Compute

Networks
Domain Name
System (DNS)
 Content
s
 Need for DNS

 Name Spaces
 FQDN and PQDN
 name-address
resolution
NEED FOR DNS
To identify an entity, TCP/IP protocols use the
IP address, which uniquely identifies the
connection of a host to the Internet. However,
people prefer to use names instead of
numeric addresses. Therefore, we need a
system that can map a name to an address
or an address to a name.
Purpose of DNS
U ser

1
Host
name
Host
name
2

5
IP address
6 Query
3
IP address
Response 4
Tr a n s p o r t l a ye r
NAME SPACE
To be unambiguous, the names assigned to machines
must be carefully selected from a name space with
complete control over the binding between the
names and IP addresses. In other words, the names
must be unique because the addresses are unique.
A name space that maps each address to a unique
name can be organized in two ways:
Flat OR Hierarchical.
Flat name spaces do not scale well because they can grow only so
large before all available names are used up. Once a name is used more
than once in a name space, the name space violates the unambiguously
resolvable requirement.
A hierarchical name space is divided into different
areas, which can be thought of as subname spaces. Each
area is its own subname space within the overall name
space. Therefore, each object must have a unique name
only within its subname space in order to have an
unambiguously resolvable name within the name space
hierarchy. Hierarchical name spaces, then, can scale to
extremely large networks — as you add more objects to
the overall
name space, you have to find unique
names for them within only the subname
space to which they belong.
 Domain name space
The Domain Name System is a hierarchical and distributed naming system for
computers, services, and other resources in the Internet or other Internet
Protocol networks. It associates various information with domain names
assigned to each of the associated entities.
Domain names and labels
 FQDN and PQDN

A fully-qualified domain name (FQDN) is a complete domain name that

uniquely identifies a node in the DNS name space by giving the full path of
labels from the root of the tree down to that node. It defines
the absolute location of a domain. In contrast, a partially-qualified domain
name (PQDN) only specifies a portion of a domain name. It is
a relative name that has meaning only within a particular context; the partial
name must be interpreted within that context to fully identify the node.
DNS IN THE INTERNET
DNS is a protocol that can be used in different
platforms. In the Internet, the domain name
space (tree) is divided into three different
sections: generic domains, country domains,
and the inverse domain
DNS used in the Internet
Generic domains

•It defines the registered hosts according to their generic behavior.

•Each node in a tree defines the domain name, which is an index to
the DNS database.
•It uses three-character labels, and these labels describe the
organization type.
Generic domains
 Country domains

The format of country domain is same as a generic domain, but it uses two-
character country abbreviations (e.g., us for the United States) in place of
three-character organizational abbreviations.
 Inverse domain
The inverse domain is used
for mapping an address to a
name. When the server has
received a request from the
client, and the server
contains the files of only
authorized clients. To
determine whether the client
is on the authorized list or
not, it sends a query to the
DNS server and ask for
mapping an address to the
name.

14
RESOLUTION
Mappinga name to an address or an address
to a name is called name-address resolution.

TCP/IP Protocol Suite 15

 Recursive resolution
Recursion in DNS (Domain Name
System) is the process of a DNS Server,
querying other DNS Server on behalf of 3
original DNS Client. 4
8 7

2 5
9
6

10
Iterative resolution 5

Iteration is the process of a DNS Client,

making repeated DNS (Domain Name
System) Queries to different
DNS Servers for name resolution.
6

3
4

1
2

7
8

10
Referenc
es
❑
❑
Behrouz Forouzan, “Data Communication and Networking”, McGraw Hill
Andrew Tanenbaum “Computer Networks”, Prentice Hall.
❑ William Stallings, “Data and Computer Communication”, Pearson.
❑ Kurose and Ross, “Computer Networking- ATop-Down Approach”, Pearson.
❑ Peterson and Davie, “Computer Networks: A Systems Approach”, Morgan Kaufmann
❑ W. A. Shay, “Understanding Communications and Networks”, Cengage Learning.
❑ D. Comer, “Computer Networks and Internets”, Pearson.
❑ Behrouz Forouzan, “TCP/IP Protocol Suite”, McGraw Hill.
Than
k
Compute
Networks
WWW and HTTP
 Content
s
 Architecture of WWW

 Web documents
 Hypertext Transfer
Protocol
 Persistent vs
Nonpersistent
ARCHITECTUR
E
The WWW today is a distributed client/server service,
in which a client using a browser can access a service
using a server. However, the service provided is
distributed over many locations called sites.

