Documente Academic
Documente Profesional
Documente Cultură
UNIT IV
SYLLABUS: Data Compression introduction to JPEG, MPEG, and MP3 cryptography
symmetric-key public-key authentication key distribution key agreement PGP SSH
Transport layer security IP Security wireless security - Firewalls
5.1 Data Compression
Data compression is important to storage systems because it allows more bytes to be packed
into a given storage medium than when the data is uncompressed. Compression also reduces
file transfer time, saving time and communications bandwidth.
A good metric for compression is the compression factor (or compression ratio) given by:
Why Compress?
To reduce the bandwidth required for transmission and to reduce storage requirements
(speech, audio, video)
2
CS2363
Computer Networks
UNIT IV
3
CS2363
Computer Networks
UNIT IV
DCT Phase
DCT is a transformation closely related to the fast Fourier transform (FFT).
It takes an 8 8 matrix of pixel values as input and outputs an 8 8 matrix of frequency coefficients.
The input matrix is a 64-point signal that is defined in two spatial dimensions (x and y).
DCT breaks this signal into 64 spatial frequencies.
DCT, along with its inverse, which is performed during decompression, is defined by the following
formulas:
Quantization Phase
The second phase of JPEG is where the compression becomes lossy.
DCT does not itself lose information; it just transforms the image into a form that makes it easier to
know what information to remove.
Quantization is simply a matter of dropping the insignificant bits of the frequency coefficients
The basic quantization equation is
QuantizedValue(i, j) = IntegerRound(DCT(i, j)/Quantum(i, j))
4
CS2363
Computer Networks
UNIT IV
Encoding Phase
The final phase of JPEG encodes the quantized frequency coefficients in a compact form. This
results in additional compression, but this compression is lossless.
Starting with the DC coefficient in position (0,0), the coefficients are processed in the zigzag
sequence.
Along this zigzag, a form of run length encoding is usedRLE is applied to only the 0 coefficients,
which is significant because many of the later coefficients are 0.
The individual coefficient values are then encoded using a Huffman code.
5.4 Video Compression
The Moving Picture Experts Group method is used to compress video.
In principle, a motion picture is a rapid flow of a set of frames. Each frame is an image.
In other words, a frame is a spatial combination of pixels, and a video is a temporal combination of
frames. Compressing video means spatially compressing each frame and temporally compressing a set
of frames.
Spatial Compression
The spatial compression of each frame is done with JPEG (or a modification of it).
Temporal Compression
In temporal compression, redundant frames are removed.
5
CS2363
Computer Networks
UNIT IV
To temporally compress data, the MPEG method first divides frames into three categories:
I-frames, P-frames, and B-frames.
I-frames:
An intracoded frame (I-frame) is an independent frame that is not related to any other frame
They are present at regular intervals (e.g., every ninth frame is an I-frame).
An I-frame must appear periodically to handle some sudden change in the frame that the previous and
following frames cannot show.
P-frames:
A predicted frame (P-frame) is related to the preceding I-frame or P-frame.
In other words, each P-frame contains only the changes from the preceding frame.
P-frames can be constructed only from previous 1- or P-frames.
P-frames carry much less information than other frame types and carry even fewer bits
after compression.
B-frames:
A bidirectional frame (B.frame) is related to the preceding and following I-frame or P-frame.
Note that a B-frame is never related to another B-frame.
CS2363
Computer Networks
UNIT IV
In frequency masking, a loud sound in a frequency range can partially or totally mask a softer sound
in another frequency range. For example, we cannot hear what our dance partner says in a room where
a loud heavy metal band is performing.
In temporal masking, a loud sound can numb our ears for a short time even after the sound has
stopped.
MP3 uses these two phenomena, frequency and temporal masking, to compress audio signals.
The technique analyzes and divides the spectrum into several groups.
Zero bits are allocated to the frequency ranges that are totally masked.
A small number of bits are allocated to the frequency ranges that are partially masked.
A larger number of bits are allocated to the frequency ranges that are not masked.
MP3 produces three data rates: 96 kbps, 128 kbps, and 160 kbps.
The rate is based on the range of the frequencies in the original analog audio.
7
CS2363
Computer Networks
UNIT IV
5.6 Computer security is a branch of technology known as information security as applied to computers. The
objective of computer security varies and can include protection of information from theft or corruption, or
the preservation of availability, as defined in the security policy.
