what is DNS?
what is the Purpose of DNS Secondary servers – A secondary server
DNS – Domain Name system.
Purpose of DNS – Machines on the internet
are identified by a unique IP address. It is
difficult to people to remember the
addresses. Humans are more comfortable
with name rather than numbers. Hence, it
would be easier to identify the machine using
name instead of an address. A system is
needed that can map a name to an address.
This task is handled by Domain name system
(DNS). Domain Name Space-It Is basically a
client server application that maps host
names to IP Addresses on the internet.
Write short notes on DNS
Ans. – Machines on the internet are identified
by a unique IP address. It is difficult to people
to remember the addresses. Humans are
more comfortable with name rather than
numbers. Hence, it would be easier to identify
the machine using name instead of an
address. A system is needed that can map a
name to an address. This task is handled by
Domain name system (DNS). Domain Name
Space-It Is basically a client server application
that maps host names to IP Addresses on the
internet. Since the Internet is a huge network,
a central directory system cannot hold all the
mapping. If the entire mapping is stored in a
single computer, the file size will be very
large. Moreover, it will cause a lot of traffic to
the computer. If this computer crashes, the
entire system would fail. Thus, a distributed,
hierarchical system is needed to perform the
mapping efficiently.
Define
Root Server – A root server is a DNS server
whose zone consists of the whole tree
normally; it does not store any information
about domains but delegates its authority to
the other server. There are many roots server
around the world, each covering the whole
domain name space.
Primary server – A primary server stores
information about the zone in a file on the
local disk. It responsible for updating and
maintaining all information about the zone. It
sends this information to the other secondary
servers when requested.
retrieves information from another primary or
secondary server and stores this information
(Zone transfer). It does not create or update
the file. If updating is required, it must be
done by the primary server, which sends the
updated version to the secondary.
Domain Name Space – Domain Name Space is
the implementation of the hierarchical name
space. In this space, the names are defined in
an inverted tree structure with the root at the
top. The hierarchical structure (tree) can have
only 128 levels; level 0 (root) to level 127
Domain: A domain is a subtree of the domain
name space. The name of the domain is the
name of the node at the top of the tree. A
domain itself can be divided into subdomains
Zone: Each DNS server is responsible for or
has authority over a zone. A zone is a
continuous part of the domain tree. If a server
stores the entire domain, the zone and
domain are the same. If the server divides the
domain into subdomains and assigns
responsibility to different servers, zone and
domain are different.
What is Caching ?
Ans – Each time a server receives a query for a
name that is not in its domain, it needs to
search its database for a server IP address.
Thus, the query proceeds by working down
the tree of name servers. This can be time
consuming and can lead to inefficiency.
Internet name servers use name caching to
optimize the search cost.
Write short note on MIME
MIME – (Multipurpose Internet Mail
Extensions) The mail transfer protocol. Allows
only ASCII characters to be included in the
mail. It does not support characters from
other languages and scripts, images, audio,
etc., it specifies the protocol version.
Multipurpose Internet Mail Extensions
Protocol is a supplementary protocol used
with SMTP in order to allow non-ASCII data
like images etc. to be sent in the email. MIME
transforms non- ASCII data at the sender to
ASCII data and delivers it to the client MTA.
The message at the receiving site is
transformed back to the original data.
What is the port no of DNS?
Ans – Port no of DNS is UDP 53
What is resolution? Explain its types
Resolution – the process of mapping name to
an address or an address to a name is called
resolution.
Recursive name-address resolution: In this
method, the DNS client sends a request to a
server for resolution. If the server can resolve
the name-address then it responds
immediately. If the server does not have
authority of domain name, then it sends
request to another server and waits for
response.
Iterative resolution: In iterative resolution,
the DNS client may send its requests to
multiple servers before getting the answer. If
a server cannot resolve the query, it returns
the IP address of another server. The query is
then sent to this server and the process
continues till the query is resolved.
Write short notes on DNS in the internet
OR
Describe generic, country, inverse domains.