27.25
Architecture of
WWW

27.26
Browse
r

27.27
UR
L

http:// 80 by default
https://
ftp://

27.28
Cooki
es
•The WWW was originally designed as a stateless entity.
•Cookies are needed for extending functionalities of the Web,
such as:
•To remember past client in order to show a customized
webpage.

27.29
Cookies: Creation and
storage
•When a server receives a request from a client, it stores
information about the client in a file or a string.
•The server includes the cookie in the response that it sends
to the client.
•When the client receives the response, the browser stores
the cookie in the cookie directory.

27.30
WEB
DOCUMENTS
The documents in the WWW can be grouped into three
broad categories: static, dynamic, and active. The
category is based on the time at which the contents of
the document are determined.

27.31
Static
document

 Uses the Hypertext Markup Language (HTML)

27.32
Dynamic document
using CGI

27.33
 Dynamic document using server-
site script
Dynamic website content is made possible by using scripting
languages. A scripting language is a type of computer programming
that allows a developer to create a series of tasks that are completed
as a computer interprets the code. When dealing with website, there
are two fundamental types of scripting languages — server side and
client side.

27.34
Note
Dynamic documents are sometimes referred to as server-site dynamic documents.

27.35
 Active document using Java
Anapplet
applet is an embedded
application, like Flash or Java (not to
be confused with JavaScript). To
execute an applet, you most likely
need a browser plugin. Because the
applet is executed by the plugin and
your browser, it is active and not
dynamic

27.36
 Active document using client-
site script
An active web page is a page where
the browser performs the logic
instead of the server. So for example
when you've got a page where you're
showing share prices, then you want
it to update e.g. every 5 seconds. A
solution would be to use AJAX with
JavaScript. I

27.37
Note
Active documents are sometimes referred to as client-site dynamic documents.

27.38
HTT
P
The Hypertext Transfer Protocol (HTTP) is a
protocol used mainly to access data on the World Wide
Web.

27.39
HTTP
transaction

HTTP uses the services of TCP on well-known port 80.

27.40
Request and response messages (all in
Plain Text)

27.41
Note
HTTP version 1.1 specifies a persistent connection by default.

27.42
Persistent vs
Nonpersistent
Connection
• In a nonpersistent connection, one TCP connection is made for each
request/response.
• In a persistent connection, the server leaves the connection open
for more requests after sending a response.
• The server can close the connection at the request of a client or if a
time-out has been reached.

27.43
Referenc
es
❑
❑
Behrouz Forouzan, “Data Communication and Networking”, McGraw Hill
Andrew Tanenbaum “Computer Networks”, Prentice Hall.
❑ William Stallings, “Data and Computer Communication”, Pearson.
❑ Kurose and Ross, “Computer Networking- ATop-Down Approach”, Pearson.
❑ Peterson and Davie, “Computer Networks: A Systems Approach”, Morgan Kaufmann
❑ W. A. Shay, “Understanding Communications and Networks”, Cengage Learning.
❑ D. Comer, “Computer Networks and Internets”, Pearson.
❑ Behrouz Forouzan, “TCP/IP Protocol Suite”, McGraw Hill.
Than
k
Electronic Mail
 Contents
 Email
 Email Scenario
 SMTP
 POP3
 IMAP
 Electronic Mail (EMAIL)
One of the most popular Internet services is electronic mail (e-mail).
The general architecture of an e-mail system including the three main
components:
User agent (UA)
Message transfer agent (MTA)
Message access agent (MAA)
To explain the architecture of e-mail, four scenarios will be discussed from simple
to complex level.
Electronic Mail (EMAIL) Architecture: First Scenario

UA: User Agent UA: User Agent

Sender Receiver

System

 Two user agents are used while the sender and the receiver
of an e-mail are on the same system.
 Electronic Mail (EMAIL) Architecture Second Scenario

UA: User Agent UA: User Agent

Sender Receiver

MTA Internet
MTA
Client Server
System’ System’
(mail Server) (mail Server)
 When the sender and the receiver of an e-mail are on
different systems, we need two UAs and a pair of
(Message transfer agent )MTAs (client and server).
Electronic Mail (EMAIL) Architecture Third Scenario

MTA
UA Sender Client
MTA
Server UA: User Agent
Receiver
LAN
or
WAN

MTA Internet
MTA
Client Server
 The sender is
connected to the System
mail server via a
System
LAN or a WAN. (mail Server) (mail Server)
Electronic Mail (EMAIL) Architecture Fourth Scenario
Receiver
MAA UA
UA: User Agent MTA Client
Client
Sender MAA
MTA
Server Server

