Section A

Q1. a) In networking, the Point-to-Point Protocol (PPP) is a data link protocol commonly used in establishing a direct connection between two networking nodes. It can provide connection authentication, transmission encryption and compression. PPP is used over many types of physical networks including serial cable, phone line, trunk line, cellular telephone, specialized radio links, and fiber optic links such as SONET. PPP is also used over Internet access connections (broadband). b) The Internet Model has the following layers: a. Physical Layer, b. Data Link Layer, c. Network Layer, d. Transport Layer, e. Application Layer. c) In computer networks, bandwidth is often used as a synonym for data transfer rate the amount of data that can be carried from one point to another in a given time period. This kind of bandwidth is usually expressed in bits per second (bps). For analog devices, the bandwidth is expressed in cycles per second, or Hertz (Hz). d) 802.11 and 802.11x refers to a family of specifications developed by the IEEE for wireless LAN (WLAN) technology. 802.11 specifies an over-the-air interface between a wireless client and a base station or between two wireless clients. IEEE 802.11 is a set of media access control (MAC) and physical layer (PHY) specifications for implementing wireless local area network (WLAN) computer communication. e) Unicast transmission is the sending of messages to a single network destination identified by a unique address. The term unicast is contrasted with the term broadcast which means transmitting the same data to all possible destinations. Another multi-destination distribution method, multicasting, sends data only to interested destinations by using special address assignments. Congestion occurs when a link or node is carrying so much data that its quality of service deteriorates. Typical effects include delay, packet loss or the blocking of new connections. A consequence of these results in reduction of network throughput. f) A Media Access Control address (MAC address) is a unique identifier assigned to a network interface card (NIC) by its manufacturer. The network interface card is used to connect to the Ethernet network. Each NIC has its own unique MAC address. The MAC addresses are assigned permanently to adapters and cannot be changed as they are a unique identification of the hardware interface of network. The IP address is a 32 bit number that is assigned to each device, such as a computer, a printer, etc. It describes where on the Internet your computer is located. An IP address is required by any device that participates in a computer network that uses the Internet Protocol for communication. It is a logical address and can be changed as per requirement

g) An Ethernet hub is a device for connecting multiple Ethernet devices together and making them act as a single network segment. It has multiple input/output (I/O) ports, in which a signal introduced at the input of any port appears at the output of every port except the original incoming. A hub works at the physical layer (layer 1) of the OSI model. The device is a form of multiport repeater. h) An Internet Protocol address (IP address) is an identifier for a computer or device on a TCP/IP network that uses the Internet Protocol for communication. The format of an IP address is a 32-bit numeric address written as four numbers separated by periods. Each number can be zero to 255. For example, 1.160.10.240 could be an IP address. An IP address can be static or dynamic. A static IP address will never change and it is a permanent Internet address. A dynamic IP address is a temporary address that is assigned each time a computer or device accesses the Internet. i) Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, information systems. Its use for retrieving inter-linked resources led to the establishment of the World Wide Web. HTTP is used to transfer files from a Web server into a browser window to view a Web page that is on the Internet. With HTTP, files are transported only from the server onto the workstation's browser. The files are transferred but not downloaded, therefore not copied into the memory of the workstation.

j) Hamming code is a set of error-correction codes that can be used to detect and correct bit errors that can occur when computer data is moved or stored. Hamming code makes use of the concept of parity and parity bits, which are bits that are added to data so that the validity of the data can be checked when it is read or after it has been received in a data transmission. Using more than one parity bit, an errorcorrection code can not only identify a single bit error in the data unit, but also its location in the data unit. SMTP stands for Simple Mail Transfer Protocol. It's a set of communication guidelines that allow software to transmit email over the Internet. Most email software is designed to use SMTP for communication purposes when sending email, and It only works for outgoing messages. There are two other protocols - POP3 and IMAP - that are used for retrieving and storing email. Q2. SECTION B

a) A network topology is an arrangement of a network, including its nodes and connecting lines. There are two ways of defining network geometry: the physical topology and the logical topology. The physical topology of a network is the actual geometric layout of workstations. There are several common physical topologies, as described below and as shown in the figure.

In the bus network topology, every workstation is connected to a main cable called the bus. Therefore, in effect, each workstation is directly connected to every other workstation in the network. In the star network topology, there is a central computer or server to which all the workstations are directly connected. Every workstation is indirectly connected to every other through the central computer. In the ring network topology, the workstations are connected in a closed loop configuration. Adjacent pairs of workstations are directly connected. Other pairs of workstations are indirectly connected, the data passing through one or more intermediate nodes. The mesh network topology employs either of two schemes, called full mesh and partial mesh. In the full mesh topology, each workstation is connected directly to each of the others. In the partial mesh topology, some workstations are connected to all the others, and some are connected only to those other nodes with which they exchange the most data. The tree network topology uses two or more star networks connected together. The central computers of the star networks are connected to a main bus. Thus, a tree network is a bus network of star networks. LAN: It is a computer network covering a small geographic area, like a home, office, or group of buildings e.g. a school. The defining characteristics of LANs, in contrast to Wide Area Networks (WANs), include their much higher data transfer rates, smaller geographic range, and lack of a need for leased telecommunication lines. MAN: A MAN is optimized for a larger geographical area than is a LAN, ranging from several blocks of buildings to entire cities. MANs can also depend on communications channels of moderate-to-high data rates. Metropolitan area networks can span up to 50km, devices used are modem and wire / cable. WAN: It is a computer network that covers a broad area i.e., any network whose communications links cross metropolitan, regional, or national boundaries. It is a network that uses routers and public communications links. The largest and most well-known example of a WAN is the Internet. b) I) Channel Characteristics: Twisted-pair: Twisted-pair can be used for both analog and digital communication. The data rate that can be supported over a twisted-pair is inversely proportional to the square of the line length. Maximum transmission distance of 1 Km can be achieved for data rates up to 1 Mb/s. For analog voice signals, amplifiers are required about every 6 Km and for digital signals, repeaters are needed for about 2 Km. To reduce interference, the twisted pair can be shielded with metallic braid. This type of wire is known as Shielded Twisted-Pair (STP) and the other form is known as Unshielded Twisted-Pair (UTP).
Co-axial cable: Co-axial cable has superior frequency characteristics compared to twisted-pair and can be used for both analog and digital signaling. In baseband LAN, the data rates lies in the range of 1 KHz to 20 MHz over a distance in the range of 1 Km. Coaxial cables typically have a diameter of 3/8 ". Coaxial cables are used both for baseband and broadband communication. For broadband CATV application coaxial cable of 1/2" diameter and 75 impedance is used. This cable offers bandwidths of 300 to 400 MHz facilitating high-speed data communication with low bit-error rate. In broadband signaling, signal propagates only in one direction, in contrast to propagation in both directions in baseband signaling. Broadband cabling uses either dual-cable scheme or

