Transport Layer &

Network Security
 TCP/UDP protocols and their comparison

• Both TCP (Transmission Control Protocol) and

UDP (User Datagram Protocol) are the most
widely used Internet protocols
• TCP is connection oriented − once a connection
is established, data can be sent bidirectional.
• UDP is a simpler, connectionless Internet
protocol. Multiple messages are sent as packets
in chunks using UDP.
The services provided by the transport layer protocols can
be divided into four categories:
• End-to-end delivery(Process-to-Process )

• Addressing(port address)

• Reliable delivery(TCP/UDP)

• Flow control(Checksum)
Transport Layer: Process-to-Process Communication
• Transport-layer protocol provides process-to-process communication.

• A process is an application-layer entity (running program) that uses the

services of the transport layer.

TCP
Process-to-process delivery 3
 Duties of transport layer
• End-to-end delivery:- The transport layer takes services from the
Network layer and provides services to the Application layer.
• At the sender’s side: The transport layer receives data (message) from
the Application layer and then performs Segmentation, divides the
actual message into segments, adds source and destination’s port
numbers into the header of the segment, and transfers the message to
the Network layer.

• At the receiver’s side: The transport layer receives data from the
Network layer, reassembles the segmented data, reads its header,
identifies the port number, and forwards the message to the
appropriate port in the Application layer.
• While Data Link Layer requires the MAC address Transport Layer
requires a Port number to correctly deliver the segments of data to the
correct process amongst the multiple processes running on a particular
host.
 Transport layer Addressing
• Port address: This address allows a more specific location—a
software process—to be identified within a particular IP
address.
• In TCP/IP, this transport layer address is called a port.
• TCP/IP transport layer addressing is accomplished using TCP
and UDP ports.
• A port number is a 16-bit address used to identify any client-
server program uniquely.
• TCP port 80 is the default port assigned to web-serving
applications the server will receive request from web browser
and it will know that this is a webpage request. Many common
applications have default port assignments
 Addressing: Port Numbers
• Port address/number - in TCP/IP protocol, an integer identifying a
process; Port numbers are integers between 0 and 65,535.
• TCP/IP has decided to use universal port numbers for servers;
called well-known port numbers.
Distinguish between TCP and UDP
 Network security

• 4 Aspects of network security

 Network security
• Privacy: the sender and the receiver expect confidentiality. The transmitted
message should make sense to only the intended receiver. To all others, the msg
shud be unitelligible.

• Authentication: The receiver is sure of sender’s identity and that an imposter has
not sent the msg.
Eg: entering a username and password when you log in to a website. Entering the
correct login information lets the website know 1) who you are and 2) that it is
actually you accessing the website.
• Integrity: Data must arrive at the receiver exactly as it was sent. There must be no
changes during the transmission, either accidental or malicious. As more and more
monetry exchanges occur over internet, intergrity is crucial.
Eg: it would be disastrous if a request of transferring Rs 100 changes to a request for
Rs 10000 or Rs 1000000.
• Non-Repudiation: A receiver must be able to prove that a received msg came from
a specified sender. The sender must not be able to deny sending a msg that he did
send. The burden of proof falls on receiver.
Eg: When a customer sends a msg to transfer money from one account to another,
the bank must have proof that the customer actually requested this transaction.
 Privacy (Encryption/Decryption)
• Encryption: Encryption means that the sender converts the original
information into another form and sends the unintelligible message over
the network.
• Decryption: Decryption reverses the Encryption process in order to
transform the message back to the original form.
• Encryption is the process of converting normal message (plaintext) into
meaningless message (Ciphertext).
• Decryption is the process of converting meaningless message (Ciphertext)
into its original form (Plaintext).
Encryption/Decryption
 Secret Key Encryption/Decryption technique

• In Secret Key Encryption/Decryption technique, the same key is used by both

the parties, i.e., the sender and receiver.
• The sender uses the secret key and encryption algorithm to encrypt the data;
the receiver uses this key and decryption algorithm to decrypt the data.
• In Secret Key Encryption/Decryption technique, the algorithm used for
encryption is the inverse of the algorithm used for decryption. It means that if
the encryption algorithm uses a combination of addition and multiplication,
then the decryption algorithm uses a combination of subtraction and division.
• The secret key encryption algorithm is also known as symmetric encryption
algorithm because the same secret key is used in bidirectional communication.
• In secret key encryption/decryption algorithm, the secret code is used by the
computer to encrypt the information before it is sent over the network to
another computer.
Note:-> The secret key requires that we should know which computers are
talking to each other so that we can install the key on each computer.
 Advantage
of Secret key encryp/decryp
• Efficient: The secret key algorithms are more efficient as it takes less
time to encrypt the message than to encrypt the message by using
a public key encryption algorithm. The reason for this is that the size
of the key is small. Due to this reason, Secret Key Algorithms are
mainly used for encryption and decryption.
Disadvantages of Secret Key Encryption
• Each pair of users must have a secret key. If the number of people
wants to use this method in the world is N, then there are N(N-1)/2
secret keys. For example, for one million people, then there are half
billion secret keys.
• The distribution of keys among different parties can be very difficult.
This problem can be resolved by combining the Secret Key
Encryption/Decryption with the Public Key Encryption/Decryption
algorithm.
 Data Encryption Standard (DES)
• The Data Encryption Standard (DES) was
designed by IBM and adopted by the U.S.
government as the standard encryption
method for nonmilitary and nonclassified use.
• The Data Encryption Standard is a standard
used for encryption, and it is a form of Secret
Key Cryptography.
Public Key Encryption/Decryption technique

