Unit 2

What is the OSI model?

The Open Systems Interconnection (OSI) model is a conceptual model created by the
International Organization for Standardization which enables diverse communication
systems to communicate using standard protocols. In plain English, the OSI provides a
standard for different computer systems to be able to communicate with each other.

OSI stands for Open Systems Interconnection. It has been developed by ISO –
‘International Organization of Standardization‘, in the year 1984. It is a 7 layer
architecture with each layer having specific functionality to perform. All these 7 layers
work collaboratively to transmit the data from one person to another across the globe.

1. Physical Layer (Layer 1) :

The lowest layer of the OSI reference model is the physical layer. It is responsible for
the actual physical connection between the devices. The physical layer contains
information in the form of bits. It is responsible for transmitting individual bits from one
node to the next. When receiving data, this layer will get the signal received and convert
it into 0s and 1s and send them to the Data Link layer, which will put the frame back
together.
The functions of the physical layer are :
1. Bit synchronization: The physical layer provides the synchronization of the bits by
providing a clock. This clock controls both sender and receiver thus providing
synchronization at bit level.
2. Bit rate control: The Physical layer also defines the transmission rate i.e. the number of
bits sent per second.
3. Physical topologies: Physical layer specifies the way in which the different,
devices/nodes are arranged in a network i.e. bus, star or mesh topolgy.
4. Transmission mode: Physical layer also defines the way in which the data flows between
the two connected devices. The various transmission modes possible are: Simplex, half-
duplex and full-duplex.
* Hub, Repeater, Modem, Cables are Physical Layer devices.
** Network Layer, Data Link Layer and Physical Layer are also known as Lower
Layers or Hardware Layers.

2. Data Link Layer (DLL) (Layer 2) :

The data link layer is responsible for the node to node delivery of the message. The
main function of this layer is to make sure data transfer is error-free from one node to
another, over the physical layer. When a packet arrives in a network, it is the
responsibility of DLL to transmit it to the Host using its MAC address.
Data Link Layer is divided into two sub layers :
1. Logical Link Control (LLC)
2. Media Access Control (MAC)
The packet received from Network layer is further divided into frames depending on the
frame size of NIC(Network Interface Card). DLL also encapsulates Sender and
Receiver’s MAC address in the header.
The Receiver’s MAC address is obtained by placing an ARP(Address Resolution
Protocol) request onto the wire asking “Who has that IP address?” and the destination
host will reply with its MAC address.

The functions of the data Link layer are :

1. Framing: Framing is a function of the data link layer. It provides a way for a sender to
transmit a set of bits that are meaningful to the receiver. This can be accomplished by
attaching special bit patterns to the beginning and end of the frame.
2. Physical addressing: After creating frames, Data link layer adds physical addresses
(MAC address) of sender and/or receiver in the header of each frame.
3. Error control: Data link layer provides the mechanism of error control in which it detects
and retransmits damaged or lost frames.
 4. Flow Control: The data rate must be constant on both sides else the data may get
corrupted thus , flow control coordinates that amount of data that can be sent before
receiving acknowledgement.
5. Access control: When a single communication channel is shared by multiple devices,
MAC sub-layer of data link layer helps to determine which device has control over the
channel at a given time.
* Packet in Data Link layer is referred as Frame.
** Data Link layer is handled by the NIC (Network Interface Card) and device drivers of
host machines.
*** Switch & Bridge are Data Link Layer devices.

3. Network Layer (Layer 3) :

Network layer works for the transmission of data from one host to the other located in
different networks. It also takes care of packet routing i.e. selection of the shortest path
to transmit the packet, from the number of routes available. The sender & receiver’s IP
address are placed in the header by the network layer.
The functions of the Network layer are :
1. Routing: The network layer protocols determine which route is suitable from source to
destination. This function of network layer is known as routing.
2. Logical Addressing: In order to identify each device on internetwork uniquely, network
layer defines an addressing scheme. The sender & receiver’s IP address are placed in the
header by network layer. Such an address distinguishes each device uniquely and
universally.
* Segment in Network layer is referred as Packet.

