Unit 4 -Wireless communication & mobile programming
Upcoming SlideShare
Loading in...5
×
 

Unit 4 -Wireless communication & mobile programming

on

  • 1,261 views

For BE Computer/IT - GTU Students - WCMP - Unit 4 - PPT

For BE Computer/IT - GTU Students - WCMP - Unit 4 - PPT

Statistics

Views

Total Views
1,261
Views on SlideShare
1,261
Embed Views
0

Actions

Likes
1
Downloads
78
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Unit 4 -Wireless communication & mobile programming Unit 4 -Wireless communication & mobile programming Presentation Transcript

  • Wireless Communication & Mobile Programming UNIT- 4 – WIRELESS APPLICATION PROTOCOL(WAP), MMS, GPRS APPLICATION CDMA & 3G A C A D E M I C Y E A R : 2 0 1 3 - 1 4 @ S C E T, S U R AT VINTESH PATEL, SCET 1
  • Reference Book “Mobile Computing” By Asoke K Telukder, Roopa R Yavagal, TMH Chapters – PART I(9, 10), PART II (17, 20) VINTESH PATEL, SCET 2
  • UNIT 4 – PART I  Chapter – 9 – CDMA & 3G  Chapter – 10 – Wireless LAN VINTESH PATEL, SCET 3
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data VINTESH PATEL, SCET 4
  • First Generation Wireless Comm. – Analogue FDMA Introduction • FDMA • TDMA • FDD/TDD • CDMA VINTESH PATEL, SCET 5
  • Second Generation Wireless Comm. – Digital TDMA Introduction • FDMA • TDMA • FDD/TDD • CDMA VINTESH PATEL, SCET 6
  • FDMA + TDMA = FDD/TDD Introduction • FDMA • TDMA • FDD/TDD • CDMA VINTESH PATEL, SCET 7
  • Third Generation Wireless Comm. – CDMA Introduction • FDMA • TDMA • FDD/TDD • CDMA VINTESH PATEL, SCET 8
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data VINTESH PATEL, SCET 9
  • Spread Spectrum Main Idea of evolution of Spread Spectrum - Strength against Signal/Frequency Jamming - Uses total Spectrum instead of Specific Freq./Freq. Range - Spread Transmission Power over complete band VINTESH PATEL, SCET 10
  • Different Techniques of Spread Spectrum Direct Sequence SS - Typically used to transmit Digital Information - Mix Specific/Pseudo Random Code with Digital Information - Commonly called CDMA – Code Division Multiplexing Frequency Hopping SS - Center frequency of Conventional carrier is altered within a fixed time period in accordance with pseudo random list of channels VINTESH PATEL, SCET 11
  • Different Techniques of Spread Spectrum Chrip - Carrier that swap over the range of frequencies - Used in ranging and radar systems Time Hopping - Carrier is ON-OFF keyed by Pseudo Noise sequence resulting in very low duty cycle. - The Speed of keying decides the amount of signal spreading VINTESH PATEL, SCET 12
  • Different Techniques of Spread Spectrum Hybrid System - Combination of any two systems of earlier SS techniques - Obviously, performance of this system will be more than can be applied any single SS technique for the same cost - Generally, FHSS & DSSS is commonly used VINTESH PATEL, SCET 13
  • Direct Sequence Spread Spectrum/DSSS - Example Party A & B communicating in any X language. Now n people in a room with A & B are communicating simultaneously with different – different language, then other than Language X, all other is noise for them. - Key to DSSS Extract desired signal/s & reject all other as noise VINTESH PATEL, SCET 14
  • Direct Sequence Spread Spectrum/DSSS - Key Elements 1. 2. 3. Signal occupies the bandwidth much larger than what is necessary to send the information. Bandwidth is spread by the means of the code, which is independent of the data. The receiver is synchronizes to the code to recover data. The use of independent code and synchronous reception allows multiple users to access the same frequency band at the same time. - To protect the signal, code used is pseudo random, which appears random while being actually deterministic i.e. Rx is enable to retrieve on its side. - This pseudo random code is called pseudo random noise. - DSSS allows each station to transmit over entire range of frequency all the time. VINTESH PATEL, SCET 15
  • Direct Sequence Spread Spectrum/DSSS - DSSS – commonly called CMDA - Each station is assigned a unique m-bit code called CDMA chip sequence - To transmit 1, Tx sends its chip sequence & for 0, it sends complement chip sequence - E.g. suppose A station have chip sequence is “00011011” - It transmit 1 by sending – 00011011 & 0 by – 11100100 - In Bipolar Notation, 0 is +1 & 1 is -1, - so A transmits bit 0 by sending (-1,-1,-1,+1,+1,-1,+1,+1) & 1 by sending (+1,+1,+1,-1,-1,+1,-1-1) VINTESH PATEL, SCET 16
  • Direct Sequence Spread Spectrum/DSSS - For manipulation of bits, we XOR the input bits, whereas In Bipolar Notations we multiply to get the desired result, i.e. -XOR => Bipolar -0 XOR 0 = 0 => +1 x +1 = +1 -1 XOR 1 = 0 => -1 x -1 = +1 -1 XOR 0 = 1 => -1 x +1 = -1 -0 XOR 1 = 1 => +1 x -1 = -1 VINTESH PATEL, SCET 17
  • Direct Sequence Spread Spectrum/DSSS VINTESH PATEL, SCET 18
  • Direct Sequence Spread Spectrum/DSSS - Each station is having unique chip sequence. Say S indicates the m-chip vector for station S, & S’ is its negation. - Note that All chip sequence are pairwise orthogonal, i.e. two different chip sequences S & T, the product S.T = 0 & S.T’ = 0 & S.S = 1 & S.S’ = -1 VINTESH PATEL, SCET 19
  • Direct Sequence Spread Spectrum/DSSS Why Orthogonally Require? - When two or more stations transmits simultaneously, their bipolar signal add linearity. - Understand working of CDMA & BPSK - QPSK …. VINTESH PATEL, SCET 20
  • DSSS – How it works? Encoding A: B: C: D: 00011011 00101110 01011100 01000010 ––1– –11– 10–– 101– 1111 1101 A: (-1, -1, -1, +1, +1, -1, +1, -1) B: DIY C: DIY D: DIY C B+C A + B’ A + B’ + C A+B+C+D A + B + C’ + D S1 = (-1, +1, -1, +1, +1, +1, -1, -1) S2 = (-2, 0, 0, 0, +2, +2, 0, -2) S3 = DIY S4 = DIY S5 = DIY S6 = DIY VINTESH PATEL, SCET 21
  • DSSS – How it works? For Station C, Decoding S1 . C = (+1+1+1+1+1+1+1+1) / 8 = 1 S2 . C = (+2+0+0+0+2+2+0+2) / 8 = 1 S3 . C = (+0+0+2+2+0-2+0-2) / 8 = 0 S4 . C = DIY S5 . C = DIY S6 . C = DIY VINTESH PATEL, SCET 22
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data VINTESH PATEL, SCET 23
  • Wireless Data - Typically raw channel data error rates for cellular X’mission are 10-2 i.e. every 100 bits have a Error. This error rate is very high & even it can detect by the human ear also. - The acceptable BER/bit error rate is 10-2 i.e. one bit in million bits can be tolerate as an error. - It requires effective ECC/Error correction code & ARQ/Automatic Repeat Request. - CDMA Protocol Stack have following layers, VINTESH PATEL, SCET 24