Security measures that are applied to each single message are
1. Privacy: It means that the sender and the receiver expect confidentiality. The transmitted message
must make sense to only the intended receiver. A good privacy technique quarantees to some extent
that a potential intruder cannot understand the contents of the messsage. Privacy can be achieved by
using either symmetric-key cryptography or public-key crytography, which are discussed under the
section cryptography.
2. Message authentication: It means that the receiver needs to be sure of the senders identity and that
an imposter has not sent the message. Digital signature can provide message authentication.
3. Message integrity: It means that the data must arrive at the receiver exactly as they were sent. There
must be no change during the transmission either accidental or malicious. Digital signature can
provide message integrity.
4. Nonrepudiation: It means that a receiver must be able to prove that a received message came from a
specific sender. The sender must not be able to deny sending a message that he or she, in fact, did
send. The burden of proof falls on the receiver. Digital signature can provide nonrepudiation.
Cryptography is the practice and study of hiding information.
8
CS2363
Computer Networks
UNIT IV
block / stream
block ciphers process messages in into blocks, each of which is then en/decrypted
The encryption and decryption algorithms are public; anyone can access them. The keys are secret
they need to be protected. The modern field of cryptography can be broadly divided as: Symmetric-key
cryptography and Public-key cryptography.
9
CS2363
Computer Networks
UNIT IV
C = p mod N
In this algorithm P is the plaintext, which is represented as a number; C is the number that represent the
ciphertext. The two numbers e and N are components of the public key. Plaintext is raised to the power e and
divided by N. the mod term indicates that the remainder is sent as ciphertext. The receiver uses the following
algorithm to decrypt the message:
d
P = C mod N
10
CS2363
Computer Networks
UNIT IV
In this algorithm, P and C are the same as before. The numbers d and N are the components of private key.
:p ,q both prime pq
Calculate n = p x q
Calculate (n) = (p -l)(q - 1)
Select integer e
Calculate
:d= e
-1
mod (n)
Public key
:KU = { e,n}
Private key
:KR = {d,n}
Encryption
Plaintext
M<n
Ciphertext
C = M (mod n)
Decryption
Ciphertext
Plaintext
M = C (mod n)
The steps involved in RSA algorithm for generating the key are
Select e such that e is relatively prime to (n) = 160 and less than (n); we choose e = 7.
Determine d such that ed = 1 mod (n) and d<160. the correct value is d = 23, because 23*7 = 161 = 1
mod 160.
Key :
Public key :KU = { e,n} = {7,187}
11
CS2363
Computer Networks
UNIT IV
Ciphertext
C = M (mod n)
C= 88 mod 187 = 11
Decryption
d
Plaintext
M= 11
23
M = C (mod n)
mod 187 = 88
5.6.3 Authenticators
Randomly tampering with encrypted text could result in valid-appearing plaintext
Encryption alone does not provide authentication
Need both authentication and integrity
Authenticator is a value included in message that allows verification of authenticity and integrity
of message
Authenticator contains redundant information similar to checksum and CRC
Authenticator proves that message has come from sender who know a certain secret
There are several common cryptographic hash algorithms, including MD5 (for Message Digest 5) and
Secure Hash Algorithm 1 (SHA-1). MD5 outputs a 128-bit digest, and SHA-1 outputs a 160-bit digest
A digest encrypted with a public key algorithm but using the private key is called a digital signature
because it provides nonrepudiation like a written signature.
Another kind of authenticator is similar, but instead of encrypting a hash, it uses a hash-like function
that takes a secret value (known to only the sender and the receiver) as a parameter.
Such a function outputs an authenticator called a message authentication code (MAC).
The sender appends the MAC to her plaintext message.
The receiver recomputes the MAC using the plaintext and the secret value, and compares that
recomputed MAC to the received MAC.
A common variation on MACs is to apply a cryptographic hash (such as MD5 or SHA-1) to the
concatenation of the plaintext message and the secret value.
12
CS2363
Computer Networks
UNIT IV
The resulting digest is called a hashed message authentication code (HMAC) since it is essentially a
MAC.
The HMAC, but not the secret value, is appended to the plaintext message.
Only a receiver who knows the secret value can compute the correct HMAC to compare with the
received HMAC
Examples are Message Digest 5 (MD5) and Secure Hash Algorithm 1 (SHA-1)
13
CS2363
Computer Networks
UNIT IV
14
CS2363
Computer Networks
UNIT IV
Limiting the amount of time a key is used results in less time for computationally
intensive attacks, less ciphertext for cryptanalysis, and less information exposed should the
key be broken.
