Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Last class r Ethernet r Hubs and Switches r Mobile and wireless networks, CDMA Today r CDMA and IEEE 802.11 wireless LANs r Network security.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Last class r Ethernet r Hubs and Switches r Mobile and wireless networks, CDMA Today r CDMA and IEEE 802.11 wireless LANs r Network security."— Presentation transcript:

1 1 Last class r Ethernet r Hubs and Switches r Mobile and wireless networks, CDMA Today r CDMA and IEEE 802.11 wireless LANs r Network security

2 2 10BaseT and 100BaseT Ethernet r Uses CSMA/CD r 10/100 Mbps rate; latter called “fast ethernet” r T stands for Twisted Pair r Nodes connect to a hub: “star topology”; 100 m max distance between nodes and hub twisted pair hub

3 3 Interconnecting with hubs Pros: r Enables interdepartmental communication r Extends max distance btw. nodes r If a hub malfunctions, the backbone hub can disconnect it Cons: r Collision domains are transferred into one large, common domain r Cannot interconnect 10BaseT and 100BaseT hubs hub

4 4 Switch: traffic isolation r switch installation breaks subnet into LAN segments r switch filters packets: m same-LAN-segment frames not usually forwarded onto other LAN segments m segments become separate collision domains hub switch collision domain

5 5 Wireless network characteristics Multiple wireless senders and receivers create additional problems (beyond multiple access): A B C Hidden terminal problem r B, A hear each other r B, C hear each other r A, C can not hear each other means A, C unaware of their interference at B A B C A’s signal strength space C’s signal strength Signal fading: r B, A hear each other r B, C hear each other r A, C can not hear each other interferring at B

6 6 Overview r CDMA and IEEE 802.11 wireless LANs r Network security

7 7 Code Division Multiple Access (CDMA) r used in several wireless broadcast channels (cellular, satellite, etc) standards r unique “code” assigned to each user; i.e., code set partitioning r all users share same frequency, but each user has own “chipping” sequence (i.e., code) to encode data r encoded signal = (original data) X (chipping sequence) r decoding: inner-product of encoded signal and chipping sequence r allows multiple users to “coexist” and transmit simultaneously with minimal interference (if codes are “orthogonal”)

8 8 CDMA Encode/Decode slot 1 slot 0 d 1 = -1 111 1 1 - 1 - 1 -1 - Z i,m = d i. c m d 0 = 1 111 1 1 - 1 - 1 - 1 - 111 1 1 - 1 - 1 -1 - 111 1 1 - 1 - 1 -1 - slot 0 channel output slot 1 channel output channel output Z i,m sender code data bits slot 1 slot 0 d 1 = -1 d 0 = 1 111 1 1 - 1 - 1 -1 - 111 1 1 - 1 - 1 - 1 - 111 1 1 - 1 - 1 -1 - 111 1 1 - 1 - 1 -1 - slot 0 channel output slot 1 channel output receiver code received input D i =  Z i,m. c m m=1 M M

9 9 CDMA: two-sender interference

10 10 Overview r CDMA and IEEE 802.11 wireless LANs r Network security

11 11 IEEE 802.11 Wireless LAN r 802.11b m 2.4-5 GHz unlicensed radio spectrum m up to 11 Mbps m direct sequence spread spectrum (DSSS) in physical layer all hosts use same chipping code m widely deployed, using base stations r 802.11a m 5-6 GHz range m up to 54 Mbps r 802.11g m 2.4-5 GHz range m up to 54 Mbps r All use CSMA/CA for multiple access r All have base-station and ad-hoc network versions

12 12 802.11 LAN architecture r wireless host communicates with base station m base station = access point (AP) r Basic Service Set (BSS) (aka “cell”) in infrastructure mode contains: m wireless hosts m access point (AP): base station m ad hoc mode: hosts only BSS 1 BSS 2 Internet hub, switch or router AP

13 13 802.11: Channels, association r 802.11b: 2.4GHz-2.485GHz spectrum divided into 11 channels at different frequencies m AP admin chooses frequency for AP m interference possible: channel can be same as that chosen by neighboring AP! r host: must associate with an AP m scans channels, listening for beacon frames containing AP’s name (SSID) and MAC address m selects AP to associate with m may perform authentication [Chapter 8] m will typically run DHCP to get IP address in AP’s subnet

14 14 IEEE 802.11: multiple access r avoid collisions: 2 + nodes transmitting at same time r 802.11: CSMA - sense before transmitting m don’t collide with ongoing transmission by other node r 802.11: no collision detection! m difficult to receive (sense collisions) when transmitting due to weak received signals (fading) m can’t sense all collisions in any case: hidden terminal, fading m goal: avoid collisions: CSMA/C(ollision)A(voidance) A B C A B C A’s signal strength space C’s signal strength