  • Wireless Data Application Interface Layer - Interface between MS & Transport Layer - Functions: Modem Control, AT- Attention, Command Processing, Data compression Transport Layer - Transport layer for CDMA asynch. Data & Fax is based on TCP. TCP has been modified for IS-95 Network Layer - Network layer for CDMA asynch. Data & Fax is based on IP. IP has been modified for IS-95 VINTESH PATEL, SCET 25
  • Wireless Data Sub-network Dependent Convergence Function - Performs harder compression on the header of X’port & N/w Layers - Accepts the network layer datagram packets from n/w layer, performs header compression & passes that datagram to PPP/Point-to-Point Protocol layer. In reverse process, it receives n/w layer datagram & passes with compresses header from PPP layer and passes it to n/w layer. Data Link Layer - uses PPP. - The PPP Link Control Protocol(LCP) is used for initial link establishment and for negotiation of optional links establishment. VINTESH PATEL, SCET 26
  • Wireless Data Internet Protocol Control Protocol Sublayer - Supports negotiation of IP Address & IP compression protocol parameters. - Generally, MS is not having the permanent/static IP address. Therefore it needs to be negotiated and obtained from the network. - This assigned IP address is discarded when the connection is closed like DHCP in LAN. Radio Link Protocol Layer - Responsible for reducing Error Rate over F/w & Reverse Channels. VINTESH PATEL, SCET 27
  • CDMA – Protocol Stack VINTESH PATEL, SCET 28
  • SMS - Wireless Data - 160 alphanumeric characters - uses Control Channels of GSM, also works in ongoing call - working is same in GSM/IS-95 - administration features includes Storage, Profiling, Verification of receipt & status enquiries. VINTESH PATEL, SCET 29
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data • 3rd Generation Networks VINTESH PATEL, SCET 30
  • Third Generation Networks Why telecommunication services are important? - The mobile devices will be used as an integral part of our lives. - Data/Non-Voice usage of 3G will become important and different from the traditional voice business. - Mobile communications will be similar in its social positioning. - CDMA is proffered approach for third generation network and systems. - In North America – CDMA2000 is version of 3G - In Europe/Asia/Austrailia/many other, 3G has been accepted as UMTS/Universal Mobile Telecommunication System and WCDMA/Wideband CDMA VINTESH PATEL, SCET 31
  • Third Generation Networks Main Goals of UMTS is to offer much attractive & richer set of services to the users like, Universal Roaming – Any User will able to move across the world and access the network Higher Bit Rate – More Speed would open the path to wards RICH Multimedia Applications. Mobile Fixed Convergence – to Offer Cross domain services, Virtual Home Environment Flexible Service Architecture – By standardizing not the services themselves but the building blocks that make up services. VINTESH PATEL, SCET 32
  • Third Generation Networks International Mobile Telecommunication - 2000  The 2G network – mainly for digital voice  Then comes 2.5G in which GPRS is introduced – step towards packet data in evolution of 3G  GPRS offers moderate data bandwidth that was sufficient for services like WAP/Wireless Application Protocol, MMS, low bandwidth Internet Access.  GPRS n/ws evolved into – Enhanced Data rates for GSM evolution/EDGE networks that offered high bandwidth packet data capable of multimedia video. It falls under 2.75G & almost in the 3G.  IMT-2000 is the worldwide standard for 3G wireless communications, defined by ITU. VINTESH PATEL, SCET 33
  • Third Generation Networks IMT 2k & 3G capabilities VINTESH PATEL, SCET 34
  • Third Generation Networks International Mobile Telecommunication - 2000  3rd Generation standards includes EDGE, CDMA 2000, UMTS, DECT and WiMax. These standards are both revolutionary & evolutionary. i.e. they are backward compatible to work with 2G systems as well as they are revolutionary as they require – new networks & frequency allocation techniques. VINTESH PATEL, SCET 35
  • Third Generation Networks CDMA - 2000  Third version of IS-95/CDMA-One(cdmaOne radio transmission technology is spread spectrum, wideband radio interface)  Uses CDMA modulation technique  Meets specification of ITU & IMT – 2000  Ranges:  Indoor/Outdoor picocell(<50 meters e.g. one office floor)  Indoor/Outdoor microcell(upto 1km e.g. shopping mall)  Outdoor macrocell(1-35km radius)  Outdoor megacell(>35 kms radius)  Wireless Local Loop(WiLL) VINTESH PATEL, SCET 36
  • VINTESH PATEL, SCET 37
  • Third Generation Networks UMTS/WCDMA  UMTS/Universal Mobile Telecommunication System – some of the encoding techniques are patented by Qualcomm & to avoid that Europe & Japan have different flavor of CDMA i.e. WCDMA/Wideband CDMA  WCDMA is also known as UTRAN/UMTS Terresterial Radio Access Network, uses FDD/Frequency Division Duplex.  Physical layer of UMTS/WCDMA uses DSSS/Direct Sequence SS with chip rate of 3.84 Mcps => Channel bandwidth is 5MHz  Data Rate Supported is few kbps to 2 Mbps  Two Mode of operation : FDD & TDD VINTESH PATEL, SCET 38
  • Third Generation Networks Operational mode TDD/FDD of UMTS/WCDMA  FDD carries UPLINK – MS to BS & DOWNLINK – BS to MS on separate frequencies of 5MHz each. Both transmissions are of equal size.  FDD used for large outdoor n/ws as it can support large no of users.  FDD works well when carrying voice traffic.  In TDD, X’mission shares the same frequency band by sending the UPLINK & DOWNLINK channels during different timeslots.  TDD doesn’t support as many users as FDD, so works well in smaller cells.  TDD more suitable for carrying asymmetric data traffic like Internet.  In TDD UPLINK & DOWNLINK can be modified by assigning more/fewer time slots to each link when ever necessary. VINTESH PATEL, SCET 39
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data • 3rd Generation Networks • Wireless LAN VINTESH PATEL, SCET 40
  • Wireless LAN  WLAN/Wireless Local Area Network – users can be a part of network by staying mobile.  Advantages  Mobility: productivity increases when users have access of network at any location. Wire-free within operating range of WLAN  Low Cost Implementation: Easy to setup, relocate, change & manage. Can operate in the regions where wiring may be impractical  Installation Speed & Simplicity: Installing WLAN is easy & fast & eliminate the cabling structures.  Network Expansion: Easy expansion - very limited Infrastructure need to be setup. VINTESH PATEL, SCET 41
