TCP

• TCP stands for Transmission Control Protocol. It is a transport layer protocol

that facilitates the transmission of packets from source to destination. It is a
connection-oriented protocol that means it establishes the connection prior to the
communication that occurs between the computing devices in a network. This
protocol is used with an IP protocol, so together, they are referred to as a TCP/IP.
• The main functionality of the TCP is to take the data from the application layer.
Then it divides the data into a several packets, provides numbering to these
packets, and finally transmits these packets to the destination. The TCP, on the
other side, will reassemble the packets and transmits them to the application layer.
As we know that TCP is a connection-oriented protocol, so the connection will
remain established until the communication is not completed between the sender
and the receiver.
Features of TCP protocol

• Transport Layer Protocol

• TCP is a transport layer protocol as it is used in transmitting the data
from the sender to the receiver.
• Reliable
• TCP is a reliable protocol as it follows the flow and error control
mechanism. It also supports the acknowledgment mechanism, which
checks the state and sound arrival of the data. In the acknowledgment
mechanism, the receiver sends either positive or negative
acknowledgment to the sender so that the sender can get to know
whether the data packet has been received or needs to resend.
• Order of the data is maintained
• This protocol ensures that the data reaches the intended receiver in the
same order in which it is sent. It orders and numbers each segment so
that the TCP layer on the destination side can reassemble them based
on their ordering.
• Connection-oriented
• It is a connection-oriented service that means the data exchange occurs
only after the connection establishment. When the data transfer is
completed, then the connection will get terminated.
• Full duplex
• It is a full-duplex means that the data can transfer in both directions at
the same time.
• Stream-oriented
• TCP is a stream-oriented protocol as it allows the sender to send the
data in the form of a stream of bytes and also allows the receiver to
accept the data in the form of a stream of bytes. TCP creates an
environment in which both the sender and receiver are connected by
an imaginary tube known as a virtual circuit. This virtual circuit
carries the stream of bytes across the internet.
Working of TCP

• In TCP, the connection is established by using three-way handshaking.

The client sends the segment with its sequence number. The server, in
return, sends its segment with its own sequence number as well as the
acknowledgement sequence, which is one more than the client
sequence number. When the client receives the acknowledgment of its
segment, then it sends the acknowledgment to the server. In this way,
the connection is established between the client and the server.
Advantages of TCP

• It provides a connection-oriented reliable service, which means that it

guarantees the delivery of data packets. If the data packet is lost across
the network, then the TCP will resend the lost packets.
• It provides a flow control mechanism using a sliding window protocol.
• It provides error detection by using checksum and error control by
using Go Back or ARP protocol.
• It eliminates the congestion by using a network congestion avoidance
algorithm that includes various schemes such as additive
increase/multiplicative decrease (AIMD), slow start, and congestion
window.
TCP Header Format
• Source port: It defines the port of the application, which is sending the
data. So, this field contains the source port address, which is 16 bits.
• Destination port: It defines the port of the application on the receiving
side. So, this field contains the destination port address, which is 16 bits.
• Sequence number: This field contains the sequence number of data bytes
in a particular session.
• Acknowledgment number: When the ACK flag is set, then this contains
the next sequence number of the data byte and works as an acknowledgment
for the previous data received. For example, if the receiver receives the
segment number 'x', then it responds 'x+1' as an acknowledgment number.
• HLEN: It specifies the length of the header indicated by the 4-byte words in
the header. The size of the header lies between 20 and 60 bytes. Therefore,
the value of this field would lie between 5 and 15.
• Reserved: It is a 4-bit field reserved for future use, and by default, all are
set to zero
1.There are six control bits or flags:URG: It represents an urgent
pointer. If it is set, then the data is processed urgently.
2.ACK: If the ACK is set to 0, then it means that the data packet does
not contain an acknowledgment.
3.PSH: If this field is set, then it requests the receiving device to push
the data to the receiving application without buffering it.
4.RST: If it is set, then it requests to restart a connection.
5.SYN: It is used to establish a connection between the hosts.
6.FIN: It is used to release a connection, and no further data exchange
will happen.
• Window size
It is a 16-bit field. It contains the size of data that the receiver can accept. This
field is used for the flow control between the sender and receiver and also
determines the amount of buffer allocated by the receiver for a segment. The
value of this field is determined by the receiver.
• Checksum
It is a 16-bit field. This field is optional in UDP, but in the case of TCP/IP, this
field is mandatory.
• Urgent pointer
It is a pointer that points to the urgent data byte if the URG flag is set to 1. It
defines a value that will be added to the sequence number to get the sequence
number of the last urgent byte.
• Stream Control Transmission Protocol (SCTP) is a network
protocol that operates at the transport layer of the Internet Protocol
(IP) suite. It is designed for transmitting multiple streams of data
simultaneously between two endpoints that have established a
connection in a computer network.
key points about SCTP:

1.Connection-Oriented: Unlike the connectionless nature of User

Datagram Protocol (UDP), SCTP is connection-oriented. It establishes
a reliable connection between endpoints before data transmission.
2.History and Purpose:
1. SCTP was developed by the Transport Area Working Group (TSVWG) of
the Internet Engineering Task Force (IETF).
2. Its purpose was to create a system similar to the telephone Signaling System
7 (SS7) switching network, allowing the transmission of call control signals
over networks.
3. SCTP combines features of both TCP (Transmission Control Protocol)
and UDP (User Datagram Protocol).
3.Message-Oriented Data Transfer:
1. SCTP provides message-oriented data transfer, similar to UDP.
2. It ensures concurrent transmission over several streams of data in units
called messages between connected endpoints.
4.Use Cases:
3. SCTP is used for telephone connections over the internet.
4. It supports transfer of data over the network in single or multiple IP cases.
5. In 3G mobile networks, SCTP transports signaling messages to and from
the Signaling System 7 (SS7) using protocols like M3UA, M2UA, or SUA.
5.Multihoming:
1. SCTP allows endpoints to have different IP addresses associated with them.
2. Multihoming ensures that data can be sent to an alternate IP address if the
primary address becomes unreachable.
6.
What is Transport Layer Security (TLS)?

• Transport Layer Security, or TLS, is a widely adopted security

protocol designed to facilitate privacy and data security for
communications over the Internet. A primary use case of TLS is
encrypting the communication between web applications and servers,
such as web browsers loading a website. TLS can also be used to
encrypt other communications such as email, messaging, and
voice over IP (VoIP). In this article we will focus on the role of TLS
in web application security.
• TLS was proposed by the Internet Engineering Task Force (IETF), an
international standards organization, and the first version of the protocol
was published in 1999. The most recent version is TLS 1.3, which was
published in 2018.
• What is the difference between TLS and SSL?
• TLS evolved from a previous encryption protocol called Secure Sockets
Layer (SSL), which was developed by Netscape. TLS version 1.0
actually began development as SSL version 3.1, but the name of the
protocol was changed before publication in order to indicate that it was
no longer associated with Netscape. Because of this history, the terms
TLS and SSL are sometimes used interchangeably.
• What is the difference between TLS and HTTPS?
• HTTPS is an implementation of TLS encryption on top of the HTTP
protocol, which is used by all websites as well as some other web services.
Any website that uses HTTPS is therefore employing TLS encryption.
• Why should businesses and web applications use the TLS protocol?
• TLS encryption can help protect web applications from data breaches and
other attacks. Today, TLS-protected HTTPS is a standard practice for
websites. The Google Chrome browser gradually
cracked down on non-HTTPS sites, and other browsers have followed suit.
Everyday Internet users are more wary of websites that do not feature the
HTTPS padlock icon.
• What does TLS do?
• There are three main components to what the TLS protocol
accomplishes: Encryption, Authentication, and Integrity.
• Encryption: hides the data being transferred from third parties.
• Authentication: ensures that the parties exchanging information are
who they claim to be.
• Integrity: verifies that the data has not been forged or tampered with.
• What is a TLS certificate?
• For a website or application to use TLS, it must have a TLS certificate
installed on its origin server (the certificate is also known as an "
SSL certificate" because of the naming confusion described above). A
TLS certificate is issued by a certificate authority to the person or
business that owns a domain. The certificate contains important
information about who owns the domain, along with the server's
public key, both of which are important for validating the server's
identity.
• How does TLS work?
• A TLS connection is initiated using a sequence known as the
TLS handshake. When a user navigates to a website that uses TLS, the
TLS handshake begins between the user's device (also known as
the client device) and the web server.
• During the TLS handshake, the user's device and the web server:
• Specify which version of TLS (TLS 1.0, 1.2, 1.3, etc.) they will use
• Decide on which cipher suites (see below) they will use
• Authenticate the identity of the server using the server's TLS
certificate
• Generate session keys for encrypting messages between them after the
handshake is complete
• The TLS handshake establishes a cipher suite for each communication
session. The cipher suite is a set of algorithms that specifies details such as
which shared encryption keys, or session keys, will be used for that
particular session. TLS is able to set the matching session keys over an
unencrypted channel thanks to a technology known as
public key cryptography.
• The handshake also handles authentication, which usually consists of the
server proving its identity to the client. This is done using public keys.
Public keys are encryption keys that use one-way encryption, meaning that
anyone with the public key can unscramble the data encrypted with the
server's private key to ensure its authenticity, but only the original sender
can encrypt data with the private key. The server's public key is part of its
TLS certificate.
• Once data is encrypted and authenticated, it is then signed with a message
authentication code (MAC). The recipient can then verify the MAC to
ensure the integrity of the data. This is kind of like the tamper-proof foil
found on a bottle of aspirin; the consumer knows no one has tampered with