single-cable scheme with a headend to facilitate flow of signal in one direction. Because of the shielded, concentric construction, co-axial cable is less susceptible to interference and cross talk than the twisted-pair. For long distance communication, repeaters are needed for every kilometer or so. Data rate depends on physical properties of cable, but 10 Mbps is typical. Optical fiber: Optical fiber acts as a dielectric waveguide that operates at optical frequencies (1014 to 1015 Hz). Three frequency bands centered around 850, 1300 and 1500 nanometers are used for best results. When light is applied at one end of the optical fiber core, it reaches the other end by means of total internal reflection because of the choice of refractive index of core and cladding material. The light source can be either light emitting diode (LED) or injection laser diode (ILD). These semiconductor devices emit a beam of light when a voltage is applied across the device. At the receiving end, a photodiode can be used to detect the signal-encoded light. Either PIN detector or APD (Avalanche photodiode) detector can be used as the light detector. In a multi-mode fiber, the quality of signal-encoded light deteriorates more rapidly than single-mode fiber, because of interference of many light rays. As a consequence, single-mode fiber allows longer distances without repeater. For multi-mode fiber, the typical maximum length of the cable without a repeater is 2km, whereas for single-mode fiber it is 20km.

ii)

IEEE LAN standards refer to a family of IEEE standards dealing with local area networks and metropolitan area networks. IEEE standard 802.3 specifies the following characteristics of Ethernet. The medium is baseband co-axial cable. Bandwidth is 10Mbps, hence bit duration is 0.1 microsec Normal transmission, though, is only for 1ms (10000bits) after a gap of 500 ms, so actual transmission rate is only 20kbps. At a time only one user is transmitting successfully. If there are N users then the actual transmission rate is only 10/N Mbps. Manchester coding is used for quickly retrieving clock component at the receiver. Cable segment length is 500m. 2 cable segments can be joined by a repeater, and no more than 2 repeaters are allowed between any two users. So it may seem that effective maximum distance is 1500m only. IEEE 802.3 FRAME

The preamble is 7 octets or 56 bit long. Synchronization should be done within the preamble duration of 5.6 s. The destination and source address are not the individual user address, rather the Ethernet Card address at the computer. COLLISION The moment a collision occurs it is bound to continue for some time. As soon as the medium is free, after the collision, a large number of users will want to transmit simultaneously, and so collision occurs again. It is of no use if the user continues transmission of the complete frame even after it has faced collision. It only increases the wasted time. So it is better to listen also during transmission. As soon as the user

detects the collision it aborts the transmission and waits a random time. So while transmitting any station should be aware to Detect collision Stop transmission Make everybody aware about the collision (notification by sending a 5 MHz sinusoid, whoever detects the collision first issues the collision notification signal) The transceivers in the user machines, being aware of the collision, introduces a random delay in the machine, so that the probability of jamming is somewhat reduced. It is called back-off. In CSMA/CD exponential back-off technique is used. For detecting collision during transmission, the minimum frame length in time should be at least twice the maximum propagation delay. So for small frames Pad bits are used to extend it to a certain minimum length. In case CSMA/CD at 10Mbps, the minimum frame length is 512bits, i.e. 51.2 s. IEEE 802.3 PHYSICAL MEDIUM COMPARISON Maximum Nodes Per Name Cable Segment Length Segment 10Base5 Thick Coax 500m 100 10Base2 Thin Coax 200m 30 10BaseT Twisted pair 100m 1024 10BaseF Optical fiber 2000m 1024 c) I)

Advantages Good for backbones Cheapest system Easy maintenance Best between buildings

TCP/IP PROTOCOL SUITE Communications between computers on a network is done through protocol suits. The most widely used and most widely available protocol suite is TCP/IP protocol suite. A protocol suit consists of a layered architecture where each layer depicts some functionality which can be carried out by a protocol. Each layer usually has more than one protocol options to carry out the responsibility that the layer adheres to. TCP/IP is normally considered to be a 4 layer system apart from the Physical Layer. The 4 layers are as follows: 1. Application layer 2. Transport layer 3. Network layer 4. Data link layer Application layer This is the top layer of TCP/IP protocol suite. This layer includes applications or processes that use transport layer protocols to deliver the data to destination computers. At each layer there are certain protocol options to carry out the task designated to that particular layer. So, application layer also has various protocols that applications use to communicate with the second layer, the transport layer. Some of the popular application layer protocols are : HTTP (Hypertext transfer protocol) FTP (File transfer protocol) SMTP (Simple mail transfer protocol) SNMP (Simple network management protocol) etc Transport Layer This layer provides backbone to data flow between two hosts. This layer receives data from the application layer above it. There are many protocols that work at this layer but the two most commonly used protocols at transport layer are TCP and