  • Wireless LAN Advantages  Reduce Cost of Ownership: Initial setup require cost more than Wired LAN but after that it is one can look for Long term benefits.  Reliability  Scalability  Usage of ISM Bands: 2.40 GHz, 2.484 GHz, 5.725 GHz, 5.850 GHz – Unlicensed Band, anyone can use that for free use. 5.7 is C band satellite link & yet to be unlicensed. VINTESH PATEL, SCET 42
  • Wireless LAN - Applications  Office/Campus Environment  Factory/Mall Floor  Home Networks  Workgroup Environment  Public Places like Air-Ports, Railway Stations  War/Defense Sites VINTESH PATEL, SCET 43
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data • 3rd Generation Networks • Wireless LAN • IEEE 802.11 Standards VINTESH PATEL, SCET 44
  • IEEE 802.11 Standards  Complete list is there in the book of different standards. Do it yourself. VINTESH PATEL, SCET 45
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data • 3rd Generation Networks • Wireless LAN • IEEE 802.11 Standards • WLAN Architecture VINTESH PATEL, SCET 46
  • Wireless LAN Architecture Types of Wireless LAN  802.11  Initial specifications of Wireless LAN by IEEE  Uses 2.4 GHz Band @Data Rate of 1Mbps & 2Mbps  This standard evolves in many flavors like 802.11b/g/n/a  Up to 54 Mpbs (in 802.11a) – latest MacAir – for personalized Routers  HyperLAN  Began in Europe  Current version i.e. HyperLAN works @5GHz  Next version of HyperLAN/2 will provide 54Mbps with QoS Support VINTESH PATEL, SCET 47
  • Wireless LAN Architecture Types of Wireless LAN  HomeRF  For interoperability between PC & other consumer devices within home.  Uses FHSS & provide 1Mbps to 2Mbps @2.4Ghz  Bluetooth  Promoted by IBM, Sony, Microsoft, Motorola, Nokia & Other Giants  It is WPAN/Wireless Personal Area Network @2.4Ghz  Offers 1Mbps using FHSS in <10 meters  MANET  Is working group within IETF to investigate & develop the standard for Mobile Adhoc Networks. VINTESH PATEL, SCET 48
  • Wireless LAN Architecture – Adhoc vs. Infrastructure Mode Two basic types of (topologically), Infrastructure based Networks  In Infrastructure based networks, the MS/s are associated with the AP-Access Point/BS-Base Stations like in the STAR topology. In Infrastructure based networks, the area covered by one AP/BS forms BSS/Basic Service Set & combination of more than one BSS forms ESS/Extened Service Set Adhoc Networks  In ad-hoc networks, there is no AP/BS. A number of MS forms a cluster to make the network for communication. VINTESH PATEL, SCET 49
  • Wireless LAN Architecture – Adhoc vs. Infrastructure Mode VINTESH PATEL, SCET 50
  • Wireless LAN Architecture – Infrastructure based Networks VINTESH PATEL, SCET 51
  • Wireless LAN Architecture – Adhoc Networks VINTESH PATEL, SCET 52
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data • 3rd Generation Networks • Wireless LAN • IEEE 802.11 Standards • WLAN Architecture • Mobility in Wireless LAN VINTESH PATEL, SCET 53
  • Mobility in Wireless LAN  When station wants to access BSS, the station needs to get synch information from AP/from other station in the case of ad hoc networks.  Two means by which stations can get this information Passive Scanning Station waits to receive BEACON Frame from AP(AP continuously broadcasts it’s beacon frame to indicate its presence) Active Scanning Station tries to locate AP by transmitting PROBE REQUEST Frame & PROBE RESPONSE from the AP VINTESH PATEL, SCET 54
  • Mobility in Wireless LAN The Authentication Process Once station has located an AP & decides to join its’ BSS, it goes through the authentication process. This is interchange of authentication infon betn the AP and MS, where WLAN device proves its identity. The Association Process After authentication, the information exchange about the MS & BSS starts, which allows DSS-set of Aps to know about the current position of the station. MS can start Tx/Rx once the association process completes. VINTESH PATEL, SCET 55
  • Mobility in Wireless LAN Roaming • Process of moving from one cell(here BSS) to another without losing the connection. • Similar to the cellular phone’s handover, with 2 differences, • On packet-based LAN system, the transition from once cell to another be performed between packet transmission, while in telephony where the transition occur during a phone conversation • On voice system, a temporary disconnection during H/O-Handoff doesn’t affect the conversation. However, in packet-based environment it significantly reduces the performance as transmission performed by the upper layer protocols. • The 802.11 standard doesn’t define how roaming should be performed, but defines the basic tools – that includes active/passive scanning & re-association process, where station that roaming from one AP to another becomes associated with the new AP. The IAPP/Inter Access Point Protocol specification addresses the common roaming protocols enabling wirelss station to move across multivendor APs. VINTESH PATEL, SCET 56
  • Mobility in Wireless LAN Roaming • IAPP = Announce Protocol + Handover Protocol • The Announce Protocol – provides coordination information between AP. This information relates to network wide configuration information about active APs. • The Handover Protocol - allows APs to coordinate with each other & determine the status of a station to a new AP. The new AP updates the necessary table/data in the MAC layer. This type of roaming is called HORIZONTAL roaming. • MobileIP is another protocol that is used to allow application layer roaming. VINTESH PATEL, SCET 57
  • Mobility in Wireless LAN (Handoff in 802.11 networks) VINTESH PATEL, SCET 58
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data • 3rd Generation Networks • Wireless LAN • IEEE 802.11 Standards • WLAN Architecture • Mobility in Wireless LAN • Deploying Wireless LAN VINTESH PATEL, SCET 59
  • Deploying Wireless LAN Network Design Basic Steps - Identify the areas that need to be covered - Identify the number of users that need to be serve - Form above 2 steps identify the APs need to be placed - Goal: Provide RF/network coverage to every user - Obstacles: environments objects – walls & other impediments - Based on that also Multipath & RF Inference(caused by another 2.4Ghz signals that are present) need to be taken into account VINTESH PATEL, SCET 60
  • Deploying Wireless LAN Channel Selection  Within 2.4Ghz band, IEEE 802.11 standard define 13 ‘center frequency channel’  Channel 1 – 2.412 GHz  Channel 6 – 2.437 GHz  Channel 11 - 2.462 GHz Fig shows a three-store building serviced by Nine Aps configured with 3 channels. VINTESH PATEL, SCET 61