** Network layer is implemented by networking devices such as routers.

4. Transport Layer (Layer 4) :

Transport layer provides services to application layer and takes services from network
layer. The data in the transport layer is referred to as Segments. It is responsible for the
End to End Delivery of the complete message. The transport layer also provides the
acknowledgement of the successful data transmission and re-transmits the data if an
error is found.
• At sender’s side:
Transport layer receives the formatted data from the upper layers,
performs Segmentation and also implements Flow & Error control to ensure proper
data transmission. It also adds Source and Destination port number in its header and
forwards the segmented data to the Network Layer.
Note: The sender need to know the port number associated with the receiver’s
application.
Generally, this destination port number is configured, either by default or manually. For
example, when a web application makes a request to a web server, it typically uses port
number 80, because this is the default port assigned to web applications. Many
applications have default port assigned.
• At receiver’s side:
Transport Layer reads the port number from its header and forwards the Data which it
has received to the respective application. It also performs sequencing and
reassembling of the segmented data.
The functions of the transport layer are :
1. Segmentation and Reassembly: This layer accepts the message from the (session)
layer , breaks the message into smaller units . Each of the segment produced has a
header associated with it. The transport layer at the destination station reassembles the
message.
2. Service Point Addressing: In order to deliver the message to correct process, transport
layer header includes a type of address called service point address or port address. Thus
by specifying this address, transport layer makes sure that the message is delivered to the
correct process.
The services provided by the transport layer :
1. Connection Oriented Service: It is a three-phase process which include
– Connection Establishment
– Data Transfer
– Termination / disconnection
In this type of transmission, the receiving device sends an acknowledgement, back to the
source after a packet or group of packet is received. This type of transmission is reliable
and secure.
2. Connection less service: It is a one-phase process and includes Data Transfer. In this
type of transmission, the receiver does not acknowledge receipt of a packet. This
approach allows for much faster communication between devices. Connection-oriented
service is more reliable than connectionless Service.
* Data in the Transport Layer is called as Segments.
** Transport layer is operated by the Operating System. It is a part of the OS and
communicates with the Application Layer by making system calls.
Transport Layer is called as Heart of OSI model.

5. Session Layer (Layer 5) :

This layer is responsible for establishment of connection, maintenance of sessions,

authentication and also ensures security.
The functions of the session layer are :
1. Session establishment, maintenance and termination: The layer allows the two
processes to establish, use and terminate a connection.
2. Synchronization : This layer allows a process to add checkpoints which are considered
as synchronization points into the data. These synchronization point help to identify the
error so that the data is re-synchronized properly, and ends of the messages are not cut
prematurely and data loss is avoided.
3. Dialog Controller : The session layer allows two systems to start communication with
each other in half-duplex or full-duplex.
**All the below 3 layers(including Session Layer) are integrated as a single layer in the
TCP/IP model as “Application Layer”.
**Implementation of these 3 layers is done by the network application itself. These are
also known as Upper Layers or Software Layers.

SCENARIO:
Let’s consider a scenario where a user wants to send a message through some
Messenger application running in his browser. The “Messenger” here acts as the
application layer which provides the user with an interface to create the data. This
message or so-called Data is compressed, encrypted (if any secure data) and
converted into bits (0’s and 1’s) so that it can be transmitted.

6. Presentation Layer (Layer 6) :

Presentation layer is also called the Translation layer.The data from the application
layer is extracted here and manipulated as per the required format to transmit over the
network.
The functions of the presentation layer are :
1. Translation : For example, ASCII to EBCDIC.
2. Encryption/ Decryption : Data encryption translates the data into another form or code.
The encrypted data is known as the cipher text and the decrypted data is known as plain
text. A key value is used for encrypting as well as decrypting data.
3. Compression: Reduces the number of bits that need to be transmitted on the network.

7. Application Layer (Layer 7) :

At the very top of the OSI Reference Model stack of layers, we find Application layer
which is implemented by the network applications. These applications produce the data,
which has to be transferred over the network. This layer also serves as a window for the
application services to access the network and for displaying the received information to
the user.
Ex: Application – Browsers, Skype Messenger etc.
**Application Layer is also called as Desktop Layer.
The functions of the Application layer are :
1. Network Virtual Terminal
2. FTAM-File transfer access and management
3. Mail Services
4. Directory Services
Computer Network TCP/IP model
The TCP/IP Model is developed before than OSI Model. The layers in TCP/IP
Model are different than OSI Model.

Layers in TCP/IP Model

The TCP/IP Model has four layers:
1. Physical Layer and data link layer – combined known as host-to-network layer
2. Network layer
3. Transport
4. Application

1. Physical and Data Link Layer

Physical and Data Link Layers in TCP/IP model does not define any protocols,
they support all the standard protocols. They are combined known as host-to-
network layer. A network in TCP/IP internetwork can be LAN or WAN.

2. Network Layer/ Internet Layer

In the network layer, the TCP/IP model supports internetworking protocol in short
known as IP. The IP uses four protocols internally: ARP, RARP, ICMP & IGMP.

