HAI Network Communication Protocol Description

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "HAI Network Communication Protocol Description"

Transcription

1 Home Automation, Inc. HAI Network Communication Protocol Description This document contains the intellectual property of Home Automation, Inc. (HAI). HAI authorizes the use of this information for the sole purpose of developing software and systems to work with HAI's Network Interface. The specifications in this document are subject to change without notice. Document Number 20P09-1 Rev A May 2003

2

3 1. Introduction This document describes the protocol used to communicate between a client device (personal computer, etc.) and an HAI OmniPro II controller using the controller s Ethernet network interface. The HAI network communication protocol uses standard Ethernet, IP (Internet Protocol) and UDP (User Datagram Protocol) protocol layers to transport HAI application-level packets across the network. The use of standard transport and routing protocols enables HAI OmniPro II controllers to be used in any standard network environment. The network environment may range from a small local area network (LAN) in a single residence to the worldwide Internet. Refer to the attached diagrams for related details while reading the remainder of this document. 2. Protocol Description The HAI OmniPro II controller connects to the network via a standard Ethernet interface. The controller listens for all IP/UDP communications addressed to it on a specific UDP port number. The controller tracks the state of different client sessions by the unique combination of the source IP address (from the IP header) and the source port (from the UDP header) of the client. The Ethernet Frame, IP Header and UDP Header merely provide the standardized information required by the network infrastructure (routers, etc.) to transport HAI packets between client and controller. The actual controller transaction requests and responses are contained in the HAI packet. The structure and interpretation of the HAI packet is described in the following paragraphs. The first field of the HAI application packet is a 16-bit message sequence number, transmitted mostsignificant-byte first. This field provides a mechanism for detecting duplicate packets and dynamically adjusting network timeout periods to accommodate varying network delays. If the value is set to zero, sequence tracking is disabled for the packet. If sequence tracking is used, the client increments this value each time it sends a packet to the controller. Note that since a sequence number of zero has special significance, the sequence number value rolls over from to one instead of zero. The controller replies to client requests using the same message sequence number assigned by the client. The next field is the 8-bit message type. This value defines the nature of the message, so that it can be processed accordingly. The next 8-bit field is reserved for future use. And, finally, the message data field comprises any data or message associated with the specified message type. This field may be empty. This is the only field that is ever encrypted. Page 1

4 When the controller receives a HAI packet, it examines the message type field, and takes the appropriate action as defined by the following rules. If the controller receives a packet that is not a valid HAI packet (i.e., missing or invalid message type ), the controller quietly discards the packet without a reply. If the message type is Client request new session : If the controller cannot initiate a new session (i.e., too many sessions already open, etc.), it replies to the client with a Controller cannot start new session message, and no further action is taken; otherwise If the controller already has a session open for this client, that session is quietly terminated (i.e., no termination message is sent to the client), and a new session is initialized as described below. The controller initiates a new session associated with this unique client. The controller uses a random number generator to produce a 40-bit session ID. The session ID will be used by both client and controller to modify the private encryption key, which is known to both, resulting in a key that is unique for this session. The controller replies to the client with a Controller acknowledge new session message. The message data consists of a 16-bit value that indicates the HAI network protocol version being used by the controller, followed by the 40-bit session ID, both transmitted most-significant-byte first. The controller generates the unique encryption key for this session and initializes the encryption/decryption algorithms. The 128-bit session key is computed as follows: a) the 88 most significant bits of the session key are identical to the corresponding bits of the private key. b) the 40 least significant bits of the session key are the result of a logical XOR of the 40 least significant bits of the private key and the 40 bits of the session ID. Page 2

5 If the message type is Client request secure connection : If the controller does not already have an active session for the client, it replies to the client with a Controller session terminated message, and no further action is taken; otherwise a) The controller decrypts the message data, which should consist of the 40-bit session ID (transmitted MSB first). b) The controller compares the session ID received from the client to the session ID previously generated by the controller. c) If the session IDs are identical, this confirms that the client received the session ID intact, and used it to produce the correct session encryption key. The controller responds with the Acknowledge secure connection message, with the session ID in the data field. d) If the session IDs are NOT identical, the controller replies with the Controller session terminated message, and terminates the session. If the message type is Omni-Link message : If the controller does not already have an active session for the client, it replies to the client with a Controller session terminated message, and no further action is taken; otherwise The controller decrypts the message data, and treats it as a standard Omni-Link message. If the Omni-Link message requires a reply, the controller encrypts the standard Omni-Link reply message and replies to the client with a message type of Omni-Link message and the encrypted message in the data field. If the message type is Client session terminated : The controller replies with the Controller session terminated message and, if a session is active, terminates the session. Page 3

