What are two fundamental cryptography principles?

In this article we shall discuss about the two fundamental principles that govern a cryptographic system. 

1. Redundancy

- Some redundancy must be there in all the encrypted messages. 

- By redundancy here, we mean the information that is not required for understanding the message reducing the chances for a passive intruder to make attacks. 

- Passive intruder attacks involve putting the stolen information to misuse without understanding it. 

- This can be more easily understood by an example of a credit card. 

- The credit card number is not alone sent over the internet rather it is accompanied by other side info such as the DOB of the card holder, its validity date and so on. 

- Including such info with the card number cuts down on the changes for making up the number. 

- Adding a good amount of redundancy prevents the active intruders from sending garbage values and then getting it verified as some valid message. 

- The recipient must be capable of determining whether the message is valid or not by  doing some inspection and simple calculation. 

- Without redundancy the attackers would simply send junk message and the recipient will decode it as a valid message. 

- However, there is a little concern also with this. 

- N number of zeroes must not be put at the beginning or the end of the message for redundancy because such messages become easy to be predicted thus facilitating the crypt analysts work.

- Instead of zeroes, a CRC polynomial can be used because it proves to be more work. 

- Using cryptographic hash might be even better.

- Redundancy has also got a role to play in quantum cryptography. 

- Some redundancy is required in the messages for the bob to determine if the message has been tampered. 

- Repetition of the message twice is a crude form of redundancy.

- If the two copies are found to be identical, the bob states that somebody is interfering with the transmission or there is a lot of noise. 

- But such repetition process to be expensive. 

- Therefore, for error detection and correction the methods used are reed Solomon and hamming codes.

2. Update

- Measures must be compulsorily taken for the prevention of the attacks by active intruders who might play back the old messages. 

- The longer an encrypted message is held by an active intruder, the more is the possibility that he can break in to it. 

- One good example of this is the UNIX password file.

- For anybody who has an account on the host, the password is accessible. 

- A copy of this file can be obtained by the intruders and they can then easily de-crypt the password.

- Also, the addition of the redundancy allows the simplification of the messages’ decryption.

- It must be checked whether the message has been sent recently or is an old one. 

- One measure for doing so is including a time stamp of few seconds in the message. 

- This message then can be saved by the recipient for that many seconds and can be used for comparing with the incoming messages and filtering the duplicates.

- Messages which exceed this time period will be rejected as being too old.

Apart from the above two principles the following are some other principles of cryptography:

Ø Authentication: For ensuring that the message was generated by the sender itself and no one else so that no outsider can claim as being the owner of the message.

Ø Integrity: In cryptography, the integrity of the messages must be preserved while sending the message from one host to another. This involves ensuring that the message is not altered on the way. Using cryptographic hash is a way to achieve this.

Ø  Non-repudiation

Differentiate between transparent and nontransparent fragmentation?

A number of problems are encountered because of the size of the data packets. There is no ability in the data link layer by means of which it could handle these problems and so the bridges also don’t work here. 

The Ethernet also experiences a number of problems because of the following:

Ø  Different way in which the maximum packet size is defined.

Ø  Maximum packet size that can be handled by a router.

Ø  The maximum length slot that are used for transmission

Ø  Errors due to the packet length

Ø  Standards

The data packets can be fragmented in two ways namely:

1. Transparent and
2. Non – transparent

Both these ways can be followed based on a network by network basis. We can also say that no such end – to – end agreement exists based up on which it can be decided which process is to be used.

Transparent Fragmentation: 

- This type of fragmentation is followed when a packet is split in to smaller fragments by a router.

- These fragments are sent to the next router which does just the opposite i.e., it reassembles the fragments and combine them to form original packet. 

- Here, the next network does not come to know whether any fragmentation has taken place. 

- Transparency is maintained between the small packet networks when compared to the other subsequent networks.

- For example, transparent fragmentation is used by the ATM networks by means of some special hardware. 

- There are some issues with this type of fragmentation. 

- It puts some burden on the performance of the network since all the fragments have to be transmitted through the same gateway. 

- Also, sometimes the repeated fragmentation and reassembling has to be done for small packet network in series. 

- Whenever an over-sized packet reaches a router, it is broken up in to small fragments. 

- These fragments are transported to the next exit router. 

- The fragments are assembled by this exit router which then forwards them to the next router.