Internetworking protocol(IP):
1. It is an unreliable connectionless protocol used by TCP/IP Model.
2. This protocol is used for data transmission.
3. This protocol doesn’t do error checking or tracking of data, thus we cannot be
sure that the data is actually reached its destination. This is why it is also known
as best effort delivery service which means this protocol tries it best to send the
data to its destination but doesn’t take an guarantee.
4. IP protocol transmits the data in form of small packets known as datagrams.
Each of these datagrams are transmitted separately, thus they can take different
routes and sometime duplicate datagrams can be reached to destination, also
they are reached in no particular order at the destination.

Lets discuss the four protocol this Internetworking protocol(IP) uses:

Address Resolution Protocol (ARP)

ARP finds the physical address by using the IP address. In a network, each
device is known as physical address usually imprinted on Network interface card
(NIC).

ARP protocol is used to find the physical address of a device whose internet
address (IP address) is known.

Reverse Address Resolution Protocol (RARP)

RARP protocol helps to find the internet address of a device whose physical
address is known.

Internet Control Message Protocol (ICMP)

IP in network layer sends data in form of small packets known as datagrams.
ICMP protocol sends the datagrams problems back to sender. It is used for query
and error reporting messages.

Internet Group Message Protocol (IGMP)

This protocol is used for simultaneous transmission of a message to a group of
recipients.

3. Transport Layer
Transport layer in TCP/Model can be represented by three protocols:
Transmission control protocol (TCP), User data gram protocol (UDP) and Stream
Control Transmission Protocol (SCTP).
These three protocols in transport layer are responsible for delivery of messages
from one process to another. The SCTP protocol was later introduced to meet
the needs of newer applications.

User Datagram protocol (UDP)

1. UDP is a process to process protocol used for data transmission.

2. It takes the data from upper layer of TCP/IP Model and adds following
information to the data:
a) Port Address – Source port address of 16 bits and destination port address of
16 bits added to the data so that it reaches to correct destination and displays the
correct source of data.
b) checksum error control – 16 bits of checksum data is added to the data
received from upper layer, this is used for error control.
c) length of data – Length defines the total bytes of data in datagram.

3. Although this protocol finds the error in the transmission of data, it doesn’t
specify the error which makes it hard to identify the actual error in transmission.

Transmission control protocol (TCP)

1. Unlike UDP which is a connectionless protocol, the TCP is a connection
oriented protocol.

2. A connection must be made between sender and receiver before the

transmission of data.

3. TCP protocol divides the data in small units called segments. Each segment
contains the sequence number which makes it possible to rearrange the
segments in correct order at the receiver side to make the complete data.

4. It also adds acknowledgement number to the segments to verify that the data
is actually reached its destination or not.

5. Unlike UDP which is unable to specify the exact error in transmission, this
protocol does error control and specifies the exact error which makes TCP a
reliable protocol.
Stream Control Transmission Protocol (SCTP)
1. This protocol combines the best features of TCP and UDP protocols.

2. It was discovered later to support newer applications such as voice data

transmission over the internet.

4. Application Layer
1. This is the top most layer of TCP/IP model.

2. It is used for interaction between user and application.

3. There are several protocols used by the application layer for user interaction
such as: HTTP, SNMP, SMTP, DNS, TELNET, FTP etc.

HTTP: HTTP stands for Hypertext transfer protocol, it allows the user to
interact with world wide web through the browser application. HTTP can be used
to transfer various types of data such as plain text, audio, video etc.

FTP: FTP stands for File Transfer Protocol. This protocol is used for
transmitting files from one system to another system.

TELNET: TELNET is a client-server protocol. It is a reliable connection oriented

protocol. This protocol is used on internet or on LAN to provide a bidirectional
(both ways) text based communication through a virtual terminal connection.

DNS: DNS stands for Domain Name System. Each computer on a network has
different IP address, a computer is known by its IP address. DNS provides a
mapping to a name to the IP Address so a name can be used to identify a
system on network rather than IP address itself.

SNMP: SNMP stands for Simple Network Management Protocol. It managers the
devices connected to the internet using TCP/IP protocol.

SMTP: SMTP stands for Simple mail transfer protocol. It is used for email
services, using this protocol a email containing data can be sent to another email
address.
Difference between TCP/IP and OSI Model:

TCP/IP OSI

TCP refers to

Transmission Control OSI refers to Open Systems

Protocol. Interconnection.

TCP/IP has 5 layers. OSI has 7 layers.

TCP/IP is more reliable OSI is less reliable

TCP/IP does not have

very strict boundaries. OSI has strict boundaries

TCP/IP follow a horizontal

approach. OSI follows a vertical approach.

TCP/IP uses both session

and presentation layer in OSI uses different session and

the application layer itself. presentation layers.

TCP/IP developed OSI developed model then

protocols then model. protocol.