  • Deploying Wireless LAN Scaling Capability and Bandwidth Fig (a) shows one AP provides the bandwidth of 11Mbps & Fig (b) shows at the same time 3 APs can provides 33Mbps of bandwidth for a user. Uses “Aggregate bandwidth” in localized coverage area helps to service more dense population of wireless clients to increase bandwidth available to each users. VINTESH PATEL, SCET 62
  • Deploying Wireless LAN Configuring the Wireless LAN  Includes configurations of AP as well as MS  Includes –  Assign IP Address to MS  The WEP/Wired Equivalent Privacy security – shared key between AP & MS  IP Address to MS can also possible by DHCP  Advance configurations can include SSID, Beacon Interval, Channel Selection etc. VINTESH PATEL, SCET 63
  • Deploying Wireless LAN Managing 802.11 N/ws Managing Access Point  Task of managing AP can be broken down in 2 parts Management tools – Typically provided by AP Monitoring & Reporting – Provide real time monitoring & alerting VINTESH PATEL, SCET 64
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data • 3rd Generation Networks • Wireless LAN • IEEE 802.11 Standards • WLAN Architecture • Mobility in Wireless LAN • Deploying Wireless LAN • Mobile Adhoc N/w & Wireless sensor N/w VINTESH PATEL, SCET 65
  • Mobile Adhoc N/w(MANET) & Wireless sensor N/w Mobile Adhoc N/w VINTESH PATEL, SCET 66
  • MANET & Wireless sensor N/w Mobile Adhoc N/w  MANET is autonomous system of mobile stations connected by wireless links from a network.  Peer to Peer, Multi-hop Routing of data packets from source to destination via intermediate stations(which work as routers).  Challenges in setting up the Adhoc network 1. Dynamic Topology Nodes are allowed to move in arbitrary fashion. No predefined fix topology. On Demand network configurations. 2. Limited Security More vulnerable to attack as any node can join/leave at anytime. This requires higher openness & flexibility. VINTESH PATEL, SCET 67
  • MANET & Wireless sensor N/w Mobile Adhoc N/w 3. Bandwidth Limitation Wireless networks are generally bandwidth limited. It is more limited in adhoc networks as no Backbone to handle higher bandwidth. Que: Why wired network can provide more bandwidth? 4. Routing The Routing in Adhoc networks is more complex. Depends on many factors like, routing path, topology, protocol, selection of routes etc. VINTESH PATEL, SCET 68
  • MANET & Wireless sensor N/w Wireless Sensor Networks / WSN  Special class of wireless Adhoc networks.  “A wireless sensor network (WSN) consists of spatially distributed autonomous sensors to monitor physical or environmental conditions, such as temperature, sound, pressure, etc. and to cooperatively pass their data through the network to a main location.” - Wikipedia  Nodes/Motes in WSN are mostly of type use & throw. So efficient design required in all terms like routing, energy consumptions, sensing etc. VINTESH PATEL, SCET 69
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data • 3rd Generation Networks • Wireless LAN WLAN Architecture • Mobility in Wireless LAN • Deploying Wireless LAN • Mobile Adhoc N/w & Wireless sensor N/w • Wireless LAN Security • 3G vs WiFi VINTESH PATEL, SCET 70
  • Wireless LAN Security  In Wired Networks, one have to physically connected to the network in order to Tx & Rx data.  In contrast, in wireless n/ws, the radio Tx & Rx is used. Any one in the range can see the communications, so Security is necessary. SSID/Service Set Identifier  According to 802.11 standard, MS connects to AP by providing SSID of the network. i.e. ID of the Basic Service Set/BSS covered by one AP.  MS must know SSID of the AP/network or else it’s packets are rejected by AP.  Advice: one have to change default/factory set SSID provided. VINTESH PATEL, SCET 71
  • Wireless LAN Security Limiting RF Transmission  It is important to control RF transmission by AP/Access Point.  Proper selection of Antenna used can improve the coverage of network as well as power transmitted can also be optimized.  Omni direction antenna, have 360 degree coverage.  Directional Antenna, have one proper angular coverage of the area. VINTESH PATEL, SCET 72
  • Wireless LAN Security MAC Address Access Control  Many AP are configured using MAC Filtering.  List of the MAC Address representing the MSs are allowed/blocked (depends on the configurations of AP) to use the service.  Idea behind MAC Filtering: Every Network Card contains Unique MAC Address. VINTESH PATEL, SCET 73
  • Wireless LAN Security Authentication Modes  Two types of Authentication are defined in 802.11,  Open System Authentication – NO Authentication at all  Shared Key Authentication – based on Symmetric Encryption  It is assumed key is transmitted to both end through some secure channel.  The authenticated station receives the challenge text packet from AP & it send that packet by applying some transformation/modification as response – This completes the One Way Authentication.  To achieve Two Way Authentication, this process is repeated on both the side. VINTESH PATEL, SCET 74
  • Wireless LAN Security WEP/Wired Equipment Privacy WEP is designed to provide these services,  Reasonable Strong Encryption:  It relies on the difficulty to find out the secrete key through brute force attack.  It increases as the key length increases.  Self Synchronization:  Each packet contains the information & required to decrypt.  There is no need to deal with packet lost.  Efficient:  It can be implement in software with reasonable efficiency.  Exportable:  Limiting Key length leads to greater possibility of export beyond US  WEP algorithm is RC4 cryptographic algorithm from RSA Data Security.  RC4 –> Stream Cipher & Symmetric Cryptographic Algorithm. VINTESH PATEL, SCET 75
  • WEP/Wired Equipment Privacy - Algorithm VINTESH PATEL, SCET 76
  • Wireless LAN Security Possible Attacks VINTESH PATEL, SCET 77
  • Wireless LAN Security 802.1X Authentication  802.1X requires 3 entities,  The Supplicant – resides on the wireless LAN client.  The Authenticator – resides on AP.  The Authenticator Server – resides on server authenticating client (e.g. KERBEROS / Other Authenticator Server) VINTESH PATEL, SCET 78
  • Wireless LAN Security 802.1X Authentication  The authenticator creates one logical port per client, based on clients’ association ID.  The logical port has two data parts –  Uncontrolled data path – allows n/w traffic through the n/w.  Controlled data path – requires successful authentication to allow n/w traffic.  Complete association with an AP involves 3 states –  Unauthenticated & Unassociated  Authenticated & Unassociated  Authenticated & Associated VINTESH PATEL, SCET 79
