Introduction (chapter 1)

Computer networks
A computer network is a collection of computers that are able to exchange information.
Computer networks are layers of software, each layer is called middleware.

Goals
Goals of computer networks:
• Resource sharing (making programs available to anyone on the internet)
• Communication (email, VoIP, etc)
• eCommerce (Webshops)

Forms
Forms of computer networks:
• Server-client model (client requests, server responds)
• Peer-to-peer model (requests and responses between computers, no server in between)

Network hardware
Types of transmission technology
• Broadcast: the communication channel is shared by all the machines in the network,
packets are sent by any machine, are received by all others machines in the network.
Each machine will check the address field of the incoming packet and only the target
machine will respond.
• Multicast: broadcast where multiple systems may respond to packets
• Point to point / unicast: to one specific machine, here finding good routes is important

Scale of networks

Personal area networks

Connecting with peripherals. E.g. Bluetooth
Local area networks
Connecting multiple computers with a switch. A switch is a device that has multiple ports
connecting to a number of computers. A switch sends incoming packets to the right computer
by analyzing the addresses in the packets. Large LANs can be created by using a number of
switches plugged into each other or using larger switches

Both wireless and wired networks can be divided into static and dynamic designs. A static
allocation would be dividing time into discrete intervals and give each connection a chance to
communicate using a round-robin algorithm. Dynamic allocations for a common channel are
either centralized or decentralized.

An example of a centralized dynamic allocation are cellular networks, where a base station
determines which phone can communicate next. Decentralized dynamic allocation just means
each device can determine by itself when it should transmit. More on this later.

Metropolitan area networks

Connecting computers in cities, but not really used anymore. Examples are city cable tv
networks

Wide area networks

Each computer is called a host, the rest of the network connecting to these hosts are called a
(communication) subnet

A wide area network consists of transmission lines (copper, fiberoptic) and switching elements
which are also commonly called routers.

This makes a WAN very similar to large LANs. The differences are:
• the hosts and subnet are owned by different people
• WAN routers will often connect different kinds of networks (ethernet, SONET, etc.)
• often an Internet Service Provider (ISP) builds and maintains these networks, and
customers connect to the ISPs network

Network scales
• Subnet: A collection of routers and communication lines owned by a network operator.
Does not include hosts themself.
• Network: subnet + hosts
• Internetwork: When distinct networks are interconnected.
• Gateway: connects two different networks, to create an internetwork

Network software
Network hierarchy
Each layer in the network stack acts like it's talking to the same layer on another machine. In
reality only the lowest, physical layer actually is.

Each layer adds some extra information (i.e. headers) to the sent data so it can be decoded
again on the other end. In each layer errors can occur, so the lower you get, the more error
correcting mechanisms should be present. This is difficult as error correcting codes also add
overhead so sometimes its most useful to just be able to detect errors and resend data.

Layers can offer two different types of service:

• when a layer is connection-oriented one can compare it to a telephone, where the
sender dials up the receiver and when there is a connection it sends data. While
connecting, connection parameters can be negotiated.
• a connectionless layer is modeled after a postal system. Each message carries the full
destination address and is routed through the network independent of all other
messages.
• unacknowleged (unreliable) connectionless services are often called datagram services.

Store and forward switching: each intermediate node waits until it received a full message
before sending it to the next node
Cut through switching: the retransmission of a message is started before it is fully received

Message sequence: each message has a clear boundary and when two messages are sent
they arrive as two distinct messages.
Byte streams: there are no clear boundaries. When a message is received there is no way to tell
if they were sent as two separate messages, or as one large message.

Some applications like file transfer rely on stable connections where messages are always
received correctly in the right order without errors. Other applications like VoIP do not require
this and actually benefit from not having it as the overhead would be unacceptable.

Services
A service is formally specified by a set of primitives (operations) available to user process to
access the service. The difference between a service and a protocol is that a service is a set of
primitives that a layer provides to a layer above it. A protocol is a set of rules governing the
format and meaning of messages.

Network layers
OSI
The OSI reference model
In OSI there are 7 layers according to the following rules:
• a layer should be created when a different abstraction is needed
• each layer should perform a well defined function
 • the function of each layer should be chosen with an eye toward defining internationally
standardized protocols
• the layer boundaries should be chosen to minimize the information flow across the
interfaces
• the number of layers should be large enough that distinct functions need not be thrown
together in the same layer out of necessity and small enough that the architecture does
not become unwieldy

The OSI reference model's layers are

• Layer 1: Physical transmit raw bits (e.g. DSL/ISDN), copper cables
• Layer 2: Data link breaks data up in frames to be transmitted. Detects many
transmission errors (e.g. Ethernet/WLAN). A sublayer of this is the Medium Access
Control Layer
• Layer 3: Network controls operation of the subnet. Determines routing of packets (e.g.
IP/ICMP), how do we get a packet from A to B?
• Layer 4: Transport Splits up large amounts of data in to smaller units. This is the first
layer that is truly end to end. The layers below are between machines and can have many
intermediate machines like routers (e.g. TCP/UDP). You might have to interact with the
transport layer when writing an application (for video streams you might interact with the
transport layer to make sure it doesn't resend frames that didn't arrive)
• Layer 5: Session Allows users on different machines to control dialog, do token
management and synchronizing data. This includes checkpointing long transmissions
so in the event of a system crash the transmission can continue
• Layer 6: Presentation Concerned with syntax and semantics of the transmitted data.
Allows high level data structures to be serialized and transmitted.
• Layer 7: Application High level protocols (e.g. browsers, FTP, HTTP, Telnet)

Critiques of OSI
• Bad timing: when OSI came around, companies did not want to support both OSI and
TCP/IP. This meant that every company was waiting for every other company to support
OSI first.
• Bad technology: some layers in OSI are almost empty (session, presentation) and this
makes it pretty inefficient.
• Bad implementations: this got OSI to be associated with poor quality.

TCP/IP
The TCP/IP model skips a few layers of the OSI model. It uses the following layers
• Layer 1: Network interface the OSI data link and physical layers
• Layer 2: Internet the OSI network layer
• Layer 3: Transport the OSI transport layer
• Layer 4: Application the OSI session, presentation and application layers

Critiques of TCP/IP
Mostly that it does not clearly distinguish the concepts of services, interfaces and protocols.

Network standardization
De facto: standards established by their wide usage like HTTP, WWW etc.
De Jure (by law): made by treaties between countries and some organisations like ITU, ISO,
IETF, IEEE

Some de facto standards evolve to be de jure. This is the case with HTTP which was quickly
picked up by IETF.

Example networks
The internet
Not really a network at all, but a huge collection of different networks.

The ARPANET
One of the first internets by the US Department of Defense

NSFNET
Mostly a followup of ARPANET

Architecture of the internet

A common way to connect to an ISP is to use the phone line to a house.
• DSL (digital subscriber line) is a system that reuses the phone line for data transmission.
You need a (DSL) modem to interpret the signals. At first dial up modems were used but
these are rare nowadays.
• More and more you see FTTH (fibre to the home) which is a specialized fiberglass
network for internet access.

Either way, you connect to your ISP's IXPs (internet exchange point). One of the largest is the
Amsterdam Internet Exchange.

Mobile phone networks

• AMPS (Advanced mobile phone system) is the first generation of large scale wireless
communication networks for mobile phones
• GSM (Global system for mobile communications) is the second generation of this which
is still the most widely used. It has been upgraded to 2G, 3G and 4G.
• Wireless LAN and IEEE 802.11: also called WIFI. Uses access points to emit radio waves
around a specific frequency to allow devices to communicate to the internet. Ad hoc
networks are networks directly between two computers without an access point. (i.e. Wifi
hotspots)
• RFID:
• Passive: no power source is present. Read only.
• Active: a power source is present. Can change it's transmission and read other
tags.
• RFID is used to network small everyday objects that are close together.
Data Link Layer (chapter 3)

Data link layer

The data link layer uses the services of the physical layer to send and receive bits over
communication channels. It has a number of functions, including:
1. Providing a well-defined service interface to the network layer
2. Handles transmission errors
3. Regulating the flow of data so that slow receivers are not swamped by fast senders

The data link layer adds a header and a trailer to the packets received from the network layer.

Services
• Unacknowledged connectionless services
• The server doesn't acknowledge retrieval of frame
• Frame is sent with no connection / error recovery
• Good when error rate is very low
• Acknowledged connectionless services
• The server does acknowledge retrieval of frame
• Frame is re-transmitted if needed
• Can be very expensive, but for wireless connections it's worth it
• Acknowledged connection-oriented service
• Connection is established
• Makes sure each frame is received in the right order, exactly one
• Rare, only used for very unreliable connections

Framing methods
These methods take care of turning bits (from the physical layer) into frames.

In appendix A you'll find images illustrating these methods.

Byte count: Frames start with the length of the frame to interpret them. Very error prone, since a
single error will result in an invalid interpretation of the next frames which will cause errors
upstream.

Byte stuffing: Use a flag byte to indicate the start and end of a frame. However, this method is
also suboptimal as the flag might also become corrupted. A solution to this problem is using
an escape byte, which escapes the flag byte. This might still cause problems though as the
escape sequence might be in the data too. This can be solved by escaping the escape
sequence (which can of course be very inefficient)

Bit stuffing: A disadvantage of byte stuffing is that it's tied to use of 8-bit bytes. Bit stuffing
(developed for the HDLC protocol) inserts a special bit pattern at the start and end of a frame.
When this bit pattern is 01111110, after 5 consecutive 1's, the sender's data link layer will add a 0,
as an escape bit. The receiver's data link layer fixes this by destuffing.

For safety, a combination of these methods is often used.

Flow control
To prevent data being sent to the receiver too quickly, there are two flow control methods
• Feedback-based flow control: the receiver sends information to the sender giving it
permission to send more data or tell it how the receiver is doing
• Rate-based flow control: the protocol has a built-in mechanism to limit transfer rate

Error detection and error correction

There is a distinction between error detection codes and error correction codes (FEC, Forward
Error Correction). The former is used in highly reliable channels, because you just resend a
faulty block. The latter is used when there are many errors, by adding redundancy to the block.

General idea
Error correcting codes add redundancy to the information that is sent. A frame consists of m
data (message) bits and r redundant bits.
• In a block code, the r check bits are computed solely as a function of the m data bits
with which they are associated
• In a systematic code, the sent message contains both the m and r bits
• In a linear code, the r check bits are computed as a linear function of the m data bits. A
popular function for this is the XOR

An n-bit (n = m + r) unit containing the message and redundancy bits is referred to as a

codeword. The code rate is the fraction of the codeword that carries information that is not
redundant: mn

The general strategy for error correction and detection is that we have a number of "valid"
patterns
• Any data section is valid
• Not every codeword is valid
• The number of valid codewords is a very small subset of all possible bitstrings of length
n, so it's impossible that a small number of errors can't change one legal pattern into
another legal pattern
• Price to pay: lots of extra check bits
• Up to a certain error rate we can detect and correct the errors, above that rate it's not
usable.

Error correcting codes

Basic idea: if illegal pattern, find the legal pattern closest to it. That might be the original data
(before errors corrupted it).

Given two bitstrings, XOR gives you the number of bits that are different. This is the Hamming
distance. If two codewords are Hamming distance d apart, it will take d one-bit errors to
convert one into the other.
• To detect (but not correct) up to d errors per length n, you need a coding scheme where
codewords are at least d + 1 apart in Hamming distance. Then d errors can't change into
another legal code, so we know there's been an error.
• To correct d errors, need codewords 2d + 1 apart. Then even with d errors, bitstring will
be d away from original and d + 1 away from nearest legal code. Still closest to original.
Original can be reconstructed.

Hamming Codes
We send parity bits in the locations 2n , where n = 0, 1, … n. Thus if you for example have a 7
bit hamming code, you have parity bits in the first, second and fourth place (called a 11,7
Hamming Code, 7 data bits with 4 check bits). The other bits are data bits. Using Hamming
Codes
is the best theoretical way, where we choose our m and r bits such that (r + m + 1) ≤ 2r

Each check bit checks a number of data bits and each check bit checks a different collection of
data bits. To see which check bits check a certain data bit in position k, rewrite k as a sum of
powers of 2, e.g. 11 = 1 + 2 + 8. Thus bit 11 is checked by bits 1, 2 and 8. This combination of
check bits ONLY checks bit 11.

Calculating Hamming Code

Each parity bit calculates the parity for some of the bits in the code words, depending on the
position of the parity bit, in the following sequence:
• Position 1: check 1 bit, skip 1 bit etc. 1, 3, 5, 7, …
• Position 2: check 2 bits, skip 2 bits etc. 2,  3,  6,  7,  10,  11, …
• Etc

In the case of even parity:

If the total number of ones in the checked positions is odd, the parity bit will become 1, else it
will be 0.

In the case of odd parity:

If the total number of ones in the checked positions is odd, the parity bit will be 0, else it will
become 1.

Checking and fixing works the same way. Check for every parity bit whether it's still correct, if
for example parity bit 1 and 4 are bad, data bit 5 is flipped.
Example
The data is 10011010. Marking with parity bits gives p1  p2  d3  p4  d5  d6  d7  p8  d9  d10  d11  d12 , for
convenience we'll notate it as _ _ 1 _ 0 0 1 _ 1 0 1 0

• Parity bit p1 is given by ? _ 1 _ 0 0 1 _ 1 0 1 0, where the red numbers are the numbers it
checks. There are 4 ones, even, so the parity bit becomes 0
• Parity bit p2 is given by 0 ? 1 _ 0 0 1 _ 1 0 1 0. There are 3 ones, uneven, so the parity bit
becomes 1
• Parity bit p4 is given by 0 1 1 ? 0 0 1 _ 1 0 1 0. There is 1 one, uneven, so the parity bit
becomes 1
• Parity bit p8 is given by 0 1 1 1 0 0 1 ? 1 0 1 0. There are 2 ones, even, so the parity bit
becomes 0

This gives the codeword 011100101010

Convolutional codes
Very complex, is used in wifi. Overview: a convolutional code operates on a stream of bits,
keeping internal state:
• Output stream is a function of all preceding input bits
• Bits are decoded with the Viterbi algorithm

Other codes
• Reed-Solomon codes
• Low-Density Parity Check codes

Error detecting codes

Parity
If we have a low error-rate channel, sending many correction bits is a waste of bandwidth. It's
quicker to just check and resend if needed.

By adding a parity bit to the end of the bitstring so that the amount of 1 bits is even can detect
single-bit flips. But if there are burst errors, multiple flipped bits after each other, the chance of it
being picked up is 12 (unacceptable). To improve upon this we can divide the bitstring into a
matrix of k × n, allowing us to detect k errors, as long as there is at most 1 error per row.

