Documente Academic
Documente Profesional
Documente Cultură
$PLU0HKPRRG
&RXUVH2XWOLQH
%DVLFVRI'DWD&RPPXQLFDWLRQ
%DVLFVRI&RPSXWHU1HWZRUNV
26,5HIHUHQFH0RGHO ,QWHUQHW/D\HUV
'DWD7UDQVPLVVLRQ )ORZFRQWURO
7UDQVPLVVLRQ0HGLD*XLGHG 8QJXLGHG
/$1 :$1
:LUHOHVV7HFKQRORJLHV
(UURUGHWHFWLRQ 5HFRYHU\
/RJLFDODGGUHVVLQJ,3Y,3Y
,QWHUQHW3URWRFROV$53,&037&38'3
5RXWLQJSURWRFROV
&RQJHVWLRQFRQWURO 4R6
1HWZRUN6HFXULW\
McGraw-Hill The McGraw-Hill Companies, Inc., 2004
2
Lecture 1
Introduction
&RPSRQHQWV
'DWD5HSUHVHQWDWLRQ
'LUHFWLRQRI'DWD)ORZ
DATA REPRESENTATION
TEXT
NUMBERS
IMAGES
VIDEO
Simplex
Half-duplex
(IIHFWLYHQHVVRIGDWDFRPPXQLFDWLRQ
'HOLYHU\
$FFXUDF\
7LPHOLQHVV
:K\GRZHQHHGWR1HWZRUN
&RPPXQLFDWLRQ
6KDULQJ6HUYLFHV$SSOLFDWLRQV
+DUGZDUHILOHV
1HWZRUN&ULWHULD
BB3HUIRUPDQFH
BB5HOLDELOLW\
BB6HFXULW\
3K\VLFDO6WUXFWXUHV
BB7\SHVRIFRQQHFWLRQ
BB3K\VLFDO7RSRORJLHV
&DWHJRULHVRI1HWZRUNV
McGraw-Hill The McGraw-Hill Companies, Inc., 2004
11
Types Of Connection
Point-to-point connection
Network Topology
Categories of topology
Dedicated point to
point link
n(n-1)/2 links for n
nodes
Device needs n-1
ports
Easy fault
isolation
Privacy & Security
Star topology
Multipoint
Backbone connects all devices
Support limited number of devices
Fault isolation is difficult
Adding new devices difficult
Ring topology
LAN
MAN
MAN design to extend over an entire city
Multiples LANs could be connected into a MAN
MAN uses local telephone lines or privately owned
Learning Outcomes :
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
25
Note:
26
27
Note:
Signals can be analog or digital. Analog
signals can have an infinite number of
values in a range; digital signals can have
only a limited number of values.
Comparison of analog and digital signals
28
29
Sine Wave
Phase
Examples of Sine Waves
Time and Frequency Domains
Composite Signals
Bandwidth
30
31
Note:
32
Note:
34
Solution
We know that one complete cycle is 360 degrees.
Therefore, 1/6 cycle is
S /360 rad = 1.046 rad
(1/6) 360 = 60 degrees = 60 x 2S
35
36
37
38
40
41
Bandwidth
42
Solution
B = fh fl = 900 100 = 800 Hz
The spectrum has only five spikes, at 100, 300, 500, 700,
and 900
43
Example 3
44
45
A digital signal
46
Solution
The bit interval is the inverse of the bit rate.
