery of a message from a process (running program)
to another process.
User Datagram Protocol
It is a process-to-process protocol that ad ds only port
addresses, checksum error con trol, and length
information to the data from the upper layer.
Transmission Control Protocol
The Transmission Control Protocol (TCP) provides full
transport-layer services to app lications. TCP divides a
stream of data into smaller units called segments.
Stream Control Transmission Protocol :It is a transport
layer protocol that combim es the best features of UDP
and TCP.
Advantages of IPv6-New options
Allowance for extension
Support for resource allocation.
support for more security
Application Layer : The application layer in TCP/IP is
equivalent to the combined session, presentation, and
application layers in the OSI model.
Circuit Switched Networks o A circuit switched network is
made of a set of switches connected by physical links, in
which each link is divided into n channels. o A connection
between two stations is a dedicated path made of one or
more links. However, each connection uses only one
dedicated channel on each link.
Three Phases
1.Setup phases :Before the two parties can communicate,
a dedicated circuit needs to be established. It includes
setup request and acknowledgement.
2.Data transfer phase After the establishment of the
dedicated circuit, the two parties can transfer data.
3.Tear down phase:-When one of the parti es needs to
disconnect, a signal is sent to e ach switch to release the
resources.
2.a-DATAGRAM NETWORKS If the message is going to
pass through a packet switched network, it needs to be
divided into packets of fixed or variable size In a datagram
network, each packet is tre ated independently of all
others. Packets in this approach are referred to as
datagrams.
2.b-Virtual Circuit Network A virtual-circuit network is a
cross betwee In a circuit switched network and a datagra
m network. It has some characteristics of both:As in a
circuit switched network, all pa ckets follow the same
path established dur ing the connection. A virtual circuit
network is normally implemented in the data link
ttvtlayer.
NETWORKING AND INTERNETWORKING DEVICES
Networking and internetworking devices are divided into
four categories:
1: Repeaters act only upon the electrical components of a
signal and are therefore active only at physical layer.
2:Bridges utilize addressing protocols and can effect flow
control of a single LAN; they are most active at the data
link layer.
3:Routers provide links between two separate but same
type LANs and are most active at the network layer.
4:Gateways provide translation service bet ween
incompatible LANS or applications and are active in all of
the layers.
1.REPEATERS
A repeater or regenerator is an electronic device that
operates on only the physical I ayer of the OSI model.A
repeater installed on a link receives the signal before it
beco mes too weak or corrupted, regenerates the original
bit pattern, and puts the refre Ished copy back onto the
link.
2.BRIDGES
Bridges operate in both the physical and the data link
layers of the OSI reference model. Bridges can divide a
large network into smaller segments.Bridges can also
provide security through the partitioning of traffic. o A
bridge operates at the data link layer giving it access to
the physical addresses of all stations connected to it.
Types of Bridges
1.Simple bridge These are the most primitive and least
expensive bridge. It links two segments and contains a
table that lists addresses of all the stations include in ea
ch of them.Installation and maintenance of simple
bridges are time-consuming and potentially more to
trouble than the cost savings are worth.
2.Multiport bridge- A multiport can be used connect
more than two LANS.
3.Transparent bridge- Transparent bridge builds its table
of station addresses on its own as it perform its bridge
functions
3.ROUTERS
These are more sophisticated devices than repeaters and
bridges. They have access to network layer addresses and
contain software that enables them to determine which
of several possible paths between those addresses is the
best for a particular transmission. Routers act like stations
on a network. They receive packets from one connected
network and pass them to a second connected network.
Routing Concepts Least cost routing:- It is based on
efficiency: which of the available path ways is the
cheapest or, in networking terminology.The route
requiring the smallest number of relays or hops.Routing is
classified as nonadaptive or adaptive
Non adaptive routing:- Once a pathway to a destination
has been selected, the router sends all packets for that
destination along that one route. Adaptive routing: -In
which, a router may select a new route for each packet in
response to changes in condition and topology of the
networks.
4.GATEWAYS
It operates in all seven layers of the OSI model. It is a
protocol converter.A router by itself transfers, accepts
and relays packets only across networks using similar
protocols. A gateway, on the other ha nd, can accept a
packet formatted for one protocol and convert it to a pac
ket formatted for another protocol.A gateway is generally
software installed within a router.