LAN
or LAN
WAN or
WAN

MTA Internet MTA

 The sender and receiver Client Server
both are connected to the
mail server via a LAN or a
System’ System’
WAN.
(mail Server) (mail Server)
Push versus pull in electronic email
Services of user agent
 It provides service to the user to make the process of sending
and receiving a message easier.
 Electronic Mail (EMAIL) Addresses
To deliver mail, a mail handling system must use an addressing
system with unique addresses.
In the Internet, the address consists of two parts: a local part and a
domain name, separated by an @ sign
Electronic Mail (EMAIL) Addresses
Local Part: Defines the name of a special file, called the user mailbox, where all the mail
received for a user is stored for retrieval by the message access agent.
Domain Name: The second part of the address is the domain name. An organization usually
selects one or more hosts to receive and send e-mail; the hosts are sometimes called mail
servers or exchangers. The domain name assigned to each mail exchanger either comes from the
DNS database or is a logical name (for example, the name of the organization).
EMAIL Message Transfer Agent: SMTP
The actual mail transfer is done through message transfer agents.
To send mail, a system must have the client MTA, and to receive mail, a
system must have a server MTA.
The formal protocol that defines the MTA client and server in the Internet
is called the Simple Mail Transfer Protocol (SMTP).
SMTP is used two times, between the sender and the sender’s mail
server and between the two mail servers.
Mechanism of mail transfer by SMTP

Commands and Responses

SMTP uses commands and responses to transfer messages
between an MTA client and an MTA server
Commands- Commands are sent from the client to the server.
The format of a command is shown in Figure
SMTP defines 14 commands.
The first five are mandatory; every
implementation must support these five
commands. The next three are often
used and highly recommended. The last
six are seldom used.
 Mechanism of mail transfer by SMTP

Responses
Responses are sent from the server to the client. A response is a three
digit code that may be followed by additional textual information
Mail Transfer Phases
The process of transferring a mail message occurs in three phases:
connection establishment, mail transfer, and connection termination.
Message Access Agent: POP and IMAP

The first and the second stages of mail delivery use SMTP.
However, SMTP is not involved in the third stage because SMTP
is a push protocol; it pushes the message from the client to the
server. In other words, the direction of the bulk data (messages) is
from the client to the server.
On the other hand, the third stage needs a pull protocol; the
client must pull messages from the server. The direction of the
bulk data is from the server to the client.
The third stage uses a message access agent.
Currently two message access protocols are available: Post
Office Protocol, version 3 (POP3) and Internet Mail Access
Protocol, version 4 (IMAP4).
 POP3
Post Office Protocol, version 3 (POP3) is simple and limited in
functionality.
The client POP3 software is installed on the recipient computer;
the server POP3 software is installed on the mail server.
Mail access starts with the client when the user needs to download
e-mail from the mailbox on the mail server.
The client opens a connection to the server on TCP port 110.
It then sends its user name and password to access the mailbox.
The user can then list and retrieve the mail messages, one by one.
POP3 has two modes: the delete mode and the keep mode
POP3
In the delete mode, the mail is deleted from the mailbox after each
retrieval.
In the keep mode, the mail remains in the mailbox after retrieval.
The delete mode is normally used when the user is working at her
permanent computer and can save and organize the received
mail after reading or replying.
The keep mode is normally used when the user accesses her mail
away from her primary computer (e.g., a laptop).
The mail is read but kept in the system for later retrieval and
organizing.
 IMAP4

Another mail access protocol is Internet Mail Access Protocol,

version 4 (IMAP4).
IMAP4 is similar to POP3, but it has more features; IMAP4 is
more powerful and more complex.
POP3 is deficient in several ways. It does not allow the user to
organize her mail on the server; the user cannot have different
folders on the server. (Of course, the user can create folders on
her own computer.)
In addition, POP3 does not allow the user to partially check the
contents of the mail before downloading.
 IMAP4

IMAP4 provides the following extra functions:

❏ A user can check the e-mail header prior to downloading.
❏ A user can search the contents of the e-mail for a specific string of
characters prior to downloading.
❏ A user can partially download e-mail. This is especially useful if
bandwidth is limited and the e-mail contains multimedia with high
bandwidth requirements.
❏ A user can create, delete, or rename mailboxes on the mail server.
❏ A user can create a hierarchy of mailboxes in a folder for e-mail
storage.
References
Behrouz A Forouzan, “Data Communication and Networking”
 TelNet and File
Transfer Protocol
 Contents
 Telnet
 File Transfer Protocol
 TELNET
 TELNET is an abbreviation for TErminaL NETwork. It is the standard TCP/IP protocol for virtual
terminal service as proposed by the International Organization for Standards (ISO).
 TELNET enables the establishment of a connection to a remote system in such a way that the
local terminal appears to be a terminal at the remote system.
 TELNET was designed at a time when most operating systems, such as UNIX, were operating in
a timesharing environment.
 To access the system, the user logs into the system with a user id or log-in name.
 TELNET
 When a user logs into a local timesharing system, it is called local log-in.
 As a user types at a terminal or at a workstation running a terminal emulator, the keystrokes
are accepted by the terminal driver.
 The terminal driver passes the characters to the operating system. The operating system, in
turn, interprets the combination of characters and invokes the desired application program
or utility.
 TELNET
 When a user wants to access an application program or utility located on a remote machine, she
performs remote log-in.
 The user sends the keystrokes to the terminal driver, where the local operating system accepts the
characters but does not interpret them.
 The characters are sent to the TELNET client, which transforms the characters to a universal
character set called network virtual terminal (NVT) characters and delivers them to the local TCP/IP
protocol stack.
 TELNET
 At remote machine, the characters are delivered to the operating system and passed to the TELNET
server, which changes the characters to the corresponding characters understandable by the
remote computer. However, the characters cannot be passed directly to the operating system
 The Telnet server receive characters from a software called a pseudoterminal driver which pretends
that the characters are coming from a terminal. The operating system then passes the characters to
the appropriate application program.
 TELNET
•NVT uses two sets of characters, one for data and the other for control. Both are 8-bit bytes.
•For data, NVT is an 8-bit character set in which the 7 lowest-order bits are the same as ASCII and the
highest-order bit is 0.
•To send control characters between computers (from client to server or vice versa), NVT uses an 8-
bit character set in which the highest-order bit is set to 1.
•TELNET uses only one TCP connection. The server uses the well-known port 23, and the client uses an
ephemeral port. The same connection is used for sending both data and control characters.
TELNET
 FILE TRANSFER Protocol

Transferring files from one computer to another is one of the most

common tasks expected from a networking or internetworking
environment.
As a matter of fact, the greatest volume of data exchange in the
Internet today is due to file transfer.
File Transfer Protocol (FTP) is the standard mechanism
provided by TCP/IP for copying a file from one host to another.
Although transferring files from one system to another seems
simple and straightforward, some problems must be dealt with
first.
 FILE TRANSFER Protocol
For example, two systems may use different file name
conventions. Two systems may have different ways to represent
text and data.
Two systems may have different directory structures. All these
problems have been solved by FTP in a very simple and elegant
approach.
FTP differs from other client/server applications in that it
establishes two connections between the hosts.
One connection is used for data transfer, the other for control
information (commands and responses).
Separation of commands and data transfer makes FTP more
efficient.
 FILE TRANSFER Protocol