6 3. Encryption As mentioned above, certain message types require encryption or decryption of the message data portion of the HAI application packet. This section describes the encryption/decryption methods. Encryption and decryption of data in the HAI application packet is based on the Advanced Encryption Standard (AES) using a 128-bit cryptographic key. The AES (sometimes referred to as the Rijndael algorithm, derived from the names of the developers) was selected by the National Institute of Standards and Technology (NIST) and approved by the U.S. Department of Commerce (in May, 2002) as a robust replacement for the widely-used, but aging and vulnerable, DES encryption standard. The AES algorithm is a symmetric block cipher that is capable of using cryptographic keys of 128, 192 or 256 bits to encrypt and decrypt data in blocks of 128 bits. Further information about the AES can be found at the following NIST website: and in the Federal Information and Processing Standards (FIPS) publication FIPS-197. The following procedure is used to encrypt HAI message data: 1. Process data in 128-bit (16-byte) blocks. If available data does not fill a 16-byte block, the data is left-justified and padded on the right with zeros to fill the block. 2. Modify the first two bytes of the 16-byte encryption block by performing a logical XOR operation with the two bytes of the message sequence number in the HAI header (i.e., XOR the first byte of the encryption block with the MSB of the message sequence number, and XOR the second byte of the encryption block with the LSB of the message sequence number). 3. Encrypt the 16-byte block using the AES encryption algorithm and the 128-bit session key that was negotiated when the client and controller established the secure connection. 4. Process the next block of data until all data has been processed. A similar procedure is used to decrypt HAI message data: 1. Process data in 128-bit (16-byte) blocks. 2. Decrypt the 16-byte block using the AES decryption algorithm and the 128-bit session key that was negotiated when the client and controller established the secure connection. Page 4

7 3. Modify the first two bytes of the 16-byte encryption block by performing a logical XOR operation with the two bytes of the message sequence number in the HAI header (i.e., XOR the first byte of the encryption block with the MSB of the message sequence number, and XOR the second byte of the encryption block with the LSB of the message sequence number). 4. Process the next block of data until all data has been processed. 5. If the number of bytes in the original message (prior to encryption) was not an exact multiple of 16, the decrypted message will have one or more trailing pad bytes. The length of the actual message (not including the pad bytes) should be determined by examining the message length field of the Omni-Link message. Page 5

8 HAI Network Communication Protocol Typical Ethernet II Frame with Embedded IP, UDP and HAI Application Packets 16 bits Ethernet Frame Ethernet Destination MAC Address (bits 47-32) Ethernet Destination MAC Address (bits 31-16) Ethernet Destination MAC Address (bits 15-0) Ethernet Source MAC Address (bits 47-32) Ethernet Source MAC Address (bits 31-16) Ethernet Source MAC Address (bits 15-0) Ethernet Type Code (IP = 0x0800) Ethernet Frame Header IP Packet IP Version Flags IP Header Length IP Type of Service Total IP Packet Length (in bytes) Identification Fragment Offset Time to Live IP Header Checksum Protocol IP Header UDP Packet HAI Packet IP Source Address (bits 31-16) IP Source Address (bits 15-0) IP Destination Address (bits 31-16) IP Destination Address (bits 15-0) UDP Source Port UDP Destination Port UDP Length UDP Checksum HAI Message Sequence Number HAI MessageType HAI Reserved = 0x00 UDP Header HAI Application Header HAI Application Data (variable length, if any) HAI Application Data Ethernet Checksum (bits 31-16) Ethernet Checksum (bits 15-0) Ethernet Frame Trailer Page 6

9 HAI Network Communication Protocol HAI Application Packet Format The following table describes the format of the HAI application data that is transmitted within the user data (payload) area of an IP/UDP packet. Size (bytes) Description Comments 2 Message sequence number 0 = Sequence tracking disabled = Sequence number of this packet (byte order is MSB..LSB) 1 Message type 0 = No message 1 = Client request new session 2 = Controller acknowledge new session 3 = Client request secure connection 4 = Controller acknowledge secure connection 5 = Client session terminated 6 = Controller session terminated 7 = Controller cannot start new session 16 = Omni-Link message 1 Reserved 0 = unused variabl e Message data May be empty, depending on message type Page 7

10 HAI Network Communication Protocol Typical Message Sequence Sequence Number Encrypted Client Direction Controller 1 No Request new session 1 No 2 Yes Request secure connection - session ID 2 Yes 3 Yes Omni-Link log-in request 3 Yes Yes Omni-Link message Acknowledge new session - protocol version - session ID (40- bit random data generated by controller) Acknowledge secure connection - session ID Omni-Link log-in acknowledge Yes Omni-Link reply Yes Omni-Link log-out Yes No No Client session terminated Omni-Link log-out acknowledge Controller session terminated (timed out, terminated by client, etc.) Page 8

11

CS 356: Computer Network Architectures. Lecture 10: IP Fragmentation, ARP, and ICMP. Xiaowei Yang

CS 356: Computer Network Architectures. Lecture 10: IP Fragmentation, ARP, and ICMP. Xiaowei Yang CS 356: Computer Network Architectures Lecture 10: IP Fragmentation, ARP, and ICMP Xiaowei Yang xwy@cs.duke.edu Overview Homework 2-dimension parity IP fragmentation ARP ICMP Fragmentation and Reassembly

More information

Networking interview questions

Networking interview questions Networking interview questions What is LAN? LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected

More information

Lab - Using Wireshark to Examine a UDP DNS Capture

Lab - Using Wireshark to Examine a UDP DNS Capture Topology Objectives Part 1: Record a PC s IP Configuration Information Part 2: Use Wireshark to Capture DNS Queries and Responses Part 3: Analyze Captured DNS or UDP Packets Background / Scenario If you