We can even further improve on this by using interleaving: computing the parity bits over the
data in a different order than the order in which the data bits are transmitted. We compute the
parity bits for the columns and send it as rows. Some longer burst errors still go undetected
though (burst error only means the first and last bits in a range a wrong, the others in between
might be correct)

Checksums
The word ‘‘checksum’’ is often used to mean a group of check bits associated with a message,
regardless of how are calculated. A checksum treats data as n-bit words and adds n checkbits
that are the modulo 2n sum of the words.

An example of a checksum is the Internet checksum, a sum of the message bits divided into
16-bit words. It is very efficient but it doesn't provide protection for deletion and addition of
zero data and for swapping parts of the messages.

A better choice is Fletcher's checksum, as it includes a positional component, adding the

product of the data and its position to the running sum.

Cyclic Redundancy Checks (CRC)

This is the technique which is in wide-spread use, its also known as a polynomial code (based
upon treating bit strings as representations of polynomials with coefficients of 0 and 1 only).
Thus a bitstring of 110001 represents the following polynomial: 1x5 + 1x4 + 0x3 + 0x2 +
0x1 + 1x0 .

Modulo 2 arithmetic
In modulo 2 arithmetic, addition = subtraction = XOR, so:
•0+0=0
•0+1=1
•1+0=1
•1+1=0

Multiplication:
•0⋅0=0
•0⋅1=0
•1⋅0=0
•1⋅1=1

Long division is as normal, except the subtraction is modulo 2.

Examples
110010 ⋅ 1000 = (x5 + x4 + x) ⋅ x3 = x8 + x7 + x4 = 110010000

Algorithm
If this method is employed, the sender and receiver must agree upon a generator polynomial
G (x) in advance. Here, M (x) is the polynomial obtained from the m data bits. The idea is to
append a CRC in such a way that the checksummed frame is divisible by G (x), if there is a
remainder, there has been a transmission error.
1. Let r be the degree of G (x). Append r zero bits to the low-order end of the frame so it
now contains m + r bits and corresponds to the polynomial xr M (x)
 2. Divide the bit string corresponding to G (x) into the bit string corresponding to
xr M (x), using modulo 2 division
3. Subtract the remainder (which is always r or fewer bits) from the bit string corresponding
to xr M (x) using modulo 2 subtraction. The result is the checksummed frame to be
transmitted. Call its polynomial T (x)

Example
Consider a message 1101011111 (x9 + x8 + x6 + x4 + x3 + x2 + x1 + x0 )
Consider a generating polynomial 10011 (x4 + x1 + x0 )

This is used to generate a 4 bit CRC = C (x) to be appended to M (x)

1. The degree r is x4 , so we multiply M (x) by x4 : 11010111110000 (add 4 zeros)
2. Divide the result by G (x), the remainder is C (x). We do 100111101 long division into
11010111110000:

3. We add the remainder (10) to x4 M (x), giving the frame 11010111110010. Using this we
can detect all burst errors of length ≤ r
Data Link Protocols
Here, we assume that machine A wants to send a long stream of data to machine B using a
reliable connection-oriented service. A is assumed to have an infinite supply of data ready to
send and never has to wait for data to be produced. We also assume that machines do not
crash. Moreover, we assume that there are appropriate physical layer library functions available
like to physical layer and from physical layer. Checksums are computed and appended by the
transmitting hardware.

Initially, a receiver waits for an event to happen. Event types differ per protocol. As soon as the
receiving data link layer acquires an undamaged frames, it checks the control information in the
header, and if everything is all right, it passes the packet portion to the network layer. A frame
header is under no circumstances ever given to a network layer!

Very generally, a frame header consists of a few control fields: kind (only header or also data),
seq (used to keep frams apart), and ack (acknowledgements). There is also an info field, which
contains the packet itself. It is important that one realizes that a frame is just a packet with a
header attached to it. Protocols need to take notion of complete packet loss too, and thus
need some sort of timing mechanism.

Utopian Simplex
The Simplex Protocol is very simple, data can be transmitted in one direction only, both the
transmitting and receiving network layers are always ready, processing time can be ignored,
infinite buffer space is always available, and the channel between the data link layers never
damages or loses frames. The sender just infinitely pumps packets to the physical layer; the
receiver just waits for a frame to arrive.

The sender is continuously doing the following:

• Fetch a packet from the network layer
• Construct an outbound frame using the variable s
• Send the frame. Only the info field is used by this protocol

The receiver is also simple:

• It waits for something to happen (an undamaged frame arrives)
• The frame arrives and it removes the frame headers and moves it to the network layer

Error-Free Channel
Now we will improve upon the Simplex protocol by preventing the sender from flooding the
receiver with frames faster than the latter is able to process them. A way to do this is by sending
a dummy packet to the sender after passing the packet to the network layer. The sender can
only send the next frame after receiving this dummy frame. This is called stop-and-wait.

Though this is still simplex, frames do have to travel in both directions.

Noisy Channel
The next step in improving upon the Simplex protocol is by handling errors. Frames may be
either damaged or lost completely. However, we assume that if a frame is damaged in transit,
the receiver hardware will detect this when it computes the checksum. We could just add a
timer and wait for acknowledgement (which only comes when the frame is valid, resend if
invalid), but this has a fatal flaw: what if the data was received correctly, but the
acknowledgement isn't? Then duplicate frames are sent.

Thus the receiver has to distinguish frames so that it can detect re-transmitted frames. We can
just use a 1-bit sequence because we just have to distinguish with the previous frame. These
kinds of protocols are called ARQ (Automatic Repeat reQuest) or PAR (Positive
Acknowledgement with Retransmission). Some pseudocode:

Sender
if event is timeout:
loop around, send this event again
else:
if ack is next_frame_to_send:
set up next frame, loop round, send
else:
loop round, send again

Receiver
let frame_expected = m
if frame is m:
pass to network layer
frame_expected = m + 1
ack m
wait for m+1
else:
# didn't get m, but m-1
ack m-1
wait for m

Sliding Window Protocols

In the previously mentioned protocols, we only had one-way data transfer, which should be 2-
way (full-duplex).

One way of achieving that is by running two instances of one of those protocols, each on a
separate link for simplex data traffic (a "forward" and "reverse" channel). Though this is bad, we
should use the same link for both directions. This can be done by looking at the kind field in
the header of an incoming frame, to distinguish between acknowledgements and actual data.
Upon receiving the data, the receiver waits a bit, sending the acknowledgement together with
the outgoing data frame (piggybacking), making better use of bandwidth.

This has some complications though. For how long to wait? Which frame will it piggyback?
Using a sliding window protocol (in which frames have sequence numbers from 0 to a
maximum of 2n − 1), the sender maintains a set of sequence numbers corresponding to
frames it is permitted to send. These frames are said to fall within the sending window
(containing frames sent-but-no-ack and not-yet-sent). When a new packet from the network
layer comes in, it is given the highest sequence number and then the upper edge of the
sending windows is increased by 1. When an ack comes in, the lower bound is increased by 1.

Similarly, the receiver also maintains a receiving window corresponding to the set of frames it is
permitted to accept

One-bit sliding window

The easiest case is the 1-bit sliding window. This uses stop-and-wait since the sender transmits
a frame and waits for acknowledgements. The acknowledgement field contains the number of
the last frame received without errors. If this number agrees with the sequence number of the
frame the sender is trying to send, the sender knows it is done with the frame stored in buffer
and can fetch the next packet from its network layer. If the sequence number disagrees, it must
continue trying to send the same frame. Whenever a frame is received, a frame is also sent
back.

A problem occurs when both A and B send the first frame simultaneously:
• Imagine A's timeout is too short. A repeatedly times out and sends multiple copies to B ,
all with seq=0, ack=1.
• When first one of these gets to B , it is accepted. Set expected=1. B sends its frame,
seq=0, ack=0.
• All subsequent copies of A's frame rejected since seq=0 not equal to expected. All
these also have ack=1.
• B repeatedly sends its frame, seq=0, ack=0. But A is not getting it because it is timing
out too soon.
• Eventually, A gets one of these frames. A has its ack now (and B 's frame). A sends next
frame and acks B 's frame.
• Conclusion: Could get wasted time, but provided a frame can eventually make it
through, no infinite loop, and no duplicate packets to Network layer. Process will
complete.
Go-Back-N
As there might be a big delay in sending frames and the retrieval of the acknowledgement, it
could be helpful to send multiple frames at the same time before actually waiting for
acknowledgement (pipelining). This might even make it possible to continuously send frames
without any blocking.

We need to know how many frames w we can send, if we want to maximize throughput, w =
2BD + 1 where B is the bandwidth and D is the delay (where BD is called the bandwidth-
delay product). This means w frames are sent before an ack is received.

When errors occur, we need to handle them gracefully, there could be 5 wrong frames
received, but the frames received after those 5 might still be correct. But we still need to pass
the packets in the right order to the network layer. A possibility is to resend all frames starting
from the frame where an error occurred (meaning that all frames without ack should stay in the
sender's buffer). The problem with this is that with a bad connection, many frames will have to
be resent.

Selective repeat
Another option for pipelining is selective repeat. When it is used, a bad frame that is received is
discarded, but any good frames received after it are accepted and buffered. When the sender
times out, only the oldest unacknowledged frame is retransmitted. This approach can require
large amounts of data link layer memory if the window is large. When an acknowledgement for
frame n comes in, frames n − 1,  n − 2,  … are automatically acknowledged (cumulative
acknowledgement)
This is often combined with having the receiver send a negative acknowledgment (NAK) when
it detects an error (e.g. wrong checksum or out of sequence frame). This stimulates
retransmission before the sender’s timer runs out.

If we set aside n bits for frame numbers, it means we will start over when all bits are 1. This can
cause problems. Consider the following (where n = 3, so a sequence of 8 frames):
• The windows of both A and B are 0 … 6
• A transmits frames 0 … 6
• B receives them properly, acks them and sends the packets to the network layer. It also
moves its window to 7,  0,  … ,  5 (because the sequence wraps around)
• Acks are lost
• A retransmits original 0
• B thinks of this 0 as a new batch, but he hasn't seen 7 yet so he (again) acks up to 6
• A receives ack=6 so it figures the entire old batch got through
• A advances the window and transmits 7,  0,  … ,  5
• 7 gets accepted by B which then passes the new 7 to the network layer. It also sends
the buffered 0 (which is the old version, wrong!)

A solution to this is limiting the maximum window size to (n + 1) /2

Appendix
A
Byte count

Byte stuffing
Bit stuffing

Credits
1. https://www.computing.dcu.ie/~Humphrys/Notes/Networks/data.error.html
2. https://www.studocu.com/en/document/technische-universiteit-delft/computer-
networks/summaries/computer-networks-summary/30238/view
Medium Access Control Sublayer (chapter 4)
The Medium Access Control Sublayer (MAC) is the layer that is responsible for deciding who
can use the communication channel. It’s part of the data link layer. It makes sure that people are
not talking over each other.

In any broadcast network, the key issue is how to determine who gets to use the channel when
there is competition for it. When only a single channel is available (as is the case with LAN), it is
hard to determine the order of who should go.

The channel allocation problem

The central theme of this chapter is how to allocate a single broadcast channel among
competing users. The channel may be anything that connects each user to all other users and
any user who makes full use of the channel interferes with other users who also wish to use the
channel.

Static channel allocation

The traditional way of allocating a single channel for N users is to divide the bandwidth into N
portions one way. This can be done is splitting the frequency of the channel so that each user
has its own frequency band. With only a few users and a steady data stream for each of them
this division is simple and efficient. An example of where this is done is FM radio stations.
However when the number of uses is large and/or the traffic is bursty this way of allocating falls
short. As all users take up a part of the bandwidth they may not necessarily use and which also
could be too small to be useful.

Dynamic allocation
Some assumptions:
1. Independent traffic: traffic from node A is unrelated to that from node B
2. Single channel: there is only one channel/link over which communication takes place
3. Observable collisions: if two frames collide it can be detected
4. Continuous or slotted time
5. Carrier sense or no carrier sense: nodes can detect if the channel is in use

Multiple Access Protocols

A comparison of the various Multiple Access Protocols can be found under Appendix A

ALOHA Protocol
In pure ALOHA, users transmit frames whenever they have data; if a collision occurs, users retry
after a random delay.

Collisions in ALOHA
The vulnerable period is equal to two times the duration of a transmission. A transmission
between two packets can cause multiple collisions. The main limitation of ALOHA is that it is
non-scalable, the more devices, the more collisions.

Slotted ALOHA
Packets can only be transmitted in certain time slots so multiple collisions can no longer occur.
This method is twice as efficient as normal ALOHA. The best utilization that can be achieved is
1
e
.

On the following image, the messages marked in red have to be re-transmitted:

Carrier Sense Multiple Access Protocols (CSMA)

Senders detect (sense) if the channel is in use

Protocols that apply CSMA:

1. 1-persistent: Wait for idle, then send. Often ends in collisions as people will start sending
as soon as the network is available
2. Non persistent: If busy wait for random amount of time try again. Results in larger delays
when sending, but higher channel utilization
3. p-persistent: Keeps waiting until free and then sends with probability p. Else, wait for next
slot

We see that being greedy gives good performance under low load. Being generous gives
good performance under high load.

CSMA with collision detection (CSMA/CD)

When a collision is detected we abort (similar to slotted ALOHA). We then have a contention
period to make sure it is safe to send new data. Try and reduce this as much as possible to
increase throughput. After this we have an idle period when all stations are quiet (because they
have nothing to send). Illustrated here:
Collision free protocols
The basic bit-map protocol
A contention period is split in n parts (where n is the amount of nodes). Each node sends a 1
bit during its own slot in the contention period if it wants to send. After that, they begin
transmitting frames in numerical order and then repeat.
This thus has 1 bit overhead per device on the network per transmission:

Token ring
Stations are connected in a circle, which does not need to be physical, can use the same wire.
When a station receives a token, it may send a packet and then passes the token to the next
station. Similar performance as a bit-map.

Binary countdown
Binary countdown protocol is used to overcome the overhead 1 bit per binary station. In binary
countdown, binary station addresses are used. A station wanting to use the channel broadcast
its address as binary bit string starting with the high order bit. All addresses are assumed of the
same length. Here, we will see the example to illustrate the working of the binary countdown.
Wireless LAN
We will look at 802.11 (WiFi) specifically. Some notable properties:
• Some stations might not be able to talk to others (hidden terminals), because of the
limited range.
• Nodes cannot detect collisions while sending (can't talk and listen at the same time).