FTP uses two well-known TCP ports: Port 21 is used for the
control connection, and port 20 is used for the data connection.
Figure shows the basic model of FTP.
The client has three components: user interface, client control
process, and the client data transfer process
The server has two components: the server control process and
the server data transfer process.
The control connection is made between the control processes.
The data connection is made between the data transfer processes.
FTP Process
 FTP
The control connection remains connected during the entire
interactive FTP session.
The data connection is opened and then closed for each file
transferred.
It opens each time commands that involve transferring files are used,
and it closes when the file is transferred.
In other words, when a user starts an FTP session, the control
connection opens.
While the control connection is open, the data connection can be
opened and closed multiple times if several files are transferred.
 FTP: Communication over Control Connection
FTP uses the same approach as SMTP to communicate across the control
connection.
It uses the 7-bit ASCII character set. Communication is achieved through
commands and responses. This simple method is adequate for the control
connection because we send one command (or response) at a time.
 FTP: Communication over Data Connection
File transfer occurs over the data connection under the control of the
commands sent over the control connection.
File transfer in FTP means one of three things:
1. A file is to be copied from the server to the client. This is called retrieving
a file. It is done under the supervision of the RETR command.
2. A file is to be copied from the client to the server. This is called storing a
file. It is done under the supervision of the STOR command.
3. A list of directory or file names is to be sent from the server to the
client. This is done under the supervision of the LIST command. Note
that FTP treats a list of directory or file names as a file. It is sent over the
data connection.
 FTP: Communication over Data Connection
The client must define the type of file to be transferred, the structure of
the data, and the transmission mode.
Before sending the file through the data connection, we prepare for
transmission through the control connection.
The heterogeneity problem is resolved by defining three attributes of
communication: file type, data structure, and transmission mode.
 FTP: Communication over Data Connection
File Type FTP can transfer one of the following file types across the data
connection: an ASCII file, EBCDIC file, or image file. Data Structure FTP can
transfer a file across the data connection by using one of the following
interpretations about the structure of the data: file structure, record
structure, and page structure.
Transmission Mode: FTP can transfer a file across the data connection by
using one of the following three transmission modes:
1. The stream mode is the default mode. Data are delivered from FTP to
TCP as a continuous stream of bytes. TCP is responsible for chopping data
into segments of appropriate size. If the data are simply a stream of bytes
(file structure), no end-of-file is needed. End-of-file in this case is the
closing of the data connection by the sender. If the data are divided into
records (record structure), each record will have a 1-byte end of- record
(EOR) character and the end of the file will have a 1-byte end-of-file (EOF)
character.
 FTP: Communication over Data Connection
2. In block mode, data can be delivered from FTP to TCP in blocks. In
this case, each block is preceded by a 3-byte header. The first byte
is called the block descriptor; the next 2 bytes define the size of the
block in bytes.
3. In the compressed mode, if the file is big, the data can be
compressed. The compression method normally used is run-
length encoding. In this method, consecutive appearances of a
data unit are replaced by one occurrence and the number of
repetitions. In a text file, this is usually spaces (blanks). In a binary
file, null characters are usually compressed.
References
Behrouz A Forouzan, “Data Communication and Networking”
 Chapter 28
Network Management:
SNMP

28.90
 Network management
 Monitoring
 Testing
 Configuring
 Troubleshooting, of network
components.

28.91
 28-1 NETWORK MANAGEMENT SYSTEM

We can say that the functions performed by a network

management system can be divided into five broad
categories: configuration management, fault
management, performance management, security
management, and accounting management.
Topics discussed in this section:
Configuration Management
Fault Management
Performance Management
Security Management
Accounting Management

28.92
 Figure 28.1 Functions of a network management system

detecting,
isolating,
correcting,
recording
faults

28.93
 28-2 SIMPLE NETWORK MANAGEMENT
PROTOCOL (SNMP)

The Simple Network Management Protocol (SNMP) is a

framework for managing devices in an internet using the
TCP/IP protocol suite. It provides a set of fundamental
operations for monitoring and maintaining an internet.

Topics discussed in this section:

Concept
Management Components
Structure of Management Information (SMI)
Management Information Base (MIB)
SNMP

28.94
 Figure 28.2 SNMP concept

28.95
 Figure 28.3 Components of network management on the Internet

28.96
 Note
SNMP defines the format of packets exchanged
between a manager and
an agent. It reads and changes the status (values)
of objects (variables)
in SNMP packets.

28.97
 Note
SMI defines the general rules for naming objects,
defining object types (including
range and length), and showing how to encode
objects and values. SMI does not define the
number of objects an entity should manage or
name the objects to be managed or define the
association between the objects and their values.

28.98
 Note

MIB creates a collection of named objects, their

types, and their relationships to each other
in an entity to be managed.

28.99
 Note

We can compare the task of network

management to the task of writing a program.

❏ Both tasks need rules. In network

management this is handled by SMI.
❏ Both tasks need variable declarations. In
network management this is handled by
MIB.
❏ Both tasks have actions performed by
statements. In network management this is
handled by SNMP.
28.100
 Figure 28.4 Management overview

28.101
 SMI
Structure of
Management
Information

28.102
 Figure 28.5 Object attributes of SMI

28.103
 Figure 28.6 Object identifier: Name

28.104
 Note
All objects managed by SNMP are given an object
identifier.

The object identifier always starts with 1.3.6.1.2.1.

28.105
 Figure 28.7 Data type of SMI

28.106
 Table 28.1 Simple Data types

28.107
 Figure 28.8 Conceptual data types
SMI defines two structured data types: sequence and
sequence of Sequence

28.108
 Figure 28.9 Encoding format in SMI

universal (00),
simple (0)
applicationwide
or
(01),
structured
context-specific
(1)
(10), private (11)

28.109
 Table 28.2 Codes for data types

28.110
 Figure 28.10 Length format

28.111
 Example 28.1

Figure 28.11 shows how to define INTEGER 14.

