Unit 4 -Wireless communication & mobile programming
1. Wireless Communication &
Mobile Programming
UNIT- 4 – WIRELESS APPLICATION PROTOCOL(WAP), MMS, GPRS
APPLICATION CDMA & 3G
A C A D E M I C Y E A R : 2 0 1 3 - 1 4 @ S C E T, S U R AT
VINTESH PATEL, SCET
1
2. Reference Book
“Mobile Computing” By Asoke K Telukder, Roopa R
Yavagal, TMH
Chapters – PART I(9, 10), PART II (17, 20)
VINTESH PATEL, SCET
2
3. UNIT 4 – PART I
Chapter – 9 – CDMA & 3G
Chapter – 10 – Wireless LAN
VINTESH PATEL, SCET
3
4. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
VINTESH PATEL, SCET
4
9. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
VINTESH PATEL, SCET
9
10. Spread Spectrum
Main Idea of evolution of Spread Spectrum
- Strength against Signal/Frequency Jamming
- Uses total Spectrum instead of Specific Freq./Freq. Range
- Spread Transmission Power over complete band
VINTESH PATEL, SCET
10
11. Different Techniques of Spread Spectrum
Direct Sequence SS
- Typically used to transmit Digital Information
- Mix Specific/Pseudo Random Code with Digital Information
- Commonly called CDMA – Code Division Multiplexing
Frequency Hopping SS
- Center frequency of Conventional carrier is altered within a fixed time
period in accordance with pseudo random list of channels
VINTESH PATEL, SCET
11
12. Different Techniques of Spread Spectrum
Chrip
- Carrier that swap over the range of frequencies
- Used in ranging and radar systems
Time Hopping
- Carrier is ON-OFF keyed by Pseudo Noise sequence resulting in very low
duty cycle.
- The Speed of keying decides the amount of signal spreading
VINTESH PATEL, SCET
12
13. Different Techniques of Spread Spectrum
Hybrid System
- Combination of any two systems of earlier SS techniques
- Obviously, performance of this system will be more than can be applied
any single SS technique for the same cost
- Generally, FHSS & DSSS is commonly used
VINTESH PATEL, SCET
13
14. Direct Sequence Spread Spectrum/DSSS
- Example
Party A & B communicating in any X language. Now n people in a
room with A & B are communicating simultaneously with different –
different language, then other than Language X, all other is noise for them.
- Key to DSSS
Extract desired signal/s & reject all other as noise
VINTESH PATEL, SCET
14
15. Direct Sequence Spread Spectrum/DSSS
- Key Elements
1.
2.
3.
Signal occupies the bandwidth much larger than what is necessary to send the
information.
Bandwidth is spread by the means of the code, which is independent of the data.
The receiver is synchronizes to the code to recover data. The use of independent code and
synchronous reception allows multiple users to access the same frequency band at the
same time.
- To protect the signal, code used is pseudo random, which appears random while
being actually deterministic i.e. Rx is enable to retrieve on its side.
- This pseudo random code is called pseudo random noise.
- DSSS allows each station to transmit over entire range of frequency all the time.
VINTESH PATEL, SCET
15
16. Direct Sequence Spread Spectrum/DSSS
- DSSS – commonly called CMDA
- Each station is assigned a unique m-bit code called CDMA chip sequence
- To transmit 1, Tx sends its chip sequence & for 0, it sends complement
chip sequence
- E.g. suppose A station have chip sequence is “00011011”
- It transmit 1 by sending – 00011011 & 0 by – 11100100
- In Bipolar Notation, 0 is +1 & 1 is -1,
- so A transmits bit 0 by sending (-1,-1,-1,+1,+1,-1,+1,+1) & 1 by sending
(+1,+1,+1,-1,-1,+1,-1-1)
VINTESH PATEL, SCET
16
17. Direct Sequence Spread Spectrum/DSSS
- For manipulation of bits, we XOR the input bits, whereas In Bipolar
Notations we multiply to get the desired result, i.e.
-XOR
=>
Bipolar
-0 XOR 0 = 0
=>
+1 x +1 = +1
-1 XOR 1 = 0
=>
-1 x -1 = +1
-1 XOR 0 = 1
=>
-1 x +1 = -1
-0 XOR 1 = 1
=>
+1 x -1 = -1
VINTESH PATEL, SCET
17
19. Direct Sequence Spread Spectrum/DSSS
- Each station is having unique chip sequence. Say S indicates the m-chip
vector for station S, & S’ is its negation.
- Note that All chip sequence are pairwise orthogonal, i.e. two different
chip sequences S & T, the product S.T = 0 & S.T’ = 0 & S.S = 1 & S.S’ = -1
VINTESH PATEL, SCET
19
20. Direct Sequence Spread Spectrum/DSSS
Why Orthogonally Require?
- When two or more stations transmits simultaneously, their bipolar signal
add linearity.