UDP. TCP is used where a reliable connection is required while UDP is used in case of unreliable connections. TCP divides the data(coming from the application layer) into proper sized chunks and then passes these chunks onto the network. It acknowledges received packets, waits for the acknowledgments of the packets it sent and sets timeout to resend the packets if acknowledgements are not received in time. The term reliable connection is used where it is not desired to loose any information that is being transferred over the network through this connection. So, the protocol used for this type of connection must provide the mechanism to achieve this desired characteristic. For example, while downloading a file, it is not desired to loose any information(bytes) as it may lead to corruption of downloaded content. UDP provides a comparatively simpler but unreliable service by sending packets from one host to another. UDP does not take any extra measures to ensure that the data sent is received by the target host or not. The term unreliable connection are used where loss of some information does not hamper the task being fulfilled through this connection. For example while streaming a video, loss of few bytes of information due to some reason is acceptable as this does not harm the user experience much. Network Layer This layer is also known as Internet layer. The main purpose of this layer is to organize or handle the movement of data on network. By movement of data, we generally mean routing of data over the network. The main protocol used at this layer is IP. While ICMP(used by popular ping command) and IGMP are also used at this layer. Data Link Layer This layer is also known as network interface layer. This layer normally consists of device drivers in the OS and the network interface card attached to the system. Both the device drivers and the network interface card take care of the communication details with the media being used to transfer the data over the network. In most of the cases, this media is in the form of cables. Some of the famous protocols that are used at this layer include ARP(Address resolution protocol), PPP(Point to point protocol) etc. ii) A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later. A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact. A digital certificate contains the digital signature of the certificate-issuing authority so that anyone can verify that the certificate is real. How It Works Assume you were going to send the draft of a contract to your lawyer in another town. You want to give your lawyer the assurance that it was unchanged from what you sent and that it is really from you. 1. You copy-and-paste the contract (it's a short one!) into an e-mail note. 2. Using special software, you obtain a message hash (mathematical summary) of the contract.

3. You then use a private key that you have previously obtained from a publicprivate key authority to encrypt the hash. 4. The encrypted hash becomes your digital signature of the message. (Note that it will be different each time you send a message.) At the other end, your lawyer receives the message. 1. To make sure it's intact and from you, your lawyer makes a hash of the received message. 2. Your lawyer then uses your public key to decrypt the message hash or summary. 3. If the hashes match, the received message is valid. d) In computer networking, the transport layer or layer 4 provides end-to-end communication services for applications within a layered architecture of network components and protocols. The transport layer provides convenient services such as connection-oriented data stream support, reliability, flow control, and multiplexing. The most well-known transport protocol is the Transmission Control Protocol (TCP). It lent its name to the title of the entire Internet Protocol Suite, TCP/IP. It is used for connection-oriented transmissions, whereas the connectionless User Datagram Protocol (UDP) is used for simpler messaging transmissions. The transport layer ensures that messages are delivered error-free, in sequence, and with no losses or duplications. It relieves the higher layer protocols from any concern with the transfer of data between them and their peers. The size and complexity of a transport protocol depends on the type of service it can get from the network layer. The transport layer provides: Message segmentation: accepts a message from the (session) layer above it, splits the message into smaller units (if not already small enough), and passes the smaller units down to the network layer. The transport layer at the destination station reassembles the message. Message acknowledgment: provides reliable end-to-end message delivery with acknowledgments. Message traffic control: tells the transmitting station to "back-off" when no message buffers are available. Session multiplexing: multiplexes several message streams, or sessions onto one logical link and keeps track of which messages belong to which sessions (see session layer). Typically, the transport layer can accept relatively large messages, but there are strict message size limits imposed by the network (or lower) layer. Consequently, the transport layer must break up the messages into smaller units, or frames, prepending a header to each frame. The transport layer header information must then include control information, such as message start and message end flags, to enable the transport layer on the other end to recognize message boundaries. In addition, if the lower layers do not maintain sequence, the transport header must contain sequence information to enable the transport layer on the receiving end to get the pieces back together in the right order before handing the received message up to the layer above.

e) Public-key cryptography, also known as asymmetric cryptography, refers to a cryptographic algorithm which requires two separate keys one of which is secret (or private) and one of which is public. Although different, the two parts of this key pair are mathematically linked. The public key is used to encrypt plaintext or

to verify a digital signature; whereas the private key is used to decrypt ciphertext or to create a digital signature. The term "asymmetric" stems from the use of different keys to perform these opposite functions, each the inverse of the other as contrasted with conventional ("symmetric") cryptography which relies on the same key to perform both. Message authentication involves processing a message with a private key to produce a digital signature. Thereafter anyone can verify this signature by processing the signature value with the signer's corresponding public key and comparing that result with the message. Success confirms the message is unmodified since it was signed, and presuming the signer's private key has remained secret to the signer that the signer, and no one else, intentionally performed the signature operation. In practice, typically only a hash or digest of the message, and not the message itself, is encrypted as the signature. Symmetric encryption (also called private-key encryption or secret-key encryption) involves using the same key for encryption and decryption.

Encryption involves applying an operation (an algorithm) to the data to be encrypted using the private key to make them unintelligible. The slightest algorithm (such as an exclusive OR) can make the system nearly tamper proof (there being no such thing as absolute security). The main disadvantage of a secret-key cryptosystem is related to the exchange of keys. Symmetric encryption is based on the exchange of a secret (keys). The problem of key distribution therefore arises: Moreover, a user wanting to communicate with several people while ensuring separate confidentiality levels has to use as many private keys as there are people. For a group of N people using a secret-key cryptosystem, it is necessary to distribute a number of keys equal to N * (N-1) / 2. The RSA algorithm involves three steps: key generation, encryption and decryption. RSA involves a public key and a private key. The public key can be known by everyone and is used for encrypting messages. Messages encrypted with the public key can only be decrypted in a reasonable amount of time using the private key. The keys for the RSA algorithm are generated the following way: 1. Choose two distinct prime numbers p and q. Prime integers can be efficiently found using a primality test. 2. Compute n = pq. 3. Compute (n) = (p)(q) = (p 1)(q 1), where is Euler's totient function. 4. Choose an integer e such that 1< e < (n) and gcd (e, (n)) = 1; i.e. e and (n) are co-prime. e is released as the public key exponent. 5. Determine d as d1 e (mod (n)), i.e., d is the multiplicative inverse of e (modulo (n)). d is kept as the private key exponent. The public key consists of the modulus n and the public (or encryption) exponent e. The private key consists of the modulus n and the private (or decryption) exponent d, which must be kept secret.