Figure 28.11 Example 28.1, INTEGER 14

28.112
 Example 28.2

Figure 28.12 shows how to define the OCTET STRING

“HI”.

Figure 28.12 Example 28.2, OCTET STRING “HI”

28.113
 Example 28.3

Figure 28.13 shows how to define ObjectIdentifier

1.3.6.1 (iso.org.dod.internet).

Figure 28.13 Example 28.3, ObjectIdentifier 1.3.6.1

28.114
 Example 28.4

Figure 28.14 shows how to define IPAddress 131.21.14.8..

Figure 28.14 Example 28.4, IPAddress 131.21.14.8.

28.115
 Management Information
Base(MIB)

28.116
 Figure 28.15 mib-2

28.117
 sys This object (system) defines general information about
the node (system),
such as the name, location, and lifetime.
 if This object (interface) defines information about all the
interfaces of the node including interface number, physical
address, and IP address.
 at This object (address translation) defines the information
about the ARP table.
 ip This object defines information related to IP, such as the
routing table and then IP address.
 icmp This object defines information related to ICMP, such
as the number of packets sent and received, and total
errors created.
 tcp This object defines general information related to TCP,
such as the connection table, time-out value, number of
ports, and number of packets sent and received.
 udp This object defines general information related to UDP,
such as the number of ports and number of packets sent
and received.
 snmp This object defines general information related to
 SNMP
SNMP uses both SMI and MIB in Internet
network management. It is an application
program that allows
1. A manager to retrieve the value of an
object defined in an agent
2. A manager to store a value in an object
defined in an agent
3. An agent to send an alarm message
about an abnormal situation to the
manager
28.119
 Figure 28.20 SNMP PDUs

28.120
• Get Request—A request to retrieve the value of a
variable or list of variables.
• Set Request—Sent by the SNMP manager to the
agent to issue configurations or commands.
• GetNext Request—Sent by the SNMP manager to
agent to find the values of the next record in the
MIB's hierarchy.
• GetBulk Request—Sent by the SNMP manager to
the agent to obtain large tables of data by
performing multiple GetNext Request commands.
• SNMP Response—Sent by the agent to the SNMP
manager, issued in reply to a request.
• SNMP Trap—Asynchronous trap messages from
SNMP agents alert an SNMP manager that a
significant event such as an error or failure, has
occurred.
• SNMP Inform—Confirms receipt of a trap.
 Figure 28.21 SNMP PDU format

28.122
 Table 28.4 Codes for SNMP messages

28.123
 Table 28.3 Types of errors

28.124
 Thank You

28.125
 Figure 28.22 SNMP message

28.126
 Figure 28.25 Port numbers for SNMP

28.127
Computer
Networks
Data Compression
 Content
s
 Why Data Compression?

 Data Compression Methods

 Lossless Compression
Methods
 Lossy Compression
Methods
Why Data
Compression?
• Make optimal use of limited storage space
• Save time and help to optimize resources
 If compression and decompression are done in I/O
processor, less time is required to move data to or from
storage subsystem, freeing I/O bus for other work
 In sending data over communication line: less time to
transmit and less storage to host
OR
 Reduce the memory required for storage
 Improve the data access rate from storage device and
 Reduce the bandwidth and/or the time required for
transfer across communication channels.
Data Compression
Methods
•Data compression is about storing and sending a smaller
number of bits.
•There’re two major categories for methods to
compress data: lossless and lossy methods
Lossless Compression
Methods
• In lossless methods, original data and the data
after
compression and decompression are exactly the same.

• Redundant data is removed in compression and added

during decompression.