More information

APPENDIX F THE TCP/IP PROTOCOL ARCHITECTURE

APPENDIX F THE TCP/IP PROTOCOL ARCHITECTURE APPENDIX F THE TCP/IP PROTOCOL ARCHITECTURE William Stallings F.1 TCP/IP LAYERS... 2 F.2 TCP AND UDP... 4 F.3 OPERATION OF TCP/IP... 6 F.4 TCP/IP APPLICATIONS... 10 Copyright 2014 Supplement to Computer

More information

User Datagram Protocol

User Datagram Protocol Topics Transport Layer TCP s three-way handshake TCP s connection termination sequence TCP s TIME_WAIT state TCP and UDP buffering by the socket layer 2 Introduction UDP is a simple, unreliable datagram

More information

Protocol Layers & Wireshark TDTS11:COMPUTER NETWORKS AND INTERNET PROTOCOLS

Protocol Layers & Wireshark TDTS11:COMPUTER NETWORKS AND INTERNET PROTOCOLS Protocol Layers & Wireshark TDTS11:COMPUTER NETWORKS AND INTERNET PROTOCOLS Mail seban649@student.liu.se Protocol Hi Hi Got the time? 2:00 time TCP connection request TCP connection response Whats

More information

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition ELEC / COMP 177 Fall 2011 Some slides from Kurose and Ross, Computer Networking, 5 th Edition One of the core protocols in the Internet Primarily used to communicate errors among routers and hosts IP datagram

More information

Guide To TCP/IP, Second Edition UDP Header Source Port Number (16 bits) IP HEADER Protocol Field = 17 Destination Port Number (16 bit) 15 16

Guide To TCP/IP, Second Edition UDP Header Source Port Number (16 bits) IP HEADER Protocol Field = 17 Destination Port Number (16 bit) 15 16 Guide To TCP/IP, Second Edition Chapter 5 Transport Layer TCP/IP Protocols Objectives Understand the key features and functions of the User Datagram Protocol (UDP) Explain the mechanisms that drive segmentation,

More information

(ICMP), RFC

(ICMP), RFC Internet et Control o Message Protocol (ICMP), RFC 792 http://icourse.cuc.edu.cn/networkprogramming/ linwei@cuc.edu.cn Nov. 2009 Overview The IP (Internet Protocol) relies on several other protocols to

More information

Network Layer. The Network Layer. Contents Connection-Oriented and Connectionless Service. Recall:

Network Layer. The Network Layer. Contents Connection-Oriented and Connectionless Service. Recall: Network Layer The Network Layer Recall: The network layer is responsible for the routing of packets The network layer is responsible for congestion control 1 2 Contents 4.1.1 Connection-Oriented and Connectionless

More information

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet Chapter 2 - Part 1 The TCP/IP Protocol: The Language of the Internet Protocols A protocol is a language or set of rules that two or more computers use to communicate 2 Protocol Analogy: Phone Call Parties

More information

ECE 461 Internetworking Fall Quiz 1

ECE 461 Internetworking Fall Quiz 1 ECE 461 Internetworking Fall 2013 Quiz 1 Instructions (read carefully): The time for this quiz is 50 minutes. This is a closed book and closed notes in-class exam. Non-programmable (Type 2) calculators

More information

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Layer 4: UDP, TCP, and others based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Concepts application set transport set High-level, "Application Set" protocols deal only with how handled

More information

ECE 4450:427/527 - Computer Networks Spring 2017

ECE 4450:427/527 - Computer Networks Spring 2017 ECE 4450:427/527 - Computer Networks Spring 2017 Dr. Nghi Tran Department of Electrical & Computer Engineering Lecture 6.2: IP Dr. Nghi Tran (ECE-University of Akron) ECE 4450:427/527 Computer Networks

More information

CIS-331 Final Exam Fall 2015 Total of 120 Points. Version 1

CIS-331 Final Exam Fall 2015 Total of 120 Points. Version 1 Version 1 1. (25 Points) Given that a frame is formatted as follows: And given that a datagram is formatted as follows: And given that a TCP segment is formatted as follows: Assuming no options are present

More information

b. Suppose the two packets are to be forwarded to two different output ports. Is it

b. Suppose the two packets are to be forwarded to two different output ports. Is it Problem-1:[15] Suppose two packets arrive to two different input ports of a router at exactly the same time. Also suppose there are no other packets anywhere in the router. a. Suppose the two packets are

More information

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition ELEC / COMP 177 Fall 2016 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Presentation 2 Security/Privacy Presentations Nov 3 rd, Nov 10 th, Nov 15 th Upload slides to Canvas by midnight

More information

ETSF05/ETSF10 Internet Protocols Network Layer Protocols

ETSF05/ETSF10 Internet Protocols Network Layer Protocols ETSF05/ETSF10 Internet Protocols Network Layer Protocols 2016 Jens Andersson Agenda Internetworking IPv4/IPv6 Framentation/Reassembly ICMPv4/ICMPv6 IPv4 to IPv6 transition VPN/Ipsec NAT (Network Address

More information

ECE4110 Internetwork Programming. Introduction and Overview

ECE4110 Internetwork Programming. Introduction and Overview ECE4110 Internetwork Programming Introduction and Overview 1 EXAMPLE GENERAL NETWORK ALGORITHM Listen to wire Are signals detected Detect a preamble Yes Read Destination Address No data carrying or noise?