Encryption Alice transmits her public key (n, e) to Bob and keeps the private key secret. Bob then wishes to send message M to Alice. He first turns M into an integer m, such that 0 m < n by using an agreedupon reversible protocol known as a padding scheme. He then computes the cipher text c corresponding to Bob then transmits c to Alice. Decryption Alice can recover m from c by using her private key exponent d via computing Given m, she can recover the original message M by reversing the padding scheme. An example Here is an example of RSA encryption and decryption. 1. Choose two distinct prime numbers, such as and . 2. Compute n = pq giving 3. Compute the totient of the product as (n) = (p1)(q1) giving . 4. Choose any number 1 < e < 3120 that is coprime to 3120. Choosing a prime number for e leaves us only to check that e is not a divisor of 3120. Let 5. Compute d, the modular multiplicative inverse of e (mod (n)) yielding The public key is (n = 3233, e = 17). For a padded plaintext message m, the encryption function is The private key is (n = 3233, d = 2753). For an encrypted ciphertext c, the decryption function is For instance, in order to encrypt m = 65, we calculate To decrypt c = 2790, we calculate . SECTION - C Q3.
Open Systems Interconnection ( OSI ) is a standard reference model for communication between two end users in a network.

A)

OSI divides telecommunication into seven layers. The layers are in two groups. The upper four layers are used whenever a message passes from or to a user. The lower three layers are used when any message passes through the host computer. Messages intended for this computer pass to the upper layers. Messages destined for some other host are not passed up to the upper layers but are forwarded to another host. The seven layers are: Layer 1: The physical layer ...This layer conveys the bit stream through the network at the electrical and mechanical level. It provides the hardware means of sending and receiving data on a carrier. Layer 2: The data-link layer ...This layer provides synchronization for the physical level and does bit-stuffing for strings of 1's in excess of 5. It also takes care of errors in hop to hop transmission. Layer 3: The network layer ...This layer handles the routing of the data (sending it in the right direction to the right destination on outgoing transmissions and receiving incoming transmissions at the packet level). The network layer does routing and forwarding. Layer 4: The transport layer ...This layer manages the end-to-end control (for example, determining whether all packets have arrived) and error-checking. It ensures complete data transfer. Layer 5: The session layer ...This layer sets up, coordinates, and terminates conversations, exchanges, and dialogs between the applications at each end. It deals with session and connection coordination. Layer 6: The presentation layer ...This is a layer, usually part of an operating system, that converts incoming and outgoing data from one presentation format to another. Layer 7: The application layer ...This is the layer at which communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. b) NETWORK GOALS: The main goal of networking is "Resource sharing", and it is to make all programs, data and equipment available to anyone on the network without the regard to the physical location of the resource and the user.

A second goal is to provide high reliability by having alternative sources of supply. For example, all files could be replicated on two or three machines, so if one of them is unavailable, the other copies could be available. Another goal is saving money. Small computers have a much better price/performance ratio than larger ones. Mainframes are roughly a factor of ten times faster than the fastest single chip microprocessors, but they cost thousand times more. Another closely related goal is to increase the systems performance as the work load increases by just adding more processors. With central mainframes, when the system is full, it must be replaced by a larger one, usually at great expense and with even greater disruption to the users. Computer networks provide a powerful communication medium. A file that was updated / modified on a network can be seen by the other users on the network immediately. NETWORK APPLICATIONS: 1. Access to remote programs: Accessing remote programs located on servers makes it convenient for a person to work from any place. It is more important in the age of cloud computing today. 2. Access to remote databases: By providing access to remote databases it is possible to implement anytime anywhere banking happen or to book tickets online from the comfort of home. 3. Value-added communication facilities: Calling up a distant computer via a network is cheaper than calling it directly. The lower rate is possible because in a normal telephone call ties up an expensive, dedicated circuit for the duration of the call, whereas access via a network ties up long-distance lines only while data are actually being transmitted. c) The protocol for each layer is concerned with providing a peer-to-peer service with the corresponding layer at the other end of the path. Each layer uses the services of the layers below it, by communicating via a Service Access Point (SAP).

Peer to peer communication using the services of a lower layer During peer-to-peer communication, information at the sender (i.e. a Protocol Data Unit, PDU) flows down through each of the lower layers in the same node. At the lowest (physical layer) the information passes over the communications cable to the corresponding physical layer entity. When information is received, the information (a Service Data Unit, SDU) is passed up to the next higher layer. The boundaries between adjacent layers in the same system are called Interfaces. Service Primitives are used to pass the information, and the

protocol entity to which the information is delivered is called a Service Access Point (SAP). Examples of SAPs are the type field in the Medium Access Control (MAC) protocol, the address field in HDLC, the protocol field in the IP network header, and the port identifier in UDP and TCP. Q4. A) An analog transmission requires lower bandwidth having band pass characteristics. The process involved in analog transmission is known as modulation, which requires manipulation of one or more of the parameters of the carrier that characterizes the analog signal. Figure depicts the modulation process to get analog signal.

Some of the important advantages of modulation are summarized below: Frequency translation: Modulation translates the signal from one region of frequency domain to another region. This helps to transmit the modulated signal with minimum attenuation through a particular medium. Practical size of antenna: Modulation translates baseband signal to higher frequency, which can be transmitted through a bandpass channel using an antenna of smaller size. This has made communication practical. Narrowbanding: As modulation translates a signal from lower frequency domain to higher frequency domain, the ratio between highest to lowest frequency of the modulated signal becomes close to 1. Multiplexing: Different base band signals originating from different sources can be translated to different frequency ranges. This allows transmission of different signals through the same medium using frequency division multiplexing (FDM) to be discussed in the following lesson. The modulation technique can be broadly divided into two basic categories; Amplitude modulation and Angle modulation. The Angle modulation can be further divided into two more categories; Frequency and Phase modulations.