• There are two keys in public key encryption: a

private key and a public key.
• The private key is given to the receiver while
the public key is provided to the public.
 Public Key Encryption

• In the above figure, we see that A is sending the

message to user B. 'A' uses the public key to encrypt
the data while 'B' uses the private key to decrypt the
data.
• In public key Encryption/Decryption, the public key
used by the sender is different from the private key
used by the receiver.
• The public key is available to the public while the
private key is kept by each individual.
• The most commonly used public key algorithm is known
as RSA.
 Advantages of Public Key Encryption

• The main restriction of private key encryption is the sharing of a secret key. A third party
cannot use this key. In public key encryption, each entity creates a pair of keys, and they
keep the private one and distribute the public key.
• The number of keys in public key encryption is reduced tremendously. For example, for one
million users to communicate, only two million keys are required, not a half-billion keys as in
the case of secret key encryption.
Disadvantages of Public Key Encryption
• Speed: One of the major disadvantage of the public-key encryption is that it is slower than
secret-key encryption. In secret key encryption, a single shared key is used to encrypt and
decrypt the message which speeds up the process while in public key encryption, different
two keys are used, both related to each other by a complex mathematical process.
Therefore, we can say that encryption and decryption take more time in public key
encryption.
• Authentication: A public key encryption does not have a built-in authentication. Without
authentication, the message can be interpreted or intercepted without the user's
knowledge.
• Inefficient: The main disadvantage of the public key is its complexity. If we want the method
to be effective, large numbers are needed. But in public key encryption, converting the
plaintext into ciphertext using long keys takes a lot of time. Therefore, the public key
encryption algorithms are efficient for short messages not for long messages.
=
 Transport layer –socket address
• The combination of the Transport layer port number and the Network layer IP
address assigned to the host uniquely identifies a particular process running on a
specific host device and is called a socket.
• A socket pair consisting of the source and destination IP addresses and port
numbers, is also unique and identifies the conversation between the two hosts.
• For example, If we want to open a webpage from the server on the address
10.0.0.5 an HTTP web page request being sent to that web server to destination
port 80. This request for the webpage will be destined to socket 10.0.0.5:80.
• Let’s say that our computer has a Layer 3 IPv4 address of 192.168.1.100. In the
moment when the web browser requests the web page, the computer will also
generate a dynamic port number 49152
• Dynamically assigned to the web browser instance (it can be one for every open
tab). generated port will be used by the server to uniquely describe the web
browser instance with the socket 192.168.1.100:49152 to respond with the
webpage content to the host.

• So when our computer receives the page from server, the server has webpage to
our host computer on socket 192.168.1.100:49152
 SESSION LAYER

• Session –transport layer interaction

 Session layer

• The Session Layer is the 5th layer in the Open System Interconnection (OSI)
model.
• Allow users on different machines to establish active communications sessions
between them.
• It is responsible for establishing, maintaining, synchronizing, terminating
sessions between end-user applications.
Session:
1) Authentication
2) Authorization
3) Session restoration (checkpointing)
4) Flow control synchronization –eg webinar
5) Dialog control –simplex –eg: broadcasting network, radio
Half duplex- walkie talkie
Full duplex- telephone system
6) Token management- cookies are generated by server and sent client
 Creating a Session
• 1. Dialog Control

• The session layer behaves as a dialog controller.

• It allows two communication machines to enter into a
dialog.
• It permits to communicate in either half-duplex (one
way at a time) or full-duplex (two ways at a time) mode
of communication.
• For Example, A dialog between a terminal connected
to the mainframe can be half-duplex.
 2. Synchronization

• This layer permitted a process to add checkpoints which

are referred to as synchronization points into the stream of
data.
• Example: If a system is sending a file of 2500 pages, It is
advisable to add checkpoints after every 100 to ensures
that a 100-page unit is successfully received and
acknowledged independently.
• In this case, if a crash happens during transmission of page
number 824; then retransmission begins on page 801.
There is no need to retransmit pages 1 to 800 pages.
 Session protocol data unit
• In Layer 1, PDU is a bit, in Layer 2 it is a frame, in Layer 3 it
is a packet and in Layer 4 it is a segment. In Layer 5 and
above, PDU is referred to as data.
• Session layer support 36 different types of SPDUs.
SPDU has 4 fields:
• SI:- SPDU identifier indicates type of data unit.
• LI:- length indicator gives length of SPDU parameter field.
• PGI/PI:- parameter group information/ parameter
information field includes control information and quality
of service specifications.
• Data.