More information

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005 Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks

More information

Internetwork Protocols

Internetwork Protocols Internetwork Protocols Background to IP IP, and related protocols Internetworking Terms (1) Communications Network Facility that provides data transfer service An internet Collection of communications

More information

EITF25 Internet Techniques and Applications L7: Internet. Stefan Höst

EITF25 Internet Techniques and Applications L7: Internet. Stefan Höst EITF25 Internet Techniques and Applications L7: Internet Stefan Höst What is Internet? Internet consists of a number of networks that exchange data according to traffic agreements. All networks in Internet

More information

OSI Network Layer. Network Fundamentals Chapter 5. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1

OSI Network Layer. Network Fundamentals Chapter 5. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1 OSI Network Layer Network Fundamentals Chapter 5 Version 4.0 1 Objectives Identify the role of the Network Layer, as it describes communication from one end device to another end device. Examine the most

More information

Internet Control Message Protocol (ICMP), RFC 792. Prof. Lin Weiguo Copyleft 2009~2017, School of Computing, CUC

Internet Control Message Protocol (ICMP), RFC 792. Prof. Lin Weiguo Copyleft 2009~2017, School of Computing, CUC Internet Control Message Protocol (ICMP), RFC 79 Prof Lin Weiguo Copyleft 009~07, School of Computing, CUC Oct 07 Overview } The IP (Internet Protocol) relies on several other protocols to perform necessary

More information

Network Model. Why a Layered Model? All People Seem To Need Data Processing

Network Model. Why a Layered Model? All People Seem To Need Data Processing Network Model Why a Layered Model? All People Seem To Need Data Processing Layers with Functions Packet Propagation Each router provides its services to support upper-layer functions. Headers (Encapsulation

More information

Lab Two Using Wireshark to Discover IP NAME:

Lab Two Using Wireshark to Discover IP NAME: Lab Two Using Wireshark to Discover IP NAME: In this lab, we ll investigate the IP protocol, focusing on the IP datagram. We ll do so by analyzing a trace of IP datagrams sent and received by an execution

More information

Network Layer: Internet Protocol

Network Layer: Internet Protocol Network Layer: Internet Protocol Motivation Heterogeneity Scale Intering IP is the glue that connects heterogeneous s giving the illusion of a homogenous one. Salient Features Each host is identified by

More information

Networking: Network Layer

Networking: Network Layer CS 4410 Operating Systems Networking: Network Layer Summer 2013 Cornell University 1 Today How packages are exchanged in a WAN? Network Layer IP Naming Subnetwork Forwarding Routing Algorithms 2 Protocol

More information

CIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1

CIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1 Version 1 1. (24 Points) Show the routing tables for routers A, B, C, and D. Make sure you account for traffic to the Internet. NOTE: Router E should only be used for Internet traffic. Router A Router

More information

Chapter 7 Internet Protocol Version 4 (IPv4) Kyung Hee University

Chapter 7 Internet Protocol Version 4 (IPv4) Kyung Hee University Chapter 7 Internet Protocol Version 4 (IPv4) 1 7.1 Introduction The transmission mechanism used by the TCP/IP Unreliable and connectionless datagram protocol Best-effort delivery service IP packets can

More information

Chapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

Chapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University Chapter 6 IP Security Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University +91 9426669020 bhargavigoswami@gmail.com Topic List 1. IP Security Overview 2. IP Security Architecture 3.

More information

IP : Internet Protocol

IP : Internet Protocol 1/20 IP : Internet Protocol Surasak Sanguanpong nguan@ku.ac.th http://www.cpe.ku.ac.th/~nguan Last updated: July 30, 1999 Agenda 2/20 IP functions IP header format Routing architecture IP layer 3/20 defines

More information

IPv4 Lecture 10a. COMPSCI 726 Network Defence and Countermeasures. Muhammad Rizwan Asghar. August 14, 2017

IPv4 Lecture 10a. COMPSCI 726 Network Defence and Countermeasures. Muhammad Rizwan Asghar. August 14, 2017 IPv4 Lecture 10a COMPSCI 726 Network Defence and Countermeasures Muhammad Rizwan Asghar August 14, 2017 Source of some slides: Princeton University Also thanks to J.F Kurose and K.W. Ross IPv4 Internet

More information

Review of Important Networking Concepts. Recall the Example from last lecture

Review of Important Networking Concepts. Recall the Example from last lecture Review of Important ing Concepts Review: ed communication architecture The TCP/IP protocol suite Jörg Liebeherr, 1998,1999 1 Recall the Example from last lecture Ellington.cs.virginia.edu establishes an

More information

CCNA 1 Chapter 7 v5.0 Exam Answers 2013

CCNA 1 Chapter 7 v5.0 Exam Answers 2013 CCNA 1 Chapter 7 v5.0 Exam Answers 2013 1 A PC is downloading a large file from a server. The TCP window is 1000 bytes. The server is sending the file using 100-byte segments. How many segments will the

More information

Data Link Protocols. High Level Data. Control Protocol. HDLC Framing ~~~~~~~~ Functions of a Data Link Protocol. Framing PDUs. Addressing Destination