Amplitude Modulation (AM) This is the simplest form of modulation where the amplitude of the carrier wave is modulated by the analog signal known as the modulating signal. A signal to be modulated, a carrier and the modulated signal are shown in Fig.

Angle modulation is shown in Fig. 2.5.12. It may me noted that the amplitude of the modulated signal is constant. Frequency Modulation (FM) and Phase Modulation (PM) are the special cases of Angle modulation. For Phase Modulation, the phase is proportional to the modulating signal, whereas for frequency modulation, the derivative of the phase is proportional to the modulating signal.

b)

Basic Elements of Communication A simplified model of a data communication system is shown in Fig. Here there are five basic components:

Source: Source is where the data is originated. Typically it is a computer, but it can be any other electronic equipment such as telephone handset, video camera, etc, which can generate data for transmission to some destination. The data to be sent is represented by x(t).

 Transmitter: As data cannot be sent in its native form, it is necessary to convert it into signal. This is performed with the help of a transmitter such as modem. The signal that is sent by the transmitter is represented by s(t). Communication Medium: The signal can be sent to the receiver through a communication medium, which could be a simple twisted-pair of wire, a coaxial cable, optical fiber or wireless communication system. It may be noted that the signal that comes out of the communication medium is s(t), which is different from s(t) that was sent by the transmitter. This is due to various impairments that the signal suffers as it passes through the communication medium. Receiver: The receiver receives the signal s(t) and converts it back to data d(t) before forwarding to the destination. The data that the destination receives may not be identical to that of d(t), because of the corruption of data. Destination: Destination is where the data is absorbed. Again, it can be a computer system, a telephone handset, a television set and so on. Data Data refers to information that conveys some meaning based on some mutually agreed up rules or conventions between a sender and a receiver and today it comes in a variety of forms such as text, graphics, audio, video and animation. Data can be of two types; analog and digital. Analog data take on continuous values on some interval. Typical examples of analog data are voice and video. The data that are collected from the real world with the help of transducers are continuous-valued or analog in nature. On the contrary, digital data take on discrete values. Text or character strings can be considered as examples of digital data. Characters are represented by suitable codes, e.g. ASCII code, where each character is represented by a 7-bit code. Signal It is electrical, electronic or optical representation of data, which can be sent over a communication medium. Stated in mathematical terms, a signal is merely a function of the data. For example, a microphone converts voice data into voice signal, which can be sent over a pair of wire. Analog signals are continuous-valued; digital signals are discrete-valued. The independent variable of the signal could be time (speech, for example), space (images), or the integers (denoting the sequencing of letters and numbers in the football score). c) Sources of Impairments When a signal is transmitted over a communication channel, it is subjected to different types of impairments because of imperfect characteristics of the channel. As a consequence, the received and the transmitted signals are not the same. Outcome of the impairments are manifested in two different ways in analog and digital signals. These impairments introduce random modifications in analog signals leading to distortion. Attenuation Irrespective of whether a medium is guided or unguided, the strength of a signal falls off with distance. This is known as attenuation. In case of guided media, the attenuation is logarithmic, whereas in case of unguided media it is a more complex function of the distance and the material that constitutes the medium. Delay distortion The velocity of propagation of different frequency components of a signal are different in guided media. This leads to delay distortion in the signal. For a band limited signal, the velocity of propagation has been found to be maximum near the center frequency and lower on both sides of the edges of the frequency band. In case

of analog signals, the received signal is distorted because of variable delay of different components. In case of digital signals, the problem is much more severe. Some frequency components of one bit position spill over to other bit positions, because of delay distortion. This leads to inter-symbol interference, which restricts the maximum bit rate of transmission through a particular transmission medium. The delay distortion can also be neutralised, like attenuation distortion, by using suitable equalizers. Noise As signal is transmitted through a channel, undesired signal in the form of noise gets mixed up with the signal, along with the distortion introduced by the transmission media. Noise can be categorised into the following four types: Thermal Noise Inter-modulation Noise Cross talk Impulse Noise Bandwidth and Channel Capacity Bandwidth refers to the range of frequencies that a medium can pass without a loss of one-half of the power (-3dB) contained in the signal. Figure below shows the bandwidth of a channel. The points Fl and Fh points correspond to 3dB of the maximum amplitude A.

Bandwidth of a medium decides the quality of the signal at the other end. A digital signal (usually aperiodic) requires a bandwidth from 0 to infinity. So, it needs a low-pass channel characteristic. On the other hand, a band-pass channel characteristic is required for the transmission of analog signals.

Q5.

A)

Error Control Techniques When an error is detected in a message, the receiver sends a request to the transmitter to retransmit the ill-fated message or packet. The most popular retransmission scheme is known as Automatic-Repeat-Request (ARQ). Such schemes, where receiver asks transmitter to re-transmit if it detects an error, are known as reverse error correction techniques. There exist three popular ARQ techniques, as shown below.

In Stop-and-Wait ARQ, which is simplest among all protocols, the sender (say station A) transmits a frame and then waits till it receives positive acknowledgement (ACK) or negative acknowledgement (NACK) from the receiver (say station B). Station B sends an ACK if the frame is received correctly, otherwise it sends NACK. Station A sends a new frame after receiving ACK; otherwise it retransmits the old frame, if it receives a NACK.

Stop-And-Wait ARQ technique To tackle the problem of a lost or damaged frame, the sender is equipped with a timer. In case of a lost ACK, the sender transmits the old frame. Normally an ACK is received before the timer expires. In this case no ACK is received, and the timer counts down to zero and triggers retransmission of the same by the sender. The sender always starts a timer following transmission, but in the second transmission receives an ACK before the timer expires, finally indicating that the data has now been received by the remote node. Go-back-N ARQ The most popular ARQ protocol is the go-back-N ARQ, where the sender sends the frames continuously without waiting for acknowledgement. As the receiver receives the frames, it keeps on sending ACKs or a NACK, in case a frame is incorrectly received. When the sender receives a NACK, it retransmits the frame in error plus all the succeeding frames as shown in Fig. Hence, the name of the protocol is go-back-N ARQ. If a frame is lost, the receiver sends NAK after receiving the next frame as shown in Fig. In case there is long delay before sending the NAK, the sender will resend the lost frame after its timer times out. If the ACK frame sent by the receiver is lost, the sender resends the frames after its timer times out as shown in Fig.