LOGICAL ADDRESSING
The packet transmitted by the sending computer may
pass through several LANs or WANs before reaching the
destination computer. For this level of communication,
we need a global addressing scheme; we called this
logical addressing.
IPv4 ADDRESSES- An IPv4 address is a 32-bit address that
uniquely and universally defines the connection of a
device (for example, a computer or a router) to the
Internet. The IPv4 addresses are universal in the sense
that the addressing system must be accepted by any host
that wants to be con nected to the Internet.
IPv6 ADDRESS-The IPv6 consist of 16 bytes, it is 128 bits
long. IPv6 specifies Hexa-decimal notation 128 bits
divided into 8 sections, each 2 bytes in length.
Categories of Addresses
Unicast addresses.
Multicast addresses
Anycast addresses.
Reserved Addresses
Local Addresses
Unicast Addresses-A unicast address defines a single
computer. The packet sent to a unicast address must be
delivered to that specific computer.
Multicast Addresses Multicast addresses are used to
define a group of hosts ins tead of just one. A packet sent
multicast must be delivered to each member of the
group.
Anycast Addresses-An anycast address, like a multicast
address, also defines a
group of nodes.
Reserved Addresses- These addresses start with 8 zeros.
1.Unspecified address2.Loopback address: 3.Compatible
address. 4.Mapped address 5.Local Addresses:
Classful Addressing-IPv4 addressing, at its inception,
used the concept of class es. This architecture is called
classful addressing Classless Addressing- To overcome
address depletion. In this scheme, there are no classes,
but the addresses are still granted in blocks.To simplify
the handling of addresses, the Internet authorities
impose three restrictions on classless address blocks
Network Address Translation (NAT)
The number of home users and small businesses that
want to use the Internet is ever increasing. Address
Space-It has a much larger address space; 2128 addresses
are available. A few left most bits, called the type prefix,
in each address define its category. The type prefix is
variable in length, but it is designed such that no code is
identical to the first part of any other code.
Categories:
Unicast addresses.
Multicast addresses
Anycast addresses.Reserved Addresses Local Addresses
Unicast Addresses-A unicast address defines a single com
puter. The packet sent to a unicast address must be
delivere d to that specific computer.
Multicast Addresses- Multicast addresses are used to
define a group of hosts instead of just one. A packet sent
multicast must be delivered to each member of the
group.
Anycast Addresses- An anycast address, like a multicast
address, also defines a group of nodes.
INTERNET AS DATAGRAM NETWORK
The internet has chosen the datagram approach to
switching in the network layer. Delivery of a packet can
be accomplished by using either a connection oriented or
a connectionless network service. Communication at the
network lay er in the Internet is connectionless. The
network layer protocol treats each packet independently,
with each packet having no relationship to any other
packet. The packet in a message may or may not travel
the same path to their destination. This type of service is
used in the datagram approach to packet switching
Comparison between IPv4 and IPv6 headers
The header length field is eliminated in IPv6 because the
length of the header is fixed in this version. The service
type field is eliminated in IPv6 and replaced by the
payload length field.the identification flag and the offset
fields are the fragmentation extension loader header.The
TTL field is called hop Limit in IPv6.The product field is
replaced by the next header field
Static mapping-It involves in the creation of a table that
ass ociates a logical address with a physical address. This
table is stored in each machine on the network.
dynamic mapping-In this each time a machine knows one
of thetwo addresses (logical or physical), it can use a to
find the other one.
ICMP-The Internet Control Message Protocol (ICMP) has
be en designed to compensate for the two deficiencies of
IP. The IP protocol has no error-reporting or error-
correcting mechanism.The IP protocol also lacks a
mechanism for host and management queries. ICMP
messages are divided into two broad categories:
Error-reporting and Query messages
The error-reporting messages report problems that a
router or a host (destination) may encounter when it
processes an P packeto The query messages, which occur
in pairs, help a host or a network manager get specific
IGMP- Some processes sometimes need to send the same
message to a large number of receivers simultaneously.
This is called multicasting, which is a one-to-many
communication. The Internet Group Management
Protocol (IGMP) is one of the necessary, but not
sufficient, protocols that is involved in multicasting.
ROUTING: Routing refers to the way routing tables are
created to help in forwarding. A host or a router has a
routing table with an entry for each destination, or a
combination of destinations , to route IP packets. The
routing table can be either static or dynamic.