Data Link Protocols. High Level Data. Control Protocol. HDLC Framing ~~~~~~~~ Functions of a Data Link Protocol. Framing PDUs. Addressing Destination Data Link Protocols Data Link Services Connection-less services Functions of a Data Link Protocol Framing PDUs ing Destination Error Detection / Error Recovery Link Management Ethernet (covered elsewhere)

More information

TCP/IP Protocol Suite

TCP/IP Protocol Suite TCP/IP Protocol Suite Computer Networks Lecture 5 http://goo.gl/pze5o8 TCP/IP Network protocols used in the Internet also used in today's intranets TCP layer 4 protocol Together with UDP IP - layer 3 protocol

More information

RFC Compliance Test Report. Release 3.0

RFC Compliance Test Report. Release 3.0 .2 Type FRR FRR FRR FRR FRR FRR Commit ID 3e71b5d 5cf0c43 f633dc2 6289215 36a7e78 30283fd Commit Date 2017-04-02 2017-10-14 2017-11-08 2017-11-08 2017-11-08 ANVL-RIP-1.1 RFC 2453 s3.6 p20 Message Format

More information

Introduction to Open System Interconnection Reference Model

Introduction to Open System Interconnection Reference Model Chapter 5 Introduction to OSI Reference Model 1 Chapter 5 Introduction to Open System Interconnection Reference Model Introduction The Open Systems Interconnection (OSI) model is a reference tool for understanding

More information

Interconnecting Networks with TCP/IP. 2000, Cisco Systems, Inc. 8-1

Interconnecting Networks with TCP/IP. 2000, Cisco Systems, Inc. 8-1 Interconnecting Networks with TCP/IP 2000, Cisco Systems, Inc. 8-1 Objectives Upon completion of this chapter you will be able to perform the following tasks: Identify the IP protocol stack, its protocol

More information

Introduction Layer 3. IP-Header: and RFC-760 Addressing schemes Subnetting Routing. Layer 3 Solution in Trains

Introduction Layer 3. IP-Header:  and RFC-760 Addressing schemes Subnetting Routing. Layer 3 Solution in Trains Chapter 2.3 Layer 3 Network Layer 1 Content Introduction Layer 3 IP Protocol IP-Header: www.ietf.org and RFC-760 Addressing schemes Subnetting Routing Layer 3 Solution in Trains Communication Matrix (Information

More information

Internet Protocol (IP)

Internet Protocol (IP) CPSC 360 - Network Programming Internet Protocol (IP) Michele Weigle Department of Computer Science Clemson University mweigle@cs.clemson.edu March 14, 2005 http://www.cs.clemson.edu/~mweigle/courses/cpsc360

More information

Virtual Private Networks

Virtual Private Networks EN-2000 Reference Manual Document 8 Virtual Private Networks O ne of the principal features of routers is their support of virtual private networks (VPNs). This document discusses transmission security,

More information

CS 457 Lecture 11 More IP Networking. Fall 2011

CS 457 Lecture 11 More IP Networking. Fall 2011 CS 457 Lecture 11 More IP Networking Fall 2011 IP datagram format IP protocol version number header length (bytes) type of data max number remaining hops (decremented at each router) upper layer protocol

More information

Networking: Network layer

Networking: Network layer control Networking: Network layer Comp Sci 3600 Security Outline control 1 2 control 3 4 5 Network layer control Outline control 1 2 control 3 4 5 Network layer purpose: control Role of the network layer

More information

IP Security. Have a range of application specific security mechanisms

IP Security. Have a range of application specific security mechanisms IP Security IP Security Have a range of application specific security mechanisms eg. S/MIME, PGP, Kerberos, SSL/HTTPS However there are security concerns that cut across protocol layers Would like security

More information

Internet Protocol version 6

Internet Protocol version 6 Internet Protocol version 6 Claudio Cicconetti International Master on Communication Networks Engineering 2006/2007 IP version 6 The Internet is growing extremely rapidly. The

More information

Chapter 8 Network Security

Chapter 8 Network Security Chapter 8 Network Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and

More information

The Interconnection Structure of. The Internet. EECC694 - Shaaban

The Interconnection Structure of. The Internet. EECC694 - Shaaban The Internet Evolved from the ARPANET (the Advanced Research Projects Agency Network), a project funded by The U.S. Department of Defense (DOD) in 1969. ARPANET's purpose was to provide the U.S. Defense

More information

UDP and TCP. Introduction. So far we have studied some data link layer protocols such as PPP which are responsible for getting data

UDP and TCP. Introduction. So far we have studied some data link layer protocols such as PPP which are responsible for getting data ELEX 4550 : Wide Area Networks 2015 Winter Session UDP and TCP is lecture describes the two most common transport-layer protocols used by IP networks: the User Datagram Protocol (UDP) and the Transmission

More information

Introduction to Networking. Operating Systems In Depth XXVII 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.

Introduction to Networking. Operating Systems In Depth XXVII 1 Copyright 2017 Thomas W. Doeppner. All rights reserved. Introduction to Networking Operating Systems In Depth XXVII 1 Copyright 2017 Thomas W. Doeppner. All rights reserved. Distributed File Systems Operating Systems In Depth XXVII 2 Copyright 2017 Thomas W.