Ans – The DNS protocol is designed to work
on different systems. The DNS for Internet
provides a mechanism that implements
machine name hierarchy for TCP/IP, DNS can
use the services of UDP or TCP using the well-
known port 53. There are 3 types of domain
i. Generic domain: It allows organizations to
be grouped by organizational types. When an
organization wants to participate in DNS, it
registers under that scheme. There are 14
generic domains which describe the
organization types.
ii. Country domain: This divides the servers by
country. This scheme uses two-character
country abbreviations. For example, uk-for
United Kingdom, us-for United states, in-for
India etc.
iii. Inverse domain: This is used to map an
address to a name. For example, if a server
receives a request from a client and the server
has only the IP addresses of the clients in its
list then the server asks its resolver to query
to the DNS server to map the IP address to
name to verify if the client is authorized. This
type of query is also called inverse query or
pointer query (PTR query).
Explain architecture of email with different
scenarios
--> email allows user to exchange messages. It
is probably the most widely used service
associated with computer networks.
Email system has 3 different agents:
1.User Agent (UA)
2.Message Transfer Agent (MTA)
3.Message Access Agent (MAA)
Scenario 1: Sender and receiver connected to
same server – the sender and receiver are
user on same system. Each user has a mailbox
in system. Each message carries the mailbox
address of sender and receiver. When A wants
to send mail to B, A uses a User agent (UA) to
create message and send a mail B’s mailbox. B
can read message in B’s mailbox anytime
according to convenience
Scenario 2: Sender and receiver connected to
different server – the sender and receiver are
users on different system. The mail has to be
sent from user A in system to user B in
another system. The mail may have to be sent
over the internet. Thus, we need 2 User
Agents (UA) and 2 Message Transfer Agents
(MTA). The UA’s allows A and B to send and
retrieve messages. The MTA’s are needed to
actually do the transmission from A’s server
to B’s server.
Scenario 3: One user is remote user – In this
Scenario, the retriever B is connected to his
system directly. But A is not connected to
system. A is remote user. A connects to the
system using LAN or WAN link.
Scenario 4: both users are remote
In this scenario A connects to his mail server
using LAN or WAN link. Receiver B also
connects to his mail server through LAN or
WAN connection.
Write short note on SMTP
 SMTP – stands for simple mail transfer
protocol.
This protocol defines the communication
between MTA client and MTA server. It is also
known as Push protocol (it pushes the
message from the client to server). It is simple
ASCII protocol. (all information in the mail is
sent un the form of ASCII Characters). It uses
TCP for communication at port 25.
The MTA client and server establish a
connection before communicating.
Que. Short note on user agent and its
different types
User Agent: A User Agent is an important
component of the email architecture. It
provides service to the user to make the
process of sending and receiving a message
easier. It is software that provides the
following important services:
i. Composing messages: Process of creating
mails. The user agent provides a template
which helps the user fill in different fields. It
can also perform spell check and provide text
formatting capabilities.
ii. Reading messages: Process of displaying
messages in the appropriate format. The
message size, the sender and a part of the
subject.
ill. Replying to messages: Process of replying
to received messages. The user agent allows
the recipient to reply to the received
message.
iv. Forwarding messages: Process of sending
a received message to other users.
Forwarding sends the message to a third
party.
v. Handling mailboxes: Process of handling
inbox, outbox and customized mailboxes
Users can create mailboxes to store the mails
efficiently.
i. Command driven: This type of user agent
uses a Command based Interface i.e., a
Character User Interface (CUI). The user has
to type the commands to perform various UA
actions. Example: mail, pine, elm etc.
ii. GUI based: Modern User Agents are GUI
based. They use GUI components like buttons,
menu's, lists etc. to make the mail creation
task easier and more interactive. Example:
Eudora, Outlook etc.