- Awareness regarding this fragmentation is not maintained for the subsequent networks. 

- For a single packet fragmentation is done many times before the destination is finally reached. 

- This of course consumes a lot of time because the repeated fragmentation and assembling has to be carried out. 

- Sometimes, it also presents the reason of corrupting the packet’s integrity.

Non-Transparent Fragmentation: 

- In this type, the packet is split in to fragments by one router. 

- But the difference is that these fragments are not reassembled until the fragments reach their destination. 

- They remain split till then. 

- Since in this type of fragmentation the fragments are assembled only at the destination host, the fragments can be routed independent of each other. 

- This type of fragmentation also experiences some problems such as header has to be carried by each of the fragments till they reach their destination. 

- Numbering has to be done for all the fragments so that no problem is experienced in reconstructing the data stream.

Whichever type of fragmentation we use, one thing has to be made sure which is that later we should be able to form the original packets using the fragments. This insists on having some type of labeling for the fragments. 

Segmentation is another name for the fragmentation. A packet is injected in to the data link layer by the IP layer but it is not responsible for reliable transmission of the packets. Some maximum value on the size of the packets is imposed by each layer for their reasons. For a large packet that travels through the network for which the MTU is small, fragmentation is very much needed. 

What is fragmentation?

- The fragmentation technique is implemented in the IP (internet protocol) for breaking down the datagrams into smaller pieces. 

- This is done so that it becomes easy for the data packets to be passed through the link with a datagram size smaller than that of the original MTU or the maximum transmission unit. 

- The procedure for the IP fragmentation along with the procedures for reassembling and transmitting the datagrams is given in the RFC 791. 

- For determining the optimal MTU path, the IPv6 hosts are needed so that the packets can be sent. 

- If in case the PDU i.e., the protocol data unit received by the router is larger than the MTU of the next hop, then there are two options are available if IPv4 transport is being used:

Ø Dropping the PDU and sending an ICMP (internet control message protocol) message indicating that the condition packet is quite big.

Ø  Fragmenting the IP packet and then transmitting it over the link whose MTU is smaller. Any IPv6 packet with a size less than or equal to 1280 bytes can be delivered without having the need for using the IPv6 fragmentation.

- If a fragmented IP packet is received by the recipient host, its job is to reassemble the datagram and then send it over to the protocols at the higher layers. 

- The purpose of reassembling is expected to take place at the recipient’s host side but for some practical reasons it might be done by some intermediate router. 

- For example, the fragments might be reassembled by the NAT (network address translation) for translating the data streams. 

- Excessive re-transmission can result as a consequence of the IP fragmentation whenever packet loss might be encountered by the fragments. 

- It is required for all the reliable protocols (example, TCP) for re-transmitting the fragments in their correct order for recovering from the single fragment loss. 

Thus, typically two approaches are used by the senders for determining datagrams of what size should be transmitted over the network:

1. First approach: The sender must transmit an IP datagram of size as same as that of the first hop’s MTU.
2. Second approach: Running the path MTU discovery algorithm.

- Fragmentation does leave an impact on the network forwarding. 

- When there are multiple parallel paths for the internet router the traffic is split by the technologies such as the CEF and LAG throughout the links via some hash algorithms. 

- The major goal of this algorithm is to make sure that all the packets with the same flow are transmitted out on the same path for the minimization of the not so required packet reordering. 

- If the TCP or UDP port numbers are used by the hash algorithm, the fragmented packets might be forwarded through different paths. 

- This is so because the layer 4 information is contained only in the first fragment of the packet. 

- As a result of this, usually the initial fragment arrives after the non-initial fragments. 

- This condition is often treated as an error by most of the security devices in the hosts.  

- Therefore, they drop these packets.

- The fragmentation mechanism differs in IPv4 and IPv6. 

- In the former, the fragmentation is performed by the router. 

- On the other hand, in IPv6 fragments that are larger than MTU are dropped by the routers.

- Also, in both the cases there is a variation in the header format. 

- Since fragmentation is carried out using analogous fields, therefore the algorithm can be used again and again for the purpose of fragmentation and reassembling. 

- A best effort should be made by the IPv4 hosts for reassembling the datagram fragments. 

What is inter-network routing?

In this article we shall discuss about inter-network routing. Before moving to that there are certain terms with which you should be familiar:

Ø  End systems: The ISO (the international standards of organization) defines the end systems as the network elements that do not have the ability of forwarding the packets across the networks. Sometimes the term host is used to refer to the end systems.