  • Topic Timeline • Introduction • Spread Spectrum Technology • CDMA vs GSM (will be covered after completion of GSM) • Wireless Data • 3rd Generation Networks • Wireless LAN WLAN Architecture • Mobility in Wireless LAN • Deploying Wireless LAN • Mobile Adhoc N/w & Wireless sensor N/w • Wireless LAN Security • 3G vs WiFi VINTESH PATEL, SCET 80
  • 3G vs WiFi VINTESH PATEL, SCET 81
  • 3G vs WiFi VINTESH PATEL, SCET 82
  • 3G vs WiFi VINTESH PATEL, SCET 83
  • UNIT 4 – PART II  Chapter 17 – Voice Over Internet Protocol & Convergence  Chapter 20 – Information Security VINTESH PATEL, SCET 84
  • Topic Timeline • Voice Over Internet Protocol – VoIP - Introduction VINTESH PATEL, SCET 85
  • Voice Over Internet Protocol - VoIP  Traditionally, circuit switch technologies were used in voice communications. Uses FDMA/TDMA.  Provides good QoS & digitized voice or analog voice.  In 1995, hobbyists in Israel made attempt to send voice over/though IP n/w  Then comes Internet Phone Software by VocalTec & era of VoIP begins VINTESH PATEL, SCET 86
  • Topic Timeline • Voice Over Internet Protocol – VoIP • H.323 Framework for VoIP VINTESH PATEL, SCET 87
  • H.323 Framework for VoIP  It’s a standard that provides foundation for multipoint conferencing audio, video and data over IP n/ws – Standardize by ITU.  It is a part of the ITU-T H.32x series of protocols, which also address multimedia communications over ISDN, the PSTN or SS7, and 3G mobile networks. VINTESH PATEL, SCET 88
  • H.323 Protocol Stack VINTESH PATEL, SCET 89
  • H.323 Framework for VoIP  In H.323 implementations, Along with end user devices three additional logical entities are required, they are also known as endpoints  Gateways  Gatekeepers  Multipoint Control Units  Gateway  Purpose: to do media & signal translations from IP to ckt n/w & vice-versa  Translation between audio/video/call setup/clearing  Primary Application:  Establishing links along PSTN terminals  Establishing links with remote H.320 – complaint terminals over Integrated Service Digital Network/ISDN n/w  Establishing links with remote H.324 – complaint terminals over PSTN n/w VINTESH PATEL, SCET 90
  • H.323 Framework for VoIP  Gatekeeper  Works as central point of control for all calls within its zone for all registered endpoints.  Terminals must use the service provided by Gatekeepers.  Performs functions like Bandwidth management & address translation.  Plays a major role in multipoint connections by redirecting the H.245 Control Channel to multipoint controller.  GateWAY can use GateKEEPER to translate incoming E.164 address to IP Address. VINTESH PATEL, SCET 91
  • H.323 Framework for VoIP  Multipoint Control Unit  Provides conference between three or more end points.  MCU consists of MicroController. VINTESH PATEL, SCET 92
  • Topic Timeline • Voice Over Internet Protocol – VoIP • H.323 Framework for VoIP • SIP/Session Initiation Protocol VINTESH PATEL, SCET 93
  • SIP/Session Initiation Protocol Architecture • Protocol to control Telephone over IP • Designed specially for Internet • SIP supports Five Points for establishing & terminating multimedia communication: • • • • • • User Location User Capabilities User Availability Call Setup Call Handling Call Teardown VINTESH PATEL, SCET 94
  • SIP/Session Initiation Protocol Supports Five Facts  User Location: Determines the location & end system to be used for communication  User Capabilities: Determination of media & media parameters to be used  User Availability: Determining the called parties’ willingness to engage in communication  Call Setup: “ringing” establishing call parameters at both parties  Call Handling: manage the transfer of Data/Voice  Call Teardown: at the end of the call, terminate call & release all resources VINTESH PATEL, SCET 95
  • SIP/Session Initiation Protocol Entities in Effect 1. Proxy Server 2. Registrar Server 3. Redirect Server 4. Location Server 5. Gateways VINTESH PATEL, SCET 96
  • SIP/Session Initiation Protocol Entities in Effect  Proxy Server:  SIP Proxies functions are similar to Routers and routing decisions & modifying the request before forwarding it to the next network element. But more capabilities then regular routers. VINTESH PATEL, SCET 97
  • SIP/Session Initiation Protocol Entities in Effect  Registrar Server: • Can be defined as the Server Maintaining the whereabouts of domain. • Accepts the REGISTER request from nodes in VoIP network. • REGISTER requests are generated by clients in order to create/remove mapping with their externally known SIP address & IP address they wish to be connect at. • Uses location service in order to store & retrieve location information.  Redirect Server • Does same function like in case of forwarding the call in PSTN / cellular networks. • It receives REQUEST & RESPONSE with redirection response. • The alternate address is returned as contact headers in the response of SIP message. VINTESH PATEL, SCET 98
  • SIP/Session Initiation Protocol Entities in Effect  Presence Server: • Allows the calling party to know ability & willingness of the other party to participate in the call. • Users interested in getting information of the other party’s precense can subscribe & will receive the notifications of the Users’ Presence. • This is achieved through the Event Server.  SAP(Session Announcement Protocol)/SDP(Session Description Protocol): • SAP – used by Session Directory Clients • SAP announcer periodically multicasts an announcement packet to known multicast port & address • The scope is same as the session it is announcing. VINTESH PATEL, SCET 99
  • SIP/Session Initiation Protocol Entities in Effect  SAP(Session Announcement Protocol)/SDP(Session Description Protocol): • SDP describes multimedia session for purpose of session announcement, session invitation and other types of multimedia session initiation. • Many SDP messages are sent using SAP. • Message can also be sent using Email/WWW.  QoS & Security • In Internet Applications, RSVP/Resource ReSerVation Protocol is designed for Quality Integrated Services. RSVP is used by the host to provide particular QoS. • COPS/Common Open Policy Service protocol is used for simple REQ & RES that can be used to exchange policy information between policy SERVER (PDP/Policy Decision Point) and policy CLIENT(PEP/Policy Enforcement Point) VINTESH PATEL, SCET 100