Q.1 Substitution Cipher
The substitution cipher technique is very
simple. It replaces a letter or group of letters
by another letter or group of letters. If the
plaintext is viewed as a sequence of bits, then
substitution involves replacing plaintext bit
patterns with ciphertext bit patterns.
If one letter is replaced by another, it is
monoalphabetic substitution cipher. If a group
of letters is replaced by another group, it is
polyalphabetic substitution cipher.
I. Monoalphabetic substitution cipher: In
monoalphabetic substitution, the relationship
between a symbol in the plaintext to a symbol
in the ciphertext is always one-to-one. This
means that a letter or symbol is always
replaced by the same letter or symbol in the
ciphertext, irrespective of its position in the
plaintext. For example, if the encryption
scheme is to replace A by letter X, then every
A in the plaintext is replaced by letter X.
Terminology
i. Cryptography: Cryptography is the art and
science of transforming messages for secure
communication. Cryptography is the art of
achieving security by encoding messages to
make them non-readable. The word
cryptography combines two Greek words
'cryptos meaning hidden and 'graphene'
meaning writing. So Cryptography means
'secret writing
ii. Plaintext: The original message to be
encrypted is called plaintext. It is the
information that can be directly read by
humans or a machine without the need of any
transformation.
Ciphertext: The secret message which is
transmitted is called ciphertext. It is the
output of Encryption process.
iv. Cipher: It is an algorithm for transforming
the plaintext message into one that is
unintelligible. i.e. a cipher transforms
plaintext into ciphertext.
Cipher Key: The cipher key is some critical
information used by the cipher, known only to
the sender and receiver.
V. e Encryption: The process of converting the
plaintext to ciphertext using an encryption
function E and a cipher key.
vi. Decryption: The process to retrieve the
plaintext from the ciphertext using Decryption
4 function D and cipher key.
vii. Cryptanalysis: The study of principles and
methods of transforming an unintelligible
message back into an intelligible message
without knowledge of the key. Also
called code breaking.
The components of the encryption model
are:
i. Sender: In this model, the sender is the
source of the message. It generates a plain
text message to be sent securely to a receiver.
ii. Plaintext: The plaintext message is
generated by the sender. It is in a human or
machine-readable form i.e. it can be read and
understood by the sender, receiver and also
anyone else who can access it.
iii.Encryption algorithm: If the plaintext has to
be sent securely from the sender to the
receiver, it has to be transformed so that
anyone else (ex: intruder) who gets access to
the message is unable to understand its
contents. The Encryption algorithm takes two
inputs the plaintext and the encryption key. It
transforms the plaintext into ciphertext by
using some Encryption method E. The output
of the Encryption algorithm is the Ciphertext.
iv. Encryption key: The Encryption algorithm
uses an Encryption key to convert the
plaintext to ciphertext. This key may be
private (symmetric key cryptography) or
public (asymmetric key cryptography). The
sender and receiver generate and share the
key using various algorithms and mechanisms.
V. Ciphertext: The output of the encryption
algorithm is the ciphertext. It is the
transformed message to be sent to the
receiver.
vi. Communication channel: The sender and
receiver use a communication channel to
communicate with each other. The ciphertext
is sent to the receiver through a
communication channel. In most cases, this
channel is a public, shared channel which is
insecure or untrustworthy. Hence, the
plaintext message must be encrypted before
transmission.
Types of Cryptography
All cryptographic algorithms are divided into
two categories:
Cryptography Symmetric key
Asymmetric key
Symmetric key cryptography
This is also called Secret key or Private key
cryptography. In this method, the same key is
used for encryption and decryption.
Hence,the key is shared by the sender and
receiver and must be kept a secret.
A symmetric key cryptography
This is also called public key cryptography. In
this method, each entity has two keys:
i.A public key known to all
ii. A private key known only to itself.
When A wants to send a private message to B.
A encrypts the message using B's public key. B
then decrypts the message using his own
private key. Hence, a different key is used for
encryption and decryption. For B to
communicate with A. B encrypts the message
with A's public key and A decrypts the
message using A's private key.
