Question

5. In principle, the fact that IP datagram headers aren't encrypted makes it possible for someone to conduct traffic analysis where they glean information about the frequency of source-destination pairs. While maintaining the packet-switching and flexible routing in the TCP/IP Internet, describe how to change the protocols and architecture to allow IP headers to be encrypted.

Answer 1

Ethernet is a local area network (LAN) technology that transmits information between computers at speeds of 10 and 100 million bits per second (Mbps). Currently the most widely used version of Ethernet technology is the 10-Mbps twisted-pair variety.

A packet sniffer is a wire-tap devices that plugs into computer networks and eavesdrops on the network traffic. Like a telephone wiretap allows the FBI to listen in on other people's conversations, a "sniffing" program lets someone listen in on computer conversations.

Ethernet was built around a "shared" principle: all machines on a local network share the same wire.

This implies that all machines are able to "see" all the traffic on the same wire.

The concept behind the OSI model is to separate the functionality into different conceptual modules. As a quick introduction to this, consider the following 3-layer model that most consumers are familiar with:

Application	Web browser, e-mail, RealAudio
Transfer	TCP/IP
Link	Dial-up modem, Cable modem, DSL, Ethernet

Conceptually, this can be viewed in the following diagram:

+-------------+                                               
| Computer    |                                               
|             |                                               
| +-------+   |                                               
| |  Web  |   |                       ____                    
| |Browser|   |                    __/    \__                 
| +----++-+   |                   /  Internet\                
|      ||     |                  |    cloud   \               
| +----||-+   |           +--------+           |      +------+
| | TCP \\| +-----+ Link  | Router |            \     | Web  |
| |  IP  \+=+ NIC +===//==+        +=====//======+====+ Site |
| |       | +-----+       |        |            /     |      |
| +-------+   |           +--------+           |      +------+
|             |                  |            /               
+-------------+                   \__      __/                
                                     \____/                  

All down that is transfered on the Internet is packaged in individual units known as "packets". It takes between 30 and 50 packets for this document to be transfered to your computer, for example. Each packet is labeled with an "IP address" that specifies its destination.

The Ethernet MAC address is a 48 bit number. This number is broken down into two halves, the first 24-bits identify the vendor of the Ethernet board, the second 24-bits is a serial number assigned by the vendor. This guarantees that no two Ethernet cards have the same MAC address (unless the vendor fouls up). Duplicate address would cause problems, so uniquess is very important. This 24-bit number is called the OUI ("Organizationally Unique Identifier")

Below we have discussed the 4 layers that form the TCP/IP reference model:

Layer 1: Host-to-network Layer

1. Lowest layer of the all.
2. Protocol is used to connect to the host, so that the packets can be sent over it.
3. Varies from host to host and network to network.

Layer 2: Internet layer

1. Selection of a packet switching network which is based on a connectionless internetwork layer is called a internet layer.
2. It is the layer which holds the whole architecture together.
3. It helps the packet to travel independently to the destination.
4. Order in which packets are received is different from the way they are sent.
5. IP (Internet Protocol) is used in this layer.
6. The various functions performed by the Internet Layer are:
   • Delivering IP packets
   • Performing routing
   • Avoiding congestion

Layer 3: Transport Layer

1. It decides if data transmission should be on parallel path or single path.
2. Functions such as multiplexing, segmenting or splitting on the data is done by transport layer.
3. The applications can read and write to the transport layer.
4. Transport layer adds header information to the data.
5. Transport layer breaks the message (data) into small units so that they are handled more efficiently by the network layer.
6. Transport layer also arrange the packets to be sent, in sequence.

Layer 4: Application Layer

The TCP/IP specifications described a lot of applications that were at the top of the protocol stack. Some of them were TELNET, FTP, SMTP, DNS etc.