Pre-distribution of symmetric keys is problematic.
Public key ciphers are generally superior for authentication and session key
establishment but too slow to use encrypting entire messages for confidentiality.
15
CS2363
Computer Networks
UNIT IV
There are commercial CAs, governmental CAs, and even free CAs.
To use a CA, you must know its own key. You can learn that CAs key, however, if you
can obtain a chain of CA-signed certificates that starts with a CA whose key you already
know.
Certificate Revocation
16
CS2363
Computer Networks
UNIT IV
A challenge-response protocol
Public Key Authentication Protocols
i)
ii)
17
CS2363
Computer Networks
Bob cannot be sure first message is fresh
Bob replies with his and Alices timestamp
Alice compares her time stamp with her clock
Alice sends session key and Bobs timestamp back to Bob
Bob compares his timestamp against his clock
Could use nonces instead of timestamps
UNIT IV
18
CS2363
Computer Networks
Kerberos Authentication
UNIT IV
19
CS2363
Computer Networks
UNIT IV
A = 5 mod 23
A = 15,625 mod 23
A=8
b
B = 5 mod 23
B = 30,517,578,125 mod 23
B = 19
a
s = 19 mod 23
s = 47,045,881 mod 23
s=2
b
s = 8 mod 23
s = 35,184,372,088,832 mod 23
s=2
6. Alice and Bob now share a secret (the number 2) because 6 15 is the same as 15 6.
20
CS2363
Computer Networks
UNIT IV
When Alice has a message to email to BOB, her PGP application goes through the steps involved in the above
figure.
1. The message is digitally signed by Alice; MD5 and SHA-1 are among the hashes that may be used in the
digital signature. Then her PGP application generates a new session key for just this one message.
2. The digitally signed message is encrypted using session key. Then the session key itself, encrypted using
Bobs public key, is appended to the message.
3. Alices PGP application remains her of the level of trust she had previously assigned to Bobs public key,
based on the number of certificates she has for Bob and the trustworthiness of the individual who signed the
certificates.
4. Finally, to conform emails SMTP protocol base64 encoding is applied to the message to convert it to an
ASCII compatible representation.
Upon receiving the PGP message in an email, Bobs PGP application reverse this process step by step to
obtain the original plaintext message and confirm Alices digital signature
5.8 SSH (Secure Shell)
The Secure Shell (SSH) provides a remote login service and is intended to replace the rsh, rlogin,
telnet, rcp, ftp.
21
CS2363
Computer Networks
UNIT IV
SSH is most often used to provide strong client/server authenticationwhere the SSH client runs on
the users desktop machine and the SSH server runs on some remote machine that the user wants to
log intobut it also supports message integrity and confidentiality.
This means that when they login, both their passwords and all the data they send or receive potentially
passes through countless untrusted networks.
SSH provides a way to encrypt the data sent over these connections and to improve the strength of the
authentication mechanism they use to login.
The latest version of SSH, version 2, consists of three protocols:
SSH-TRANS: a transport layer protocol
SSH-AUTH: an authentication protocol
SSH-CONN: a connection protocol
SSH - TRANS
Provides encrypted channel on top of TCP
Uses RSA to authenticate server and negotiates encryption algorithm to use.
Server tells client its public key
SSH-AUTH
Uses secure channel established in first step
User authenticates himself to server (logs in)
User can authenticate itself to sender by
Host-based authentication
SSH-CONN
It supports other insecure TCP apps; e.g. X Windows, IMAP
Run these apps over secure SSH tunnel: port Forwarding.
22
CS2363
Computer Networks
UNIT IV
The idea is illustrated in Figure 8.14, where we see a client on host A indirectly communicating with a server
on host B by forwarding its traffic through an SSH connection. The mechanism is called port forwarding
because when messages arrive at the well-known SSH port on the server, SSH first decrypts the contents, and
then forwards the data to the actual port at which the server is listening.
5.9 IP Security (IPsec)
IPsec provides three degreesof freedom.
1) allows users to select from a variety of cryptographic algorithms and specialized security protocols.
2) IPsec allows users to select from a large menu of security properties,including access control, integrity,
authentication, originality, and condentiality.