Bit interval = 1/ 200 s = 0.005 s
47
48
49
Note:
50
26, ,QWHUQHW
0RGHOV
51
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
/D\HUHG7DVNV
6HQGHU5HFHLYHUDQG&DUULHU
+LHUDUFK\
6HUYLFHV
52
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
6HQGLQJDOHWWHU
53
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
26,5HIHUHQFH0RGHO
54
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
,QWHUQHW0RGHO
55
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
3HHUWRSHHUSURFHVVHV
56
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
$QH[FKDQJHXVLQJWKH,QWHUQHWPRGHO
57
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
3K\VLFDOOD\HU
58
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
1RWH
7KHSK\VLFDOOD\HULVUHVSRQVLEOHIRU
WUDQVPLWWLQJLQGLYLGXDOELWVIURPRQH
QRGHWRWKHQH[W
0DMRUGXWLHVRISK\VLFDOOD\HU
3K\VLFDO&KDUDFWHULVWLFVRILQWHUIDFHPHGLD
5HSUHVHQWDWLRQRIELWV
'DWD5DWH
6\QFKURQL]DWLRQRIELWV
59
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
'DWDOLQNOD\HU
7KHGDWDOLQNOD\HULVUHVSRQVLEOHIRU
WUDQVPLWWLQJIUDPHVIURPRQHQRGHWR
WKHQH[W
60
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
12'(7212'('(/,9(5<
61
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
'DWDOLQNOD\HU
0DMRUGXWLHVRIGDWDOLQNOD\HU
)UDPLQJ
3K\VLFDO$GGUHVVLQJ
)ORZ&RQWURO
(UURU&RQWURO
$FFHVV&RQWURO
62
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
([DPSOH
$QRGHZLWKSK\VLFDODGGUHVVVHQGVDIUDPHWRDQRGHZLWKSK\VLFDO
DGGUHVV7KHIUDPHFRQWDLQVSK\VLFDODGGUHVVLQWKHKHDGHU
63
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
1HWZRUNOD\HU
7KHQHWZRUNOD\HULVUHVSRQVLEOHIRUWKH
GHOLYHU\RISDFNHWVIURPWKHRULJLQDOVRXUFH
WRWKHILQDOGHVWLQDWLRQ
64
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
6RXUFHWRGHVWLQDWLRQGHOLYHU\
65
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
1HWZRUNOD\HU
0DMRUGXWLHVRIQHWZRUNOD\HU
6RXUFHWRGHVWLQDWLRQGHOLYHU\
/RJLFDO$GGUHVVLQJ
5RXWLQJ
66
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
([DPSOH
,Q )LJXUH ZH ZDQW WR VHQG GDWD IURP D QRGH ZLWK
QHWZRUN DGGUHVV $ DQG SK\VLFDO DGGUHVV ORFDWHG RQ
RQH /$1 WR D QRGH ZLWK D QHWZRUN DGGUHVV 3 DQG
SK\VLFDO DGGUHVV ORFDWHG RQ DQRWKHU /$1 %HFDXVH
WKH WZR GHYLFHV DUH ORFDWHG RQ GLIIHUHQW QHWZRUNV ZH
FDQQRW XVH SK\VLFDO DGGUHVVHV RQO\ WKH SK\VLFDO
DGGUHVVHVRQO\KDYHORFDOMXULVGLFWLRQ:KDWZHQHHGKHUH
DUH XQLYHUVDO DGGUHVVHV WKDW FDQ SDVV WKURXJK WKH /$1
ERXQGDULHV 7KH QHWZRUN ORJLFDO DGGUHVVHV KDYH WKLV
FKDUDFWHULVWLF
67
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
)LJXUH([DPSOH
68
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
7UDQVSRUWOD\HU
7KHWUDQVSRUWOD\HULVUHVSRQVLEOHIRU
GHOLYHU\RIDPHVVDJHIURPRQHSURFHVV
WRDQRWKHU
69
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
5HOLDEOHSURFHVVWRSURFHVVGHOLYHU\RIDPHVVDJH
70
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
7UDQVSRUWOD\HU
0DMRUGXWLHVRIWUDQVSRUWOD\HU
3URFHVVWR3URFHVVGHOLYHU\RIPHVVDJH
3RUW$GGUHVVLQJ
6HJPHQWDWLRQ
&RQQHFWLRQ&RQWURO
71
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
$SSOLFDWLRQOD\HU
7KHDSSOLFDWLRQOD\HULVUHVSRQVLEOHIRU
SURYLGLQJVHUYLFHVWRWKHXVHU
72
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
6XPPDU\RIGXWLHV
73
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
26,0RGHO
$FRPSDULVRQ
74
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
26,PRGHO
75
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
6HVVLRQ/D\HU
,WDFWVDVDQHWZRUNGLDORJFRQWUROOHU
,WHVWDEOLVKHVPDLQWDLQDQG6\QFKURQL]H
WKHLQWHUDFWLRQEZV\VWHP
76
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
3UHVHQWDWLRQ/D\HU
,WKDQGOHVWKH6\QWD[ 6HPDQWLFVRIWKH
LQIRUPDWLRQH[FKDQJHEZV\VWHPV
7KHPDLQWDVNSHUIRUPHGLQWKLVOD\HUDUH
'DWD7UDQVODWLRQ
(QFU\SWLRQ
'HFU\SWLRQ
&RPSUHVVLRQ
0F*UDZ+LOO 7KH0F*UDZ+LOO&RPSDQLHV,QF
77
LAN:
Part1: Media &
Connecting devices
78
79
Twisted-pair cable
80
81
Coaxial cable
RG-59 75 : Cable TV
Optical fiber
83
84
Repeaters
Hubs
Bridges
Connecting devices
86
87
Note:
A repeater is a regenerator,
not an amplifier.