SelectiveRepeat ARQ The selective-repetitive ARQ scheme retransmits only those frames for which NAKs are received or for which timer has expired, this is shown in the Fig. This is the most

efficient among the ARQ schemes, but the sender must be more complex so that it can send out-of-order frames. The receiver also must have storage space to store the postNAK frames and processing power to reinsert frames in proper sequence.

b)

A network of computers based on multi-access medium requires a protocol for effective sharing of the media. As only one node can send or transmit signal at a time using the broadcast mode, the main problem here is how different nodes get control of the medium to send data. The protocols used for this purpose are known as Medium Access Control (MAC) techniques. The key issues involved here are - Where and how the control is exercised.

Round Robin Techniques: In Round Robin techniques, each and every node is given the chance to send or transmit by rotation. When a node gets its turn to send, it may either decline to send, if it has no data or may send if it has got data to send. The right to send then passes to the next node based on a predetermined logical sequence. The right to send may be controlled in a centralised or distributed manner. Polling is an example of centralised control and token passing is an example of distributed control. ALOHA In ALOHA users are allowed random access of the central computer through a common radio frequency band f1 and the computer centre broadcasts all received signals on a different frequency band f2. Whenever a node has a packet to sent, it

simply does so. The scheme, known as Pure ALOHA, is a free-for-all scheme. Of course, frames will suffer collision and colliding frames will be destroyed. By monitoring the signal sent by the central computer, an user comes to know whether the packet sent by him has suffered a collision or not. Based on this, the best channel utilisation of 18% can be obtained at 50 percent of the offered load. At smaller offered load, channel capacity is underused and at higher offered load too many collisions occur reducing the throughput. Subsequently, in a new scheme, known as Slotted ALOHA, was suggested to improve upon the efficiency of pure ALOHA. In this scheme, the channel is divided into slots equal to and packet transmission can start only at the beginning of a slot. This reduces the vulnerable period from 2 to and improves efficiency by reducing the probability of collision. This gives a maximum throughput of 37% at 100 percent of offered load.

CSMA In this scheme, a node having data to transmit first listens to the medium to check whether another transmission is in progress or not. The node starts sending only when the channel is free. There are three variations of this basic scheme. (i) 1-persistent CSMA: In this case, a node having data to send, start sending, if the channel is sensed free. If the medium is busy, the node continues to monitor until the channel is idle. Then it starts sending data. (ii) Non-persistent CSMA: If the channel is sensed free, the node starts sending the packet. Otherwise, the node waits for a random amount of time and then monitors the channel. (iii) p-persistent CSMA: If the channel is free, a node starts sending the packet. Otherwise the node continues to monitor until the channel is free and then it sends with probability p. CSMA/CD In CSMA scheme, when two packets collide the channel remains unutilized for the entire duration of transmission time of both the packets. If the propagation time is small compared to the packet transmission time, wasted channel capacity can be considerable. This wastage of channel capacity can be reduced if the nodes continue to monitor the channel while transmitting a packet and immediately cease transmission when collision is detected. This refined scheme is known as Carrier Sensed Multiple Access with Collision Detection (CSMA/CD). c) Message Switching In this switching method, where instead of establishing a dedicated physical line between the sender and the receiver as in circuit switching, the message is sent to the nearest directly connected switching node. This node stores the message, checks for errors, selects the best available route and forwards the message to the next

intermediate node.

In this switching technique, more devices can share the network bandwidth, as compared with circuit switching technique. Temporary storage of message reduces traffic congestion to some extent. Higher priority can be given to urgent messages, so that the low priority messages are delayed while the urgent ones are forwarded faster. However, since the message blocks may be quite large in size, considerable amount of storage space is required at each node to buffer the messages. Packet Switching It is also based on the same store-and-forward approach. However, to overcome the limitations of message switching, messages are divided into subsets of equal length called packets. This approach was developed for long-distance data communication and it has evolved over time. In packet switching approach, data are transmitted in short packets (few Kbytes). A long message is broken up into a series of packets. Every packet contains some control information in its header, which is required for routing and other purposes.

Main difference between Packet switching and Circuit Switching is that the communication lines are not dedicated to passing messages from the source to the destination. In Packet Switching, different messages (and even different packets) can pass through different routes, and when there is a "dead time" in the communication between the source and the destination, the lines can be used by other sources. There are two basic approaches commonly used to packet Switching: virtual circuit packet switching and datagram packet switching. In virtual-circuit packet switching a virtual circuit is made before actual data is transmitted.

Q6

a) IP (Internet Protocol) addressing are used to identify hosts on the campus Internet, that ties into the Internet, a global network. If the computer is attached to local network, it needs an IP address to be recognized as part of the Internet. IP addresses are constructed according to a set of specific rules so that hosts on any part of the Internet can communicate with each other. An IP address consists of a 32-bit binary number, which is typically presented as four decimal numbers (one for each 8-bit byte) separated by decimal points. For example, 128.253.21.58 is an IP address and it has three parts:

Network Address Subnet Address Host Address

IP addresses have been divided into five classes. The class A format allows up to 126 networks with 16 million hosts each. Class B allows up to 16,382 networks with up to 64 K hosts each. Class C allows 2 million networks with up to 254 hosts each. The Class D is used for multicasting in which a datagram is directed to multiple hosts. Addresses beginning with 11110 are reserved for future use. Network addresses are usually written in dotted decimal notation, such as 126.12.15.220, where each byte is written in decimal number corresponding to the binary value. This approach of representing IP addresses in terms of classes is known as classful addressing. In mid 90s another approach known as classless addressing has been proposed, which may supersede the existing classful addressing approach in future.