Transport layer in TCP/IP In OSI model, transport layer

does not provide provides assurance delivery of

assurance delivery of packets.

 packets.

Connection less and connection

TCP/IP model network oriented both services are

layer only provides provided by network layer in OSI

connection less services. model.

While in OSI model, Protocols

Protocols cannot be are better covered and is easy to

replaced easily in TCP/IP replace with the change in

model. technology.

Error control in Data Link Layer

Error control in data link layer is the process of detecting and correcting data frames
that have been corrupted or lost during transmission.
In case of lost or corrupted frames, the receiver does not receive the correct data-frame
and sender is ignorant about the loss. Data link layer follows a technique to detect
transit errors and take necessary actions, which is retransmission of frames whenever
error is detected or frame is lost. The process is called Automatic Repeat Request
(ARQ).

Phases in Error Control

The error control mechanism in data link layer involves the following phases −
 Detection of Error − Transmission error, if any, is detected by either the sender
or the receiver.
 Acknowledgment − acknowledgment may be positive or negative.
o Positive ACK − On receiving a correct frame, the receiver sends a
positive acknowledge.
o Negative ACK − On receiving a damaged frame or a duplicate frame, the
receiver sends a negative acknowledgment back to the sender.
  Retransmission − The sender maintains a clock and sets a timeout period. If an
acknowledgment of a data-frame previously transmitted does not arrive before
the timeout, or a negative acknowledgment is received, the sender retransmits
the frame.

Error Control Techniques

There are three main techniques for error control −

 Stop and Wait ARQ

This protocol involves the following transitions −
o A timeout counter is maintained by the sender, which is started when a
frame is sent.
o If the sender receives acknowledgment of the sent frame within time, the
sender is confirmed about successful delivery of the frame. It then
transmits the next frame in queue.
o If the sender does not receive the acknowledgment within time, the sender
assumes that either the frame or its acknowledgment is lost in transit. It
then retransmits the frame.
o If the sender receives a negative acknowledgment, the sender retransmits
the frame.
 Go-Back-N ARQ
The working principle of this protocol is −
o The sender has buffers called sending window.
o The sender sends multiple frames based upon the sending-window size,
without receiving the acknowledgment of the previous ones.
o The receiver receives frames one by one. It keeps track of incoming
frame’s sequence number and sends the corresponding acknowledgment
frames.
o After the sender has sent all the frames in window, it checks up to what
sequence number it has received positive acknowledgment.
o If the sender has received positive acknowledgment for all the frames, it
sends next set of frames.
 o If sender receives NACK or has not receive any ACK for a particular
frame, it retransmits all the frames after which it does not receive any
positive ACK.
 Selective Repeat ARQ
o Both the sender and the receiver have buffers called sending window and
receiving window respectively.
o The sender sends multiple frames based upon the sending-window size,
without receiving the acknowledgment of the previous ones.
o The receiver also receives multiple frames within the receiving window
size.
o The receiver keeps track of incoming frame’s sequence numbers, buffers
the frames in memory.
o It sends ACK for all successfully received frames and sends NACK for
only frames which are missing or damaged.
o The sender in this case, sends only packet for which NACK is received

Flow Control
o It is a set of procedures that tells the sender how much data it can transmit before
the data overwhelms the receiver.
o The receiving device has limited speed and limited memory to store the data.
Therefore, the receiving device must be able to inform the sending device to stop the
transmission temporarily before the limits are reached.
o It requires a buffer, a block of memory for storing the information until they are
processed.

Two methods have been developed to control the flow of data:

o Stop-and-wait
o Sliding window

Stop-and-wait

o In the Stop-and-wait method, the sender waits for an acknowledgement after every
frame it sends.
o When acknowledgement is received, then only next frame is sent. The process of
alternately sending and waiting of a frame continues until the sender transmits the
EOT (End of transmission) frame.

Advantage of Stop-and-wait

The Stop-and-wait method is simple as each frame is checked and acknowledged before the
next frame is sent.
Disadvantage of Stop-and-wait

Stop-and-wait technique is inefficient to use as each frame must travel across all the way to
the receiver, and an acknowledgement travels all the way before the next frame is sent.
Each frame sent and received uses the entire time needed to traverse the link.