Static routing table contains information entered
manually. The administrator enters the route for each
destination into the table.
A dynamic routing table is updated periodially by using
one of the dynamic routing protocols such as RIP, OSPF,
or BGP Routing Information Protocol (RIP) is an
implementation of the distance vector protocol. Open
Shortest Path First (OSP F) is an implementation of the
link state protocol. Border Gateway Protocol (BGP) is an
implementation of the path vector protocol.
DISTANCE VECTORROUTING-In distance vector routing,
the least-cost route between any two nodes is the route
with minimum distance.
TCP: TCP provides a one-to-one, connection-oriented,
reliable communications service.TCP is responsible for the
establishment of a TCP connection, the sequencing and
acknowled gment of packets sent, and the recovery of
packets lost during transmission.
UDP: UDP provides a one-to-one or one-to-many,
connectic Inless, unreliable communications service. UDP
is used when the amount ofdata to be transferred is
small(such as the data that would fit into a single packet), Cyclic Redundancy Check An error detection me chanism
when the overhead of establishing aTCP connection is not
desired, or when the applications or upper layer
protocolsprovide reliable delive ry.It is commonly used in
Video and Audio Casting, The HyperText Transfer Protocol
(HTTP) is used to transfer files that make up the Web
pages of the World Wide Web.
The File Transfer Protocol (FTP) is used for interactive file networking.Ituses a carrier sensing scheme in which a
transfer The Simple Mail Transfer Protocol (SMTP) is
used for the transfer of mail messages and attachments.
Telnet, is a terminal emulation protocol, and, is used for
remote login to network hosts.
Simple Mail Transfer Protocol (SMTP) is used to transfer
ele ctronic mail from one user to another. This task is
done by means of email client software (User Agents) the (FTP)-Moves filesbetween devices.Simpl e Network-
user is using.User Agents help the user to type and format Management Protocol (SNMP) Prima rily reports
the email and store it until internet is available.
File Transfer Protocol (FTP) is the most widely used
protocol for file transfer over the network. FTP uses
TCP/IP for comm unication and it works on TCP port
21.FTP works on Client/ Server Model where a client
requests file from Server and server sends
requestedresource back to the client. Post Office Protocol Message Digest
(POP) is a simple mail retrieval protocol used by User
Agents to retrieve mails from mail server.When a dient
needs to retrieve mails from server, it opens a connection the content of the message can be changed). The
with the server on TCP port 110.User can then access his
mailsand download them to the local computer. Hyper
Text Transfer Protocol (HTTP) is the foundation ofWorld
Wide Web. Hypertext is well organized documentation
system which uses hyperlinks to link the pages in the
textdocuments Stream Control Transmission Protocol
(SCTP) is a transport layer protocol,serving in a similar
role to the popular protoc ols TCP and UDP. Simple
Network Management Protocol (SNMP) is a popular
protocol for network managementit is used for collecting This message and digest pair is equivalent to a physical
information from, and configuring, netw ork
devicesSNMP exposes management data in the form of
variables on the managed systems organized in a manage message and the digest can be sent separately.
ment information basewhich describe the system status
and configuration
Circuit Switching - When two nodes communicate with
each other over a dedicated communication path, it is
called circuit switching.There is a need of pre-specified
route from which data travels and no other data is
permittedJn circuit switching to tran sfer the data,circuit
must be established so that the data transfer can take
place.
Message Switching- This technique was somewh ere in
middle of circuit switching and packet switch ing. In
message switching, the whole message is tr eated as a
data unit and is switching / transferred in its entirety.A
switch working on message switching
In message switching, the whole message is tr eated as a
data unit and is switching / transferred in its entirety. A
switch working on message switchin g,first receives the
whole message and buffers it u ntil there are resources
available to transfer it tothe next hop.lf the next hop is
not having enough reso urce to accommodate farge
sizemessage, the mess age is stored and switch waits.
This technique was considered substituteto circuit
switching.
Packet Switching - Shortcomings of message swit ching
gave birth to an idea of packet switching.The entire
message is broken down intosmaller chunks called
packets.The switching information is added in the header unintelligible message over the
of eachpacket and transmitted indep endently. It is easier
for intermediate networking devices tostore small size
packets and they do not take much resources either on
carrier path or in the internal memory of switches.Packet original form.
switching enh ances line efficiency as packets from
multiple appli cations can be multiplexed over the carrier. to produce encrypted text.The length of the key reflects
The in Iternet uses packet switching technique
DCE -is the equipment used to transmit or receive the
data.DTE stands for Data Terminal Equipment, while DCE As the name sounds are the new alternative to sign a
stands for DataCommunications Equipment.