Hidden terminal problem: The hidden terminals may cause a station to not be able to detect a
potential competitor
Exposed terminals: The exposed terminal problem is when two receivers are out of range of
each other yet two transmitters are in range of each other. This will lead to the two transmitters
thinking they will interfere with the transmission to the other receiver and waiting to send when
in actuality they wouldn't interfere.

Multiple Access with Collision Avoidance (MACA)

Solving the hidden node problem and the exposed node problem. The basic idea behind it is
for the sender to stimulate the receiver into outputting a short frame, so stations nearby can
detect this transmission and avoid transmitting for the duration of the upcoming (large) data
frame. This technique is used instead of carrier sense.

It works the following way:

• The sender (A) first sends a short Request To Send packet (RTS). This is a 30 bytes frame
containing the length of the to be sent frame
• B replies with a Clear To Send (CTS). If A receives CTS, it begins transmission.

Some properties:
• Any station that hears RTS should remain silent to avoid conflict with CTS.
• Any station that hears CTS, must remain silent until the entire transmission is done.
• Frames contain frame lengths, so that anyone listening knows how long it will take
It can still go wrong, for example if 2 stations send RTS at the same time. In that case, wait a
random amount of time and try again.

We'll use this image as illustration.

Ethernet
Classic Ethernet

Ethernet frame format

Preamble
The preamble contains the bit pattern 10101010 seven times and ends with the pattern
10101011. That last pattern is called the start of the frame (for 802.3) and it tells the receiver
when to expect the frame.

Destination address / source address

The first bit of the destination is a 0 for a single device and a 1 for multiple devices. An address
with all 1s is for broadcasting (see this). Addresses are unique, 48 bits, and assigned by IEEE.
The first 3 bytes are assigned to a manufacturer (OUI, Organizationally Unique Identifier), the
second 3 bytes are to be decided by each manufacturer.

Type/length field
Next comes the type or length field, depending on whether this is Ethernet or IEEE 802.3.

Ethernet uses type to tell the receiver which protocol is contained in the data. Multiple network
layer protocols can be in use at the same time on a machine and so it needs to know to which
it has to hand the frame, this is thus specified by this type field.

IEEE 802.3 provides the length of the data instead, because looking inside the frame for length
was considered a layering violation. The protocol is transferred within the data using an
additional Logical Link Control (LLC) layer. The current rule is that any number less than 0x600
is interpreted as a length, while any number bigger than 0x600 is interpreted as a type.

Data
Now the data which has a maximum length of 1500 bytes, this was chosen because the
receiver had to have the frame in memory and memory was quite expensive at the time.

Padding
Ethernet requires a minimum length of 64 bytes and the padding field is used if the data is less
than that.

This is done to distinguish valid frames from garbage (garbage can happen on the cable
whenever collisions occur). More importantly, it is used to prevent a station from completing
the transmission of a short frame before the first bit has even reached the far end of the cable
where it may collide. Otherwise it could miss a collision and think the data was sent
successfully while in actuality it wasn't. We'll illustrate the problem with the figure below

• At time 0, station A, at one end of the network, sends off a frame. Let us call the
propagation time for this frame to reach the other end τ
• Just before the frame gets to the other end (i.e., at time τ − ϵ), the most distant station, B
, starts transmitting
• When B detects that it is receiving more power than it is putting out, it knows that a
collision has occurred, so it aborts its transmission and generates a 48-bit noise burst to
warn all other stations. In other words, it jams the ether to make sure the sender does not
miss the collision.
 • At about time 2τ , the sender sees the noise burst and aborts its transmission, too. It then
waits a random time before trying again.

If a station tries to transmit a very short frame, it is conceivable that a collision will occur, but the
transmission will have completed before the noise burst gets back to the station at 2τ . The
sender will then incorrectly conclude that the frame was successfully sent. To prevent this
situation from occurring, all frames must take more than 2τ to send so that the transmission is
still taking place when the noise burst gets back to the sender.

Checksum
The final field is a 32-bit CRC checksum just used for error detection and thus to know when to
drop the frame.

CSMA/CD with BEB

After i collisions, a random number between 0 and 2i−1 slots is skipped. This is called binary
exponential back-off.

Channel utilization: being greedy is good with low load and being generous gives good
performance under high load

Switched Ethernet
Hub
Ethernet slowly moved away from a single cable architecture towards one were each computer
has got it's own dedicated cable running to a central hub. A hub simply connects a cables
together as if they were soldered together. Because twisted copper pairs were already the
norm for telephone cables the same type of cables were used for Ethernet.

A disadvantage of the hub is that because it is equivalent to one big ethernet cable the
maximum capacity does not increase. Due to technology advancing higher capacity was
needed.

Switched
The solution to this increased load was switched Ethernet. The heart of this is system is a
switch which contains a high speed backplane connecting all the ports. From the outside a
switch is similar to a hub and has the same advantages of being easy to use.

Inside the switch things differ greatly from a hub however. Switches only output frames to ports
for which those frames are destined. When a switch port receives an Ethernet frame from a
station the switch checks for which address the frame is destined and sends it the
corresponding port.

Advantages of switches:
• Increases speed of network
 • All connections have different collision domains, thus having no collisions anymore.
• If the cable of full duplex, a station and the switch can send a packet at the same time, no
problem, otherwise if half duplex, use a regular CSMA protocol.
• A switch can send multiple frames simultaneously. However since two frames might be
sent to the same output port at the same time the switch has to buffer these frames
• The traffic is isolated, thus making it harder to spy on the network (though encryption is
still the preferred way)

802.11 (WiFi)
Architecture

Can be used in 2 different ways:

• Infrastructure mode, where the client uses an access point to send its packets. Several
access points may be connected together, typically by a wired network called a
distribution system
• Ad-hoc mode, a collection of computers that are associated and send frames to each
other, this is barely used

Protocols
The physical layer corresponds fairly well to the OSI physical layer but the data link layer in all
the 802 protocols is split into two or more sublayers. In 802.11 the MAC sublayer determines
how the channel is allocated. Above it is the Logical Link Control sublayer, whose job it is to
hide away (abstract) the difference of the multiple 802 variants. These days LLC is a glue layer
that identifies the protocol that is carried within a 802.11 frame.

MAC sub-layer
Radios are nearly always half duplex. This is due to the fact that the receiving signal can easily
be a million times weaker than the transmitted signal, so it can't send and receive at the same
time. Stations cannot detect collision because you cannot detect the interference, and
therefore it relies on ACKs to determine if collision occurred, if no ACK is received we assume
the whole frame is lost. This is called DCF (Distributed Coordination Function). See this
example:
CSMA/CA
We use CSMA/CA (which is similar to Ethernet's CSMA/CD), with an exponential back-off and
collision avoidance.

Physical channel sensing

• Sense if the channel is in use
• If so wait for idle

Virtual channel Sensing

• Frames carry a Network Allocation Vector (NAV) which says how long the sequence of
which this frame is part will take to complete. The NAV mechanism keeps other stations
quiet only until the next acknowledgement
• Wait for end of transmission
• Optionally RTS/CTS is used to prevent terminals from sending frames at the same time
as hidden terminals.
• See the following image (D is out of range of the RTS, Request To Send):

CSMA/CA with physical and virtual sensing is at the core of 802.11 however, there are several
other mechanisms that have been developed to go with it. Each of these mechanisms was
driven by the needs of real operation, so we will look at them briefly.

Unreliability
In contrast to wired networks wireless networks are unreliable. The use of acknowledgements
and retransmissions is of little help if the probability if getting a frame through is small in the
first place.

The main strategy that is used to increase a successful transmission is to lower the
transmission rate. If too many frames are lost a station can lower its transmission rate on the
other side if frames are getting though with no to little loss the transmission rate can be
increased.

Another strategy to improve the chance of the frame getting though is through undamaged is
to send shorter frames. The probability of a shorter frame being damaged is a lot lower than
that of bigger frames so sometimes it's helpful to send more smaller frames as opposed to
fewer large ones. This can be implemented by reducing the maximum size of the message that
is accepted from the network layer.

Alternatively 802.11 allows frames to be split up in smaller pieces called fragments each with its
own checksum. The fragment size is not fixed and can be set by the AP depending on
conditions. The fragments are individually numbered and acknowledged using a stop-and-wait
protocol (i.e., the sender may not transmit fragment k + 1 until it has received the
acknowledgement for fragment k). Once the channel has been acquired, multiple fragments
are sent as a burst. They go one after the other with an acknowledgement (and possibly
retransmissions) in between, until either the whole frame has been successfully sent or the
transmission time reaches the maximum allowed.

Power
Battery life is always an issue with mobile wireless devices. The basic mechanism for saving
power builds upon beacon frames. These are periodic (every ~100 ms) broadcasts by the AP.
The frames advertise the presence of the AP to clients and carries some system parameters.

Clients can set a power-management bit in frames that they send to the AP to tell it they are
entering power-save mode. In this mode, the client can doze and the AP will buffer traffic
intended for it. To check for incoming traffic, the client wakes up for every beacon, and checks
a traffic map that is sent as part of the beacon. This map tells the client if there is buffered
traffic. If so, the client sends a poll message to the AP, which then sends the buffered traffic.
The client can then go back to sleep until the next beacon is sent.

Wifi frames
802.11 uses 3 different classes of frames: data, control and management. Each of these has a
header with a variety of fields used within the MAC sublayer.
Data frame:
• Frame control
• Version: Version number of the protocol, currently 00
• Type: Data, control or management. For regular data frames 10
• Subtype: E.g. RTS or CTS. For regular data frames 0000. See this
• To DS/From DS: Whether it is going to or from the networks connected to the AP
• More frag: More fragments will follow
• Retry: This is a retry from a previous try
• Pwr mgt: Indicates that sender is going into power management mode
• More data: More frames will follow
• Protected: Data is encrypted
• Order: Tells the receiver that the higher layer expects the frames strictly in order
• Duration: How long the frame and its ack will occupy the channel (in ms)
• Addresses: in IEEE 802 format (MAC address)
• Address 1: The direct recipient (the AP, often)
• Address 2: The sender
• Address 3: The final recipient
• Sequence: To avoid duplicates, sequence id. 4 bits for the fragment id and 12 that are
incremented each transmission.
• Data: The next protocol’s data. In the LLC format to detect the protocol.
• Check sequence: 32-bit CRC

Management frames are similar to data, but contain extra data that depends on the subtype.
Control frames are short and only have 1 address and no data. They do have frame control,
duration and check sequence fields.

Services
The 802.11 standard defines the services that the clients, the access points, and the network
connecting them must be a conformant wireless LAN. These services cluster into several
groups:
• Association service: For phones to connect to APs
• Reassociation service: For phones to change it’s preferred AP
• Disassociation service: Phones and AP can stop the connection.
 • Authentication service: Proof that you are allowed to connect, using WPA2

• Distribution service: Determines how to route packets that arrive at the AP

• Integration service: Handles any translation to send a packet over a different protocol
• Transmit power control service: Gives station information that it needs to meet
regulatory requirements on the power limit
• Dynamic frequency selection: To avoid the station from using the 5GHz service when it’s
not possible

Data Link Layer Switching

Ethernet switches bridge multiple networks together.

Learning bridges
A bridge accepts every frame that it receives, and must decide to which networks the frame
must be sent.

It uses backward learning:

• Create a hashtable of all IP’s and their subnetworks
• Listen on each subnetwork, by looking at the source addresses, they can see which
nodes are on which subnetwork
• Store time of last activity with each IP, purge entries that are inactive for a few minutes
• If we don’t know a certain IP, send it everywhere

The logic:
• If the destination subnetwork is the same as the source subnetwork, discard the packet
• If the destination subnetwork is different from the source subnetwork, send the packet
there
• If the destination subnetwork is unknown, send the packet everywhere (flooding)

We can start forwarding as soon as the header has come in, we don’t need to wait for the rest
of the packet. This is called cut-through switching.

Spanning tree bridges

We can create loops in our network to increase redundancy, but this will cause problems with
the previous protocol.

We will construct a spanning tree through the network.

• First, we need a root for the tree. Find the lowest mac address (since mac addresses are
unique)
• Next, a shortest path from each node to the root must be constructed. Each node finds
out it’s distance to the root, and chooses the smallest distance of it’s connections
 • The algorithm keeps running while the network is running, to adjust for topology
changes

Repeaters, hubs, bridges, switches, routers, and gateways

Repeaters: Get signal from one side, boost and clean it up, then re-send it on the other side.
Used to extend maximum cable length.
Hubs: Repeaters with multiple inputs and outputs.

Bridge: Connects two or more LANS, creates different collision domains

Switches: Modern bridges. Pretty much the same thing.
Routers: Frame headers are stripped off and the network layer is passed to the routing software.
Does not see MAC addresses.

Transport gateways: Used to connect two computers that use different connection-oriented
protocols.
Application gateways: Understands the pure data, and can change it into a different format. For
example, SMS to email.

Virtual LANs
Why does it matter who is on a LAN?
• Security, because some packets may only be intended for certain computers. Letting
some servers not be accessible from outside a LAN is a good thing.
 • Load, some networks are more loaded than others, in which case it might be useful to
separate them.
• Broadcast traffic, as the network size increases, packets that ask questions like “Who
owns IP address x?” increase.

Creating physical LAN’s for every logical structure is not always possible. Solution: Virtual LANs.
• Configure the switches such that they know which computer belongs to which VLAN
• Only allow communication between the same “colors” (VLANs are often named after
colors).
• Label each port with which colors are accessible via the port, for broadcast traffic, send
only to the port which is labeled with the color.

Packets need to contain which VLAN they belong to, so we keep track of that in the Ethernet
header. In the header we add a few fields before the the length field:
• VLAN protocol id: always the same value (0x8100), and is interpreted as type (2 bytes)
• Pri: priority, has nothing to do with VLAN, but as we're changing it anyway we add it (3
bits)
• CFI: kind of a controversial bit, now not really in use (1 bit)
• VLAN identifier: specifiying to which VLAN it belongs. 0x000 means no VLAN (12 bits)

Bridges need to be aware of VLANs to support them, though legacy bridges are still supported.
If the bridges are not VLAN aware, we just always send the packets there:

Appendix
A
Network Layer (chapter 5)
The network layer is concerned with routing packets from the source all the way to the
destination. The network layer is the lowest layer that deals with end-to-end transmission.
Bringing a packet from the source to the destination may require making intermediate hops in
between. To achieve this, it must know the topology of the network and choose the
appropriate path based on this.

Network layer design issues

This subsection will give a quick overview to the design issues, that had to be overcome when
designing this layer.

Store-and-Forward packet switching: We send the packet from node to node, at each node, we
store the entire packet, verify it’s checksum, and then it’s forwarded to the next router.