88
89
Hubs
90
91
Bridge
92
93
SWITCH
95
LAN: Part 2
Ethernet
96
97
98
MAC Sublayer
Physical Layer
Physical Layer Implementation
99
MAC Sublayer
It received data from upper layer & frames it.
It passes the frames to PLS sublayer for
encoding.
Access Method
Traditional Ethernet uses CSMA/CD as access
method .
100
101
103
104
105
106
107
108
109
MAC Sublayer
Physical Layer
Physical Layer Implementation
110
112
113
100Base-TX implementation
114
115
116
117
118
119
MAC Sublayer
Access Method
Physical Layer
120
Access Method
Gigabit Ethernet uses two approaches for medium
access 1) Half duplex using CSMA/CD.
2) Full duplex no need for CSMA/CD
Reconciliation Sublayer sends 8 bit parallel
data to Physical sublayer
GMII is a a specification that defines how RS is
connected to PHY sublayer.
121
122
123
Wireless
LANs & Virtual LAN
124
Architecture
Physical Layer
MAC Layer
Addressing Mechanism
125
Architecture
Architecture defines two kinds of services
1) Basic Service Set (BSS) 2)Extended Service Set (ESS)
BSS
BSS consists of Wireless Stations & possibly a
central base station known as access point(AP)
126
127
128
129
130
131
132
133
134
Architecture
135
Architecture
Bluetooth defines two types of networks:
piconets and scatternet
A piconet can have upto 8 stations one master and the rest are
slaves.
All slaves synchronize their clock & hopping sequence with master
136
137
138
139
140
141
142
143
144
______________________________________________
______________________________________________
______________________________________________
______________________________________________
______________________________________________
______________________________________________
145
Internetworking,
& IP addressing
146
147
Links in an internetwork
148
149
150
151
152
Datagram approach
154
155
Addressing
Internet Address
Classful Addressing
Subnetting
Classless Addressing
Dynamic Address Configuration
156
157
Dotted-decimal notation
158
Solution
We replace each group of 8 bits with its equivalent decimal
number (see Appendix B) and add dots for separation:
a. 129.11.11.239
b. 249.155.251.15
159
Example 2
Change the following IP addresses from dotted-decimal notation to
binary notation.
a. 111.56.45.78
b. 75.45.34.78
Solution
We replace each decimal number with its binary equivalent
(see Appendix B):
160
161
162
Solution
See the procedure in Figure 19.11.
163
164
Solution
a. The first byte is 227 (between 224 and 239); the class is D.
b. The first byte is 252 (between 240 and 255); the class is E.
c. The first byte is 134 (between 128 and 191); the class is B.
165
166
167
Note:
168
169
Note:
170
171
Network address
172
Solution
The class is A. Only the first byte defines the netid. We can find the network
address by replacing the hostid bytes (56.7.91) with 0s. Therefore, the
network address is 23.0.0.0.
173
Example 6
Given the address 132.6.17.85, find the network address.
Solution
The class is B. The first 2 bytes defines the netid. We can find the network
address by replacing the hostid bytes (17.85) with 0s. Therefore, the
network address is 132.6.0.0.
Example 7
Given the network address 17.0.0.0, find the class.
Solution
The class is A because the netid is only 1 byte.