Advantages of Symmetric
1 Only one key is needed for encryption as
well as decryption.
2. Symmetric key algorithms are very fast and
efficient.
3. Symmetric key encryption algorithms are
easy and simple to implement.
The sender and receiver have a choice of
various methods for key generation and
sharing.
Disadvantages of Symmetric
The key must be kept secret. If it is
compromised, the whole process fails. Key
generation and sharing is a complex process
and requires additional overheads. The key
must be shared through a secure channel.
3. Each communicating pair needs one secret
key. Hence, if a sender is communicating with
n receivers, the sender needs to remember n
secret keys. This is a huge overhead. In
general, if there are 'n' communicating
devices in a system, the total number of
symmetric keys are n(n-1)/2.
4 The secret key must be stored securely.
5. Where only a few keys are involved in the
network, key management overhead is low.
However, if there are many keys, handling and
storage is a huge problem.
4.1 Traditional Ciphers
Traditional ciphers are based on symmetric
key encryption. Symmetric encryption was the
only type of encryption in use before to the
development of public key encryption in the
1970s. The only security service these systems
provide is confidentiality of information. It is
still the most widely used of the two types of
encryptions.
Transposition Cipher
In a substitution cipher, the plaintext symbol
is replaced by another symbol. Thus, the
characters se disguised but the order of
characters is preserved. A very different kind
of mapping is served by. of permutation on
the plaintext letters. This technique is referred
to as a transposition cipher
In the transposition cipher, the plaintext is not
replaced but the characters are reordered or
rearranged in some pattern i.e. they are not
disguised but their order is changed. For
example, a character may appear at position 3
in the plaintext but at position 9 in the
ciphertext. The reordering is done using a key.
i. Simple Columnar Transposition: This is the
simplest transposition cipher. To obtain the
transposition cipher, the following method is
used:
a. Use a key which is a word or a phrase. It
should not contain any repeating
characters.
For example, CIPHER, MAGNETIC, KEYWORD
etc. can be used as keys.
b. The plaintext is organized into a two-
dimensional table whose columns = number
of characters in key.
C. Write the plaintext in a row-wise manner in
the table. Extra spaces are padded.
d. The columns are numbered according to
the alphabetic order of the characters in the
key. For example, if the keyword is KEYWORD,
the first letter in the key that appears first in
the alphabetic order is D. Hence, the last
column in numbered 1. The next character is
E, hence, column 2 is numbered 2 and so on.
Rail fence transposition cipher: The rail fence
cipher is a simple transposition cipher that
permutes the letters in the plaintext by
writing them in a zig-zag manner (downwards
and diagonally) along parallel rails. The key is
the number of rails. The ciphertext is read
along the rails in a row-wise manner.
For example, let us consider the plaintext as
"Defendtheeastwallofthecastle" and key = 3
i.e. 3 rails.
The plaintext letters are written along the
three rails as shown:
The ciphertext is:
dnetlhseedheswloteateftaafcl
If the key = 4 i.e. 4 rails, the transposition is as
follows:
The ciphertext is:
dttfsedhswotatfneaalhcleelee
To decrypt, the ciphertext is written in row-
wise manner across the rails and read in a zig-
zag manner.
Advantages of Transposition Cipher
1. Looking at the ciphertext, it is difficult to
understand that it is transposition cipher.
2. Not knowing the sequence of columns
makes it harder to break.
Symmetric key ciphers can be classified into
two types
Block cipher: It is a symmetric key cipher
where a block of data is encrypted at a time.
This results in a block of ciphertext of the
same size. This cipher encrypts an n bit block
of plaintext or decrypts an n bit block of
ciphertext. The encryption or decryption
algorithm uses a k-bit key
Stream cipher: It is a symmetric key cipher
where the plaintext is processed in the form
of bits, 'r' bits at a time. Bitwise operations
are performed on the plaintext using key bits
to give the ciphertext bits. We have a
plaintext bit stream P=p_{n}...p_{2}p_{1} , a
ciphertext bit stream C=c_{1}...c_{2},c_{1} and
a key bit stream K=k_{n}...k_{2},k_{1}, in
which p_{i},c_{i} and k_{i} are r-bit words.