Services provided to the transport layer

The network layer has to provide services to the transport layer, while keeping the following
goals in mind:
1. The services should be independent of the router technology
2. The transport layer should be shielded from the number, type, and topology of the
routers present
3. The network addresses made available to the transport layer should use a uniform
numbering plan, even across LANs and WANs

Out of this resulted two kinds of services:

• End-to-end service / argument: Only primitives are SEND PACKET and RECEIVE
PACKET, each packet must contain entire address. No packet ordering or flow control.
• Connection-oriented: Should be reliable, useful for real-time traffic.

Implementation of connectionless service

Packets are dropped in individually and independently of each other. This is called datagram
network. Routers have tables with each possible address and their next destination. This table
is established using a routing algorithm.
Implementation of connection-oriented service
First, a path from the sender to the receiver is established (a virtual circuit). Each connection has
a unique identifier. If multiple connections from different “wires” have the same identifier, the
router can replace one of the numbers in the outgoing wire. (Label switching)

Comparison of Virtual-Circuit and Datagram Networks

Issue Datagram network Virtual-circuit network
Circuit
Not needed Required
setup
Each packet contains the full Each packet contains a short VC
Addressing
source and destination address number
State Routers do not hold state Each VC requires router table space
information information about connections per connection
Each packet is routed Route chosen when VC is set up; all
Routing
independently packets follow it
Effect of
None, except for packets lost All VCs that passed through the
router
during the crash failed router are terminated
failures
Quality of Easy if enough resources can be
Difficult
service allocated in advance for each VC
 Issue Datagram network Virtual-circuit network
Congestion Easy if enough resources ca be
Difficult
control allocated in advance for each VC

Routing algorithms
Routing: Filling in and updating routing tables
Forwarding: Handling each packet according to the routing table

Properties of routing algorithms:

Robustness: Must be able to handle routers going down, topology changes, etc, without
reboot.
Stability: Algorithm must reach equilibrium quickly and stay there.
Fairness: Each router must be granted a fair amount of traffic
Efficiency: Maximize total throughput. (Fairness and efficiency are often contradictory)

Types of routing:
Static routing: The path to each node is computed in advance and externally. Does not
respond to failures. For example: send all packets to the router with IP x
Dynamic router: Can respond to changes in topology, and changes in traffic.

Optimality principle
If router B is on the optimal path between A and C , then the optimal path from B to C is the
same route. As a direct consequence of this, the set of optimal routes from all sources to a
certain destination forms a sink tree. This is not necessarily unique, if we allow all equal length
paths to be chosen, we form a directed acyclic graph.

Algorithm: Shortest path

Assumes we know the structure of the entire network. Use Dijkstra’s shortest path algorithm,
given a weighted graph. We can determine the weight as the mean delay of a test packet, or
just set all weights to 1.

Algorithm: Flooding
We don’t need to know anything of the structure of the network. Extremely robust, as long as a
path exists, it will be found. A packet is sent out on every line except the one it came in on. Have
a hop counter in each packet and stop sending the packet if hop counter is 0. If we put a
sequence number on each packet, routers don’t send out the same packet twice. f a router
crashes, it loses track of sequence numbers and restarts at 0. So we need to include the age of
each packet and remove it from the sequence number from our cache if age reaches 0.
Effective for broadcast packets, very inefficient for a single destination.

Algorithm: Distance vector routing

Each router has a table with a best known distance to each address. Every so often, we ask as
neighbors for their tables, and we add the distance to each neighbor to their respective tables,
and then choose the minimum for each address. So if the distance metric is hops, just add 1.
This has the count-to-infinity problem, if a node goes down, the path to a certain node might
end up in a loop. If there is no maximum distance, this will go on indefinitely.

Algorithm: Link state routing

Variants of this are still used in the internet.
Steps:
• Discover your neighbours and learn it’s network addresses
• Compute the distance to each neighbour
• Construct a packet containing everything you just learned
• Flood the network with this packet, and receive packets from all other routers.
• Compute the shortest path to every other router
To handle cables with multiple routers, like a LAN, create a node for the cable and select one
designated router who pretends to be the node.
Computing the path
Every link between routers is represented twice, once for each direction. Use Dijkstra’s
algorithm to find the shortest path in this directional graph. (Make sure to know Dijkstra’s as it
will be on the exam)

The biggest problem with this algorithm is that a single malicious router (or broken router) can
break the entire algorithm. It also requires a lot of memory and computational power.

Algorithm: Hierarchical routing

We don’t want to flood the entire internet with a packet once a single router comes up. Instead,
all routers are divided into regions. Link state routing is used within each region. For large
networks, it may be necessary to group the regions into clusters, the clusters into zones, the
zones into groups, and so on. The optimal size of the hierarchy is ln (n), with n being the
number of routers. This requires e ⋅ ln (n) entries per router.

All routers outside of a region are condensed into a single “virtual” router. This decreases the
efficiency of paths slightly, but has enormous space and computation speed gains.

Congestion control algorithms

Congestion: Packet delay because there are too many packets in a network. The responsibility
of handling congestion is shared between the transport and network layer. Congestion control
is global traffic control and flow control is traffic control over a single link (point to point traffic).

The most effective way to decrease congestion in both cases is to make the host send fewer
packets. This is because congestion is not linear, sending 10% less packets can decrease delay
by a lot.
Goodput: Amount of useful packets delivered per second. We want to stay in the gray area.

Approaches to congestion control

Network provisioning: Building faster networks
Traffic-aware routing: Routing based on where congestion occurs
Admission control: Temporarily refusing new connections
Traffic throttling: Slowing down problematic connections
Load shedding: Discard packets you can’t deliver

Traffic-aware routing
Include queuing delay when computing best routes. Link weight is a function of load and
propagation delay. This was used in the early internet, but it tends to oscillate between paths
rather than coming to an equilibrium. Attempts to reduce the influence of load only slow down
oscillations. Instead, ignore load and only consider propagation delay and bandwidth.

Admission control
In a virtual-circuit network, we remove nodes from the network during path searching, if the
nodes are congested. If this causes the network to become disconnected, then the network is
overloaded so setting up new connections should temporarily not be allowed. This is better
than the alternative of having a congested network. Estimating bandwidth is hard because
traffic often comes in bursts, average rate is not good enough.

Traffic throttling
Normally, senders adjust their traffic to send as much traffic as the network can deliver. When
congestion is imminent, the network must tell the senders to slow down. This is called
congestion avoidance.

Each router monitors the resources it is using:

• Congestion of the output link (too sensitive to bursts)
• Size of the packet buffer (most useful)
• Number of packets that are lost due to insufficient buffering (too late)

Implementations of “telling senders to slow down”:

• Choke packets: Send a “choke packet” back to the source host (the initial packet is then
tagged so that it generates no more choke packets). If we pick random packets, the
fastest host is more likely to receive choke packets. Also because of this, hosts should
ignore choke packets for a specific time after receiving one.
• Explicit congestion notification (ECN): Two bits in the IP packet are used to signal that
the packet has experienced congestion. The destination will then send the marks back
to the sender with its next reply. This is used in the internet.
• Hop-by-hop backpressure: At high speeds or over long distances, many packets may be
sent before the sender receives the congestion notification. Instead, we slow down a
single link, which causes the previous link to become congested too. This will propagate
back to the source.

Load shedding
A worst case solution. If routers get packets that they can’t handle, and nothing else helps, just
throw them away. But which packets to throw away?
• For a file transfer, an old packet is more useful than a new one. (Called wine)
• For real time media, a new packet is more useful than an old one. (Called milk)

Some packets may also be more important than others, e.g. a routing packet. So, we mark
packets with their priority and drop the least important ones.

Random early detection (RED)

If the buffer is close to getting full, but not entirely full, we can throw away packets at random. If
we do this without any congestion avoidance, senders can still know that they are sending data
too fast because they never receive an acknowledgement. Senders will slow down when they
lose packets, thus avoiding a buffer overrun. We will pick packets at random, so faster senders
are more likely to be dropped.
ECN is better than RED, but ECN is not always available (some hosts don’t support it).

Quality of service
In order to provide good quality of service, we can use overprovisioning, i.e. using as much
hardware as needed. But that is expensive, there are four key issues to be addressed in order to
provide good quality of service:
1. What applications need from the network
2. How to regulate the traffic that enters the network
3. How to reserve resources at routers to guarantee performance
4. Whether the network can safely accept more traffic

Application requirements
Flow: A stream of packets from source to destination
Delay: Time it takes to get from source to target destination
Jitter: Variation in delay
Packet loss: Percentage of packets being dropped
Bandwidth: Maximum data rate, bits/s

Types of QoS
• Constant bit rate: Useful for telephony
• Real-time variable bit rate: Useful for compressed video conferencing
• Non-real-time variable bit rate: Useful for watching a movie on demand
• Available bit rate: Useful for file transfers

Traffic shaping
To give guarantees on good QOS, the network needs to be able to control traffic. In order to do
this, the user and the provider of the network need to agree on a traffic pattern. This is called
traffic shaping.

Leaky bucket
Each host is connected to the network using a ‘leaky bucket’. The output of the bucket is
constant, either the ‘size of the hole’ or 0, if there is no data. Using this leaky bucket we can
convert an uneven flow of packets into an even one. If the bucket is full, we need to discard the
packet, or cache it somewhere in the OS.

However, for many applications, it is better to allow the output to speed up somewhat when
large bursts arrive. We can also imagine a bucket being filled with tokens (aka packets) at a
constant rate, and to send packets we must take the tokens out of the bucket. This is called a
token bucket and is equivalent to a leaky bucket.

Both allow short-term bursts, but limit the long-term rate. The bucket shapes the traffic to be
less bursty and prevents overflowing the caches of routers.

Internetworking
This deals with packets having to go over different types of networks. The Internet is the major
interconnected network on earth. The layer where this is challenging is in the network layer,
where we for example switch from connectionless to connection-oriented connection.
How networks differ
Item Some Possibilities
Service offered Connectionless versus connection oriented
Addressing Different sizes, flat or hierarchical
Broadcasting Present or absent (also multicast)
Packet size Every network has its own maximum
Ordering Ordered and unordered delivery
Quality of service Present or absent; many different kinds
Reliability Different levels of loss
Security Privacy rules, encryption, etc.
Parameters Different timeouts, flow specifications, etc.
Accounting By connect time, packet, byte, or not at all

How networks can be connected

We created a transport layer (the IP protocol) as a common layer for all networks. Because
different networks may have different addresses, we use IP addresses as a common ground.

A bridge, which is a router that interconnects networks, may have different address tables for
different networks, and know where to go based on the IP address. We now have problems
with IPv4 vs IPv6, because there are 2 different transport layers in the same network. A router
that can handle multiple network protocols is called a multiprotocol router. It must either
translate the protocols, or leave connection for a higher protocol layer.

Tunneling
This is a special case of interconnecting where the source and destination are on the same
type of network, but there is a different type in between.
We can wrap the packet inside the type of packet of the intermediate network. We often use
this to develop a network with a new feature, like IPv6 in the picture above.

Internetwork routing
Networks may internally use different routing algorithms. The weights across the internet will
not be well defined, so shortest paths will not be well-defined. To fix this, we will use a
interdomain gateway protocol (a gateway is an older word for a router). Since each network is
then separate from the others, it is referred to as an Autonomous Network (AS). In the internet,
this protocol is called the Border Gateway Protocol.

Packet fragmentation
Packet sizes in different networks are limited by hardware, OSes, protocols, standards, law, the
desire to reduce error-induced re-transmissions, preventing one packet from occupying the
network for too long, etc. In order to fix this, we want to be able to split up packets and break
them into fragments.

To re-combine packets, two opposing strategies exist:

• Transparent fragmentation: Break the packets in the middle network and recombine
them at the end. For this the end router needs to know when all packets arrived, so we
need a ‘end of packet’ bit or a packet count.
• Non-transparent fragmentation: Keep the packets broken up after re-entering the end
network. We need to number packets in such a way that the receiver can reconstruct the
end message.
Disadvantages:
• If packets are repeatedly split, this can cause quite a large overhead from all the extra
headers that are carried.
• Fragments are detrimental to performance, because if one fragment is lost, all packets
are lost.

MTU Discovery
Instead of fragmenting, we send an ‘error’ packet back to the sender, requesting them to split
up the packet into smaller ones. The sender then sends the smaller packets. The advantage is
that the sender now knows the right size of packets to send, the disadvantage is that there is
extra startup delay.

Network layer in the internet

The top 10 principles in designing the IP protocol:
1. Make sure it works, do not finalize design until it has proven to work
2. Keep it simple, Occam’s razor, choose the simplest solution
3. Make clear choices, use only one solution
4. Exploit modularity, have multiple protocol stacks which work independently of each
other
5. Expect heterogeneity, network should be flexible for different types of hardware
6. Avoid static options and parameters, negotiate instead of having fixed values
7. Look for a good design; it doesn’t need to be perfect, put the burden on people with
strange requirements
8. Be strict when sending and tolerant when receiving, send packets that comply with the
standards but be lenient when receiving
9. Think about scalability
10. Consider performance and cost

How it works
The transport layer takes the datastream and breaks it up into packets of up to 64kb each
(although they are often 1500b to fit into an ethernet frame).

In the internet there is a lot more redundancy than visible in the following image:

IPv4
The protocol is big endian (highest order bit first), where Intel x86 is little endian, so numbers
need to be converted often. In retrospect, little endian would’ve been better, but it’s too late to
change it now.

Fields

• Version: Currently version 4, by storing it at the front, we can switch the layout of the
other fields around easily.
• IHL: Amount of 32 bit words in header, between 5 and 15.
 • Differentiated Services: Top 6 bits are used to tell the service class (Do we care about
delay or speed), bottom 2 are used for congestion notifications.
• Total length: Length of header + data, max 65535 bytes.
• Identification: Allows destination to determine to which packet the fragment belongs to.
• Unused bit
• Don’t fragment bit: When bit is set to 1, the packet will never be fragmented further, and
instead a error packet is sent. Useful in MTU discovery.
• More fragments bit: All fragments except the last have this bit set to 1.
• Fragment offset: Where in the current packet this fragment belongs. All fragments must
be multiples of 8 bytes except for the last one.
• Time to live: Amount of seconds the packet has left to live. Decremented each hop, so
almost always only counts the amount of hops. Packet is discarded and a warning is sent
to the source when this hits 0.
• Protocol: The protocol contained in the data. TCP and UDP are possibilities, there is a
database of all numbers available.
• Header checksum: Checksum for only the header. Add up all 16 bit words using one’s
complement, then take the one’s complement of the result. Must be recomputed after
every hop because time to live changes.
• Source address: IP address of the source
• Destination address: IP address of the destination
• Options: Allows subsequent versions to add extra data to the header, and for
experimenters to try new ideas. Also to avoid allocating header bits for rarely used data.
Each begins with a 1-byte code identifying the option, and are variable length. Should be
padded out to be a multiple of 32 bytes.