More information

User Datagram Protocol (UDP):

User Datagram Protocol (UDP): SFWR 4C03: Computer Networks and Computer Security Feb 2-5 2004 Lecturer: Kartik Krishnan Lectures 13-15 User Datagram Protocol (UDP): UDP is a connectionless transport layer protocol: each output operation

More information

Tutorial 9. SOLUTION Since the number of supported interfaces is different for each subnet, this is a Variable- Length Subnet Masking (VLSM) problem.

Tutorial 9. SOLUTION Since the number of supported interfaces is different for each subnet, this is a Variable- Length Subnet Masking (VLSM) problem. Tutorial 9 1 Router Architecture Consider a router with a switch fabric, 2 input ports (A and B) and 2 output ports (C and D). Suppose the switch fabric operates at 1.5 times the line speed. a. If, for

More information

Chapter 5 OSI Network Layer

Chapter 5 OSI Network Layer Chapter 5 OSI Network Layer The protocols of the OSI model Network layer specify addressing and processes that enable Transport layer data to be packaged and transported. The Network layer encapsulation

More information

Internet Protocol. Outline Introduction to Internet Protocol Header and address formats ICMP Tools CS 640 1

Internet Protocol. Outline Introduction to Internet Protocol Header and address formats ICMP Tools CS 640 1 Internet Protocol Outline Introduction to Internet Protocol Header and address formats ICMP Tools CS 640 1 Internet Protocol Runs on all hosts in the Internet and enables packets to be routed between systems

More information

Lecture 8. Reminder: Homework 3, Programming Project 2 due on Thursday. Questions? Tuesday, September 20 CS 475 Networks - Lecture 8 1

Lecture 8. Reminder: Homework 3, Programming Project 2 due on Thursday. Questions? Tuesday, September 20 CS 475 Networks - Lecture 8 1 Lecture 8 Reminder: Homework 3, Programming Project 2 due on Thursday. Questions? Tuesday, September 20 CS 475 Networks - Lecture 8 1 Outline Chapter 3 - Internetworking 3.1 Switching and Bridging 3.2

More information

CSE/EE 461 The Network Layer. Application Presentation Session Transport Network Data Link Physical

CSE/EE 461 The Network Layer. Application Presentation Session Transport Network Data Link Physical CSE/EE 461 The Network Layer Application Presentation Session Transport Network Data Link Physical This Lecture Focus: What to do when one wire isn t big enough? Point to point link Broadcast link (Ethernet

More information

CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE i): A Comparison with DES and RSA

CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE i): A Comparison with DES and RSA Journal of Computer Science Original Research Paper CCMP Advanced Encryption Standard Cipher For Wireless Local Area Network (IEEE 802.11i): A Comparison with DES and RSA 1 Velayutham, R. and 2 D. Manimegalai

More information

IPv6: An Introduction

IPv6: An Introduction Outline IPv6: An Introduction Dheeraj Sanghi Department of Computer Science and Engineering Indian Institute of Technology Kanpur dheeraj@iitk.ac.in http://www.cse.iitk.ac.in/users/dheeraj Problems with

More information

IPv4. Christian Grothoff.

IPv4. Christian Grothoff. IPv4 christian@grothoff.org http://grothoff.org/christian/ Sites need to be able to interact in one single, universal space. Tim Berners-Lee 1 The Network Layer Transports datagrams from sending to receiving

More information

An SCTP-Protocol Data Unit with several chunks

An SCTP-Protocol Data Unit with several chunks SCTP for Beginners Section 2 SCTP Packets he protocol data units (PDU) of SCTP are called SCTP packets. If SCTP runs over IP (as described in RFC2960 ), an SCTP packet forms the payload of an IP packet.

More information

CS 458 Internet Engineering Spring First Exam

CS 458 Internet Engineering Spring First Exam CS 458 Internet Engineering Spring 2005 First Exam Instructions (read carefully): There are 6 problems for a total of 60 points. This is a closed book and closed notes in-class exam. If any problem is

More information

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis CS-435 spring semester 2016 Network Technology & Programming Laboratory University of Crete Computer Science Department Stefanos Papadakis & Manolis Spanakis CS-435 Lecture #4 preview ICMP ARP DHCP NAT

More information

Department of Computer Science and Engineering. CSE 3214: Computer Network Protocols and Applications Instructor: N. Vlajic Date: Feb 23, 2016

Department of Computer Science and Engineering. CSE 3214: Computer Network Protocols and Applications Instructor: N. Vlajic Date: Feb 23, 2016 Department of Computer Science and Engineering CSE 3214: Computer Network Protocols and Applications Instructor: N. Vlajic Date: Feb 23, 2016 Midterm Examination Instructions: Examination time: 75 min.