Ø  Intermediate systems: These are the network elements that have the ability of forwarding the packets across the network. Most common examples are routers, switches, bridges and so on.

Ø  Network: It can be defined as a part of the inter-network infrastructure encompassing various elements including hubs, repeaters, bridges and so on. The networks are bounded by the intermediate systems.

Ø Router: This is one of the intermediate systems that is used for connecting various networks with each other. It might support one protocol (router) or many protocols (multi-protocol router). Its hardware part is optimized especially for performing routing. The software part is responsible for carrying out the routing and takes care of the routing tables.

Apart from these devices, there are 3 types of addresses involved in inter-network routing:

Ø  The inter-network address: The host address and the network address are combined together to form this address. This is used for unique identification of a host over the inter-network.

Ø The host address or host ID: This ID might be assigned by the administrator or might be simply the physical address of the host. It is used for the unique identification of the host on its network.

Ø  The network address or network ID: This is address of a network for identifying it in an inter-network.

All the data packets consist of a network layer header. This network layer header consists of the following when the packet is transmitted from one host to another:

ØThe address of the source inter-network: This address combines the address of the source host and the source network.

ØThe address of the destination inter-network: This address combines the address of the destination host and the destination network.

ØThe hop count: This usually begins at zero and is numerically incremented when the packet crosses a router. Or in the opposite case it might be assigned some maximum value which might be decremented on reaching a router. The purpose of using the hop count is to make sure that the packet does not keeps on circulating endlessly in the network.

- For inter-network routing, two things have to be known.

- Firstly, how do you reach other routers which lie in the same network and secondly, how do you reach other routers which lie in other networks? 

- The answer to the first question is easy as it is the common routing problem among two hosts residing over the same network. 

- This routing is handled by the interior gateway protocol and it is different for different networks since only local routing info is required. 

- In this case, the commonly used protocol is the open shortest path first or OSPF protocol. 

- The routing between two different networks is performed using the exterior gateway protocol. 

- This is actually the problem of inter-network routing. 

- Here, the commonly used protocol is the BGP or the border gateway protocol. 

- The graph for inter-network routing is quite different from the one that is used in the network routing. 

- This is so because the routers which lie in the same network can be thought of as being directly connected to one another for routing across inter-network. - All the networks in an inter-network function as though they are one large unit. 

What are the characteristics of network layer?

- The network layer comes at number three in the OSI model of networking. 

- The duty of this layer is to forward and route the packets via the intermediate routers. 

- It comes with functional as well as procedural means for the transfer of data sequences with variable length from a source host to a destination host and across one or more networks. 

- During the transfer it also takes the responsibility for the maintenance of the services functions’ quality. 

There are many other functions of this layer such as:

Ø Connection-less communication: In IP, a datagram can be transmitted from one host to another without any need for the receiving host to send an acknowledgement. Protocols that are connection oriented are used on the higher levels of the OSI model.

Ø  Host addressing: Every host in the network is assigned a unique address that determines its location. A hierarchical system is what that assigns this address. These are the addresses that are known as the IP (internet protocol) addresses.

Ø  Message forwarding: The networks are sometimes divided in to a number of sub – networks which are then connected to other networks for facilitating wide – area communication. Here specialized hosts called routers or gateways are used for forwarding the packets from one host to another.

Characteristics of Network Layer

Encapsulation:

- One of the characteristics of the network layer is encapsulation. 

- Network layer ought to provide encapsulation facilities. 

- It is necessary that the devices must be identified with the addresses. 

- Not only the devices but the network layer PDUs must be assigned such addresses. 

- The layer 4 PDU is supplied to the layer 3 during the process of encapsulation. 

- For creating the layer 3 PDU, a layer 3 label or header is added to it. 

- In reference to the network layer, this PDU thus created is referred to as a packet. 

- On creation of a packet, the address of the receiving host is included in the header. 

- This address is commonly known as the destination address. 

- Apart from this address the address of the source or the sender host is also stored in the header. 

- This address is termed as the source address. 

- Once the encapsulation process is complete, the layer 3 sends this packet to the data link layer for preparing it to be transmitted over the communication media.

Routing: 

- The services provided by the network layer for directing the packets to the destination addresses define this characteristic. 