IP addresses
IPv4 addresses are 32-bit number that uniquely identifies a network interface. Note that if a host
is on 2 different networks, it will have 2 different IP’s. Routers have multiple interfaces, so they
have multiple IP’s. They are written in dotted decimal notation, for example 128.208.2.151

IP’s are hierarchical, which means that each network has its own continuous block of IP
addresses. The size of the host part is determined by the amount of bits that is used to identify
the network. Since this can not be inferred from the address, routing protocols must contain
this information. When written out such that the network part are 1s, it is called the subnet
mask. (See picture below)
Advantages & disadvantages
• The key advantage of this hierarchical model is that the place to forward the packet to
can be determined by only the network portion. This significantly decreases the amount
of addresses that a router has to store.
• The first disadvantage is that your IP address will change if you change your network, so
your IP address will change if you move around.
• The second disadvantage is that the hierarchy is wasteful unless it is carefully managed.
If the addresses are assigned to networks in too large blocks, there will be too many
allocated addresses that are not in use. This is a major problem in the internet, which
IPv6 fixes.

CIDR - Classless InterDomain Routing

We can use route aggregation, where we can combine multiple small prefixes into a larger
prefix. We group prefixes that are close together. Aggregation is used heavily around the
internet, and reduces routing table sizes to around 200k prefixes. Packets are sent to the
longest matching prefix.

Classful and Special Addressing

This is the design that predated CIDR. There are class A/B/C networks with each different
amounts of hosts allowed. This design wastes a lot of possible addresses, since class A is too
big and class C is too small. Balancing the size of the classes turned out to be hard, so we
stopped using them. Class D addresses are still used as multicast addresses.
Special addresses

Network address translation (NAT)

We have to use IPv4 addresses scarcely. This works well for some situations, however this does
not work for company networks which are online 24/7. This also increasingly starts to apply to
home networks, since phones are always online. The better fix we thought of was NAT. The
idea is to assign each home or business a single IP address, and within each of these networks,
every computer gets an unique IP Address. When a packet enters the public internet, the
address is switched to the public address. Within each network, these ranges, which are not
allowed to appear on the public internet, are used:

When the reply comes back, we can use the port in the TCP and UDP packets to identify
which computer to send the packet to. Processes first have to bind to a port, because they can
communicate over the internet.

Problems with NAT:

• It violates the model of the Internet Protocol, IP Addresses are no longer unique
identifiers for each machine
• NAT also breaks the end-to-end model of the internet, it’s no longer possible for every
host to connect to every other host. In order to connect to a home user, special NAT
 traversal techniques are needed.
• NAT changes the internet from a connectionless model to a weird kind of connected
model. If the NAT box crashes, all the current TCP connections are lost.
• NAT violates the rule of protocol layering, a layer may not make any assumptions about
what inner layers put into their content. The IP protocol now requires a port.
• Some applications use multiple ports in prescribed ways, since NAT knows nothing
about this, it will fail without special care.
• Each address only has 65536 ports, so this is not a permanent solution.

IPv6
Goals
• Support billions of hosts, even with inefficient allocation
• Reduce size of routing tables
• Simplify the protocol, allowing routers to be faster
• Provide better security
• Pay more attention the the type of service
• Allow for better multicasting
• Make it possible for a host to roam without changing IP addresses
• Allow the protocol to evolve in the future
• Permit the old and new protocols to coexist

Improvements
• 128 bit addresses
• Simplification of the header (7 fields instead of 13)
• Better support for options
• Big advance in security
• More attention paid to Quality of Service

The header
• Version: Set to 6
• Differentiated services: Same as IPv4
• Flow label: A way to group packets with the same purpose together, forming a pseudo-
connection.
• Payload length: Amount of bytes that follow the 40-byte header, header bytes are no
longer included.
• Next header: Tells the type of the next header, which is the replacement for options. The
last header will tell which transport protocol (TCP or UDP) the body is.
• Hop limit: Amount of hops made by the packet, no longer in seconds.
Addresses
Are now written in hexadecimal with a colon between every 4 digits, like: 8000 : 0000 : 0000 :
0000 : 0123 : 4567 : 89AB : CDEF .
Leading zeroes are allowed to be removed, and multiple groups of zeroes are allowed be
compressed using ::, making the above address: 8000 :: 123 : 4567 : 89AB : CDEF
We can also write IPv4 addresses, using :: 192.31.20.46

Fragmentation: All fields about fragmentation have been removed, because fragmentation has
been removed. It’s way more efficient if the source just sends the right size packet, so we use
MTU discovery only.
Checksum: The checksum field is gone because calculating it cost too much performance,
and networks are reliable enough that is no longer a problem.

Extension headers
Extension header Description
Hop-by-hop Miscellaneous information for routers, datagrams using this header
options extension are called jumbograms
Destination
Additional information for the destination
options
Routing Loose list of routers to visit
Fragmentation Management of datagram fragments
Authentication Verification of the sender’s identity
Encrypted
Information about the encrypted contents
security payload
Internet Control Protocol
ICMP
For when something unexpected occurs, a special protocol exists: Internet Control
MessageProtocol (ICMP). Using this, networks can send “Warning messages” or other meta
messages over the internet. About a dozen ICMP messages are defined, indicating all sorts of
problems and useful testing items. These include:
• Destination unreachable: packet could not be delivered
• Time exceeded: time to live field hit 0 (used by traceroute)
• Parameter problem: invalid header field
• Source quench: choke packet
• Redirect: redirect a packet somewhere else
• Echo and echo reply: check if a machine is alive (used by ping)
• Timestamp request/reply: same as echo, but with timestasmp
• Router advertisement/solicitation: find a nearby router

ARP
How do IP addresses get mapped onto data link layer addresses such as Ethernet? One
solution is to have a master configuration file somewhere, but keeping this up to data is an
error-prone and time-consuming job. A better solution is for a host to output a broadcast
packet onto a certain Ethernet asking who owns a certain IP-address. The response will be the
Ethernet address to use. The protocol used for this is the Address Resolution Protocol (ARP).

This is easy to use and can be optimized by caches (which can be poisoned to "steal" IP
addresses). Gratuitous ARPs can be broadcasted to inform the machines in the network that
you are up and you pass your IP address. Normally, no response arrives but if another machine
has the same IP address, there will be a response.

DHCP
ARP makes the assumption that hosts are configured with some basic information, such as
their own IP addresses. But that is not necessarily the case. Here, DHCP comes into play, there
will be a DHCP server in each network which is able to hand out IP addresses. A machine
requests an IP address using a DHCP DISCOVER packet.

In order to make sure that the IP pool isn't filled with old, non-active machines, each DHCP
assignment has a leasing period, after which the host can ask for renewal.

Label switching and MPLS

To move packets across networks, ISPs use MPLS (MultiProtocol Label Switching). It is very
close to circuit switching. MPLS adds a label in front of each packet and forwards it based on
that, instead of based on the destination address. These labels can then be stored in a lookup
table, making routing very fast. This is called tag switching.
When these packets arrive at a LSR (Label Switched Router), the label is used as an index into a
table to determine the new label and the outgoing line. The LER (Label Edge Router) will
determine when to add and remove the label.

OSPF
Open Shortest Path First (OSPF) is a protocol which takes care of internal routing (or
intradomain routing). OSPF was designed with the following requirements:
• The algorithm should be published openly
• The protocol should support a variety of distance metrics, e.g. physical distance, delay
etc.
• It had to be a dynamic algorithm, adaptive to changes of topology
• It had to support routing based on type of service, i.e. provide different routing for a
realtime service vs another service
• It had to do loadbalancing, done by remembering which paths are shortest, and dividing
load between those paths (Equal Cost MultiPath)
• Support for hierarchical systems was needed
• Some security was required to prevent spoofing
• Provision was needed to deal with routers that were connected to the internet through a
tunnel

OSPF operates by abstracting the collection of actual networks, routers, and links into a
directed graph in which each arc is assigned a weight (distance, delay, etc.). This graph then
looks like this:

As you can see, some arcs have an arc returning and some don't. There is no returning arc
when there are only hosts in the network. OSPF divides an AS (autonomous system) into
numbered areas, which don't overlap. In that area are internal routers. Area 0 is called the
backbone area, in which the boundary router is the endpoint for outside traffic. The backbone
contains area routers, which connect multiple areas. Stub areas only allow routes internal to the
area. Each router in an area keeps the same state and new routers coming online get
information from a designated router. The messages sent between the routers are the
following:
• Hello: used to discover who the neighbors are
• Link state update: providers the sender's cost to its neighbors
• Link state ack: acknowledges link state update
• Database description: announces which updates the sender has
• Link state request: requests information from the partner

In the following image you can see you can build a large hierarchy to internally manage large
networks:

BGP
Between ASes, the Border Gateway Protocol (BGP) is used. Where OSPF didn't have to, BGP
has to worry about politics. A few political constraints could be:
• Never send traffic from the Pentagon on a route through Iraq
• Use TeliaSonera instead of Verizon because it is is cheaper

ISPs can pay other ISPs to transmit packets over their network, called transit service. To make it
work, the provider should advertise routes to all destinations on the Internet to the customer
over the link that connects them. An example of a transit service is visible in the following
image:
Here, four ASes are connected, often by a link at an IXP (Internet eXchange Point). AS1 sells
transit service to the other ASes. If some networks are connected already and send a lot of data
to traffic other, they can also directly send traffic to each other, called peering.

BGP is a form of distance vector protocol. Though instead of maintaining just the cost of the
route to each destination, each BGP router keeps track of the path used. This approach is
called a path vector protocol. BGP routers communicate with each other by setting up TCP
connections. Because works well, it is also used internally by ISPs to propagate routes from one
side to the other, called iBGP.

BGP routers choose which route to use for a destination in one of the following ways:
1. Routes via peered networks are chosen in preference to routes via transit providers
(money concern)
2. Shorter paths better
3. Choose the lowest cost within the ISP (called early exit / hot-potato routing)

Internet multicasting
Some addresses in the IPv4 space are reserved for multicasting. Examples of these are:
• 224.0.0.1: all systems on a LAN
• 224.0.0.2: all routers on a LAN
• 224.0.0.5: all OSPF routers on a LAN
• 224.0.0.251: all DNS servers on a LAN

Other multicast addresses may have members on different networks. For that, the multicast
routers need to know which device is on which group. About once a minute, the router sends a
query packet to all the hosts on its LAN to ask to which group they belong. This is described by
the IGMP (Internet Group Management Protocol).

Mobile IP
In order to assign IP addresses to mobile devices, the major goals were set up:
1. Each mobile host must be able to use its home IP address anywhere.
2. Software changes to the fixed hosts were not permitted.
3. Changes to the router software and tables were not permitted.
4. Most packets for mobile hosts should not make detours on the way.
5. No overhead should be incurred when a mobile host is at home (home being the site to
which the device is connected)

When the mobile host arrives at a new site, it gets a new IP address and tells its home its new
care-of address. Now if we were to send packets to an IP address of a mobile device and that
device is suddenly at another place, the packets would go to home. What now?
1. We keep the same IP address but use a more specific subnet. Then the distant site
advertises that address and thus the packet will arrive in the right place again. This would
 mean that every router keeps track of every change in global IP addresses, which is
unmanageable.
2. Change the IP address of the mobile, this will stop the delivery until all programs etc are
informed of the change, but this handles the mobility on a higher layer. Changing these
addresses can be done using DHCP. ARPs can be used to locate the site to which the
device is connected to now.
Transport Layer (chapter 6)
The goal of the transport layer is to provide efficient, reliable, and cost-effective data. The
transport layer sends segments to the network layer (which turns it into packets, which in turn
will be transformed into frames by the data link layer).

The transport and network layer are very similar, but the transport layer only runs on the user’s
machine and is thus way more easy to customize. It gives the users full control over the
connection.

The transport service

The transport service has a lot in common with the network layer's services. They both have
three phases: establishment, data transfer and release. The transport layer aims to solve this by
providing reliable (100% in the case of connection-oriented) connections.

The existence of the transport layer makes it possible for programmers to write programs that
work on a wide variety of networks. The transport service does this by providing primitives to
use. If the network layer was faultless these primitives wouldn't be necessary. However the real
world works differently. For this reason there is often made a distinction between layers 1
through 4 and the others.

The bottom four can be seen as the transport service providers and the upper layers can be
seen as the transport service user.

Transport service primitives

Some example primitives for a simple transport service:
1. Listen: wait for another process to contact us (blocks until some process tries to
connect)
2. Connect: actively try to connect to a process that is listening
3. Send: send data over the established connection
4. Receive: receive data over the established connection (blocks until a data packet arrives)
5. Disconnect: release the connection

We use the term Transport Protocol Data Unit (TDPU) to describe messages sent from
transport entity to transport entity.

Berkeley sockets
The primitives for Berkely sockets extend on the transport service primitives (these are used by
TCP):
1. Socket: create a new communication endpoint
2. Bind: assign a local address to the socket
3. Listen
 4. Accept: passively accept an incoming connection request
5. Connect
6. Send
7. Receive
8. Close

The first four primitives here are executed by a server socket in that order:
• The SOCKET call returns a file descriptor to write on in later system calls
• Using BIND a socket file descriptor gets an address to listen on
• The LISTEN call allocates a large enough space to queue incoming requests
• ACCEPT waits for incoming connections, and when one does it creates a new socket
file descriptor similar to the original one. Now the program can fork off to handle this
new connection and start waiting with another ACCEPT call

The client side does something similar in a slightly different order:

• First a SOCKET call is done to create one
• Now CONNECT is used, which blocks the caller until a connection is established with a
server (imeouts can be used here)
• Once a connection is established, both sides can use SEND and RECEIVE

A connection is only released once both parties, server and client, have executed CLOSE.

Elements of transport protocols

Similarities and differences with the data link layer
• Similar: both have to deal with error control, sequencing, and flow control.
• Different:
• The environment is different, we need addressing and we need to set up
connections
• There is also storage capacity on the network, packets may arrive out of order, or
packets may be duplicated
• The final problem with the transport layer is that buffers and the fact that
bandwidth may fluctuate wildly

Addressing
Packets don’t just need a destination computer, they also need a destination port, for which
program is the packet intended?