Sliding Window

o The Sliding Window is a method of flow control in which a sender can transmit the
several frames before getting an acknowledgement.
o In Sliding Window Control, multiple frames can be sent one after the another due to
which capacity of the communication channel can be utilized efficiently.
o A single ACK acknowledge multiple frames.
o Sliding Window refers to imaginary boxes at both the sender and receiver end.
o The window can hold the frames at either end, and it provides the upper limit on the
number of frames that can be transmitted before the acknowledgement.
o Frames can be acknowledged even when the window is not completely filled.
o The window has a specific size in which they are numbered as modulo-n means that
they are numbered from 0 to n-1. For example, if n = 8, the frames are numbered
from 0,1,2,3,4,5,6,7,0,1,2,3,4,5,6,7,0,1........
o The size of the window is represented as n-1. Therefore, maximum n-1 frames can
be sent before acknowledgement.
o When the receiver sends the ACK, it includes the number of the next frame that it
wants to receive. For example, to acknowledge the string of frames ending with
frame number 4, the receiver will send the ACK containing the number 5. When the
sender sees the ACK with the number 5, it got to know that the frames from 0
through 4 have been received.

Sender Window

o At the beginning of a transmission, the sender window contains n-1 frames, and
when they are sent out, the left boundary moves inward shrinking the size of the
window. For example, if the size of the window is w if three frames are sent out,
then the number of frames left out in the sender window is w-3.
o Once the ACK has arrived, then the sender window expands to the number which will
be equal to the number of frames acknowledged by ACK.
o For example, the size of the window is 7, and if frames 0 through 4 have been sent
out and no acknowledgement has arrived, then the sender window contains only two
frames, i.e., 5 and 6. Now, if ACK has arrived with a number 4 which means that 0
through 3 frames have arrived undamaged and the sender window is expanded to
 include the next four frames. Therefore, the sender window contains six frames
(5,6,7,0,1,2).

Receiver Window

o At the beginning of transmission, the receiver window does not contain n frames, but
it contains n-1 spaces for frames.
o When the new frame arrives, the size of the window shrinks.
o The receiver window does not represent the number of frames received, but it
represents the number of frames that can be received before an ACK is sent. For
example, the size of the window is w, if three frames are received then the number
of spaces available in the window is (w-3).
o Once the acknowledgement is sent, the receiver window expands by the number
equal to the number of frames acknowledged.
o Suppose the size of the window is 7 means that the receiver window contains seven
spaces for seven frames. If the one frame is received, then the receiver window
shrinks and moving the boundary from 0 to 1. In this way, window shrinks one by
one, so window now contains the six spaces. If frames from 0 through 4 have sent,
then the window contains two spaces before an acknowledgement is sent.
Cryptography and its Types
Cryptography is technique of securing information and communications
through use of codes so that only those person for whom the information is
intended can understand it and process it. Thus preventing unauthorized
access to information. The prefix “crypt” means “hidden” and suffix graphy
means “writing”.
In Cryptography the techniques which are use to protect information are
obtained from mathematical concepts and a set of rule based calculations
known as algorithms to convert messages in ways that make it hard to
decode it. These algorithms are used for cryptographic key generation,
digital signing, verification to protect data privacy, web browsing on internet
and to protect confidential transactions such as credit card and debit card
transactions.
Techniques used For Cryptography:
In today’s age of computers cryptography is often associated with the
process where an ordinary plain text is converted to cipher text which is the
text made such that intended receiver of the text can only decode it and
hence this process is known as encryption. The process of conversion of
cipher text to plain text this is known as decryption.
Features Of Cryptography are as follows:
1. Confidentiality:
Information can only be accessed by the person for whom it is intended and no
other person except him can access it.
2. Integrity:
Information cannot be modified in storage or transition between sender and
intended receiver without any addition to information being detected.
3. Non-repudiation:
The creator/sender of information cannot deny his or her intention to send
information at later stage.
4. Authentication:
The identities of sender and receiver are confirmed. As well as destination/origin of
information is confirmed.
Types Of Cryptography:
In general there are three types Of cryptography:

Symmetric Key Cryptography:

It is an encryption system where the sender and receiver of message use a single
common key to encrypt and decrypt messages. Symmetric Key Systems are faster and
simpler but the problem is that sender and receiver have to somehow exchange key in a
secure manner. The most popular symmetric key cryptography system is Data
Encryption System(DES).
1. Hash Functions:
There is no usage of any key in this algorithm. A hash value with fixed length is
calculated as per the plain text which makes it impossible for contents of plain text
to be recovered. Many operating systems use hash functions to encrypt
passwords.
2. Asymmetric Key Cryptography:
Under this system a pair of keys is used to encrypt and decrypt information. A
public key is used for encryption and a private key is used for decryption. Public
key and Private Key are different. Even if the public key is known by everyone the
intended receiver can only decode it because he alone knows the private key.
Attention reader! Don’t stop learning now. Get hold of all the important CS
Theory concepts for SDE interviews with the CS Theory Course at a
student-friendly price and become industry ready.

What types of encryption are there?