- It is not necessary that the destination and the source hosts must always be connected to the same network.

- In actual, the packet might have to go through a number of networks before reaching the destination. 

- During this journey the packet has to be guided to reach the proper address. - This is where the routers come in to action. 

- They help in selecting the paths for guiding the packets to the destination. 

- This is called routing. 

- During the course of routing of the packet, it may need to traverse a number of devices.

- We call the route taken by the packet to reach one intermediate device as “hop”. 

- The contents of the packet remain intact until the destination host has been reached.

De-capsulation: 

- On the arrival of the packet at the destination address, it is sent for processing at the third layer. 

- The destination address is examined by the host system for verifying whether the packet is meant for itself or not. 

- If the address is found to be correct, the decapsulation process is carried out at the network layer. 

- This layer passes the layer 4 PDU to the transport layer for appropriate servicing. 

Explain CSMA with collision detection?

- CSMA with collision detection is abbreviated as CSMA/CD. 

- CSMA in itself makes use of the LBT technology i.e., listen or sense before talk. 

- But when incorporated with the ability of collision detection, it gets much better. 

- If the channel is sensed to be idle the data packets or frames are transmitted immediately but if not, the transmitter is bound to wait for some time before it can re-transmit. 

- Sensing the channels prior to transmission is absolutely necessary if the collisions are to be avoided. 

- Sensing the channel is the most effective way of avoiding the collisions. 

- There are two types of CSMA protocols namely persistent and the non-persistent CSMA.

- In CSMA/CD protocol all the hosts have freedom for transmitting and receiving the data frames on one and the same channel. 

- Also, the size of the packets is variable.

CSMA/CD comprises of two processes:

Carrier Sense: In this process the transmitter or the host checks if the channel or the line is not occupied before starting the transmission.

Collision Detection: CSMA/CD tries to detect the collisions in the shortest possible time. If it happens to detect a collision, it stops the transmission then and there and waits for a random amount of time which is equal to the binary exponential back-off. It then again senses the channel.

- For ensuring there occurs no collision during the transmission of a packet, a host must have the capability of detecting the collision before the transmission process is complete. 

- What happens is that the host A sensing the line to be idle starts transmitting a frame. 

- Just before the first unit of this frame reaches host B, it also senses the line to be idle and starts its transmission. 

- Now the host B receives data while its transmission is still in progress and so it detects that a collision is about to occur. 

- A collision occurs close to the host B. the host A also receives data in midst of its transmission and therefore detects the collision. 

- For making the hosts detect collision before transmission, a minimum length has to be decided for the packets that are transmitted via CSMA/CD networks. 

There are 3 states for a CSMA/ CD channel namely:

1. Contention
2. Transmission
3. Idle

- Ethernet is the most popular example of the CSMA/CD networks. 

- A minimum slot time is required for collision detection between the stations.

- This slot time must equal twice the maximum value of the propagation delay. - The host acquires the channel on the basis of the 1 – persistence. 

- Also, a jam signal is transmitted if a case of collision detection occurs. 

- CSMA/CD make use of the binary exponential back-off algorithm. 

- It is obvious that the idle time of the channel will be small if the load is heavy. 

- It normalizes all the packets with respect to the time of the packet transmission.

- CSMA/CD represents a very effective method for media access control. 

- There are different methods available for detecting the collisions. 

- Which method is to be followed depends largely on the transmission medium that exists between the two stations. 

- For example, if the two stations are connected via electrical buses, the collision can be detected by making comparison between the transmitted and the received data. 

- Some other way involves recognition of a signal of higher amplitude than the normal one. 

- The jam signal used in the CSMA/CD networks is constituted of 32 bit binary pattern.

What is Silk Test Architecture?

Whenever the graphical user interface of any software system or application is tested, a manipulation is done to the windows, menus, buttons and so on via input sources such as key board and mouse clicks etc. 

These windows, menus, buttons and so on are nothing but the GUI objects which are interpreted by the silk test. 

Later, in the test automation process the silk test recognizes these GUI objects based up on two things that uniquely identify them namely:

1. Object class properties and
2. Object methods

The operations that are performed on that particular application software by the users are usually in terms of input from keyboard and mouse clicks. 

These events are simulated by the silk test and the results thus obtained are subjected to automatic verification. 

This whole process is carried out by two very distinct components of the silk test mentioned below:

1. Silk host software and
2. Silk agent software

Both of these components are installed on different machines: the host machine and the target machine. 