• Lossless methods are used when we can’t afford to lose

any data: legal and medical documents, computer
programs.
Run-length
encoding
•Simplest method of compression.
•How: replace consecutive repeating occurrences of a
symbol by 1 occurrence of the symbol itself, then
followed by the number of occurrences.
Huffman
⚫ Assign fewer bits to symbols that occur more frequently and
Coding ⚫ There’s
more bits to symbols appear less often.
no unique Huffman code and every Huffman code
has the
same average code length.
⚫ 1.Algorithm:
Make a leaf node for each code symbol
Add the generation probability of each symbol to the leaf node
2. Take the two leaf nodes with the smallest probability and connect
them into a new node
Add 1 or 0 to each of the two branches
The probability of the new node is the sum of the probabilities of
the two connecting nodes
3. If there is only one node left, the code construction is completed. If
not,
go back to (2)
Lossy Compression
Methods
•Used for compressing images and video
files (our eyes cannot distinguish subtle
changes, so lossy data is acceptable).
•These methods are cheaper, less time
and space.
•Several methods:
 JPEG: compress pictures and graphics
 MPEG: compress video
 MP3: compress audio
JPEG
Encoding
• Used to compress pictures and graphics.
• In JPEG, a grayscale picture is divided into 8x8 pixel blocks to decrease
the number of calculations.
• Basic idea:
 Change the picture into a linear (vector) sets of numbers that
reveals the redundancies.
 The redundancies is then removed by one of lossless
compression
methods.
Quantization &
Quantization
Compression
 After T table is created, the values are quantized to reduce
the number of bits needed for encoding.
 Quantization divides the number of bits by a constant,
then
drops the fraction. This is done to optimize the number of bits
and the number of 0s for each particular application.

Compression
 Quantized values are read from the table and redundant 0s
are removed.
 To cluster the 0s together, the table is read diagonally in an
zigzag fashion. The reason is if the table doesn’t have fine
changes, the bottom right corner of the table is all 0s.
 JPEG usually uses lossless run-length encoding at the
compression phase.
 MPEG
•Encoding
Spatial Compression
 Each frame is spatially compressed by JPEG.
•Temporal Compression
 Redundant frames are removed.
 For example, in a static scene in which someone is talking, most
frames are the same except for the segment around the speaker’s
lips, which changes from one frame to the next.
Referenc
es
❑
❑
Behrouz Forouzan, “Data Communication and Networking”, McGraw Hill
Andrew Tanenbaum “Computer Networks”, Prentice Hall.
❑ William Stallings, “Data and Computer Communication”, Pearson.
❑ Kurose and Ross, “Computer Networking- ATop-Down Approach”, Pearson.
❑ Peterson and Davie, “Computer Networks: A Systems Approach”, Morgan Kaufmann
❑ W. A. Shay, “Understanding Communications and Networks”, Cengage Learning.
❑ D. Comer, “Computer Networks and Internets”, Pearson.
❑ Behrouz Forouzan, “TCP/IP Protocol Suite”, McGraw Hill.
Thank
You
Compute
Networks
Cryptography
 Content
s
 What is cryptography

 Categories of
cryptography
 Keys used in
cryptography
 Traditional ciphers
 What is Cryptography ?

Cryptography is a method of protecting information

and communications through the use of codes, so that
only those for whom the information is intended can
read and process it.
The prefix "crypt-" means "hidden" or "vault" -- and the
suffix "-graphy" stands for "writing."

30.3
Cryptography components

30.
144
Categories of cryptography

30.
145
Symmetric-key cryptography

30.
146
Note
In symmetric-key cryptography, the same key is used by the sender
(for encryption)
and the receiver (for decryption).
The key is shared.

30.
147
Asymmetric-key cryptography

30.
148
Comparison between two categories of cryptography

30.
149
Keys used in cryptography

30.
150
SYMMETRIC-KEY CRYPTOGRAPHY

Symmetric-key cryptography started thousands of years

ago when people needed to exchange secrets (for
example, in a war). We still mainly use symmetric-key
cryptography in our network security.

30.
151
Traditional ciphers

30.
152
Note

A substitution cipher replaces one symbol with another.

30.
153
Note
The shift cipher is sometimes referred to as the Caesar cipher.

30.
154
Note

A transposition cipher reorders (permutes) symbols in a block of symbols.

30.
155
Transposition cipher

30.
156
Information Security
We need information to share/express our ideas
Some Information are valuable. Hence we need Protection
One of Protection method is “Data Encryption“
Encryption : Transform usable information into a form
that renders it unusable by anyone other than an authorized
user Decryption : Information that has been encrypted
(rendered
unusable) can be transformed back into its original usable
form by an authorized user, who possesses the cryptographic
key
157
Cryptographic key : Specifies the particular transformation
of plaintext into ciphertext, or vice versa
Information Security
Contd.
Encryption
Key

Algorithm

Decryption
Cipher Text
158
Plain Text
Public Key Cryptoystems
Encryption procedure - E
Decryption procedure -
D Message - M
Cipher text - C
Parameters of E kept public
Parameters of D kept private
159