More information

Internet. 1) Internet basic technology (overview) 3) Quality of Service (QoS) aspects

Internet. 1) Internet basic technology (overview) 3) Quality of Service (QoS) aspects Internet 1) Internet basic technology (overview) 2) Mobility aspects 3) Quality of Service (QoS) aspects Relevant information: these slides (overview) course textbook (Part H) www.ietf.org (details) IP

More information

Problem Set 7 Due: Start of Class, November 2

Problem Set 7 Due: Start of Class, November 2 CS242 Computer Networks Handout # 14 Randy Shull October 26, 2017 Wellesley College Problem Set 7 Due: Start of Class, November 2 Reading: Kurose & Ross, Sections 3.6, 3.7, 3.8 Wireshark Lab [26] In these

More information

Computer Networking: A Top Down Approach Featuring the. Computer Networks with Internet Technology, William

Computer Networking: A Top Down Approach Featuring the. Computer Networks with Internet Technology, William Dr. John Keeney 3BA33 TCP/IP protocol architecture with IP OSI Model Layers TCP/IP Protocol Architecture Layers TCP/IP Protocol Suite Application Layer Application Layer Telnet FTP HTTP DNS RIPng SNMP

More information

II. Principles of Computer Communications Network and Transport Layer

II. Principles of Computer Communications Network and Transport Layer II. Principles of Computer Communications Network and Transport Layer A. Internet Protocol (IP) IPv4 Header An IP datagram consists of a header part and a text part. The header has a 20-byte fixed part

More information

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho Internet Security - IPSec, SSL/TLS, SRTP - 29th. Oct. 2007 Lee, Choongho chlee@mmlab.snu.ac.kr Contents Introduction IPSec SSL / TLS SRTP Conclusion 2/27 Introduction (1/2) Security Goals Confidentiality

More information

(2½ hours) Total Marks: 75

(2½ hours) Total Marks: 75 (2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.

More information

The Internet. The Internet is an interconnected collection of netw orks.

The Internet. The Internet is an interconnected collection of netw orks. The Internet The Internet is an interconnected collection of netw orks. Internetw orking-1 Internetworking! Communications Network: A facility that provides a data transfer service among stations attached

More information

NAT, IPv6, & UDP CS640, Announcements Assignment #3 released

NAT, IPv6, & UDP CS640, Announcements Assignment #3 released NAT, IPv6, & UDP CS640, 2015-03-03 Announcements Assignment #3 released Overview Network Address Translation (NAT) IPv6 Transport layer User Datagram Protocol (UDP) Network Address Translation (NAT) Hacky

More information

OSI Network Layer. Chapter 5

OSI Network Layer. Chapter 5 OSI Network Layer Network Fundamentals Chapter 5 Objectives Identify the role of the Network Layer, as it describes communication from one end device to another end device. Examine the most common Network

More information

McGraw-Hill The McGraw-Hill Companies, Inc., 2000

McGraw-Hill The McGraw-Hill Companies, Inc., 2000 !! McGraw-Hill The McGraw-Hill Companies, Inc., 2000 "#$% & '$# )1 ) ) )6 ) )* )- ). )0 )1! )11 )1 )1 )16 )1 3'' 4", ( ( $ ( $ $$+, $$, /+ & 23,4 )/+ &4 $ 53" Network Layer Position of network layer Figure

More information

Cryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái

Cryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái Cryptography and Network Security Block Ciphers + DES Lectured by Nguyễn Đức Thái Outline Block Cipher Principles Feistel Ciphers The Data Encryption Standard (DES) (Contents can be found in Chapter 3,

More information

CHAPTER 18 INTERNET PROTOCOLS ANSWERS TO QUESTIONS

CHAPTER 18 INTERNET PROTOCOLS ANSWERS TO QUESTIONS CHAPTER 18 INTERNET PROTOCOLS ANSWERS TO QUESTIONS 18.1 (1) The communications network may only accept blocks of data up to a certain size. (2) Error control may be more efficient with a smaller PDU size.

More information

The Transport Layer. Part 1

The Transport Layer. Part 1 The Transport Layer Part 1 2 OVERVIEW Part 1 User Datagram Protocol Transmission Control Protocol ARQ protocols Part 2 TCP congestion control Mowgli XTP SCTP WAP 3 Transport Layer Protocols Connect applications

More information

CSCI Networking Name:

CSCI Networking Name: CSCI 3335- Networking Name: Final Exam Problem 1: Error Checking and TCP (15 Points) (a) True or false: [2.5 points for circling correct answers, -1 points for each wrong answer] i. CRC can both correct

More information

To make a difference between logical address (IP address), which is used at the network layer, and physical address (MAC address),which is used at

To make a difference between logical address (IP address), which is used at the network layer, and physical address (MAC address),which is used at To make a difference between logical address (IP address), which is used at the network layer, and physical address (MAC address),which is used at the data link layer. To describe how the mapping of a

More information

ISO/IEC INTERNATIONAL STANDARD. Information technology MPEG systems technologies Part 7: Common encryption in ISO base media file format files

ISO/IEC INTERNATIONAL STANDARD. Information technology MPEG systems technologies Part 7: Common encryption in ISO base media file format files INTERNATIONAL STANDARD ISO/IEC 23001-7 First edition 2012-02-01 Information technology MPEG systems technologies Part 7: Common encryption in ISO base media file format files Technologies de l'information

More information

IPsec (AH, ESP), IKE. Guevara Noubir CSG254: Network Security

IPsec (AH, ESP), IKE. Guevara Noubir CSG254: Network Security IPsec (AH, ESP), IKE Guevara Noubir noubir@ccs.neu.edu Securing Networks Control/Management (configuration) Applications Layer telnet/ftp: ssh, http: https, mail: PGP (SSL/TLS) Transport Layer (TCP) (IPSec,