There are two types of encryption in widespread use
today: symmetric and asymmetric encryption. The name
derives from whether or not the same key is used for encryption
and decryption.

What is symmetric encryption?

In symmetric encryption the same key is used for encryption and
decryption. It is therefore critical that a secure method is
considered to transfer the key between sender and recipient.
 Fig
ure 2: Symmetric encryption – Using the same key for encryption and
decryption

What is asymmetric encryption?

Asymmetric encryption uses the notion of a key pair: a different key is used for
the encryption and decryption process. One of the keys is typically known as the
private key and the other is known as the public key.

The private key is kept secret by the owner and the public key is either shared
amongst authorised recipients or made available to the public at large.
Data encrypted with the recipient’s public key can only be decrypted with the
corresponding private key. Data can therefore be transferred without the risk of
unauthorised or unlawful access to the data.
Figure 3: Asymmetric encryption – Using a different key for the encryption and
decryption process

What about hashing?

Hashing is a technique that generates a fixed length value summarising a file or
message contents. It is often incorrectly referred to as an encryption method.

Hash functions are used with cryptography to provide digital signatures and
integrity controls but as no secret key is used it does not make the message
private as the hash can be recreated.
What is a cryptographic key?

In cryptography, a key is a string of characters used within an encryption algorithm for

altering data so that it appears random. Like a physical key, it locks (encrypts) data so
that only someone with the right key can unlock (decrypt) it.

The original data is known as the plaintext, and the data after the key encrypts it is
known as the ciphertext.

The formula:

plaintext
+ key
= ciphertext

Keys in early forms of encryption

Before the advent of computers, ciphertext was often created by simply replacing one
letter with another letter in the plaintext, a method known as a "substitution cipher." For
instance, suppose that someone sends a message reading "Hello" to another person,
and each letter is replaced with the one after it in the alphabet: "Hello" becomes
"Ifmmp."

H E L L O

+1 +1 +1 +1 +1

I F M M P
"Ifmmp" looks like a nonsensical string of letters, but if someone knows the key, they
can substitute the proper letters and decrypt the message as "Hello." For this example,
the key is (letter) - 1, moving each letter down one spot in the alphabet to arrive at the
real letter.

I F M M P

-1 -1 -1 -1 -1

H E L L O

Such ciphers are relatively easy to break with simple statistical analysis, since certain
letters will appear more often than others in any given text (for instance E is the most
common letter in the English language). To combat this, cryptographers developed a
system called the one-time pad.

A one-time pad is a single-use-only key that has at least as many values as the plaintext
has characters. In other words, each letter will be replaced by a letter that's a unique
number of letters removed from it in the alphabet.

For example, suppose someone has to encrypt the message "Hello," and they use a one-
time pad with the values 7, 17, 24, 9, 11.

H E L L O

7 17 24 9 11

Whereas before we simply moved up one position for each letter (letter + 1), now we
move a different number of places in the alphabet for each letter. We add 7 to the first
letter, H; we add 17 to the second letter; and so on. For any calculations that take us
past Z, we simply go back to the beginning of the alphabet and keep adding.

H E L L O

7 17 24 9 11

O V J U Z

Starting from the plaintext "Hello," we now have the ciphertext "Ovjuz," using the key "7,
17, 24, 9, 11."
For communication via a one-time pad to work, both sides of the conversation have to
use the same key for each individual message (symmetric encryption), although a
different key is used every time there's a new message. Although to any third parties
"Ovjuz" looks like random nonsense, the person who receives the ciphertext "Ovjuz" will
know to use the key "7, 17, 24, 9, 11" to decrypt it (subtracting instead of adding):

O V J U Z

7 17 24 9 11

H E L L O

Thus, a simple message can be altered by a string of random data, a key, in order to be
encrypted or decrypted.