Error Detection and Correction-Data can be corr upted
during transmission.Some applications requ ire that
errors be detected and corrected.Some app lications can
tolerate a small level of error.For exam ple,random
errorsin audio or video transmissions may betolerable,
but when we transfer text, we expect a very high level of
accuracy. single-bit
Types of errors
single-bit-it means that only 1 bit of a given data unit
(such as a byte,character, or packet) is changed from 1 to
0 or from 0 to 1.In a single-bit error,only 1 bit in the data
unit has changed.Single-bit errors bare the least likely
type of error in serial data transmission.
burst error means that 2 or more bits in the data unit
have changed from 1 to 0 or from 0 to 1. A bu rst error
means that 2 or more bits in the data unit have changed.
Redundancy :The central concept in detecting or
correcting errors is redundancy.To be able to detect or
correct errors, we need to send some extra bits with our
data. These redundantbits are added by the sender and
removed by the receiver.Their pres ence allows the
receiver to detect or correct corrupted bit.
Types
Vertical redundancy check (VRC) is an error-check ng
method used on an eight-bit ASCII character. In VRC, a
parity bit is attached to each byte of data, which is then
tested to determine whether the transmission is correct.
Longitudinal redundancy check (LRC) or horizontal
redundancy check is a form of redundancy check that is
applied independently to each of a parallel group of bit
streams.The data must bedivided into transmission
blocks, to which the additional check data is
Message Authentication Code (MAC)
added.Longitudinal (orhorizontal) redunda ncy checking
MAC algorithm is a symmetric key cryptographic
(LRC) adds a parity bit for all bits in the message at the
technique to provide message authentication. For
same bit position.
establishing MAC process, the sender and receiver share
a symmetric key K.
in which a special number is appended to a block of data
Essentially, a MAC is an encrypted checksum generated
in order to detect any changes intro duced during storage
on the underlying message that is sent along with a
(or transmission).CRC is more powerful than VRC and LRC
message to ensure message authentication.
indetecting errors
The sender uses some publicly known MAC algorithm,
Carrier sense multiple access with collision detec tion
inputs the message and the secret key K and produces a
(CSMA/CD )is a media access control method used most
MAC value.
notably in early Ethernet technology for local area
Similar to hash, MAC function also compresses an
arbitrary long input into a fixed length output. The major
transmitting station detects collision s by sensing
difference between hash and MAC is that MAC uses
transmissions from other stations while transmitting a
secret key during the compression.
frame.
The sender forwards the message along with the MAC.
Internet protocol (IP) suite includes many applicat ion-
Here, we assume that the message is sent in the clear, as
layer protocols that represent a wide variety of
we are concerned of providing message origin
applications, including the following:File Transfer Protocol
authentication, not confidentiality. If confidentiality is
required then the message needs encryption.
On receipt of the message and the MAC, the receiver
anomalous network conditions and set s network
feeds the received message and the shared secret key K
threshold values.Telnet-Serves as ater minal emulation
into the MAC algorithm and re-computes the MAC value.
protocol.
The receiver now checks equality of freshly computed
Domain Name System (DNS) works on Client Serve
MAC with the MAC received from the sender. If they
rmodel.It uses UDP protocol for transport layer co
match, then the receiver accepts the message and
mmunicationDNS uses hierarchical domain based naming
assures himself that the message has been sent by the
scheme.DNS server is configured with Fully Qualified
intended sender.
If the computed MAC does not match the MAC sent by
Message Digest is used to ensure the integrity of a
the sender, the receiver cannot determine whether it is
message transmitted over an insecure channel (where
the message that has been altered or it is the origin that
has been falsified. As a bottom-line, a receiver safely
message is passed through a Cryptographic hash function.
assumes that the message is not the genuine.
This function creates a compressed image of the message
called Digest.
RSA :
Lets assume, Alice sent a message and digest pair to Bob.