4.3 Modern Block Cipher
A modern block cipher can be designed to act
as a substitution cipher or a transposition
cipher or a combination of the two.
Disadvantages
1.Since the letters are only reordered, the
frequency characteristics are similar to
plaintext.
2. If the intruder knows that it is a
transposition, this can then often be
anagramming i.e. sliding pieces of ciphertext
around, then looking for sections that look
like anagrams of English words, and solving
the anagrams. attacked by
Comparison of Substitution and Transposition
Cipher
The following table illustrates some important
differences between substitution and
transposition cipher.

4.2 Simple Modern Ciphers
Traditional ciphers mainly worked on plaintext
in the form of alphabets and characters.
However, when computers are used for
encryption and decryption, we need to
perform bit-oriented encryption and
decryption. Computers deal with information
in various forms: simple text, numbers,
images, audio and video. Hence it is
convenient to perform encryption and
decryption on different formats of
information in the form of a stream of bits.
Because symmetric key cryptography is much
faster than asymmetric key cryptography,
modern ciphers are built using the principles
of symmetric key cryptography.
4.4 Modern Round Cipher
Shannon introduced the concept of a product
cipher. A product cipher is a complex cipher
combining substitution, permutation, and
other components of the modern block
cipher. In a product cipher, diffusion and
confusion can be achieved using iterated
product ciphers where each iteration is a
combination of S-boxes, P-boxes, and other
components. Such iterations are called
rounds. Modern block ciphers are all product
ciphers, and many are based on the Feistel
cipher.
Feistel cipher
The Feistel Cipher model is a general structure
or a design which is based on symmetric key
encryption and decryption. The plaintext is
divided into blocks and one block is encrypted
at a time. The Feistel structure consists of
multiple rounds. Each round consists of a
substitution step followed by a permutation
step. A different key is used for each round.
YOR: An important component in most block
ciphers is the exclusive-or operation. Five
properties of the exclusive-or operation
makes it a very important component for use
in a block cipher: closure, associativity,
commutativity, existence of identity, and
forsteen of inverse
Circular Shift: Another component found in
some modern block ciphers is the circular shift
operation. This shifts the bits of the block to
the left or the right.
Split and Combine: The split operations split a
block of bits into multiple parts and the
combine operation combines multiple sub-
blocks of bits into a single block.
The design of a modern block cipher is based
on satisfying two important aspects:
i. Diffusion: It hides the relationship between
the ciphertext and the plaintext.
ii. Confusion: It hides the relationship
between the ciphertext and the key.
Components of a Modern Block cipher
i. S-box: An S-box (substitution-box) is a basic
component of symmetric key algorithms
which performs substitution. In general, an S-
box takes some number of input bits, m, and
transforms them into some number of output
bits, n, where n is not necessarily equal to m
The S-Box is used to provide confusion, as it
hides the relationship between the key and
the ciphertext.
ii. P-box: A p-box is used to transpose bits. P-
boxes are typically classified as compression
(output bits < input bits), expansion (output
bits > input bits), and straight ((output bits =
input bits). Only straight P-boxes are
invertible.
simplified Feistel structure with two rounds.
The plaintext is divided into two parts: Left
and Right. An encryption function is applied
on the right half using a round key. The
output of the function is XORed with the Left
part. The two parts are swapped for the next
round.Many modern algorithms such as DES,
AES, IDEA etc. use the Feistel structure.
Data Encryption Standard (DES)
DES is a symmetric block cipher designed and
published in the 1970's by NIST (National
Institute of Standards and Technology). The
algorithm is based on the Feistel structure. It
encrypts a 64-bit plaintext block and
generates a 64-bit ciphertext block using a 64-
bit key (converted to 56 bits).