An IP Address is a NSAP (Network Service Access Point), because it’s all the identification the
network needs. In some networks, a NSAP may be shared between multiple computers.
A port is a TSAP (Transport Service Access Point), it runs over a NSAP and allows two TSAP
interfaces to communicate (a local and a remote one).
It is not very efficient to let all servers listening to a port all day long, therefore the initial
connection protocol is used. A proxy server, process server, receives the requests and spawns a
new server if needed. But, this is only applicable when servers can be created on demand (i.e.
there needs to be a known mapping between a port and application).

Connection establishment
Problem: What if a packet for a connection establishment times out, is resend, and then still
arrives, thus gets duplicated?
Solution: Guarantee a maximum TTL for packets (120s in Ethernet) using a hop counter, and
give each packet a unique identifier which may not be repeated until the TTL expires.

Why use sequence numbers?

• Detect data loss, missing sequence number lost data
• Re-order data, sequence numbers not in ascending order change order
• Detecting duplicates, two segments with same sequence number discard one of
them

Forbidden region
The forbidden region is the set of identifiers that may currently be chosen as an initial
sequence number, and is thus forbidden from use. There are two ways we could enter this
region:
• We send too much data, in which case we’ll hit the forbidden region from the right. To fix
this, send at most 1 segment per clock tick. Though this is very unlikely anyway
• We can send too little data, in which case we’ll hit the forbidden region from the left. This
limits how long a connection can last (max 4 hours).

Say data remains in the network at most T seconds. Then we should not send a segment with
a sequence number that can be an initial sequence numbers within the next T seconds,
otherwise we might get duplicates.

Increasing sequence numbers

We increase the sequence numbers based on the segment size. It should be related to the size
because:
• a part of a segment might be dropped
• fragmentation

When sequence numbers get close to the forbidden region, we can choose a new sequence
number.

Choosing a sequence number

Depending on the time of day we choose this sequence number, so if the host crashes it still
works! If we crash we choose a new sequence number based on the time of day and our
predefined rules.
The 3-way handshake
• First, host 1 sends a connection request to host 2 with host 1’s sequence number
(SYNchronize)
• Then host 2 sends an ACK repeating this sequence number, and including its own
sequence number (SYNchronize-ACKnowledgement). We have 2 sequence numbers on
a connection, one per endpoint. Here we agree on the initial sequence numbers.
• Finally, host 1 can now send data using this new connection (ACKnowledge). Usually, only
after this first data we increase the sequence number.

If the initial request is now repeated (for example, if the ACK gets lost), host 2 just repeats its
ACK with the number, but host 1 sends a reject. So, this handshake can handle duplicates. The
first connection will still work!

Connection release
There are 2 styles of releasing connections
• Asymmetric (one party just stops the connection, informing the other person but not
waiting for an ACK, it may result in data loss)
• Symmetric (both parties must agree before ending the connection)

The two army problem comes into play for symmetric connections, as we are never sure if the
other party got the last message. This problem is unsolvable, so we just add an extra condition
that if the other party hasn’t communicated for a while after a disconnection, to exit the
connection. The initiating party will retry n times and then release the connection.
Error control & flow control
We want to make sure that the packet got through the entire network correctly, as a final check.
Packets may get corrupted by broken routers, and there is no error control to catch this.
Sequence numbers don't tell you this. For error control, we run a known method (CRC,
hamming etc.).

If the receiver of packets don't have the capability to receive all the packets sent (but the
network has), the transport layer of the receiver can tell the sender to slow down. This is flow
control. On the transport layer, we have a higher delay than in the data link layer. We still use
sliding windows, but since sliding windows may be huge (because we have a large bandwidth-
delay product), we want to use dynamic buffers, shared by multiple connections.

Multiplexing
There are multiple processes sharing a single network connection (eg. same IP address), this is
called multiplexing.
A single process using multiple network connections (to increase bandwidth or reliability) is
called inverse multiplexing.
Crash recovery
The hard problem is recovering from host crashes. We don’t know whether we passed on the
data to the next layer yet. If we first send an ACK and then pass on the data, we might have sent
an ACK but not passed on the data. The other way around has the same problem. This problem
is not solvable on a certain layer k without using layer k + 1. The transport layer can propagate
problems to the application layer.

Congestion control
The network layer already does a lot of congestion control, but at some point the best way to
fix congestion issues is to just send fewer packets into the network. This is the responsibility of
the transport layer. Congestion control is used when the network can't handle the amount of
packets sent over the network (whereas with flow control the receiver couldn't handle the load).

Power: used bandwidth (load) / Delay

Fair bandwidth allocation

If we have a total bandwidth of B with N machines, each machine should get NB bandwidth.
Unfortunately this does not always work.

2
It could be that the total bandwidth B = 2, with N = 3. This means each machine gets 23
bandwidth. But this will not work if 2 machines are wired to 1 router, then you get over the
bandwidth over that one router!

Even if you were trying to fairly divide bandwidth, it is hard to decide how many machines there
are and decide how much bandwidth each machine gets. Besides, the path of the packet of a
machine depends on the destination, thus the amount of network congestion also depends on
that. So we have a few unknowns;
• Available bandwidth
• Network topology
• Other clients

Max-min fairness
Max-min fairness is a technique that is frequently used. This maximizes minimum bandwidth,
then uses excess bandwidth where possible. A link is max-min fair if we can’t increase the flow
of a link any further without decreasing the flow of a link with smaller flow. A disadvantage of
this is that we might not use total bandwidth.

How do we choose what to base the fairness on?

• Per computers: Busy servers get the same bandwidth as a mobile phone
• Per connection: Encourages opening more connections

The algorithm must also converge quickly, as bandwidth will change rapidly.

Dynamic bandwidth
We can just trial and error to dynamically adjust the bandwidth. We keep trying to increase the
bandwidth usage and slow down when we receive a congestion signal.

We can detect this congestion by:

1. Explicit feedback from routers (not very common, the routers are stupid)
2. Loss, if we lose packets we decrease bandwidth
3. Latency, if delays between ACKs are bigger than the delays between sending segments

Regulating the sending rate

We must find some way to have a host know how much it may send. Find the optimal point.
The best way turns out to be:
• Additive increase: Try to add a constant amount to the speed each time. If fine, do again,
otherwise decrease
• Multiplicative decrease: Try to multiply by a constant. If fine, do again, otherwise divide
• Combination of additive increase and multiplicative decrease: This makes the line
regress to the fairness line.

Wireless issues
Wireless networks are unreliable, and lose packets all the time. To not make the transport layer
completely useless, we hide a lot of packet losses from the transport layer, and we only send
the packet loss to the transport layer if the packet gets lost after multiple retries.

UDP (user datagram protocol)

Connectionless protocol, doing almost nothing except sending packets to applications.

UDP does do:

• End to end error detection (Optional)
• Demultiplexing

UDP does not do:

• Flow control
• Congestion control
• Retransmissions

Header
It has a 8 byte header:

Source port: The port where the source application sent the data from
Destination port: The port where the target application is located at
UDP Length: The amount of bytes of the UDP header and body together, the minimum is 8
(because of the header size) and the maximum is the maximum size of an IP packet.
Checksum: Add up all the 16 bit words using XOR, the result should be 0 (optional)
Application
UDP is used in applications where using a few frames isn't too bad and speed is more
important. This could be video streaming, realtime games etc. This does mean that the
application layer needs to correct for this.

TCP (transmission control protocol)

TCP is a very reliable but slow protocol. It provides a reliable end-to-end byte stream over an
unreliable network.

Some properties:
• In TCP, both the sender and the receiver create endpoints called sockets. Each socket is
identified by an IP address and a port. All TCP connections are full duplex and point-to-
point
• TCP is a byte stream, not a message stream. So if you send 4 × 512 bytes, this may be
received as 1 × 2048 bytes by the receiver. TCP may also buffer data until it received
enough to send in a single packet
• The TCP protocol uses path discovery to find the maximum transfer unit (MTU) which it
may send. In practice, the MTU is often 1500 bytes (max ethernet packet size)
• TCP is much, much more complex than UDP

Header

Source & Destination port: Identify local endpoints of the connection.

Sequence number: Specifies current segment byte id (specified more later)
Acknowledgement number: Specifies the next byte id it expects
Header length: Amount of 32-bit words in the header

CWR and ECE: Signals congestion, CWR says the sender has slowed down, ECE says the
receiver must slow down
URG: Urgent packet
ACK: Set to 1 if acknowledgement number is valid, set to 0 if acknowledgement number should
be ignored because it’s not used
PSH: This data must be sent to the application layer ASAP, and must not be buffered
RST: Reset this connection, because of a problem (like a host crash)
SYN: Used to establish connections, the connection request has SYN = 1, ACK = 1
SYN = 1, ACK = 0, and the reply has SYN = 1, ACK = 1
FIN: Used to release a connection

Window size: How many more bytes may be sent, starting at the last byte that was
acknowledged (used for flow control)
Checksum: A 16-bit XOR of the header and the data
Options: May be used to provide extra facilities that are not provided by the regular header

TCP conversations
Connection establishment
Uses the 3-way handshake described earlier. One side waits for a connection, the other initiates
it. It also works perfectly if both parties initiate a connection at the same time, since both will
acknowledge with the correct sequence number, thus making only one connection.

An interesting attack is SYN flooding, where we send a large amount of connection requests to
a host, and the host has to remember all connections. This can be solved by not remembering
the initial connections, but rather generating the sequence number from the IP, port, and a local
secret.

Connection release
We can stop a connection, once both sides have sent a packet with the FIN bit. When that bit is
set, the connection is stopped in one direction for new data. If there is no acknowledgement to
a FIN within 2 packet lifetimes, the connection is dropped.

Buffer management
TCP separates the issues of correctly receiving segments (using ACK field) and buffer
management (using WIN field). This is valid TCP conversation:
In TCP, received packets are buffered by the receiver. The length of the buffers available is sent
back to the sender (piggybacked on other messages). On this way, the sender knows when to
send how much, in a way the buffer of the receiver never gets too full. If it's full, it could mean
data is lost

Sequence numbers
• In TCP, every data byte has its own sequence number
• SYN and FIN also increase sequence/ack numbers
• In a TCP segment sent from S to R:
• Sequence number: bytes R should have received before this segment + initial
sequence number of S
• Acknowledgement number: bytes received from R + initial sequence number of
R
• The initial sequence number is clock based but with additional randomness (for security
purposes, to avoid an impersonation attack)
• The sequence numbers always notates the start of the data, not the end.

Flow control
When the window is 0, no packets may be sent by the sender, except:
• Urgent data, for example ending the connection
• A 1-byte packet forcing the receiver to re-announce the next byte excepted and the
window size, called a window probe. This is useful for if a window update ever gets lost.

Another problem is the silly window problem, where the sender sends data in large blocks, but
the receiver reads 1 byte at a time, thus sending a lot of window updates. The solution to this is
to have the receiver only send window updates once a decent amount of new space is
available. Specifically, the receiver should only advertise new space until the buffer is half full, or
it has freed another maximum segment size.

Retransmissions
We retransmit segments after a timer expires. We also retransmit a segment if we received an
acknowledgement of the next segment (called fast retransmission). This has the risk that a
segment might be sent twice. It may also use the time between ACKs, this is called an ACK
clock

ACKs
Senders are not required to send information as soon as it comes in, and receivers are not
required to acknowledge instantly. We can use this to optimize performance. In TCP, we wait
up to 500ms before sending the acknowledgement, in the hope to get a free ride with some
data (piggybacked ACK, then the ACK field is 0 but we increase the ACK number).

If we have nothing to send back, we send an ACK directly (with only the TCP header), with the
ACK field set to 1.

Examples
A few examples of conversations:
Congestion control
TCP maintains a congestion window, whose size is the amount of bytes that the sender may
have on the network at any time. The window size is adjusted according to the AIMD rule
(additive increase, multiplicative decrease). Thus there are two different windows in TCP, you
never send more than the minimum of either of the two windows.

Slow start
AIMD will take a long time to reach a high speed on fast networks. Instead, we use slow start,
which grows exponentially at first. To keep this algorithm from going out of control, we will cap
it off at a threshold, which at first is set to infinity. In TCP Tahoe slow start was implemented
first.

Slow start:
• Start by sending out at most 4 segments
• For each segment that is acknowledged, send out another 2 segments
• When the threshold is hit, switch to additive increase
• When a packet is lost, set the threshold to half of the congestion window, and the entire
process is restarted.
To improve the algorithm, we can use fast recovery: instead of dropping all the way to 0, we can
drop to the threshold directly. TCP Tahoe with fast recovery is used in TCP Reno

Newer TCP versions all use different variations of the same idea of decreasing congestion
window and threshold.

Even more minor improvements have been made:

• We now have selective acknowledgements, which means we can acknowledge a range
of bytes and thus have a better knowledge of what segments were lost.
• We can now use explicit congestion notifications (we explicitly say the network is
congested), in addition to packet losses. We can get these signals from the IP layer.
• Some TCP protocols use precise congestion signals, telling them exactly at what
bandwidth they can send
Application Layer (chapter 7)

Domain Name System (DNS)

DNS is the service that translates URLs to IP addresses.

URLs
Why URLs?
• Remembering IP addresses is annoying
• Servers may change IP address

What are URLs?

• Hierarchical data structure, where each node manages (owns) their children
• Top level domains are either generic or countries, they are run by registrars who you can
pay a small annual fee in exchange for ownership of the URL

DNS name space

If you control a domain, you can specify arbitrary subdomains. The UK uses .ac.uk. for academic
use and .co.uk. for commercial use, whereas the Netherlands puts everything directly under .nl.
There are dots behind an address to indicate it's the end.

Domain resource record

Domain name: The domain to which this record applies (Since a database will contain
information about multiple domain names)
Time to live: How often we need to check if the record is still valid. Used for caching.
Class: For the internet, always IN. May be set to other codes for other applications.
Type: The type of this record, see picture underneath for all types
Value: The meaning of this field is dependent on the type.
Name server
Location
The operating system keeps track of which name server to use. By default, it's the name server
of the autonomous system you are in. It is possible to change this if you prefer another
nameserver (e.g. 1.1.1.1). The nameserver which the operating system calls first is called the local
name server. This could actually be a local name server (e.g. your router), or a nameserver which
is a continent away.

DHCP assigns an IP address to a machine without one. Besides this, it also provides you the
address of a nameserver.

How to resolve an IP address?

DNS name servers are split up into multiple non-overlapping zones. Name servers should be
able to tell you the IP of all servers directly underneath it, these are authoritative records. They
may also cache records from further down, these are called cached records.

The IPs of name servers or records may also be cached at the local computer, by the operating
system. There are also 2 different ways of querying name servers:
• Recursive query: The local name server does further queries to other name servers
(better if you have weak machines)
• Iterative query: The machine does further queries to other name servers

One name resolution can use both mechanisms, as in the picture underneath, the local name
server is recursive while the other servers are iterative.
Email
Structure
The participating computers are split up into 2 categories:
• Users (the computers sending and receiving emails, may not always be online)
• Message transfer agents, aka mail servers (route the emails to their destination, should
always be online)

Message format
Email messages contain an envelope, header, and body.