3) IPsec can be used to protect narrow streams (e.g., packets belonging to a particular TCPconnection being
sent between a pair of hosts) or wide streams (e.g., all packets owingbetween a pair of gateways).
IPsec consists of two parts.
The first part is a pair of protocols that implement the available security services.
AuthenticationHeader (AH), Provides access control, connectionless message integrity,
authentication, and antireplay protection
Encapsulating Security Payload (ESP), which supports these same services, plus condentiality.
The second part is support for key management, which ts under an umbrella protocol known as
Internet Security Association and Key Management Protocol(ISAKMP).
The abstraction that binds these two pieces together is the security association (SA).
An SA is a simplex (one-way) connection with one or more of the available security properties.
When created, an SA is assigned an ID number called a security parameters index (SPI) by the
receiving machine.
A combination of this SPI and the destination IP addresses uniquely identies an SA.
SAs are established, negotiated, modied, and deleted using ISAKMP.
23
CS2363
Computer Networks
UNIT IV
ESP is the protocol used to securely transport data over an established SA.
ESP Format
The SPI eld lets the receiving host identify the security association to which the packet belongs.
The packets PayloadData contains the data described by the NextHdr eld.
The PadLength eld records how much padding was added to the data; padding is sometimes
necessary because, for example, the cipher requires the plaintext to be a multiple of a certain
number of bytes, or to ensure that the resulting ciphertext terminates on a 4-byte boundary.
IPsec supports a tunnel mode as well as the more straightforward transport mode.
In a transport mode SA, ESPs payload data is simply a message for a higher layer such
as UDP or TCP.
In this mode, IPsec acts as an intermediate protocol layer, much like SSL/TLS does
between TCP and a higher layer.
When an ESP message is received, its payload is passed to the higher level protocol.
24
CS2363
Computer Networks
UNIT IV
25
CS2363
Computer Networks
UNIT IV
Record protocol
TLSs record protocol adds condentiality and integrity to the underlying transport service.
Messages handed down from the application layer are:
1. Fragmented or coalesced into blocks of a convenient size for the following steps;
2 . Optionally compressed;
3. Integrity-protected using an HMAC;
4. Encrypted using a symmetric-key cipher;
5. Passed to the transport layer (normally TCP) for transmission.
The record protocol uses an HMAC as an authenticator.
The client and server have different keys to use when computing HMACs, making them even harder to
break.
Furthermore, each record protocol message is assigned a sequence number, which is included when
the HMAC is computed
. This implicit sequence number prevents replays or reordering of messages.
Another interesting feature of the TLS protocol, which is quite a useful feature for Web transactions,
is the ability to resume a session.
Session resumption is an optimization of the handshake that can be used in those cases where the
client and the server have already established some shared state in the past. The client simply includes
the session ID from a previously established session initial handshake message. If the server nds that
it still has state for that session, and the resumption option was negotiated when that session was
originally created, then the server can reply to the client with an indication of success.
The wireless device and the Access Point (AP) are preconfigured with a
shared
CS2363
26
Computer Networks
UNIT IV
passphraseessentially a very long passwordfrom with the Pairwise Master Key is
cryptographically derived.
5.12 Firewalls
A firewall is a device (usually a router or a computer) installed between the internal network of an
organization and the
rest of the Internet. It is designed to forward some packets and filter (not forward) others.
27
CS2363
Computer Networks
UNIT IV
It can forward or block packets based on the information in the network layer and transport layer headers:
source and destination IP addresses, source and destination port addresses, and type of protocol (TCP or
UDP).
A packet-filter firewall is a router that uses a filtering table to decide which packets must be discarded (not
forwarded). Figure 32.23 shows an example of a filtering table.
Proxy Firewall
Sometimes we need to filter a message based on the information available in the message itself (at the
application layer).
As an example, assume that an organization wants to implement the following policies regarding its Web
pages: Only those Internet users who have previously established business relations with the company can
have access; access to other users must be blocked.
In this case, testing must be done at the application level (using URLs).
One solution is to install a proxy computer (sometimes called an application gateway), which stands between
the customer (user client) computer and the corporation computer shown in Figure 32.24.
28
CS2363
Computer Networks
UNIT IV
When the user client process sends a message, the proxy firewall runs a server process to receive the request.
The server opens the packet at the application level and finds out if the request is legitimate.
If it is, the server acts as a client process and sends the message to the real server in the corporation. If it is
not, the message is dropped and an error message is sent to the external user.