1. TELNET is a two-way communication protocol which allows connecting to a remote machine and run applications on it.
2. FTP(File Transfer Protocol) is a protocol, that allows File transfer amongst computer users connected over a network. It is reliable, simple and efficient.
3. SMTP(Simple Mail Transport Protocol) is a protocol, which is used to transport electronic mail between a source and destination, directed via a route.
4. DNS(Domain Name Server) resolves an IP address into a textual address for Hosts connected over a network.
5. It allows peer entities to carry conversation.
6. It defines two end-to-end protocols: TCP and UDP
   • TCP(Transmission Control Protocol): It is a reliable connection-oriented protocol which handles byte-stream from source to destination without error and flow control.
   • UDP(User-Datagram Protocol): It is an unreliable connection-less protocol that do not want TCPs, sequencing and flow control. Eg: One-shot request-reply kind of service.

Merits of TCP/IP model

1. It operated independently.
2. It is scalable.
3. Client/server architecture.
4. Supports a number of routing protocols.
5. Can be used to establish a connection between two computers.

Demerits of TCP/IP

1. In this, the transport layer does not guarantee delivery of packets.
2. The model cannot be used in any other application.
3. Replacing protocol is not easy.
4. It has not clearly separated its services, interfaces and protocols.

TCP/IP provides facilities that make the computer system an Internet host, which can attach to a network and communicate with other Internet hosts. TCP/IP includes commands and facilities that allow you to:

• Transfer files between systems
• Log in to remote systems
• Run commands on remote systems
• Print files on remote systems
• Send electronic mail to remote users
• Converse interactively with remote users
• Manage a network

Internet Society ( ISOC ) The purpose of the ISOC is to encourage the development and availability of the Internet.

Internet Architecture Board ( IAB ) The IAB is the technical committee of ISOC and is responsible for setting Internet standards and publishing these standards as Request for Comments (RFCs). The IAB governs three groups:

• Internet Research Task Force ( IRTF ) - responsible for TCP/IP related research projects
• Internet Engineering Task Force ( IETF ) - focuses on solutions to Internet problems and the adoption of new standards
• Internet Assigned Numbers Authority ( IANA ) - oversees the process of providing a unique number or port for each protocol used on the Internet

IP (Internet Protocol)

IP is the protocol responsible for addressing and routing packets (on the basis of routing algorithms) between networks. It ensures they reach the correct destination network.

ARP

The Address Resolution Protocol (ARP) is responsible for obtaining hardware addresses and matching them to their IP address when the destination computer is on the same network.

ICMP

The Internet Control Management Protocol (ICMP) is used to report errors and send messages about the delivery of a packet. It can also be used to test TCP/IP networks. Two examples of ICMP messages include:

• Destination unreachable - used when a router cannot locate the destination
• Time exceeded - used when the Time To Live (TTL) of a packet reaches zero

The TTL field in a packet has a maximum value of 255 and this value is reduced by one every time the packet crosses a router. The TTL is eventually reduced to zero if the packet is looping (because of a corrupted routing table) or when congestion causes considerable delays. The router then discards the packet and a warning packet is sent back to the source host.

Transport Layer

The Transport layer provides communication between the source and destination computers, and breaks application layer information into packets. TCP/IP provides two methods of data delivery:

• Connection-orientated delivery using TCP
• Connectionless delivery using UDP

Application Layer

The Application layer is the layer at which many TCP/IP services (high level protocols) can be run (such as FTP, HTTP and SMTP). Two application programming interfaces (APIs) are commonly used within the TCP/IP environment:

1. sockets
2. NetBIOS

UDP protocol number 32 bits #IHI engh TOS 0 Version Packet Length Flags Offset Identifier IP header Checksum 17 TTL Source IP Address (32 bits) 0 Destination IP Address (32 bits) Zero or more optional fields.... Payload UDP message

What is UDP? UDP stands for User Datagram Protocol. A protocol for the Transport Layer in the protocol Stack. Alternative to the Transmission Control Protocol (TCP) and, together with IP, is also referred to as UDP/IFP Programs on networked computers Application Layer Transport Layer (TCP/UDP) can send short messages sometimes known as datagram (using datagram sockets) to one another. IP Layer DataLink Layer Physical Layer