174
175
176
177
178
179
180
181
Note:
182
Solution
The router follows three steps:
1. The router looks at the first byte of the address to find the
class. It is class B.
2. The default mask for class B is 255.255.0.0. The router ANDs
this mask with the address to get 190.240.0.0.
3. The router looks in its routing table to find out how to route the
packet to this destination. Later, we will see what happens if
this destination does not exist. 183
184
Solution
The router follows three steps:
1. The router must know the mask. We assume it is /19, as shown in
Figure 19.23.
2. The router applies the mask to the address, 190.240.33.91. The subnet
address is 190.240.32.0.
3. The router looks in its routing table to find how to route the packet to
this destination. Later, we will see what happens if this destination does
not exist.
185
Example 10
In a class A subnet, we know the IP address of one of the hosts and
the mask as given below: IP address: 25.34.12.56
Masks : 255.255.0.0, Find the network address
Solution
186
Solution
187
Super netting
189
190
191
Summary
______________________________________________
______________________________________________
______________________________________________
______________________________________________
______________________________________________
______________________________________________
192
Network Routing
& Routing Protocols
193
Routing
194
Next hop & Network Specific Routing
195
197
198
Classifying Routing Protocols
Dynamic routing protocols are grouped according to characteristics.
Examples include:
RIP
IGRP
EIGRP
OSPF
BGP
199
200
Classifying Routing Protocols
201
205
206
Routing Information Protocol (RIP)(1)
207
208
OSPF (Open shortest path first)
209
210
Sample AS
211
212
Border Gateway Protocol (BGP)
Border Gateway Protocol is the interdomain routing
protocol for the Internet for routing between
autonomous systems
Inter domain routing is normally based on policies
Currently in version 4 (1995)
Network administrators can specify routing policies
BGP is a distance vector protocol (However, routing
messages in BGP contain complete routes)
213
214
BGP Basics ...
Each AS originates a set of NLRI (Network
Layer Reach ability Information)
NLRI is exchanged between BGP peers
Can have multiple paths for a given prefix
Picks the best path and installs in the IP
forwarding table
Policies applied (through attributes)
influences BGP path selection
215
BGP Peers
A C
AS 100 AS 101
220.220.8.0/24 220.220.16.0/24
B D
BGP speakers E
are called peers
AS 102
Peers in different ASs
220.220.32.0/24
are called External Peers
eBGP TCP/IP
Peer Connection
Note: eBGP Peers normally should be directly connected. 216
BGP Peers
A C
AS 100 AS 101
220.220.8.0/24 220.220.16.0/24
B D
BGP Peers
A C
AS 100 AS 101
220.220.8.0/24 220.220.16.0/24
B D
(NLRI)
BGP Update
Messages
218
Summary
______________________________________________
______________________________________________
______________________________________________
______________________________________________
______________________________________________
______________________________________________
219
Network Layer
Protocols ARP,IPv4
IPv6,ICMP
220
20-1 NETWORK LAYER PROTOCOL
221
Overview
Network
ARP Access
RARP Link Layer
Media
222
Types of Mapping
Dynamic Mapping
A protocol is used to find IP address corresponding to the MAC or vice
versa
Two protocols are ARP (IP to MAC) and RARP (MAC to IP)
223
Note:
The Internet is based on IP addresses
Data link protocols (Ethernet, FDDI, ATM) may have
different (MAC) addresses
The ARP and RARP protocols perform the translation
between IP addresses and MAC layer addresses
IP Output IP Input
Ethernet
225
ARP Request:
Argon broadcasts an ARP request to all stations on the
network: What is the hardware address of Router137?