Envelope: Meta intended for the mail server

Header: Meta intended for the user
Body: The actual sent email.
POP3 / IMAP
Users use POP3 (older) or IMAP to interact with their mailbox. These protocols receive emails
from the mailserver. POP3 tends to remove the mails from the mail server whereas IMAP does
not. Receiving mails has to be initiated by the destination, instead of the other way around in
many other protocols.

IMAP
IMAP sends commands to a mail server to manipulate mailboxes. Some common commands:
1. LOGIN, log into server
2. FETCH, fetch messages from a folder
3. CREATE/DELETE, create or delete a folder
4. EXPUNGE, remove messages marked for deletion.

IMAP replaced the POP3 protocol.

SMTP
Users and mailservers use SMTP to send email from a source to a destination. This is used
between user and mailservers (often with extensions, e.g. authentication) but also between
mailservers. Deciding upon where to send the message to is done using DNS.

Some issues:
• SMTP uses ASCII to send emails, so you can't send arbitrary binary data.
• Basic SMTP does not include authentication
• The FROM field in the header is not checked

MIME
To send other messages than just plain text, the Multipurpose Internet Mail Extensions (MIME)
exists. Using this you could send more than just text messages, where the type is indicated by a
new header. In order to support this, we can't just force all mailservers to be updated.

Base64
In order to do this, we use base64 encoding. We put in a binary string and we get ASCII.
Base64 only uses 64 characters, so 6 bits are translated into 1 character (so we just regroup
bytes into 6 bit streams). Unfortunately, this gives a 1 bit overhead per 6 bit sequence.

To indicate padding, we use = signs. We use padding when the output length in base64 is not
divisible by 4.
We then pad until the output length is divisible by 4 (so group input by 3 bytes). The final ==
sequence indicates that the last group contained only one byte, and = indicates that it
contained two bytes.
For example, if our output base64 becomes YW55 IGN , we pad with 1 =, to make it divisible by 4.
When the output is YW55 IG , we pad with ==
Some other problems / properties:
• If we already had ASCII in our message, it was already padded with a 0. Turning this into
base64 gives an even bigger overhead
• If the amount of bits is not divisible by 6, we have even a bigger overhead

World wide web

W3C
The World Wide Web Consortium (W3C) is an organization devoted to:
• Developing the web
• Standardizing protocols
• Improving compatibility between sites

HTTP
In order to query resources, we use HTTP. We send HTTP requests and get HTTP responses.
HTTP uses TCP, so before we can send a HTTP request, we need to setup a TCP connection.

We could create one connection for each HTTP request that we want to send. That is very
inefficient, so we use persistent connections to allow browsers to issue multiple requests over
the TCP connection. We can send sequential requests or pipelined requests (we send multiple
requests at the same time).

URLs
In order to locate web pages we use URLs (uniform resource locators). URLs specify a protocol
(e.g. HTTPS), domain name (interesting for the network and transport layer as this is where a
request will be sent to) and path (only interesting for HTTP, specific for the particular server).
The slashes in front of the URL are not really needed, but were used to improve readability in
the past.

MIME
In the web, the MIME type text/html is parsed. Other data is passed to a plugin or another
application. A plugin is integrated into your browser and handles MIME types that are not text
based.

CDN
Static content (e.g. JS files) can be hosted on a CDN. A Content Delivery Network is a type of
caching to increase system scalability.
An origin CDN server distributes content over multiple other CDN nodes (all over the world).
Then you make sure that users in Europe get the CDN in Europe etc. There are a few
possibilities for that:
• Use a front end to forward the requests to the right CDN node. This does mean that
there is still 1 front end which can still give delays if it's not placed well geographically
• Use DNS load balancing, you query a CDN name server which responds differently to a
request from Europe than to a request from the USA

Streaming video and audio

Compression
In order to transfer video and audio in smaller formats, we use compression. This compression
tries to remove a lot of information and still retain almost the same amount of quality (when
viewed / listened to by a human).

For video, MPEG can be used for compression. MPEG compresses over a sequence of frames,
further using motion tracking to remove temporal redundancy. There are a few techniques for
this:
• I (Intra-coded), frames are self-contained. So a frame stands on itself instead of relying on
neighbor frames
• P (Predictive), only store changes to previous frames
• B (Bidirectional), frames may base prediction on previous frames and future frames

Using a high compression rate we can cut down the size of the file by a lot

Streaming stored media

There are a few approaches of streaming stored media (e.g. YouTube):
• Sending the entire file up front, save it to disk on the destination and then read it
• Send a metafile request, hand-off the metafile to a media player (can be integrated into
the browser itself), which in turn sends a media request (using the RTSP protocol) and
gets a media response from the server

A few things can go wrong. How do we handle transmission errors?

• Use reliable transport (e.g. TCP). This increases jitter (lag) significantly, but for video that
can be prefetched (i.e. stored media) this can be a solution
• Use error correction in the application layer. This increases jitter, decoding complexity
and overhead
• Interleave media, send frames in a different order. This "protects" against burst errors,
because you only get a few slight gaps between frames instead of an entire second
going missing. Slightly increases jitter and decoding complexity

When playing media, we buffer it. There are 2 things we worry about:
 • We don't want a too full buffer, then we will lose content (we have a high-water mark, if
this is reached we need to download slower)
• We don't want an empty buffer, then we have stalling (so we have a low-water mark, if
this is reached we need to download quicker)

Streaming live media

Streaming live media (e.g. Twitch) is similar to the stored variant, but...:
• You can't stream faster than live rate to prefetch and thus get ahead. So we need a larger
buffer, we can't just increase speed of transmission!
• There are often many users viewing at the same time. For this we use UDP with multicast
(send the same to everyone instead of making connections for each person), which
greatly improves efficiency. This is rarely available though, so TCP connections are still
used.

Streaming interactive media

Real-time conferencing has two or more connected live streams. The key challenge here is
achieving as low latency as possible, we want to get immediate responses.

A partial solution to this is to change the compression rate based on the bandwidth:
• If the bandwidth decreases more lossy compression
• If the bandwidth increases less lossy compression

Peer-to-peer systems
Instead of relying on a central infrastructure, users can create their own infrastructure by
connecting to each other. This is naturally very scalable (to a certain extent), whereas a
centralized infrastructure isn't.

Napster
The original idea of Napster was the following:
• A user asks a central server who has a certain file
• The server responds with the IP address of a machine having that file
• The user requests that machine for the file
• The file gets returned

The problem with this is that there is still a central server, and because Napster was prone to
pirating this central server was shut down.

BitTorrent
The idea of BitTorrent:
• You download the description of a file you want to get (from PirateBay for example)
 • You connect to the tracker server, which provides you with a list of peers (people who
serve chunks of the files)
• You seed (also become the host) and download chunks from the peers

The disadvantage of this is that the tracker still needs to be online. In modern versions of
BitTorrent this tracker is distributed.

Distributed Hash Tables (DHTs)

We need to distribute the information which is normally on the tracker over many users. We
want:
• Only a small amount of information per node
• A fast lookup
• Concurrent use by all users

In order to distribute a hash table, we use a Chord Distributed Hash Table:

1. Create a ring of 2m places. Every place can hold a user
2. The location in the ring can be calculated by hash (IP )
3. Peer for torrent t are stored at user successor (hash (t)) (next node in the ring, if the
position of the hash is not taken)
4. Each node connects with the previous and next nodes

So imagine places 7,  17,  24,  30 are taken and hash (t) returns 12, we store the data at node
17.

In general, you need to query half of the ring to find a file in this way. That's not efficient in a real
situation, so we need a better structure.

So, besides only keeping track of neighbors, we also keep track of other nodes in a table: the i
th entry of a table keeps track of the successor (location + 2i ) node. In total, it keeps track of
m nodes (the table contains 2m places)
Here, we define successor (x) as the node address y for which (y − x) mod 2m is minimal (or:
first node you get when walking clock-wise along the ring starting at x).

Example
Imagine we have the following ring (where m = 5):
We then get the following finger table for location 3 :
m Start location + 2m Address of successor
0 3 + 20 = 4 7
1 3 + 21 = 5 7
2 3 + 22 = 7 7
3 3 + 23 = 11 17
4 3 + 24 = 19 24

Now imagine we are looking for node 27 starting from node 3:

• we need to find the closest node in our finger table to 27, which is 24
• Then 24 is contacted by 3, asking for the information. The successor of 27 is node 30, so
node 24 contacts node 30
• Node 30 returns the information for 27
Network Security (Chapter 8)

Ethical Hacking
The consequences of hacking can be severe, same category as theft and burglary.

In the Netherlands you can get up to 4 years of imprisonment.

Terminology
Safety vs security
• Safety (reliability): protect from random failures
• Security: protect from intentional attacks
• Privacy: security related to personally identifiable info, control over your own data
• Trust: it depends on the context

Security goals (CIA triad)

• Confidentiality: only authorized parties have access to information/system
• Integrity: it is guaranteed that data has not been manipulated (includes authentication,
non-repudiation - you know for sure person x sent the message).
• Availability: the system/data is there when you need

Types of Disclosure
If you come across a security bug in a system there are several courses of actions. Which come
down to what you decide to do with the information obtained
• Non Disclosure: you could not disclose anything, this is legally fine but could be morally
ambiguous.
• Full Disclosure: you can just publish the vulnerability publicly
• Pro: enforces the bug is quickly fixed
• Con: can create a so-called 0-day, criminals know the bug before the systems
have a chance to be patched
• Responsible Disclosure: inform the company of the bug and set a time after which you
disclose it publicly.
• Pro: bug can be fixed before anyone knows about it.
• Con: if the company in question does not have set procedures you might get
sued, this can be overcome by proxying it with another company

Attacker model
Here, we assume that:
• Malicious parties have goals and limitations attacker model
• Some parties are assumed to be honest (can also be a 3rd party) trusted parties

There are a few attacker types:

 • Passive: the attacker observes and does not manipulate
• Active: the attacker manipulates
• External: the attacker not a participant
• Internal: the attacker is a participant

• Local: the attacker is present in part of system

• Global: the attacker is present in the whole system
• Static: the attacker's behavior stays the same
• Adaptive: the attacker's behavior changes based on new information

• Computationally unbounded: the attacker has unlimited computational power at its

disposal
• Polynomially bounded: the attacker can only computed algorithms that have polynomial
complexity (realistic, but can change in the future because of quantum computing)

Dolev-Yao model
In the context of computer networks, the most common adversary model (a formalization of an
attacker in a computer or networked system) is the Dolev-Yao model. An attacker is
polynomially bounded and can:
• overhear
• modify
• drop
• replay
• delay
• create
messages in the system.

Cryptography
Cryptography definitions
• Cryptosystem: a set of algorithms that guarantee security properties
• (Cryptographic) key: a parameter that determines the (functional) output of the algorithm
• Cryptography: creating cryptosystems
• Cryptanalysis: breaking cryptosystems
• Cryptology: combination of cryptanalysis and cryptography

Kerckhoff’s Principle
Security should never be dependent on the secrecy of the algorithm (security through
obscurity). Security should only be dependent on the keys used.

This is because a leaked key is fixable by generating a new one, leaking an algorithm means
you have to design a new one if it's leaked.
Ciphers
A cipher is a "secret" way of writing. There are a few options for this, two of these include:

Substitution: Every character in the plaintext is replaced by a matching character in the

ciphertext. This could be that you rotate the message k places, but this is easily brute-forcable.

Transposition: Transposition ciphers reorder the message itself, as an anagram. The key is the
way the reordering is done. This is suffers from the property that when you use a key which is
close to the correct one you will get correct text intertwined with gibberish thus indicating you
are close. Also, known plaintext attacks are very effective because the encryption algorithm is
the inverse of the decryption algorithm.

Cryptanalysis
There are multiple techniques to break ciphers:
1. Differential cryptanalysis: inspecting the difference in encryption behavior for small
changes in plaintext
2. Linear crypanalysis: XORing plaintext and ciphertext. Imbalance in 0's and 1's can be
used to reduce work needed to break the cipher
3. Inspecting power consumption
4. Inspecting timings

Encryption definitions
• Cipher: cryptosystem for encryption
• Plaintext: original message M
• Ciphertext: original message after an encryption process. We denote this by C =
Enc (K1 , M ), where M is encrypted using key K1 . We denote decryption by M =
Dec (K2 , C ).

Symmetric-key encryption
In symmetric-key encryption, you encrypt and decrypt using the same key. This key is
exchanged prior over known secure channel. As soon as this key leaks, security is gone.

Types:
• Stream ciphers: apply encryption to each bit
• Block ciphers: apply encryption to block-divided input.

Asymmetric Encryption
Encrypt and decrypt with different keys. All users have a public (encryption) key and a private
(secret) key.

Everyone can send messages to a user without having to exchange a key, but only the receiver
can decrypt it using the private key.
It is very important to verify a public key corresponds to the correct person prior to
communication.

Algorithms
One-Time Pad (OTP)
OTPs are information-theoretically secure stream-ciphers if the pad is indeed only used once.

Example approach with XOR:

1. Create a random bit string as key, the OTP
2. Convert message with bit string
3. XOR both strings to obtain the cipher (or XOR with the cipher to decrypt)

This is secure because for every possible message of the length of the cipher, you can create a
key which results in the message. So without the key there are x possibilites, where x is the
length of the cipher.

A disadvantage of this is that the message has to be equally long to the OTP. So this OTP can
only be used once, which is inconvenient.

Pseudo-Random Number Generators (PRNGs)

A PRNG is an algorithm for generating a sequence of numbers whose properties approximate
the properties of sequences of random numbers. The PRNG-generated sequence is not truly
random, because it is completely determined by an initial value, called the PRNG's seed (which
may include truly random values).

Although sequences that are closer to truly random can be generated using hardware random
number generators, pseudorandom number generators are important in practice for their
speed in number generation and their reproducibility.

Approximate OTP
We can use a PRNG to improve on OTP, so we don't have to share a long key each message.
We first agree on a short key k (the seed for the PRNG).

If Alice wants to send a message m to Bob, she creates a nonce n which has the same length
as k. This nonce is a number that is generated each message, so that the same message is not
encrypted to the same cyphertext. This makes sure that we can't use linguistic patterns to find
out what the message is.

Then we XOR k and n (XOR will be denoted as ⊕ from now on). The result of this will be seed
of the PRNG, which is used to create an OTP which gives a cipher c and send that to Bob. We
also send n to Bob (which can be public).