  • Topic Timeline • Voice Over Internet Protocol – VoIP • H.232 Framework for VoIP • SIP/Session Initiation Protocol • SIP vs H.323 VINTESH PATEL, SCET 101
  • H.323 vs SIP VINTESH PATEL, SCET 102
  • H.323 vs SIP VINTESH PATEL, SCET 103
  • H.323 vs SIP VINTESH PATEL, SCET 104
  • Topic Timeline • Voice Over Internet Protocol – VoIP • H.232 Framework for VoIP • SIP/Session Initiation Protocol • H.323 vs SIP • Real Time Protocols VINTESH PATEL, SCET 105
  • Real Time Protocols  Good QoS is required to support real time communication  RTTP/Real Time Transport Protocols  RTP is both IEFT & ITU standard/H.255  It defines the packet format for multimedia data  Is used by many protocols, such as Realtime Streaming H.232 & SIP  RTCP/Real Time Control Protocols  Is based on periodic transmission of control protocol packets to all participants in session  RTSP/Real Time Streaming Protocols  Is a client server protocol, designed to address video streaming efficiency VINTESH PATEL, SCET 106
  • Topic Timeline • Voice Over Internet Protocol – VoIP • H.232 Framework for VoIP • SIP/Session Initiation Protocol • H.323 vs SIP • Real Time Protocols • Convergence Technologies VINTESH PATEL, SCET 107
  • Convergence Technologies  To make convergence & interworking between PSTN & IP network possible, three functional elements are defined,  Media Gateway – Packetization of voice & other traffic  Signaling Gateway – Responsible for interfacing of SS#7 network & Forwarding signal to IP Network  Media Gateway Controller – Plays role of mediator to enable & control access & resource usage between IP & PSTN network VINTESH PATEL, SCET 108
  • Convergence Technologies  SCP – Service Control Point (more detail on Chapter-11 in Reference Book – 1)  SCP addressable from SS#7 Networks VINTESH PATEL, SCET 109
  • Convergence Technologies Media Gateway  MG/Media Gateway allows various type of media(i.e. Fax, Voice, Video etc) from one type of n/w to another. These media must be transportable for IP networks as well as digital/analog ckt s/w networks.  Integrity or Quality is controlled by encoding, echo cancelling, decoding etc.  MG function provides bi-directional interface between ckt s/w networks and media related elements in IP networks.  Example: High scalable MG are implemented by High Speed Time Domain Multiplexing(TDM) trunk interface, which are commonly used between s/wing elements in ckt s/w networks. (Trunk – Line/Link) VINTESH PATEL, SCET 110
  • Convergence Technologies Media Gateway Controller  Key responsibility: Data flow related information & provide associated instructions on interconnecting of 2 or more IP elements so that they can exchange information.  Maintains the information of all current data flow.  Instructs MG that how to setup, maintain and terminate the data flow.  Exchanges ISUP(ISDN/Integrated Services Digital Network User Part) messages with Central Office via SG/Signaling Gateway  In H.323 these functions are performed by Gatekeepers  Sometimes, AKA SoftSwitch VINTESH PATEL, SCET 111
  • Convergence Technologies Signaling Gateway  SG implements interface between an SS7 network and other call oriented elements in IP network.  Key Responsibility: Repack SS#7 packets into format understood by elements in each network & to present actual view of elements in IP network to SS#7 network.  SG needs to implement SS#7 messaging that obeys all rules of SS#7 network, while also accommodate variety of behavior in IP network.  It is necessary that SG understand all the messages & protocols of SS#7 network to perform it functionality.  It should also provide protection against the undesirable traffic & malicious instructions. VINTESH PATEL, SCET 112
  • Convergence Technologies Megaco/H.248 - Media Gateway Control Protocol  Defined in RFC 3015 & Adapted by ITU  Two basic components 1. Termination & 2. Contexts  Terminations represents stream entering/leaving MG. Examples – analog telephone lines, ATM Stream, MPEG stream. They should be placed in Contexts, which are defined as two or more termination stream are mixed & connected together.  Context are created by adding the first termination, & removing last terminations.  There is a special context called NULL CONTEXT – it contains terminations that are not connected to other terminations. VINTESH PATEL, SCET 113
  • Media Gateway Control Protocol VINTESH PATEL, SCET 114
  • SIGTRAN/Signaling Transport & SCTP/Stream Control Transmission  Signaling Transport (SIGTRAN) refers to a protocol stack for the transport of Switched Circuit Network (SCN) signaling protocols (SS7/C7) over an IP network.  SIGTRAN is the evolution of SS7, which defines adaptors and a core transport capabilities that blend SS7 and packet protocols to provide users with the best both technologies have to offer.  Applications of SIGTRAN include: Internet dial-up remote access, IP telephony interworking with PSTN and other services as identified.  Source: http://www.javvin.com/protocolSIGTRAN.html VINTESH PATEL, SCET 115
  • SIGTRAN/Signaling Transport & SCTP/Stream Control Transmission  SIGTRAN defines the protocol architecture through RFC2719 and SCTP/Stream Control Transmission protocol through RFC2960  A RFC/Request for Comments is a publication of the IETF/Internet Engineering Task Force and the Internet Society, the principal technical development and standards-setting bodies for the Internet. i.e. Set of protocol suits  SCTP is end-to-end, connection oriented that transport in independent sequenced stream.  SCTP was designed to provide general purpose transport protocol for message-oriented application, as in need for the transportation of signaling data.  In TCP/IP layer stack, SCTP resides in the Transport layer, along with TCP/UDP. VINTESH PATEL, SCET 116
  • SIGTRAN/Signaling Transport & SCTP/Stream Control Transmission  Difference between TCP & SCTP  Multihoming – SCTP supports multi-homed nodes, i.e. one node can be accessed by Several IP Address which is not the case in TCP which allows the use of alternate route for a particular node when there is the network failure. This make the node fault tolerant.  In TCP if packet is lost, communication stops & waits leads to retransmission. This phenomenon where packets are blocked by packet in front which has been lost is known as Head- of -Line Blocking.  MultiStreaming – effective way of limiting Head- of -Line Blocking. The advantage of multi streaming is that if one stream is failed then can work with another stream & communication can be continued w/o interruption. VINTESH PATEL, SCET 117