Examples
Public Key Cryptosystems
Contd.Deciphering the enciphered form of a message M yields M.
D(E(M)) = M
Both E and D are easy to compute
By publicly revealing E, the user does not reveal an easy
way to compute D (One-Way Functions)
If a message M is first deciphered and then enciphered, M is
the result
E(D(M)) = M
RSA
160 is an algorithm for public-key cryptography
Basic Concepts of RSA
RSA do – Encryption/Decryption/Key Generation

Two types of Keys

Private key (to be kept confidential)

Public key (known to everyone)

Has the property of D(E(M)) = M

The Inverse is also TRUE

161
(digital signatures)
E(D(M)) = M
Typical Encryption
Scenario

162
Digital Signatures
Proof for verifying the sender (Authentication)
Proof that message is not modified by someone
other than the sender (Integrity)
Preserve non-repudiation (Sender cannot
deny sending it)
Signature needs to be,
– Message-dependant
– Signer-dependant
163
Digital Signatures Contd.
• How to do it in RSA
– Alice sends a signed message to Bob
• Why we need to HASH the message ?
– Example :
• I have uploaded the “presentation-slides.pdf”
on Moodle
• Verify your SHA512sum Digest Code with Original
164
value posted at MyLinkedInProfile/Projects
Digital Signatures
Contd.
Sometimes you don't particularly mind letting the whole world read a
message (or would rather they did) yet want to provide a
mechanism to prove that you wrote the message. Signing does just
this.

RSA is slow, but most encryption software using RSA actually

encrypts documents with a symmetric cipher like TDEA or AES, and
encrypts the key used (sometimes called a "session" key) with
RSA, so the slowdown from encrypting the entire document is not
that great.
165

If you want to hide the contents of the message, then you take the
message and the signature, zip them together and encrypt the
whole thing with the public key of the receiver before you
send.
Encryption Flow

166
RSA Algorithm
Notations
– n is known as the modulus
– p & q two large random primes
– e is known as the public exponent
or encryption exponent
– d is known as the secret exponent
or decryption exponent
167 Mathematics Related to RSA – Eular’s,Fermat’s
and Chinese Remainder Theorems
RSA Algorithm
Contd.
1. Choose two random large prime numbers, p and q
2. Compute the product n = p x q
3. Randomly choose the encryption key, e, such that e
and (p - 1)(q - 1) are relatively prime
4. Use the extended Euclidean algorithm to compute
the
decryption key, d, such that
e*d ≡ 1 mod (p - 1)(q - 1)
168
ie
d = e-1 mod ((p - 1)(q - 1))
* d and n are also relatively
prime
RSA Algorithm Contd.
Keys
– e and n are the public key

–d is the private key

Important :
The two primes, p and q, are no longer needed
169
They should be discarded, but never revealed
RSA Algorithm Contd.
Encryption
1. Divide message into numerical blocks smaller than
n (with binary data, choose the largest power of 2
less than n)
2. For each block
• c = me mod n
Decryption
170 3. For each cipher text block
 m = cd mod n
RSA Algorithm Contd.
RSA Example
1. Select primes: p=17 & q=11
2. Compute n = pq =17×11=187 ; n=187
3. Compute ø(n)=(p–1)(q-1)=16×10=160
4. Select e ; gcd(e,160)=1; choose e=7
5. Determine d: d*e=1 mod 160 and d < 160
Hence, Value is d=23 since 23×7=161= 10×160+1
6. Publish public key Kpub={7,187} (e,n)
171
7. Keep secret private key Kpvt={23,17,11} (p,q,d)
RSA Algorithm
Contd.
message „ M ‟ = 88 (88<187)
Encryption: [c = me mod n]
• C = 887 mod 187 = 11
C = 11
Decryption: [m = cd mod n]
• M = 1123 mod 187 = 88
M = 88
172
Referenc
es
❑
❑
Behrouz Forouzan, “Data Communication and Networking”, McGraw Hill
Andrew Tanenbaum “Computer Networks”, Prentice Hall.
❑ William Stallings, “Data and Computer Communication”, Pearson.
❑ Kurose and Ross, “Computer Networking- ATop-Down Approach”, Pearson.
❑ Peterson and Davie, “Computer Networks: A Systems Approach”, Morgan Kaufmann
❑ W. A. Shay, “Understanding Communications and Networks”, Cengage Learning.
❑ D. Comer, “Computer Networks and Internets”, Pearson.
❑ Behrouz Forouzan, “TCP/IP Protocol Suite”, McGraw Hill.
Than
k