Professional Documents
Culture Documents
Ty CN Sem 1
Ty CN Sem 1
-NINAD THORAT
CN TY SEM I
CN TY SEM I
APPLICATIO
N LAYER
APPLICATIO
N LAYER
PURPOSE
DOMAIN
NAME
SYSTEM
FLAT NAME
SPACE
HIERARCHICAL
NAME SPACE
DOMAIN NAME & LABELS
FQDN
PQDN
DISTRIBUTION & HIERARCHY OF DOMAIN NAME
SPACE
ZONE
• The DNS is broken up into many different zones. These zones differentiate
between distinctly managed areas in the DNS namespace. A DNS zone is a
portion of the DNS namespace that is managed by a specific organization or
administrator. A DNS zone is an administrative space which allows for more
granular control of DNS components, such as authoritative nameservers. The
domain name space is a hierarchical tree, with the DNS root domain at the top.
A DNS zone starts at a domain within the tree and can also extend down into
subdomains so that multiple subdomains can be managed by one entity.
EXAMPLE
• For example, imagine a hypothetical zone for the cloudflare.com domain and
three of its subdomains: support.cloudflare.com, community.cloudflare.com,
and blog.cloudflare.com. Suppose the blog is a robust, independent site that
needs separate administration, but the support and community pages are
more closely associated with cloudflare.com and can be managed in the same
zone as the primary domain. In this case, cloudflare.com as well as the
support and community sites would all be in one zone, while
blog.cloudflare.com would exist in its own zone.
ZONE
WHAT IS A DNS ZONE FILE?
• A zone file is a plain text file stored in a DNS server that contains an actual
representation of the zone and contains all the records for every domain
within the zone. Zone files must always start with a
Start of Authority (SOA) record, which contains important information
including contact information for the zone administrator.
ZONE
• WHAT IS A REVERSE LOOKUP ZONE?
• A reverse lookup zone contains mapping from an IP address to the host (the
opposite function of most DNS zones). These zones are used for
troubleshooting, spam filtering,
ZONE
TYPES
ROOT
NAME
SERVERS
HIERARCHY OF NAME SERVERS
• Root name servers – It is contacted by name servers that can not resolve the name. It
contacts authoritative name server if name mapping is not known. It then gets the mapping
and return the IP address to the host.
• Top level server – It is responsible for com, org, edu etc and all top level country domains
like uk, fr, ca, in etc. They have info about authoritative domain servers and know names
and IP addresses of each authoritative name server for the second level domains.
• Authoritative name servers This is organization’s DNS server, providing authoritative
hostName to IP mapping for organization servers. It can be maintained by organization or
service provider. In order to reach cse.dtu.in we have to ask the root DNS server, then it
will point out to the top level domain server and then to authoritative domain name server
which actually contains the IP address. So the authoritative domain server will return the
associative ip address.
INTERNET
DOMAINS
• GENERIC DOMAINS
• The format of country domain is same as a generic domain, but it uses two-
character country abbreviations (e.g., us for the United States) in place of
three character organizational abbreviations.
ADDRESS
RESOLUTION
• Recursive vs iterative
ELECTRONIC MAIL
• Electronic mail is often referred to as E-mail and it is a method used for exchanging digital
messages.
• Electronic mail is mainly designed for human use.
• It allows a message to includes text, image, audio as well as video.
• This service allows one message to be sent to one or more than one recipient.
• The E-mail systems are mainly based on the store-and-forward model where the E-mail server
system accepts, forwards, deliver and store the messages on behalf of users who only need to
connect to the infrastructure of the Email.
• The Person who sends the email is referred to as the Sender while the person who receives an
email is referred to as the Recipient.
NEED OF AN EMAIL
• By making use of Email, we can send any message at any time to anyone.
• We can send the same message to several peoples at the same time.
• It is a very fast and efficient way of transferring information.
• The email system is very fast as compared to the Postal system.
• Information can be easily forwarded to coworkers without retyping it.
COMPONENTS OF E-MAIL SYSTEM
• 1. User Agent(UA)
• It is a program that is mainly used to send and receive an email. It is also known as an email reader.
• User-Agent is used to compose, send and receive emails.
• It is the first component of an Email.
• User-agent also handles the mailboxes.
• The User-agent mainly provides the services to the user in order to make the sending and receiving process of message easier.
• Given below are some services provided by the User-Agent:
• 1.Reading the Message
• 2.Replying the Message
• 3.Composing the Message
• 4.Forwarding the Message.
• 5.Handling the Message.
Here are some of the potential user agents that you could list:
• Firefox
• Safari
• Chrome
• Opera
• BlackBerry
• Beonex
COMPONENTS OF E-MAIL SYSTEM
First Scenario
• When the sender and the receiver of an E-mail are on the same system, then
there is the need for only two user agents.
Second Scenario
• In this scenario, the sender and receiver of an e-mail are basically users on the
two different systems. Also, the message needs to send over the Internet. In this
case, we need to make use of User Agents and Message transfer agents(MTA).
COMPONENTS OF E-MAIL SYSTEM
Third Scenario
• In this scenario, the sender is connected to the system via a point-to-point WAN
it can be either a dial-up modem or a cable modem. While the receiver is directly
connected to the system like it was connected in the second scenario.
• Also in this case sender needs a User agent(UA) in order to prepare the message.
After preparing the message the sender sends the message via a pair of MTA
through LAN or WAN.