- Host machine is for the silk host software whereas target machine is for the second component of the silk test. 

- The host component plays an important role in the development of the test scripts as well as the test plan.

- Using the components the following operations can be carried out on the test scripts:

1. Creating
2. Editing
3. Deleting
4. Compiling
5. Running
6. Debugging etc.

- The latter component of the silk test i.e., the agent is configured to interact with the graphical user interface of the AUT or application under test. 

- The agent is responsible for monitoring as well as driving the application under test. 

- The commands in test scripts are written in the 4test language. 

- These need to be translated in to specific equivalent GUI commands. 

- This task is also achieved by the silk agent software. 

- One thing that should be taken care of is that the application under test should be installed on the same machine as of the agent and on no machine else. 

- Matching objects to that of the GUI objects are created in the 4test and each one is unique. 

- Silk test completes test automation in a period of 4 steps:

1. Creation of a test plan
2. Recording of the test frame
3. Creation of the test cases
4. Execution of the test cases and interpretation of the test results.

- The interaction between the GUI of the application and the silk test is necessary since the operations need to be submitted to the application for simulation. 

- During the simulation, the silk test is said to be the simulated user whose work is to drive the application under test. 

- Since the AUT does not recognize the difference between the simulated user and the actual user, it behaves exactly in the same way as it reacts to an actual user. 

- In addition, you can have an agent as a local agent installed on the host machine. 

- Machines other than the host machine on which agent is installed in a network are called target machines. 

- The application under test is driven by the silk test and in turn drives the server like always. 

- Silk test is quite a powerful tool and can be used to drive the GUI of a server directly by running the scripts which will send equivalent SQL scripts to the data base of the server. 

- In such a way the server application is manipulated directly thus supporting the testing involving a server being driven by a client.

How Silk Test records user actions?

Software systems or applications as we all know are composed of a GUI or graphical user interface objects such as those mentioned below:

1. Windows
2. Menus
3. Buttons and so on.

These GUI objects can be manipulated by the user via a mouse or a key board for initiating the operations on an application.

These GUI objects are interpreted by the silk test and are recognized in to different categories based up on the following aspects that uniquely identify them:

1. Class
2. Properties and
3. Methods

While the testing is in progress, an interaction takes place among the silk test and the GUI objects so that the operations can be submitted to the application under testing or AUT automatically without much efforts and also because the actions of a user can be simulated. 

This is also done to verify the results of each and every operation. The silk test is said to be the simulated user which is then said to drive the application under test or AUT. 

The silk test comes with two distinct components namely:

1. The silk test host software
2. The silk test agent software

- The first component of the silk test i.e., the silk test host software is used for developing, editing, compiling, running and debugging of the test plans as well as the test scripts. 

- The machine on which this component is installed is called the host machine. - The latter component of the silk test i.e., the silk test agent is the one that interacts with the graphical user interface of the application under test. 

- The commands present in the 4test scripts of the application are translated in to GUI specific commands which help in driving and monitoring the application under test.

- It is possible to run the agent locally on the same machine on which the host is already running or else it can be run in a networked environment. 

- But in this case, the machine will be known as the remote machine. 

How the user actions are recorded by the silk test?

 

- A repository is created for storing the information regarding the application under test or AUT before the test scripts are created and executed. 

- This repository consists of the descriptions of the GUI objects that are responsible for compromising with your application under test. 

- The silk test associates with these objects by means of two things namely:

1. Object properties and
2. Object methods

- Using these two aspects the actions performed on the objects can be easily recognized by the silk test and can be intelligently recorded in to the test script using the 4test language. 

Below we are giving some examples of what is recorded by the silk test for some user actions:

-User action	As recorded by the silk test
-Selection of a radio button from a group	select
-Setting the main window as active	Set Active
-Closing a dialog box	close
-Selecting an item from a list box	Select
-Scrolling the scroll bar to the maximum position possible	Scroll to max
-Writing text in a text field	Set text
-Checking a check box	Check
-Picking a menu item	pick
-Unchecking a check box	uncheck

- A property is that characteristic of an object that can be accessed directly and may be common among some classes. 

- On the other hand, the methods constitute of the user actions and are particular to an object. 

- Methods that are particular to an object are inherited from the parent class of the object. 

- Methods are unique to the objects of a class.