226
Address Translation with ARP
ARP Reply:
Router 137 responds with an ARP Reply which contains the
hardware address
227
20-2 IPv4
229
230
Table 20.1 Types of service
231
232
Protocol field and encapsulated data
IP datagram encapsulate data from several higher
level protocols
This field specify the protocol use by IP datagram
233
234
Maximum transfer unit (MTU)
235
236
Flags used in fragmentation
237
IPv6
239
240
Format of an IPv6 datagram
241
242
Comparison between IPv4 and IPv6 packet headers
243
244
20-4 TRANSITION FROM IPv4 TO IPv6
246
Dual stack
247
Tunneling strategy
248
Header translation strategy
249
Header translation
250
Internet Control Message
Protocol (ICMP)
251
252
Basic Ideas
ICMP error messages never generates
due to:
ICMP error message selves
Broadcast, multicast
Others fragments, except first fragment
This to prevent broadcast storm
What are broadcast storm
a large number of broadcast datalink
frames transmitted nearly simultaneous
from several hosts
LAN may have been brought to standstill
253
Example
Workstation 1 is sending a datagram to Workstation 6
Fa0/0 on Router C goes down
Router C then utilizes ICMP to send a message back to Workstation 1
indicating that the datagram could not be delivered.
ICMP does not correct the encountered network problem.
Router C knows only the source and destination IP addresses of the
datagram, not know about the exact path the datagram took to Router
C, therefore, Router C can only notify Workstation 1 of the failure
ICMP reports on the status of the delivered packet only to the source
254
device.
Types of Error handle in ICMP
Five types of errors are handled through ICMP
Destination unreachable
When router cannot route datagram to destination then its is
discarded & host sends a destination unreachable message
Source quench (flow and congestion control)
It informs source that datagram is discarded
Its warns source of congestion in the path
Time exceeded (TTL =0 or Packet does not arrive on time )
Parameter Problem
Redirection (to update routing table of a host )
255
256
Summary:
_______________________________________
_______________________________________
_______________________________________
_______________________________________
_______________________________________
_______________________________________
_______________________________________
257
258
PROCESS-TO-PROCESS DELIVERY
260
Port numbers
261
262
IANA Internet Assigned Number Authority ranges
Socket address
263
264
Error control
265
266
USER DATAGRAM PROTOCOL (UDP)
268
Well-known ports used with UDP
269
Example 23.1
SNMP uses two port numbers (161 and 162), each for a
different purpose.
270
User datagram format
271
Note
UDP length
= IP length IP headers length
272
Figure 23.10 Pseudoheader for checksum calculation
273
Example 23.2
274
Checksum calculation of a simple UDP user datagram
275
Queues in UDP
276
TCP
278
Stream delivery
279
TCP segments
281
282
TCP segment format
283
Control field
Description
p off fflags
g in the control field
f
284
Connection establishment using three-way handshaking
285
286
Data transfer
287
288
Note
The FIN segment consumes one
sequence number if it does
not carry data.
289
Sliding window
290
Note
291
Summary:
_______________________________________
_______________________________________
_______________________________________
_______________________________________
_______________________________________
_______________________________________
_______________________________________
292
Computer Networks , Topic 10
By Amir Mehmood
293
Announcement:
294
Traffic descriptors
295
296
CONGESTION
297
Queues in a router
298
Packet delay and throughput as functions of load
299
CONGESTION CONTROL
301
302
QUALITY OF SERVICE
303
Flow characteristics
304
TECHNIQUES TO IMPROVE QoS
FIFO queue
306
Priority queuing
307
308
Traffic Shaping
Traffic shaping is a mechanism to control amount and the data
rate of the traffic sent to network, leaky bucket, token bucket
Leaky bucket
309
310
Token bucket
311
INTEGRATED SERVICES
312
Integrated Services is a flow-based QoS
model designed for IP.