COMPONENTS OF E-MAIL SYSTEM
FOURTH SCENARIO
• In this scenario, the receiver is also connected to his mail server with the help of WAN or
LAN.
• When the message arrives the receiver needs to retrieve the message; thus there is a need for
another set of client/server agents. The recipient makes use of MAA(Message access agent)
client in order to retrieve the message.
• In this, the client sends the request to the Mail Access agent(MAA) server and then makes a
request for the transfer of messages.
• This scenario is most commonly used today.
SIMPLE MAIL TRANSFER PROTOCOL (SMTP)
• Email is emerging as one of the most valuable services on the internet today.
Most internet systems use SMTP as a method to transfer mail from one user
to another. SMTP is a push protocol and is used to send the mail whereas
POP (post office protocol) or IMAP (internet message access protocol) are
used to retrieve those emails at the receiver’s side.
MULTIPURPOSE INTERNET MAIL EXTENSION
(MIME) PROTOCOL
• It is added to the original e-mail header section to define transformation. There are five headers that we add to
the original header:
• MIME-Version – Defines the version of the MIME protocol. It must have the parameter Value 1.0, which
indicates that message is formatted using MIME.
• Content-Type – Type of data used in the body of the message. They are of different types like text data
(plain, HTML), audio content, or video content.
• Content-Type Encoding – It defines the method used for encoding the message. Like 7-bit encoding, 8-bit
encoding, etc.
• Content Id – It is used for uniquely identifying the message.
• Content description – It defines whether the body is actually an image, video, or audio.
POP
• POP stands for Point of Presence (also known as Post Office Protocol).
• It is a point where many devices share a connection and can communicate with
each other. We can say that it is a man-made demarcation point (a point where
the public network of a company ends and the private network of the customer
begins for eg. the point at which your broadband cable enters the house)
between communicating entities. It basically consists of high-speed
telecommunications equipment and technologies helps in bringing together
people from all over the internet.
POP
• Characteristics of POP :
• Post Office Protocol is an open protocol, defined by Internet RFCs.
• A Request for Comments is a publication in a series, from the principal technical development and
standards-setting bodies for the Internet, most prominently the Internet Engineering Task Force.
• It allows access to new mail from a spread of client platform types.
• It supports download and delete functions even when offline.
• It requires no mail gateways due to its native nature.
• POP can handle email access only while the emails are sent by SMTP.
INTERNET MESSAGE ACCESS PROTOCOL (IMAP)
• Anonymous FTP is enabled on some sites whose files are available for
public access. A user can access these files without having any username
or password. Instead, the username is set to anonymous and password to
the guest by default. Here, user access is very limited. For example, the
user can be allowed to copy the files but not to navigate through
directories.
SIMPLE MODERN CIPHER
• XOR
• The basic idea behind XOR – encryption is, if you don’t know the XOR-encryption key
before decrypting the encrypted data, it is impossible to decrypt the data. For example,
if you XOR two unknown variables you cannot tell what the output of those variables is.
Consider the operation A XOR B, and this returns true. Now if the value of one of the
variable is known we can tell the value of another variable. If A is True then B should be
False or if A is False then B should be true according to the properties of the boolean
XOR operation. Without knowing one of the value we can not decrypt the data and this
idea is used in XOR – encryption.
ROTATION CHIPHER
S-BOX
P BOX
DES
DES ROUND
ECB(ELECTRON
IC CODEBOOK)
ENCRYPTION
ECB DECRYPTION
CBC(CIPHER
BLOCK CHAINING
) ENCRYPTION
CBC
DECRYPTION
CIPHER
FEEDBACK (CFB)
ENCRYPTION
CIPHER
FEEDBACK (CFB)
DECRYPTION
PROPAGATING CIPHER
BLOCK CHAINING
(PCBC) ENCRYPTION
PROPAGATING
CIPHER BLOCK
CHAINING (PCBC)
DECRYPTION
SECURITY SERVICES
• The electronic equivalent of the document and fingerprint pair is the massage
and digest pair.
• A message is passed through an algorithm called a cryptographic hash
function to preserve the integrity.
• The function creates a compressed image of the message that can be used
like a fingerprint
MESSAGE AND MESSAGE DIGEST
MESSAGE AND MESSAGE DIGEST
• The two pairs (document/fingerprint) and (message/ message digest) are similar,
with some differences:
• (document/fingerprint) are physically linked together.
• (message/message digest) can be unlinked and send separately.
• The message digest guarantees the integrity of a message that not been changed.
• However, message digest does not authenticate the sender of the message. • To provide
message authentication, sender needs to provide proof that he/she sending the message
and not an impostor.
• The digest created by a cryptographic hash function is called a Modification Detection
Code (MDC).
• detect any modification in the message.
• For message authentication, we need a Message Authentication Code (MAC).
MESSAGE AUTHENTICATION
• MDC is a message digest that can prove the integrity of the message that not
been changed during transmission.
• Sender create a message digest MDC, and sends with the message to
receiver.
• Receiver creates a new MDC from the message and compare the MDC
received.
• If they are the same, the message has not been changed.
MDC
• To ensure the integrity of the message and the data origin authentication
(message authentication), the MDC needs to be changed to a MAC.
• The different: the MAC included a secret between sender and receiver. •
Note that there is no need to use two channels in this case.
• Both message and MAC can be sent on the same insecure channel.
• Figure 11.9 illustrates the idea
MAC
HMAC
DIGITAL SIGNATURE