15 15 IEEE 802.11 MAC Protocol: CSMA/CA 802.11 sender 1 if sense channel idle for DIFS then transmit entire frame (no CD) 2 if sense channel busy then - start random backoff time - timer counts down while channel idle - transmit when timer expires - if no ACK, increase random backoff interval, repeat 2 802.11 receiver - if frame received OK return ACK after SIFS (ACK needed due to hidden terminal problem) sender receiver DIFS data SIFS ACK

16 16 Avoiding collisions (more) idea: allow sender to “reserve” channel rather than random access of data frames: avoid collisions of long data frames r sender first transmits small request-to-send (RTS) packets to BS using CSMA m RTSs may still collide with each other (but they’re short) r BS broadcasts clear-to-send CTS in response to RTS r RTS heard by all nodes m sender transmits data frame m other stations defer transmissions Avoid data frame collisions completely using small reservation packets!

17 17 Collision Avoidance: RTS-CTS exchange AP A B time RTS(A) RTS(B) RTS(A) CTS(A) DATA (A) ACK(A) reservation collision defer

18 18 frame control duration address 1 address 2 address 4 address 3 payloadCRC 226662 6 0 - 2312 4 seq control 802.11 frame: addressing Address 2: MAC address of wireless host or AP transmitting this frame Address 1: MAC address of wireless host or AP to receive this frame Address 3: MAC address of router interface to which AP is attached Address 4: used only in ad hoc mode

19 19 Internet router AP H1 R1 AP MAC addr H1 MAC addr R1 MAC addr address 1 address 2 address 3 802.11 frame R1 MAC addr AP MAC addr dest. address source address 802.3 frame 802.11 frame: addressing

20 20 hub or switch AP 2 AP 1 H1 BBS 2 BBS 1 802.11: mobility within same subnet router r H1 remains in same IP subnet: IP address can remain same r switch: which AP is associated with H1? m self-learning (Ch. 5): switch will see frame from H1 and “remember” which switch port can be used to reach H1

21 21 Network Security What is network security? Principles of cryptography Authentication Access control: firewalls Attacks and counter measures

22 22 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure message content not altered (in transit, or afterwards) without detection Access and Availability: services must be accessible and available to users

23 23 Friends and enemies: Alice, Bob, Trudy r well-known in network security world r Bob, Alice (lovers!) want to communicate “securely” r Trudy (intruder) may intercept, delete, add messages secure sender secure receiver channel data, control messages data Alice Bob Trudy

24 24 Who might Bob, Alice be? r … well, real-life Bobs and Alices! r Web browser/server for electronic transactions (e.g., on-line purchases) r on-line banking client/server r DNS servers r routers exchanging routing table updates r other examples?

25 25 There are bad guys (and girls) out there! Q: What can a “bad guy” do? A: a lot! m eavesdrop: intercept messages m actively insert messages into connection m impersonation: can fake (spoof) source address in packet (or any field in packet) m hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place m denial of service: prevent service from being used by others (e.g., by overloading resources) more on this later ……

26 26 Overview What is network security? Principles of cryptography Authentication Access control: firewalls Attacks and counter measures

27 27 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption key public, decryption key secret (private) plaintext ciphertext K A encryption algorithm decryption algorithm Alice’s encryption key Bob’s decryption key K B

28 28 Symmetric key cryptography substitution cipher: substituting one thing for another m monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc E.g.: Q: How hard to break this simple cipher?:  brute force (how hard?)  other?

29 29 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution pattern in mono alphabetic substitution cipher r Q: how do Bob and Alice agree on key value? plaintext ciphertext K A-B encryption algorithm decryption algorithm A-B K plaintext message, m K (m) A-B K (m) A-B m = K ( ) A-B

30 30 Symmetric key crypto: DES DES: Data Encryption Standard r US encryption standard [NIST 1993] r 56-bit symmetric key, 64-bit plaintext input r How secure is DES? m DES Challenge: 56-bit-key-encrypted phrase (“Strong cryptography makes the world a safer place”) decrypted (brute force) in 4 months m no known “backdoor” decryption approach r making DES more secure: m use three keys sequentially (3-DES) on each datum m use cipher-block chaining

31 31 Symmetric key crypto: DES initial permutation 16 identical “rounds” of function application, each using different 48 bits of key final permutation DES operation

32 32 AES: Advanced Encryption Standard r new (Nov. 2001) symmetric-key NIST standard, replacing DES r processes data in 128 bit blocks r 128, 192, or 256 bit keys r brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES

33 33 Public Key Cryptography symmetric key crypto r requires sender, receiver know shared secret key r Q: how to agree on key in first place (particularly if never “met”)? public key cryptography r radically different approach [Diffie- Hellman76, RSA78] r sender, receiver do not share secret key r public encryption key known to all r private decryption key known only to receiver

34 34 Public key cryptography plaintext message, m ciphertext encryption algorithm decryption algorithm Bob’s public key plaintext message K (m) B + K B + Bob’s private key K B - m = K ( K (m) ) B + B -

35 35 Public key encryption algorithms need K ( ) and K ( ) such that B B.. given public key K, it should be impossible to compute private key K B B Requirements: 1 2 RSA: Rivest, Shamir, Adelson algorithm + - K (K (m)) = m B B - + + -

Download ppt "1 Last class r Ethernet r Hubs and Switches r Mobile and wireless networks, CDMA Today r CDMA and IEEE 802.11 wireless LANs r Network security."