Public Key Encryption

When the two parties communicate to each other to transfer the intelligible or sensible
message, referred to as plaintext, is converted into apparently random nonsense for
security purpose referred to as ciphertext.
The process of changing the plaintext into the ciphertext is referred to as encryption.
The encryption process consists of an algorithm and a key. The key is a value
independent of the plaintext.
Once the ciphertext is produced, it may be transmitted.
The security of conventional encryption depends on the major two factors:
1. The Encryption algorithm
2. Secrecy of the key
The algorithm will produce a different output depending on the specific key being used
at the time. Changing the key changes the output of the algorithm.
Once the ciphertext is produced, it may be transmitted. Upon reception, the ciphertext
can be transformed back to the original plaintext by using a decryption algorithm and
the same key that was used for encryption.
Decryption:
The process of changing the ciphertext to the plaintext that process is known as
decryption.
Asymmetric is a form of Cryptosystem in which encryption and decryption are
performed using different keys-Public key (known to everyone) and Private key (Secret
key). This is known as Public Key Encryption.
Characteristics of Public Encryption key:
 Public key Encryption is important because it is infeasible to determine the decryption key
given only the knowledge of the cryptographic algorithm and encryption key.
 Either of the two key (Public and Private key) can be used for encryption with other key
used for decryption.
 Due to Public key cryptosystem, public keys can be freely shared, allowing users an easy
and convenient method for encrypting content and verifying digital signatures, and private
 keys can be kept secret, ensuring only the owners of the private keys can decrypt content
and create digital signatures.
 The most widely used public-key cryptosystem is RSA (Rivest–Shamir–Adleman). The
difficulty of finding the prime factors of a composite number is the backbone of RSA.
Example:
Public keys of every user are present in the Public key Register. If B wants to send a
confidential message to C, then B encrypt the message using C Public key. When C
receives the message from B then C can decrypt it using its own Private key. No other
recipient other than C can decrypt the message because only C know C’s private key.

Components of Public Key Encryption:

 Plain Text:
This is the message which is readable or understandable. This message is given to the
Encryption algorithm as an input.
 Cipher Text:
The cipher text is produced as an output of Encryption algorithm. We cannot simply
understand this message.
 Encryption Algorithm:
The encryption algorithm is used to convert plain text into cipher text.
 Decryption Algorithm:
It accepts the cipher text as input and the matching key (Private Key or Public key) and
produces the original plain text
  Public and Private Key:
One key either Private key (Secret key) or Public Key (known to everyone) is used for
encryption and other is used for decryption

Weakness of the Public Key Encryption:

 Public key Encryption is vulnerable to Brute-force attack.
 This algorithm also fails when the user lost his private key, then the Public key Encryption
becomes the most vulnerable algorithm.
 Public Key Encryption also is weak towards man in the middle attack. In this attack a third
party can disrupt the public key communication and then modify the public keys.
 If user private key used for certificate creation higher in the PKI(Public Key Infrastructure)
server hierarchy is compromised, or accidentally disclosed, then a “man-in-the-middle
attack” is also possible, making any subordinate certificate wholly insecure. This is also
the weakness of Public key Encryption.
Applications:
 Confidentiality can be achieved using Public Key Encryption. In this the Plain text is
encrypted using receiver public key. This will ensures that no one other than receiver
private key can decrypt the cipher text.
 Digital signature is for senders authentication purpose. In this sender encrypt the plain text
using his own private key. This step will make sure the authentication of the sender
because receiver can decrypt the cipher text using senders pubic key only.
 This algorithm can use in both Key-management and securely transmission of data.

Difference between Private key and Public key

Cryptography is the science of secret writing with the intention of keeping the data
secret. Cryptography is classified into symmetric cryptography, asymmetric
cryptography and hashing.
Private Key:
In Private key, the same key (secret key) is used for encryption and decryption. In this
key is symmetric because the only key is copy or share by another party to decrypt the
cipher text. It is faster than the public key cryptography.
Public Key:
In Public key, two keys are used one key is used for encryption and another key is used
for decryption. One key (public key) is used for encrypt the plain text to convert it into
cipher text and another key (private key) is used by receiver to decrypt the cipher text to
read the message.
Now, we see the difference between them:

S.NO PRIVATE KEY PUBLIC KEY

1. Private key is faster than public It is slower than private key.

 key.

In public key cryptography, two keys

In this, the same key (secret key) are used, one key is used for

and algorithm is used to encrypt encryption and while the other is used

2. and decrypt the message. for decryption.

In private key cryptography, the In public key cryptography, one of the

3. key is kept as a secret. two keys is kept as a secret.

Private key

is Symmetrical because there is Public key is Asymmetrical because

only one key that is called secret there are two types of key: private and

4. key. public key.

In this cryptography, sender and In this cryptography, sender and

receiver need to share the same receiver does not need to share the

5. key. same key.

In this cryptography, the key is In this cryptography, public key can be

6. private. public and private key is private.

Introduction of Firewall in Computer Network

A firewall is a network security device, either hardware or software-based, which
monitors all incoming and outgoing traffic and based on a defined set of security rules it
accepts, rejects or drops that specific traffic.
Accept : allow the traffic
Reject : block the traffic but reply with an “unreachable error”
Drop : block the traffic with no reply
A firewall establishes a barrier between secured internal networks and outside untrusted
network, such as the Internet.