It is the most popular asymmetric cryptographic
To check the integrity of the message Bob runs the
algorithm. It is primarily used for encrypting messages but
cryptographic hash function on the received message and
can also be used for performing digital signature over a
gets a new digest. Now, Bob will compare the new digest
message.
and the digest sent by Alice. If, both are same then Bob is
Let us understand how RSA can be used for performing
sure that the original message is not changed
digital signatures step-by-step.
Assume that there is a sender (A) and a receiver (B). A
document and fingerprint of a person on that document.
wants to send a message (M) to B along with the digital
Unlike the physical document and the fingerprint, the
signature (DS) calculated over the message.
Step-1 :Sender A uses SHA-1 Message Digest Algorithm to
Most importantly, the digest should be unchanged during
calculate the message digest (MD1) over the original
the transmission.
message M.
The cryptographic hash function is a one way function,
Step-2 :A now encrypts the message digest with its
that is, a function which is practically infeasible to invert.
private key. The output of this process is called Digital
This cryptographic hash function takes a message of
Signature (DS) of A.
variable length as input and creates a digest / hash /
Step-3 :Now sender A sends the digital signature (DS)
fingerprint of fixed length, which is used to verify the
along with the original message (M) to B.Step-4 :
integrity of the message.
When B receives the Original Message(M) and the Digital
Message digest ensures the integrity of the document. To
Signature(DS) from A, it first uses the same message-
provide authenticity of the message, digest is encrypted
digest algorithm as was used by A and calculates its own
with sender’s private key. Now this digest is called digital
Message Digest (MD2) for M.
signature, which can be only decrypted by the receiver
Step-5 :Now B uses A’s public key to decrypt the digital
who has sender’s public key. Now the receiver can
signature because it was encrypted by A’s private key.
authenticate the sender and also verify the integrity of
The result of this process is the original Message Digest
the sent message.
(MD1) which was calculated by A
Hash functions
Step-6 :If MD1==MD2, the following facts are established
Hash functions are extremely useful and appear in almost
as follows.
all information security applications.
-B accepts the original message M as the correct,
A hash function is a mathematical function that converts
unaltered message from A.
a numerical input value into another compressed
-It also ensures that the message came from A and not
numerical value. The input to the hash function is of
someone posing as A.
arbitrary length but output is always of fixed length.
RSA (Rivest–Shamir–Adleman) is an algorithm used by
Values returned by a hash function are called message
modern computers to encrypt and decrypt messages. It is
digest or simply hash values.
an asymmetric cryptographic algorithm.
Encryption: Encryption means that the sender converts
Data encryption standard (DES) has been found
the original information into another form and sends the
vulnerable against very powerful attacks and therefore,
the popularity of DES has been found slightly on decline.
network.Decryption: Decryption reverses the Encryption DES is a block cipher, and encrypts data in blocks of size
process in order to transform the message back to the of 64 bit each, means 64 bits of plain text goes as the
input to DES, which produces 64 bits of cipher text.
Keys : it’s a variable value used for cryptographic algoriths The same algorithm and key are used for encryption and
decryption, with minor differences. The key length is 56
bits.
the difficulty to decrypt from the encrypted message CBC : XOR chaining, or cipher-block chaining, is a method
Digital Signature : in which the next block of plaintext to be encrypted is
XOR'd with the previous block of ciphertext before being
document digitally. It ensures that the message is sent by encrypted.
the intended user without any tampering by any third Electronic Code Book(ECB): Electronic code book is the
party (attacker). In simple words, digital signatures are
easiest block cipher mode of functioning. It is easier
used to verify the authenticity of the message sent because of direct encryption of each block of input
electronically.
plaintext and output is in form of blocks of encrypted
Stream Cypher :A stream cipher processes the input
ciphertext.
elements continuously, producing output element one at
a time, as it goes along
Symmetric-Key Cryptography
• Stream Cipher
• Block Cipher
Two types of symmetric key cyphers -Traditional
Symmetric Key Cipher & Modern Ciphers
Traditional Symmetric Key Ciphers:
Types
=Substitution cipher
=Transposition cipher
Caesar Cipher Replaces each letter by third letter on
Monoalphabetic Cipher rather than just shifting the
alphabet .Replaced by any other alphabet expect the
original alphabet.each plaintext letter maps to a different
random cipher text letter ,hence key is 26 letters long
Homoalphabetic cypher: Same as monoalphabetic but
replaces with fixed letters