Subnetting To filter packets for a particular network, a router uses a concept known as masking, which filters out the net id part (by ANDing with all 1s) or by removing the host id part (by ANDing with all 0s). The net id part is then compared with the network address. All the hosts in a network must have the same network number. This property of IP addressing causes problem as the network grows. To overcome this problem, a concept known as subnets is used, which splits a network into several parts for internal use, but still acts like a single network to the outside world. To facilitate routing, a part of hostid is used as subnet address with a corresponding subnet mask. Subnetting reduces router table space by creating a three-level hierarchy; net id, subnet id followed by host id. b) INTERNET CONTROL MESSAGE PROTOCOL IP provides unreliable connectionless datagram service, original aim being efficient use of network resources. IP being a best effort delivery service lacks error control and assistance mechanisms. What happens if something goes wrong? What happens if a router must discard a datagram because it cannot find a router to the final destination or because the time-to-live field has a zero value? These are examples where IP has no built-in mechanism to notify the original host. There are may other situation where IP is found lacking. The internet control message protocol (ICMP) has been designed to take care of the above deficiencies. It is a companion to IP. ICMP in spite of being a network layer protocol does not pass messages directly to the datalink layer. Instead the messages are first encapsulated inside IP datagrams whose protocol field is set to 1. ICMP messages are divided into two broad categories:

1. Error reporting Messages. 2. Query Messages. 1. Error reporting: ICMP was designed to compensate the shortcoming of unreliability in IP. However ICMP does not correct errors, but only reports them. Error reporting messages are always sent to the original source. Five types of errors are handled: Destination unreachableIn situations where a router cannot route a datagram or a host cannot deliver a datagram, the datagram is discarded and the router or host sends a destination unreachable message back to the source. Source QuenchThe source quench message in ICMP adds some flow control and congestion control to IP by notifying the source of a datagram being discarded and forcing it to slow down its transmission. Time ExceededIt is generated in two cases a. A router receives a datagram with a zero value in the TTL field b. All fragments that make up a message do not arrive at the destination host within a certain time limit. Parameter ProblemIf a router or a destination host discovers an ambiguous or missing value in a any field of the datagram. RedirectionWhen a host comes up, its routing table has a limited number of entries. It usually knows the IP address of a single default router. For this reason the host may send a datagram to the wrong router. The router that receives the datagram will forward it to the correct router and will send a redirection message back to the host for routing table updating. 2. Query Messages: Query messages are used to diagnose some network problems. There are four different pairs of messages. Echo Request/Reply messagesare designed for diagnostic purposes. Their combination determines whether two systems can communicate with each other. Time stamp Request/Reply messagescan be used to determine the round trip time for an IP datagram to travel between two machines and also to synchronize the clocks in them. Address mask Request/Reply messageare used between the host and the router to indicate which part of the address defines the network and the sub-network address and which part corresponds to the host identifier. Router Solicitation and Advertisementare useful to inform a host that wants to send data to a host on another network, the address of routers connected to its own network and also their status and functioning.

c)

Routing is the act of moving information across an inter-network from a source to a destination. Along the way, at least one intermediate node typically is encountered. Its also referred to as the process of choosing a path over which to send the packets. The routing algorithm is the part of the network layer software responsible for deciding which output line an incoming packet should be transmitted on, i.e. what should be the next intermediate node for the packet. Routing protocols use metrics to evaluate what path will be the best for a packet to travel. A metric is a standard of measurement; such as path bandwidth, reliability, delay, current load on that path etc; that is used by routing algorithms to determine the optimal path to a destination. To aid the process of path determination,

routing algorithms initialize and maintain routing tables, which contain route information. Route information varies depending on the routing algorithm used. Routing algorithms fill routing tables with a variety of information. Mainly Destination/Next hop associations tell a router that a particular destination can be reached optimally by sending the packet to a particular node representing the "next hop" on the way to the final destination. When a router receives an incoming packet, it checks the destination address and attempts to associate this address with a next hop. Some of the routing algorithm allows a router to have multiple next hop for a single destination depending upon best with regard to different metrics. For example, lets say router R2 is be best next hop for destination D, if path length is considered as the metric; while Router R3 is the best for the same destination if delay is considered as the metric for making the routing decision. Congestion: As Internet can be considered as a Queue of packets, where transmitting nodes are constantly adding packets and some of them (receiving nodes) are removing packets from the queue. So, consider a situation where too many packets are present in this queue (or internet or a part of internet), such that constantly transmitting nodes are pouring packets at a higher rate than receiving nodes are removing them. This degrades the performance, and such a situation is termed as Congestion. Main reason of congestion is more number of packets into the network than it can handle. When the number of packets dumped into the network is within the carrying capacity, they all are delivered, expect a few that have too be rejected due to transmission errors). And then the number delivered is proportional to the number of packets sent. However, as traffic increases too far, the routers are no longer able to cope, and they begin to lose packets. At very high traffic, performance collapse completely, and almost no packet is delivered. Congestion can occur due to several reasons. For example, if all of a sudden a stream of packets arrive on several input lines and need to be out on the same output line, then a long queue will be build up for that output. If there is insufficient memory to hold these packets, then packets will be lost (dropped). Adding more memory also may not help in certain situations. So, the major cause of congestion is often the bursty nature of traffic. If the hosts could be made to transmit at a uniform rate, then congestion problem will be less common and all other causes will not even led to congestion because other causes just act as an enzyme which boosts up the congestion when the traffic is bursty. Congestion affects two vital parameters of the network performance, namely throughput and delay. Q7. A) Cryptography is the art of protecting information by transforming it (encrypting it) into an unreadable format, called cipher text. Only those who possess a secret key can decipher (or decrypt) the message into plain text. Encrypted messages can sometimes be broken by cryptanalysis, also called code breaking, although modern cryptography techniques are virtually unbreakable. As the Internet and other forms of electronic communication become more prevalent, electronic security is becoming increasingly important. Cryptography is used to protect e-mail messages, credit card information, and corporate data. Cryptography systems can be broadly classified into symmetric-key systems that use a single key that both the sender and recipient have, and public-key systems that use two keys, a public key known to everyone and a private key that only the recipient of messages uses.