History and Need for Firewall

Before Firewalls, network security was performed by Access Control Lists (ACLs)
residing on routers. ACLs are rules that determine whether network access should be
granted or denied to specific IP address.
But ACLs cannot determine the nature of the packet it is blocking. Also, ACL alone does
not have the capacity to keep threats out of the network. Hence, the Firewall was
introduced.
Connectivity to the Internet is no longer optional for organizations. However, accessing
the Internet provides benefits to the organization; it also enables the outside world to
interact with the internal network of the organization. This creates a threat to the
organization. In order to secure the internal network from unauthorized traffic, we need
a Firewall.
How Firewall Works
Firewall match the network traffic against the rule set defined in its table. Once the rule
is matched, associate action is applied to the network traffic. For example, Rules are
defined as any employee from HR department cannot access the data from code server
and at the same time another rule is defined like system administrator can access the
data from both HR and technical department. Rules can be defined on the firewall
based on the necessity and security policies of the organization.
From the perspective of a server, network traffic can be either outgoing or incoming.
Firewall maintains a distinct set of rules for both the cases. Mostly the outgoing traffic,
originated from the server itself, allowed to pass. Still, setting a rule on outgoing traffic is
always better in order to achieve more security and prevent unwanted communication.
Incoming traffic is treated differently. Most traffic which reaches on the firewall is one of
these three major Transport Layer protocols- TCP, UDP or ICMP. All these types have
a source address and destination address. Also, TCP and UDP have port numbers.
ICMP uses type code instead of port number which identifies purpose of that packet.
Default policy: It is very difficult to explicitly cover every possible rule on the firewall.
For this reason, the firewall must always have a default policy. Default policy only
consists of action (accept, reject or drop).
Suppose no rule is defined about SSH connection to the server on the firewall. So, it will
follow the default policy. If default policy on the firewall is set to accept, then any
computer outside of your office can establish an SSH connection to the server.
Therefore, setting default policy as drop (or reject) is always a good practice.
Generation of Firewall
Firewalls can be categorized based on its generation.
1. First Generation- Packet Filtering Firewall : Packet filtering firewall is used to
control network access by monitoring outgoing and incoming packet and allowing
them to pass or stop based on source and destination IP address, protocols and
ports. It analyses traffic at the transport protocol layer (but mainly uses first 3
layers).
Packet firewalls treat each packet in isolation. They have no ability to tell whether a
packet is part of an existing stream of traffic. Only It can allow or deny the packets
based on unique packet headers.

Packet filtering firewall maintains a filtering table which decides whether the packet
will be forwarded or discarded. From the given filtering table, the packets will be
Filtered according to following rules:
1. Incoming packets from network 192.168.21.0 are blocked.
2. Incoming packets destined for internal TELNET server (port 23) are blocked.
3. Incoming packets destined for host 192.168.21.3 are blocked.
4. All well-known services to the network 192.168.21.0 are allowed.
2. Second Generation- Stateful Inspection Firewall : Stateful firewalls (performs
Stateful Packet Inspection) are able to determine the connection state of packet,
unlike Packet filtering firewall, which makes it more efficient. It keeps track of the
state of networks connection travelling across it, such as TCP streams. So the
filtering decisions would not only be based on defined rules, but also on packet’s
history in the state table.
3. Third Generation- Application Layer Firewall : Application layer firewall can
inspect and filter the packets on any OSI layer, up to the application layer. It has
the ability to block specific content, also recognize when certain application and
protocols (like HTTP, FTP) are being misused.
In other words, Application layer firewalls are hosts that run proxy servers. A proxy
firewall prevents the direct connection between either side of the firewall, each
 packet has to pass through the proxy. It can allow or block the traffic based on
predefined rules.
Note: Application layer firewalls can also be used as Network Address
Translator(NAT).
4. Next Generation Firewalls (NGFW) : Next Generation Firewalls are being
deployed these days to stop modern security breaches like advance malware
attacks and application-layer attacks. NGFW consists of Deep Packet Inspection,
Application Inspection, SSL/SSH inspection and many functionalities to protect the
network from these modern threats.
Types of Firewall
Firewalls are generally of two types: Host-based and Network-based.
1. Host- based Firewalls : Host-based firewall is installed on each network node
which controls each incoming and outgoing packet. It is a software application or
suite of applications, comes as a part of the operating system. Host-based firewalls
are needed because network firewalls cannot provide protection inside a trusted
network. Host firewall protects each host from attacks and unauthorized access.
2. Network-based Firewalls : Network firewall function on network level. In other
words, these firewalls filter all incoming and outgoing traffic across the network. It
protects the internal network by filtering the traffic using rules defined on the
firewall. A Network firewall might have two or more network interface cards (NICs).
A network-based firewall is usually a dedicated system with proprietary software
installed.