Then Bob computes n ⊕ k, which he puts into the PRNG which gives the seed which is used
to XOR c to return the original message.

This is illustrated in the following image:

Block ciphers
Block ciphers need two algorithms:
• One to encrypt the block using a symmetric key
• And one to divide and combine the block (cipher modes)

Block-encryption
A P -box permutes the input into the output, this is similar to a transposition cipher. It changes
the order of the bits. The P -box shows which output bit is determined by which input bit
An S -box substitutes the input with other bits, this is a simple substitution cipher

A block cipher is a combination of P -boxes and S -boxes

Cipher modes
Electronic Code Book
1. Split the message in blocks of n bits
2. Blockencrypt each block using the only key

Disadvantages:
• All blocks with the same plaintext will produce the same ciphertext
• You can replace blocks with blocks of the previous message to hinder communication
• If one bit gets lost the whole stream becomes undecryptable.

Cipher Block Chaining

Alice wants to send message m to Bob. This message is divided into m1 … mn .
We take an initial vector IV (like a nonce) which has the same length as a block of m. Then we
compute m1 ⊕ IV . The result of this is block-encrypted using the secret key. This gives the
cipher c1

For the rest of the blocks, we use the cipher of the previous block as an initial vector, so for m2
we compute m2 ⊕ c1 , which we then encrypt as well.

A disadvantage is that any corruption makes the whole stream undecipherable. Another
disadvantage is that this can't be run multi-threaded.

Cipher Counters
For every block of a message, we feed in a initial vector IV , and the number of the block into
the block-encryption step. So for message m1 , we block-encrypt using both IV , 0 and the key.
The result of this is then XORed with message m1 .

For m2 , we do the exact same, but now we block-encrypt using IV , 1 and the key.

Advantage over block chaining: when one block messes up, all the others are fine.

Data Encryption Standard (DES)

DES has 64-bit input and output with a small key length of 56. It used to be the standard in 1977
but was broken in the late 90s partly due to the small key length.

A naive approach to increase the strength of DES was 3DES which uses three keys and does
the following: encrypt with k1 , decrypt with k2 , encrypt with k3 .

AES
Previously known as Rijndael. It is the symmetric block cipher standard established by NIST
and is versatile by design.

It had a few requirements:

• Should be symmetric
• Should be public
• Key lengths of 128, 192 and 256 bits should be supported
• Implementation possible in hardware and software

RSA
Computationally secure (assumes factoring large primes is hard). It was discovered in 1978 and
is still used to this day.

Euler function
Take the primes p and q , and the number n where n = p × q

The Euler function states that φ (n) = (p − 1) × (q − 1).

Key generation
1. Chose two large (e.g. 1024 bits) primes, p and q (p and q should be kept secret)
2. Compute n and φ (n) (as defined in the Euler function)
a. n is used as the modulus for the private and public key
b. n's length in bits is the key length
c. n is released as part of the public key
d. φ (n) is kept secret
3. Choose a number d, relatively prime to φ (n) (so choose d such that the greatest
common divisor gcd (ϕ (n) , d) = 1gcd (d,  φ (n)) = 1).
a. d is kept secret and is and is the private key component
4. Find e such that e × d = 1 mod φ (n)
a. e will be released as part of the public key
b. e is called the coprime of φ (n)

So:
• public key = (e, n)
• private key = (d, p, q )

RSA is computationally secure if:

• Factorization of n is computationally infeasible (attack needs to find p and q but
factoring large numbers is difficult)
• Deriving the e-th root modulo n is computationally infeasible

Encryption and Decryption

• Encrypt M : C = M e  mod n, where M is an integer between 1 and n
• Decrypt C : M = C d  mod n

Example
Take the following numbers:
• p = 3,  q = 11
• n = 3,  φ (n) = 20
•d=7
•e=3

Then we encrypt/decrypt the following way:

Here, we convert the messages into numeric messages P (plaintext), which are then
encrypted/decrypted using the known algorithm.

Keep in mind that in reality this is not used (it's called textbook RSA), as identical plaintexts have
identical cyphertexts. In reality, a nonce will be added.

Problems with RSA

• Factorizing will be much easier once there are quantum computers
• Keys need to be very long (2048 bits vs 256 bits in symmetric algorithms)
• Operations are slow (exponentiation vs XOR)

A part of this can be solved by using RSA only to communicate keys for symmetric key
algorithms (hybrid encryption). We then use the following scheme (with EncA being
asymmetric and EndS being symmetric)
• Alice wants to send a message to Bob and thus looks up his public key pBob
• Alice encrypts a key she wants to use for symmetric kS by executing EncA (kS ,  pBob ),
which she sends to Bob
• Bob decrypt this key with his own private key, and now both Alice and Bob have
possession over a key which can be used for symmetric encryption.

This hybrid encryption is also used by PGP.

Diffie-Hellman
We can also exchange keys using Diffie-Hellmann. This is an interactive exchange, so both
parties need to be online.

With publicly known numbers g and n, the exchange works as follows:

1. Alice chooses secret x and sends g x  mod n to Bob
2. Bob chooses secret y and send g y  mod n to Alice.

Then both they compute k = g yx , which is the shared secret key.

A problem that occurs is the Discrete Log Problem. In order to calculate x or y as an attacker,
we have to find a in g a  mod n where g and n are public. But, this is computationally infeasible.
Diffie-Hellmann changes this a bit, by stating that given n,  g,  g a  mod n,  g b  mod n, it is
computationally infeasible to derive g ab .

MAC / digital signatures

Definitions
• Data integrity: verify that received data is correct (you can be sure that if you get
something, it's correct)
• Authentication: verify identity
• Anonimity: ability to hide identifiy

• Non-repudiation: inability to refute validity of statement

• Repudiation: ability to plausibly deny statement

Message Authentication Codes (MACs), which rely on symmetric crypto, provide:

• Data integrity
• Authentication
• Repudiation (so you can still say it wasn't you)

Digital signatures, which rely on asymmetric crypto, provide:

• Data integrity
• Authentication
• Non-repudiation (people can prove it was you)

MAC algorithm
1. Alice gives her message M to a MAC MAC function (using the shared key) and sends
the result to Bob. She also sends the original message M to Bob
2. Bob checks if the received MAC is equal to the MAC he calculates from the message

Without knowing the secret key, you cannot compute the MAC. This MAC function builds
upon cryptographic hash functions, with some extra properties (here, h is the hash function):
• Collision resistance: it is computationally infeasible to find x =
 y such that h (x) =
h (y )
• reimage resistance: given z , it is computationally infeasible to find x with h (x) = z
• Second preimage resistance: given x,  z = h (x), it is computationally infeasible to find
y= x with h (y ) = z

In order to calculate the MAC, we combine M , key k and a nonce, which will be passed into
our hash function (e.g. SHA, MD5)
Digital signatures algorithm
1. Alice signs the message M with her own secret key and sends the result (signature) to
Bob. She also sends the original message M to Bob
2. Bob looks up public key and verifies the signature using a verify function.

RSA can be used here. But, this is quite slow, so we want to use hash-then-sign. We first hash
the message and then sign just the resulting hash. This makes it a lot quicker to sign and verify.

Public Key Infrastructure

A public key infrastructure makes sure that keys belong to the person that they should belong
to, and can't replace them with their own keys.

Hierarchical system
Such PKIs typically use certificate authorities. A certificate authority signs public keys so
everyone trusts that you actually own the key. The certificate authority is hierarchical (like DNS),
so there are a few root authorities, which sign certificates for regional authorities etc, which
goes down to central authorities.

Certificates can be checked by following the authority tree to the root authority. Your browser
or operating system knows of the root certificates and is thus able to verify your certificate
chain.

The standard for such keys is the X.509 standard. A requirement of this was that certificates
should be easy to read. This is because you should be able to change it and implement it
easily.

X.509 specifies an encoding method and a number of fields, e.g.:

• Version
• Serial number
• Signature algorithm
• Issuer
• Etc.

Web of trust
If you don't have trusted parties, you can use a web-of-trust. Here, people sign the public keys
of participants that they know in the real-world. Users verify a new public key by checking if it
has been signed by one or more public keys that:
• they have signed
• have been signed by a public key they consider legitimate
Protocols
Wireless
Wireless communication is very vulnerable to attacks because all the data is sent through the
air. Anyone can listen in on the communication. We want to have the following for wireless
communication:
• Data integrity: we should be sure no-one tampered with our communication
• Confidentiality: we should make sure the content is confidential
• Access control: we should make sure only authorized people are in the wifi

WEP (Wired Equivalent Privacy)

• Data integrity: CRC, bad because we can recompute the CRC
• Confidentiality: stream cipher with a 40-bit key, bad because it is easily brute forceable
• Access control:
• Every user has the same password (corresponding to a secret key K of 40 bits),
bad because people can share passwords
• Using a challenge-response protocol with cleartext challenge c and response c ⊕
keystream, bad because

Challenge response protocol

1. User U sends a connection request to the access point AP . AP responds with a
challenge c
2. U computes (with nonce n) n ⊕ key , which after the PRNG returns a keystream ks
3. U computes c ⊕ ks and sends the result of that and the nonce to AP

Breaking WEP
1. The attacker knows c, c ⊕ ks, n
2. The attacker also sends a connection request, and gets a challenge d
3. The attacker computes c ⊕ (c ⊕ ks) = ks, and then executes d ⊕ ks and sends all the
valid data and gets access to the network

WPA
• WPA was a patch for WEP
• WPA2 is a standard since 2006 (but there have been attacks on WPA2's handshake, this
happened because the proofs didn't consider certain aspects)

VPNs
An organization that wants to maintain private networks such that:
1. Communication between two private networks in physically different places that has to
traverse an untrusted network is encrypted and authenticated.
2. Communication with authorized parties outside of the organization’s networks, e.g.,
employees working from home, is encrypted and authenticated.
Optimally, communication between parties in different physical locations that requires using an
untrusted network should have the same security guarantees as communication within one
private network. However, that is not quite possible in this generality. Sending content via an
untrusted network naturally reveals some information, e.g., the existence of such
communication to outside parties. Furthermore, organizations can do little to improve the
availability of the untrusted network. As a consequence, VPNs focus on confidentiality of the
content and authentication. A large number of VPNs relies on IPSec to achieve these goals but
other protocols exist.

IPSec
As the name indicates, IPSec, or IP Security, provides security for IP packets. IPSec uses
symmetric-key encryption for confidentiality and message authentication codes for integrity.
The cryptographic algorithms vary. In a protected and private network, gateways process all
traffic from and to the outside. Apart from their role for IPSec, which is described below, they
typically also act as a firewall and identify undesired traffic.

Transport mode: handles communication between two (non-gateway) hosts that are not in any
private network or one gateway and a host outside of the private network.
Tunnel mode: sending messages of one protocol inside messages of another protocol outside
of their usual order (so it encapsulates protocols within other protocols where it normally
wouldn't). E.g. sending TCP/IP/Payload instead of IP/TCP/Payload

ESP
IPSec makes use Encapsulated Security Payload (ESP). An ESP header is added, which contains
information for IPSec. The payload is encrypted and a MAC code is added to the packet. This
is what is done in transport mode (so it provides confidentiality, integrity and authentication).
You get authentication because when setting up a connection between gateways, keys are
exchanged and thus they know who they are talking to.

In tunneling mode the entire IP packet is protected, as the following fields are sent:
1. A newly created IP header
2. ESP header
3. The encrypted old IP header
4. The encrypted payload
5. A MAC for the old header and payload

Thus this also provides anonymity.

IPSec based VPNs

When using VPNs, we can use IPSec. Here we would have 2 VPN gateways, which replace the
IP addresses of the original sender by their own IP address. This thus hides the IP address of
the original sender to the outside world.
So when a user U sends a payload to user V , this goes through a gateway, which does the
following to the packet:
• It changes the IP addresses to that they represent the gateway (not U )
• Add an ESP
• Add a MAC

On the other side, the gateway will then remove these headers and the message will arrive
normally at V

TLS
TLS provides server authentication, confidentiality and integrity on top of (usually) TCP. It is
mostly used when communicating with web servers and is integrated in the browser by default.
It is the successor of SSL and nowadays TLS 1.3 is in the process of replacing TLS 1.2.

As discussed before, a hierarchical PKI is used for keys.

It works in the following way:

1. If user U wants to make a connection, it sends the TLS version and known ciphersuites
(encryption + MAC algos) to the server S
2. S responds with the chosen version of TLS and which ciphersuites to use (the most
secure version they both know) and returns the X.509 certificate chain
3. U verifies this certificate chain

DNSSEC
We have some security problems with normal DNS: DNS spoofing. That's when a DNS server
provides an incorrect (malicious) IP address. This can happen in 2 ways:
• Spoofing attack, tricking a DNS server into serving a malicious IP address
• Cache attack, corrupting records of an honest entity by convincing a DNS server to
include incorrect mappings (if a DNS server tries to request an address of a server,
intercept it and return a fake address)

To avoid this, we use DNSSEC. This uses a hierarchical PKI to enable authentication of
domains.

PGP
Email does not natively support confidentiality or authentication. PGP uses public-key
cryptography to
• Email encryption (hybrid encryption)
• Authentication, integrity, and nonrepudiation (hash-then-sign)

We use:
 • Encpub for asymmetric key encryption and Encsec for symmetric key encryption (same
for Dec)
• Hash function h, depending on version (e.g. SHA1)
• Signing function Sign and verify function V erif y (e.g. RSA)
• X has secret keys keySIGN
X
and keyDECX

• X has public keys keyVXERIF Y and keyENX

C

Sending
Alice sends an encrypted and signed message to Bob
1. For plaintext M , Alice computes h (M )
2. Alice signs the hash s = SIGN (keySIGN Alice
,  h (M ))
3. Alice chooses secret key k
4. Alice encrypts C1 = Encpub (keyEnc Bob
,  k )
5. Alice encrypts C2 = Encsec (k,  M ∣∣ s) (where ∣∣ means concatentation)
6. Alice sends C1 and C2

Receiving
Bob receives C1 and C2 from Alice
1. Bob decrypts k′ = Decpub (keyDec
Bob
,  C1 )
2. Bob decrypts M ∣∣ s = Decsec (k ,  C2 )
′ ′ ′

3. Bob computes h (M ′ )
4. Bob computes V erif y (keyVAlice ′ ′
ERIF Y ,  h (M ) ,  s )
5. Bob discards messages if verification failed

User Authentication
In order to authenticate client (not servers) multi-factor authentication is used. So multiple
checks based on different criteria are applied, based on:
1. Something you know: passwords, pins etc
2. Something you have: phone, credit card, etc
3. Something you are: fingerprints, iris scan etc