Encryption is the transformation of data into some unreadable form. Its purpose is to ensure privacy by keeping the information hidden from anyone for whom it is not intended, even those who can see the encrypted data. Decryption is the reverse of encryption; it is the transformation of encrypted data back into some intelligible form. Encryption and decryption require the use of some secret information, usually referred to as a key. Depending on the encryption mechanism used, the same key might be used for both encryption and decryption, while for other mechanisms, the keys used for encryption and decryption might be different. But today's cryptography is more than secret writing, more than encryption and decryption. Authentication is as fundamental a part of our lives as privacy. We use authentication though out our everyday life, when we sign our name to some document for instance, and as we move to a world where our decisions and agreements are communicated electronically, we need to replicate these procedures. While modern cryptography is growing increasingly diverse, cryptography is fundamentally based on problems that are difficult to solve. A problem may be difficult because its solution requires some secret knowledge, such as decrypting an encrypted message or signing some digital document, or the problem may be hard because it is intrinsically difficult to complete, such as finding a message which produces a given hash value. So as the field of cryptography has advanced, the dividing lines for what is and what is not cryptography have become blurred. Cryptography today might be summed up as the study of techniques and applications that depend on the existence of difficult problems. A cryptanalyst attempts to compromise cryptographic mechanisms, and cryptology is the discipline of cryptography and cryptanalysis combined. b) In symmetric-key encryption, each computer has a secret key (code) that it can use to encrypt a packet of information before it is sent over the network to another computer. Symmetric-key requires that you know which computers will be talking to each other so you can install the key on each one. Symmetric-key encryption is essentially the same as a secret code that each of the two computers must know in order to decode the information. The code provides the key to decoding the message. For example lets understand a symmetric key algorithm called Playfair Cipher. The technique encrypts pairs of letters (digraphs), instead of single letters as in the simple substitution Cipher. The Algorithm The 'key' for a playfair cipher is generally a word, for the sake of example we will choose 'monarchy'. This is then used to generate a 'key square', e.g. M O N A R C H Y B D E F G I/J K L P Q S T U V W X Z Any sequence of 25 letters can be used as a key, so long as all letters are in it and there are no repeats. Note that there is no 'j', it is combined with 'i'. We now apply the encryption rules to encrypt the plaintext.

1.

Remove any punctuation or characters that are not present in the key square (this may mean spelling out numbers, punctuation etc.). 2. Identify any double letters in the plaintext and replace the second occurence with an 'x' e.g. 'hammer' -> 'hamxer'. 3. If the plaintext has an odd number of characters, append an 'x' to the end to make it even. 4. Break the plaintext into pairs of letters, e.g. 'hamxer' -> 'ha mx er' 5. The algorithm now works on each of the letter pairs. 6. Locate the letters in the key square, (the examples given are using the key square above) a. If the letters are in different rows and columns, replace the pair with the letters on the same row respectively but at the other pair of corners of the rectangle defined by the original pair. The order is important the first encrypted letter of the pair is the one that lies on the same row as the first plaintext letter. 'ha' -> 'bo', 'es' -> 'il' b. If the letters appear on the same row of the table, replace them with the letters to their immediate right respectively (wrapping around to the left side of the row if a letter in the original pair was on the right side of the row). 'ma' -> 'or', 'lp' -> 'pq' c. If the letters appear on the same column of the table, replace them with the letters immediately below respectively. 'rk' -> 'dt', 'pv' -> 'vo' Hence, al -> ms 1. * * * * * 2. * h y b d 3. * * * * * 4. * * * * * 5. * * * * * Hence, hb -> yd 6. * * n * * 7. * * y * * 8. * * * * * 9. * * q * * 10. * * w * * Hence, nq -> yw An example encryption, "we are discovered, save yourself" using the key square shown at the beginning of this section: plaintext: wearediscoveredsaveyourselfx ciphertext: ugrmkcsxhmufmkbtoxgcmvatluiv c) Many organizations have confidential or proprietary information, such as trade secrets, product development plans, marketing strategies, etc., which should be protected from unauthorized access and modification. Although these techniques can be used to protect data in transit, it does not protect data from digital pests and hackers. To accomplish this it is necessary to perform user authentication and access control to protect the networks from unauthorized traffic. This is known as firewalls. A firewall system is an electronic security guard and electronic barrier at the same time. It protects and controls the interface between a private network and an insecure public network as shown in the simplified diagram below.

It is responsible for partitioning a designated area such that any damage on one side cannot spread to the other side. It prevents bad things from happening, i.e. loss of information, without preventing good things from happening, that is controlled exchange of information with the outside world. It essentially enforces an access control policy between two networks. The manner in which this is implemented varies widely, but in principle, the firewall can be considered as a pair of mechanisms: one that is used to block traffic, and the other that is used to permit traffic. Some firewalls place more emphasis on blocking traffic, while others emphasize on permitting traffic. Probably the most important issue to understand of a firewall is the access control policy it implements. If a firewall administrator has no idea about what or whom he is protecting his network, what should be allowed and what should be prohibited, a firewall really won't help his organization. As firewall is a mechanism for enforcing policy, which affects all the persons behind it, it imposes heavy responsibility on the administrator of the firewall. In this lesson various issues related to Firewalls are discussed. Uses: There is no need for a firewall if each and every host of a private network is properly secured. Unfortunately, in practice the situation is different. A private network may consist of different platforms with diverse OS and applications running on them. Many of the applications were designed and developed for an ideal environment, without considering the possibility of the existence of bad guys. Moreover, most of the corporate networks are not designed for security. Therefore, it is essential to deploy a firewall to protect the vulnerable infrastructure of an enterprise.