More information

COMP/ELEC 429/556 Introduction to Computer Networks

COMP/ELEC 429/556 Introduction to Computer Networks COMP/ELEC 429/556 Introduction to Computer Networks Let s Build a Scalable Global Network - IP Some slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion Stoica, Hui Zhang T. S. Eugene

More information

COSC4377. Chapter 8 roadmap

COSC4377. Chapter 8 roadmap Lecture 28 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7

More information

UDP: Datagram Transport Service

UDP: Datagram Transport Service UDP: Datagram Transport Service 1 Topics Covered Introduction Transport Protocols and End-to-End Communication The User Datagram Protocol The Connectionless Paradigm Message-Oriented Interface UDP Communication

More information

Firewalls, Tunnels, and Network Intrusion Detection

Firewalls, Tunnels, and Network Intrusion Detection Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.

More information

Shortest Path First Example

Shortest Path First Example IP Exercises (Solutions in Class) 1 Shortest Path First Example Example: Received Set of Link State Update Packets (from Fig. 5-13, Computer Networks) Identity Sequence # Age List of Neighbors A 2021 60

More information

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition ELEC / COMP 177 Fall 2011 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Homework #6 - Presentation on security/ privacy Topic selection Due Tuesday, Nov 22 nd Slides Due Monday, Nov

More information

CS 3516: Advanced Computer Networks

CS 3516: Advanced Computer Networks Welcome to CS 3516: Advanced Computer Networks Prof. Yanhua Li Time: 9:00am 9:50am M, T, R, and F Location: Fuller 320 Fall 2017 A-term 1 Some slides are originally from the course materials of the textbook

More information

Computer Network Fundamentals Spring Week 4 Network Layer Andreas Terzis

Computer Network Fundamentals Spring Week 4 Network Layer Andreas Terzis Computer Network Fundamentals Spring 2008 Week 4 Network Layer Andreas Terzis Outline Internet Protocol Service Model Addressing Original addressing scheme Subnetting CIDR Fragmentation ICMP Address Shortage

More information

On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August

On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August The requirements for a future all-digital-data distributed network which provides common user service for a wide range of users having different requirements is considered. The use of a standard format

More information

IPv6. IPv4 & IPv6 Header Comparison. Types of IPv6 Addresses. IPv6 Address Scope. IPv6 Header. IPv4 Header. Link-Local

IPv6. IPv4 & IPv6 Header Comparison. Types of IPv6 Addresses. IPv6 Address Scope. IPv6 Header. IPv4 Header. Link-Local 1 v4 & v6 Header Comparison v6 Ver Time to Live v4 Header IHL Type of Service Identification Protocol Flags Source Address Destination Address Total Length Fragment Offset Header Checksum Ver Traffic Class

More information

LECTURE 8. Mobile IP

LECTURE 8. Mobile IP 1 LECTURE 8 Mobile IP What is Mobile IP? The Internet protocol as it exists does not support mobility Mobile IP tries to address this issue by creating an anchor for a mobile host that takes care of packet

More information

Internet Control Message Protocol

Internet Control Message Protocol Internet Control Message Protocol The Internet Control Message Protocol is used by routers and hosts to exchange control information, and to inquire about the state and configuration of routers and hosts.

More information

Revision History Revision 0 (T10/06-225r0): Posted to the T10 web site on 4 May 2006.

Revision History Revision 0 (T10/06-225r0): Posted to the T10 web site on 4 May 2006. To: INCITS T10 Committee From: Matt Ball, Quantum Corporation Date: 27 June 2006 Subject: SSC-3: Using NIST AES Key-Wrap for Key Establishment Revision History Revision 0 (T10/06-225r0): Posted to the

More information

DirectNET Host. Communications Programs. In This Chapter...

DirectNET Host. Communications Programs. In This Chapter... Communications Programs In This Chapter.... Why do you need a communications program? Modes of Operation Protocol Components Controlling the Communications Initiating the Request Acknowledging the Request

More information

Introduction to Networks and the Internet

Introduction to Networks and the Internet Introduction to Networks and the Internet CMPE 80N Announcements Project 2. Reference page. Library presentation. Internet History video. Spring 2003 Week 7 1 2 Today Internetworking (cont d). Fragmentation.

More information

Network Layer/IP Protocols

Network Layer/IP Protocols Network Layer/IP Protocols 1 Outline IP Datagram (IPv4) NAT Connection less and connection oriented service 2 IPv4 packet header 3 IPv4 Datagram Header Format version of the IP protocol (4 BIts) IP header

More information

IPSec. Overview. Overview. Levente Buttyán

IPSec. Overview. Overview. Levente Buttyán IPSec - brief overview - security associations (SAs) - Authentication Header (AH) protocol - Encapsulated Security Payload () protocol - combining SAs (examples) Overview Overview IPSec is an Internet

More information

CSCE 715: Network Systems Security

CSCE 715: Network Systems Security CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Web Security Web is now widely used by business, government, and individuals But Internet and Web are

More information

CSCE 715: Network Systems Security

CSCE 715: Network Systems Security CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Web Security Web is now widely used by business, government, and individuals But Internet and Web are

More information