Rotation cipher: In the rotation cipher, the
input bits are rotated to the left or right. It can
be keyed or keyless. In keyed rotation, the key
defines the number of rotations. In keyless
rotation, the number of rotations in fixed. It
can be considered as a special case of
transpositional cipher using bits instead of
characters.
 Que. Difference between flat name space
4.4 Modern Round Cipher and hierarchical name space.
Shannon introduced the concept of a product Flat name space. Hierarchical name
cipher. A product cipher is a complex cipher space
combining substitution, permutation, and 1 Each name Each name is
other components of the modern block consists of made up of
cipher. In a product cipher, diffusion and sequence of several parts,
confusion can be achieved using iterated characters each defining
product ciphers where each iteration is a without any level of hierarchy.
combination of S-boxes, P-boxes, and other further structure.
components. Such iterations are called 2 Names are stored Names are
rounds. Modern block ciphers are all product at central distributed.
ciphers, and many are based on the Feistel location.
cipher. 3 Centralized Decentralized
control. control.
Feistel cipher 4 Easy to resolve Resolution is
The Feistel Cipher model is a general structure names and more complex
or a design which is based on symmetric key address. due to
encryption and decryption. The plaintext is hierarchical
divided into blocks and one block is encrypted structure.
at a time. The Feistel structure consists of 5 As the names are Even if parts of
multiple rounds. Each round consists of a drawn from a the names are
substitution step followed by a permutation single set of same, the whole
step. A different key is used for each round. identifiers, the address is unique.
potential for
DES Steps conflicts
i. Plaintext is encrypted in blocks of size 64 increases.
bits each, which produces 64 bits of 6 Easy to Difficult to
ciphertext. implement. implement.
ii. The initial key consists of 64 bits. Every 8th 7 Does not require Requires
bit of the key is discarded. i.e., bit positions 8, communication communication
16, 24, 32, 40, 48, 56, and 64 are discarded, and coordination and coordination
producing a 56-bit key. between several between several
iii. The 64-bit plaintext is applied an Initial authorities. authorities.
Permutation (IP). Que. Difference between FQDN and PQDN.
iv The IP produces two halves of the FQDN PQDN
permuted block; Left Plain Text (LPT) and
Right Plain Text (RPT). 1 Path from node to Path does not
V. Each of LPT and RPT goes through 16 root. contain root.
rounds of encryption process, each with its 2 Can be used Cannot us
own round key independently. independently.
3 Ends with dots(.). Does not end with
What is the port no of SMTP? dots.
Ans: SMTP port no is Port 25 4 Requires more Requires less
space to store. space in DNS
tables.
5 No additional Full domain name
suffix needs to be of the parent
added. should be added
as suffix.
Que. Difference between substitution and
transposition cipher
Substitution Transposition
cipher cipher
1 Plaintext letters Plaintext letters
are disguised are not disguised
2 Plaintext letters Plaintext letters
are not recorded are recorded
3 Does not frequency
preserve distribution of
frequency plaintext letters is
distribution of preserved.
plaintext
4 Easier to break if Requires higher
language work factor to
characters are break
known
5 Encryption and Encryption and
decryption are decryption are
easy to more complex
implement
6 Example: Playfair, Example: simple
Caesar columnar,
RailFence
 POP3 IMAP4
1 Simple protocol, it only allows to download Advance and more powerful protocol.
messages from the mailbox to the computer.
2 Uses port 110. Uses port 143.
3 All emails must be downloaded for reading Does not need to be downloaded.
4 Users cannot organize the emails in the Provides a facility to organize email in the
mailbox. mailbox.
5 Easy to setup use. Complicated to setup and use.
6 Speed is fast. Speed is slow.
7 Works on 2 modes: i) delete mode Emails are always kept in the mailbox and
ii) keep mode also the other servers. Deleted emails can
be retrieved.
8 Since mails are downloaded, the mailbox size Size of the mailbox must be sufficiently
can be smaller. large to hold all emails.