  • Topic Timeline • Voice Over Internet Protocol – VoIP • H.232 Framework for VoIP • SIP/Session Initiation Protocol • H.323 vs SIP • Real Time Protocols • Convergence Technologies • Call Routing VINTESH PATEL, SCET 118
  • Call Routing  Four Groups: 1. 2. 3. 4. IP to IP IP to PSTN PSTN to IP PSTN to PSTN via IP VINTESH PATEL, SCET 119
  • Call Routing SIP to SIP Call Flow  Say communicating parties are A & B.  Two SPI proxies are there for A & B in the system to facilitate session establishment.  A calls B using B’s SIP URI/Uniform Resource Identifier, similar to email address, typically containing Username & Hostname. E.g. sip:bob@xyz.com where xyz.com is domain name of B’s SPI provider. Say A has SIP URI – sip:alice@abc.com  It can be sips:alice@abc.com to indicate secured URI.  Transaction begins with A’s sending an INVITE request addressed to B’s SIP URI. The format of INVITE is shown in next figure. VINTESH PATEL, SCET 120
  • Call Routing SIP to SIP Call Flow – INVITE format SIP Message B’s SIP URI Type SIP Version No. VINTESH PATEL, SCET 121
  • Call Routing SIP Session Setup RPT = Resource Path Testing Each Message starts with F & the following number to F shows the message serial number in transaction sequence. VINTESH PATEL, SCET 122
  • Call Routing SIP Session Setup Source: http://www.tutorialreports.com/internet/telephony/voip/ sip/sip-voip.php VINTESH PATEL, SCET 123
  • Call Routing SIP to PSTN Call Flow  Take the case where Party-A calls Party-B from IP Phone with IP address to PSTN phone with valid Phone number.  When A calls B by using user agent(i.e. Skype like software) to B’s Phone Number(i.e. say 011-12312123) then first B’s phone number is get converted to the E.164 format (i.e. say +23121231110). In which last 3 digits specifies the SIP server to be reached to route the message to(i.e. here in this case which is 1.1.0), which is SIP Proxy Server.  Before starting routing SIP Proxy make Query to the local database for the location of B. That is equivalent to HLR system. The proxy finds out whether the user have capability for calling the person or not.  The SIP Server on receiving this request, queries its database and finds out the number belongs to the PSTN. Then SIP Server triggers CA/Calling Agent or MGC. VINTESH PATEL, SCET 124
  • Call Routing SIP to PSTN Call Flow ….. Here SG is responsible for Message conversion from SIP to PSTN format & vice-versa. CA/MGC contacts MG/Media Gateway using MGCP/Media Gateway Control Protocol for establishing the RTP path and coded conversion. VINTESH PATEL, SCET 125
  • Call Routing PSTN to SIP Call Flow  When Party B(PSTN) calls Party A(IP), assume that Party A have number to be dialed from normal telephone.  Now as idea is to have maximum traffic is to be transferred to IP network, the SSP to which party is linked/associated.  Every SSP should be having a MG/SG linked to itself, which is not practical so in option to that SSP handles those messages to some SSP which has MG/SG.  If number dialed by a person is XXX-XX-XXX then at the first Signaling Gateway, SIP proxy would know that destination SIP proxy is in place ABC, then normal SIP package routes through the IP network, this message also routes till reaches the SIP proxy @ABC. VINTESH PATEL, SCET 126
  • Call Routing PSTN to SIP Call Flow VINTESH PATEL, SCET 127
  • Topic Timeline • Voice Over Internet Protocol – VoIP • H.232 Framework for VoIP • SIP/Session Initiation Protocol • H.323 vs SIP • Real Time Protocols • Convergence Technologies • Call Routing • Applications of VoIP – DIY • IMS – IP Multimedia SubSystem VINTESH PATEL, SCET 128
  • IMS/IP Multimedia Subsystem  IMS – emerging standard, which looks at total convergence of voice and multimedia.  Sometimes referred as All IP network, was specified by 3GPP/3rd Generation Partnership Project. REQUIREMENTS:VINTESH PATEL, SCET 129
  • IMS/IP Multimedia Subsystem CONVERGED SERVICES:- VINTESH PATEL, SCET 130
  • IMS/IP Multimedia Subsystem Architecture Three Layers: 1. Service/Application Layer 2. Session Control Layer 3. Communication Layer CSCF provides registration & routing of SIP signaling to application server. Session Control Layer includes HSS/Home Subscriber Server database that maintain unique profile for each end user which includes – IP Address, Roaming Info, Telephony Services, Voice Mail Services VINTESH PATEL, SCET 131
  • Topic Timeline • Voice Over Internet Protocol – VoIP • H.232 Framework for VoIP • SIP/Session Initiation Protocol • H.323 vs SIP • Real Time Protocols • Convergence Technologies • Call Routing • Applications of VoIP – DIY • IMS – IP Multimedia SubSystem • Mobile VoIP VINTESH PATEL, SCET 132
  • Mobile VoIP H.323 & Magaco have not addressed mobility for VoIP. User mobility is defined as the ability to communicate of mobile users irrespective of the terminal & user mobility/location. In VoIP context, roaming referred to connectivity between endpoints are assured while they both/any one is moving. Such reachability can be continuous or discrete. VINTESH PATEL, SCET 133
  • Topic Timeline  Security Issues in Mobile Computing VINTESH PATEL, SCET 134
  • Aspect of Information Security  Security Attack  Security Mechanism  Security Service  Security Attack Any action that compromises the security of information owned by an organization  Security Mechanism A mechanism that is designed to detect, prevent, or recover from a security attack.  Security Services ◦ It is something that enhances the security of the data processing systems and the information transfers of an organization ◦ Intended to counter security attacks ◦ Makes the use of one or more security mechanisms to provide the service VINTESH PATEL, SCET 135
  • Information Security To build information security system, we need to know answers of questions like, - Who is enemy? - Vulnerabilities? - Weak leaks in system? - What need special protection? - Possible effects of vulnerabilities after attack? - How much security system costs, in terms of Money, Resource & Time? - Strategy to recover from loss due to attacks? - When to deploy system? VINTESH PATEL, SCET 136
  • Information Security Classification of Attacks based on Assets, • Attacks on Dynamic Assets • • • • • Interception Modification Fabrication Interruption Attacks on Static Assets • • • • • • Virus & Worms DoS Intrusion Replay Attacks Buffer overflow Attacks Trapdoor Attacks VINTESH PATEL, SCET 137