Similar presentations

Chapter 8 Network Security

Chapter 8 Network Security
Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,

Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,
Comp 361, Spring 20056:Basic Wireless 1 Chapter 6: Basic Wireless (last updated 02/05/05) r A quick intro to CDMA r Basic 802.11.

Comp 361, Spring 20056:Basic Wireless 1 Chapter 6: Basic Wireless (last updated 02/05/05) r A quick intro to CDMA r Basic
1 CS 854 – Hot Topics in Computer and Communications Security Fall 2006 Introduction to Cryptography and Security.

1 CS 854 – Hot Topics in Computer and Communications Security Fall 2006 Introduction to Cryptography and Security.
Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:

Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:
6: Wireless and Mobile Networks6-1 Chapter 6 Wireless and Mobile Networks A note on the use of these ppt slides: We’re making these slides freely available.

6: Wireless and Mobile Networks6-1 Chapter 6 Wireless and Mobile Networks A note on the use of these ppt slides: We’re making these slides freely available.
Overview r Ethernet r Hubs, bridges, and switches r Wireless links and LANs.

Overview r Ethernet r Hubs, bridges, and switches r Wireless links and LANs.
8: Network Security8-1 21 - Security. 8: Network Security8-2 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides.

8: Network Security Security. 8: Network Security8-2 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides.
20 – Collision Avoidance, 802.11 6: Wireless and Mobile Networks6-1.

20 – Collision Avoidance, : Wireless and Mobile Networks6-1.
Network Security understand principles of network security:

Network Security understand principles of network security:
6: Wireless and Mobile Networks6-1 Chapter 6: Wireless and Mobile Networks Background: r # wireless (mobile) phone subscribers now exceeds # wired phone.

6: Wireless and Mobile Networks6-1 Chapter 6: Wireless and Mobile Networks Background: r # wireless (mobile) phone subscribers now exceeds # wired phone.
1 Elements of a wireless network network infrastructure wireless hosts r laptop, PDA, IP phone r run applications r may be stationary (non- mobile) or.

1 Elements of a wireless network network infrastructure wireless hosts r laptop, PDA, IP phone r run applications r may be stationary (non- mobile) or.
6: Wireless and Mobile Networks6-1 Data Communication and Networks Lecture 5 Wireless Networks October 5, 2006.

6: Wireless and Mobile Networks6-1 Data Communication and Networks Lecture 5 Wireless Networks October 5, 2006.
Review and Announcement r Ethernet m Ethernet CSMA/CD algorithm r Hubs, bridges, and switches m Hub: physical layer Can’t interconnect 10BaseT & 100BaseT.

Review and Announcement r Ethernet m Ethernet CSMA/CD algorithm r Hubs, bridges, and switches m Hub: physical layer Can’t interconnect 10BaseT & 100BaseT.
6/2/05CS118/Spring051 Chapter 6: Wireless and Mobile Networks r Cover the following sections only:  6.3: 802.11 wireless LANs  6.5: mobility management:

6/2/05CS118/Spring051 Chapter 6: Wireless and Mobile Networks r Cover the following sections only:  6.3: wireless LANs  6.5: mobility management:
5-1 Data Link Layer r Wireless Networks m Wi-Fi (Wireless LAN) Example Problems m RTS/CTS.

5-1 Data Link Layer r Wireless Networks m Wi-Fi (Wireless LAN) Example Problems m RTS/CTS.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
5-1 Data Link Layer r What is Data Link Layer? r Wireless Networks m Wi-Fi (Wireless LAN) r Comparison with Ethernet.

5-1 Data Link Layer r What is Data Link Layer? r Wireless Networks m Wi-Fi (Wireless LAN) r Comparison with Ethernet.
8/7/20151 Mobile Computing COE 446 Wireless Multiple Access Tarek Sheltami KFUPM CCSE COE hthttp://faculty.kfupm.edu.sa/coe/tarek/coe446.htm Principles.

8/7/20151 Mobile Computing COE 446 Wireless Multiple Access Tarek Sheltami KFUPM CCSE COE hthttp://faculty.kfupm.edu.sa/coe/tarek/coe446.htm Principles.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

Similar presentations

Ads by Google