Path messages
313
Resv messages
Reservation merging
314
Reservation merging
315
DIFFERENTIATED SERVICES
316
Note
317
DS field
318
Traffic conditioner
To implement DS each nodes uses traffic conditioners
such as
Meter : checks if incoming flow matches the neighbor
traffic profile
Marker :either mark or down-mark a packet based on
information received by meter
319
Summary:
_______________________________________
_______________________________________
_______________________________________
_______________________________________
_______________________________________
_______________________________________
_______________________________________
320
Computer Networks , Topic 11
By Amir Mehmood
Introduction to Network
Security
321
Background
Information Security requirements have changed
in recent times
traditionally provided by physical and
administrative mechanisms
computer use requires automated tools to
protect files and other stored information
Intrusion detection & prevention methods use to
protect networks from attackers
use of networks and communications links
requires measures to protect data during
transmission
322
Definitions
Computer Security - generic name for the
collection of tools designed to protect data
and to thwart hackers
Network Security - measures to protect data
during their transmission & network services
and resources
Internet Security - measures to protect data
during their transmission over a collection of
interconnected networks
(William Stallings )
323
Security Trends
324
Aspects of Security
consider 3 aspects of information
security:
security attack
security mechanism
security service
325
Security Attack
any action that compromises the security of
information owned by an organization
information security is about how to prevent attacks,
or failing that, to detect attacks on information-
based systems
often threat & attack used to mean same thing
have a wide range of attacks
can focus of generic types of attacks
passive
active
326
Passive Attacks
327
Active Attacks
328
Security Service
enhance security of data processing systems and
information transfers of an organization
intended to counter security attacks
using one or more security mechanisms
often replicates functions normally associated
with physical documents
which, for example, have signatures, dates; need
protection from disclosure, tampering, or destruction;
329
Security Services
X.800:
a service provided by a protocol layer of
communicating open systems, which ensures
adequate security of the systems or of data
transfers
331
Security Mechanism
feature designed to detect, prevent, or
recover from a security attack
no single mechanism that will support all
services required
however one particular element underlies
many of the security mechanisms in use:
cryptographic techniques
hence our focus on this topic
332
Model for Network Security
333
335
336
Summary
Background & definitions
Aspects of security attacks, services,
mechanisms
models for network (access) security
337
Security attributes
& basics of
Cryptography
338
Key Security Attributes
Alice
secure secure
Bob sender receiver
channel
339
Confidentiality
Integrity
Authentication
Availability
Non Reputation
340
Confidentiality
It ensures that information content cannot
be revealed by unauthorized entities.
It is a Process of concealing information on
the network. Alice
It prevents eavesdropping.
secure secure
Bob sender receiver
channel
Sam Snoop
341
Integrity
It ensures data packets are unaltered during
transition from source to destination.
Attackers can violate data integrity through
insertion, substitution, deletion or forging .
Different ways of maintaining integrity.
342
Authentication
It is a process that allows node to verify the
identity of the communicating node.
Two types of authentications
Alice
1)Entity authentication
2)Data authentication
Packet
secure secure
Bob sender receiver
Packet Alice receive
Packet
Sam
343
Availability
It ensuring that system resources and
services are available for use by authorized
users of the system.
Intruders can deny services through Alice
denial of services attacks
secure secure
Bob sender receiver
System resources Alice receive
& services Packet
344
Non Repudiation
It ensures a entity in a dispute cannot falsely
deny its action.
Non repudiation service prevents the sender
from denying sending a message which
he sent earlier Alice
Cryptosystems
Encryption & decryption
Cryptography
Crypto analysis
Cryptology
346
Cryptosytems
z Crypto system or a cipher system is the method
of disguising messages so that only certain
people can see through the disguise
z The original message is called the plain text.
z The disguised message is called a cipher text.
z The message is disguised using ENCRYPTION
347
Cryptosytems
z The message is received on the receiver side by
means of DECRYPTION
z The people who are supposed to be able to see
through the disguise are called recipients .
z The people who are not supposed to be able to
see through the disguise are called enemies ,
opponents ,interlopers or third parties
348
ENCRYPTION
Encryption means any procedure to convert
plain text into cipher text .
Procedure is usually a whole collection of
algorithms. The algorithms are labeled ; the
labels are called keys. For instance Caesars use
shift by n Encryption .
Decryption
Decryption means any procedure to convert
cipher text into plaintext.
Cipher text is decrypted by applying the
procedure or algorithm . For instance if shift by n
is used then it will be decrypt in the same way
349
Example
the message ( plain text) is written in 8 columns and 4 rows
CIPHER TEXT
PLAIN TEXT
DO*E
O*B*
* I EA
DO*NOT*G N* * T
O* I * WI LL OWT2
* BE* THER T I H*
E * AT 2 *L E *
GLR *
350
Cryptography
Crypto analysis
352
Cryptology
353
Summary
Summarize this topic based on your learning
through the lecture:
______________________________________________
______________________________________________
______________________________________________
______________________________________________
______________________________________________
______________________________________________
354