  • Confidentiality Components of Information Security  Ensured by Encryption/Decryption of Data Information Security = Secrecy of Information/Message etc.  PT/Plain Text, CT/Cipher Text • Confidentiality • Availability • Integrity • Trust • . Authorization •  Key-space: The range of possible key values Non-Repudiation •  Terms: Accounting  Cryptography | Cryptographers | Cryptanalyst | Cryptanalysis  Steganography? VINTESH PATEL, SCET 138
  • Components of Information Security Information Security = Secrecy of Information/Message etc. Integrity  Ensured by adding additional information like  Checksum  Message Diagest  MAC/HASH • Confidentiality • Integrity • Authorization • Availability  It deals with privileges/rights. • Non-Repudiation  Transactions involves 2 parties: Subject/User & Object/Data • Trust  The privilege to an object is defined through ACL/Access Control List. • Accounting  e.g. Database Users with different rights/privileges have access according to their rights only.  Ensures the no alternation of message @RX party Authorization VINTESH PATEL, SCET 139
  • Components of Information Security Information Security = Secrecy of Information/Message etc. • Confidentiality • Integrity • Authorization • Availability • Non-Repudiation • Trust • Accounting Availability  Media Mgt. is not under the scope of Security Protocols & Algorithms  Media Mgt. is needed to ensure Availability of Service  Example: Providing service to e-commerce webapp against the threat(which targets the webapp to goes down due to too many request – situation like GTU’s Exam Result Servers on first hour – DoS attacks) which servers a purpose of making someone out from the competition during particular season like Blackfriday.  Sometime against the terrorist organizations – area called CensorshipResistant Publishing through document entanglement. Non-Repudiation  Authentication & non-repudiation have some overlapping properties.  Authentication: You are the one who you claim to be.  Non-Repudiation: We identify the identity of party beyond any point of doubt. i.e. Authentication with formal record – which have some binding like signature in cheque. VINTESH PATEL, SCET 140
  • Components of Information Security Information Security = Secrecy of Information/Message etc. Trust  Mobile users expect to access resources & service anytime & anywhere. This leads to security risks & access control problem.  To handle such dynamic ever-changing context, trust based authentication system is necessary.  Trust involves developing a security policy, assigning cardinalities to entities, verifying that the cardinalities fulfill the policy. • Confidentiality • Integrity • Authorization Accounting • Availability • Non-Repudiation • Trust  For any Service, The provider need to be paid, irrespective to the service type whether it is of kind Content Service or Network Service. So Accounting & Billing is very critical aspect in mobile computing. • Accounting  Accounting is the process by which the usage of service is metered. Based on the usage, the service provider collects the fees directly from the user. VINTESH PATEL, SCET 141
  • Security Techniques & Algorithms • Stream & Block Cipher • Symmetric Key Cryptography • • • • Public Key Cryptography • • • • DES 3-DES/Triple DES AES Deffie Hellman RSA ECC Hashing Algorithm • • • • MD5 SHA MAC Strem & Block Cipher  In Stream Ciphers, a bit/byte is taken at a time & processed(i.e. Encrypted/Decrypted).  Wireless LAN uses the Stream Cipher.  In this scenario, Key should be unique for every encryption.  While in Block Cipher, the blocks/chunks(like 64 Bits/128 Bits etc.) of PT/Plain Text is processed.  Majority of Cryptosystems uses the Block Cipher. Security Protocols • • • • • • SSL TSL WTSL Multifactor Security Digital Watermarking Key Recovery VINTESH PATEL, SCET 142
  • Security Techniques & Algorithms •  Same key is used for Encryption & Decryption at Sender & Receiver side respectively. Stream & Block Cipher • Symmetric Key Cryptography Symmetric Key Cryptography • • • • Public Key Cryptography • • • • DES 3-DES/Triple DES AES Deffie Hellman RSA ECC Hashing Algorithm • • • • MD5 SHA MAC Secret Secret Key Key PlainText Encryption Decryption Plaintext Message Algorithm Algorithm Message Security Protocols • • • • • • SSL TSL WTSL Multifactor Security Digital Watermarking Key Recovery VINTESH PATEL, SCET Transmitted CT/Cipher Text 143
  • Security Techniques & Algorithms •  Different keys are used for Encryption & Decryption at Sender & Receiver side respectively. Stream & Block Cipher • Public/ASymmetric Key Cryptography Symmetric Key Cryptography • • • • Public Key Cryptography • • • • DES 3-DES/Triple DES AES Deffie-Hellman Key Exchange RSA ECC Hashing Algorithm • • • • MD5 SHA MAC Security Protocols • • • • • • SSL TSL WTSL Multifactor Security Digital Watermarking Key Recovery VINTESH PATEL, SCET 144
  • Security Techniques & Algorithms • Stream & Block Cipher • Symmetric Key Cryptography • • • • Public Key Cryptography • • • • DES 3-DES/Triple DES AES Deffie-Hellman Key Exchange RSA ECC Hashing Algorithm • • • • MD5 SHA MAC Security Protocols • • • • • • SSL TSL WTSL Multifactor Security Digital Watermarking Key Recovery Hashing Algorithm  Authentication Functions  HASH  MAC  Message Encryption itself is providing Authentication  HASH vs MAC  HASH(Message) = Fixed Length of HaSh value i.e. Authenticator  MAC(Message, Key) = Fixed Length of HaSh value i.e. Authenticator  Why Hash?  Provides Authenticity of Message. Remember we are not hiding the message but ensuring that the message has not been altered inbetween & came from legal Party.  Different Methods for Hashing –  MD5  SHA  MAC VINTESH PATEL, SCET 145
  • Security Techniques & Algorithms Security Protocols • Stream & Block Cipher  SSL • Symmetric Key Cryptography  TSL • • • • Public Key Cryptography • • • • DES 3-DES/Triple DES AES Deffie-Hellman Key Exchange RSA ECC Hashing Algorithm • • • • MD5 SHA MAC  WTSL  Multifactor Security  Digital Watermarking  Key Recovery Security Protocols • • • • • • SSL TSL WTSL Multifactor Security Digital Watermarking Key Recovery VINTESH PATEL, SCET 146
  • Overview Security Frameworks for Mobile Environment. DIY • 3GPP • Mobile Virtual Private Network • Multifactor Security • Smartcard Security • RFID Security • Mutual & Spatial Authentication • Mobile Agent Security • Mobile Worm & Virus VINTESH PATEL, SCET 147
  • References  “Mobile Computing” By Asoke K Telukder, Roopa R Yavagal, TMH  “Principle of Wireless Networks” By Pahlavan & Prashant – Highly recommended for Specific Questions(& For Better Grades Specially in GTU) VINTESH PATEL, SCET 148