- Understand working of CDMA & BPSK - QPSK ….
VINTESH PATEL, SCET
20
21. DSSS – How it works?
Encoding
A:
B:
C:
D:
00011011
00101110
01011100
01000010
––1–
–11–
10––
101–
1111
1101
A: (-1, -1, -1, +1, +1, -1, +1, -1)
B: DIY
C: DIY
D: DIY
C
B+C
A + B’
A + B’ + C
A+B+C+D
A + B + C’ + D
S1 = (-1, +1, -1, +1, +1, +1, -1, -1)
S2 = (-2, 0, 0, 0, +2, +2, 0, -2)
S3 = DIY
S4 = DIY
S5 = DIY
S6 = DIY
VINTESH PATEL, SCET
21
22. DSSS – How it
works?
For Station C,
Decoding
S1 . C = (+1+1+1+1+1+1+1+1) / 8 = 1
S2 . C = (+2+0+0+0+2+2+0+2) / 8 = 1
S3 . C = (+0+0+2+2+0-2+0-2) / 8 = 0
S4 . C = DIY
S5 . C = DIY
S6 . C = DIY
VINTESH PATEL, SCET
22
23. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
VINTESH PATEL, SCET
23
24. Wireless Data
- Typically raw channel data error rates for cellular X’mission are 10-2 i.e.
every 100 bits have a Error. This error rate is very high & even it can detect
by the human ear also.
- The acceptable BER/bit error rate is 10-2 i.e. one bit in million bits can be
tolerate as an error.
-
It requires effective ECC/Error correction code & ARQ/Automatic Repeat
Request.
- CDMA Protocol Stack have following layers,
VINTESH PATEL, SCET
24
25. Wireless Data
Application Interface Layer
- Interface between MS & Transport Layer
- Functions: Modem Control, AT- Attention, Command Processing, Data
compression
Transport Layer
- Transport layer for CDMA asynch. Data & Fax is based on TCP. TCP has been
modified for IS-95
Network Layer
- Network layer for CDMA asynch. Data & Fax is based on IP. IP has been
modified for IS-95
VINTESH PATEL, SCET
25
26. Wireless Data
Sub-network Dependent Convergence Function
- Performs harder compression on the header of X’port & N/w Layers
- Accepts the network layer datagram packets from n/w layer, performs
header compression & passes that datagram to PPP/Point-to-Point
Protocol layer. In reverse process, it receives n/w layer datagram & passes
with compresses header from PPP layer and passes it to n/w layer.
Data Link Layer
- uses PPP.
- The PPP Link Control Protocol(LCP) is used for initial link establishment
and for negotiation of optional links establishment.
VINTESH PATEL, SCET
26
27. Wireless Data
Internet Protocol Control Protocol Sublayer
- Supports negotiation of IP Address & IP compression protocol
parameters.
- Generally, MS is not having the permanent/static IP address. Therefore it
needs to be negotiated and obtained from the network.
- This assigned IP address is discarded when the connection is closed like
DHCP in LAN.
Radio Link Protocol Layer
- Responsible for reducing Error Rate over F/w & Reverse Channels.
VINTESH PATEL, SCET
27
29. SMS - Wireless Data
- 160 alphanumeric characters
- uses Control Channels of GSM, also works in ongoing call
- working is same in GSM/IS-95
- administration features includes Storage, Profiling, Verification of receipt
& status enquiries.
VINTESH PATEL, SCET
29
30. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
• 3rd Generation Networks
VINTESH PATEL, SCET
30
31. Third Generation Networks
Why telecommunication services are important?
- The mobile devices will be used as an integral part of our lives.
- Data/Non-Voice usage of 3G will become important and different from the traditional voice
business.
- Mobile communications will be similar in its social positioning.
- CDMA is proffered approach for third generation network and systems.
- In North America – CDMA2000 is version of 3G
- In Europe/Asia/Austrailia/many other, 3G has been accepted as
UMTS/Universal Mobile Telecommunication System and WCDMA/Wideband
CDMA
VINTESH PATEL, SCET
31
32. Third Generation Networks
Main Goals of UMTS is to offer much attractive & richer set of services to
the users like,
Universal Roaming – Any User will able to move across the world and
access the network
Higher Bit Rate – More Speed would open the path to wards RICH
Multimedia Applications.
Mobile Fixed Convergence – to Offer Cross domain services, Virtual Home
Environment
Flexible Service Architecture – By standardizing not the services
themselves but the building blocks that make up services.
VINTESH PATEL, SCET
32
33. Third Generation Networks
International Mobile Telecommunication - 2000
The 2G network – mainly for digital voice
Then comes 2.5G in which GPRS is introduced – step towards packet data
in evolution of 3G
GPRS offers moderate data bandwidth that was sufficient for services like
WAP/Wireless Application Protocol, MMS, low bandwidth Internet Access.
GPRS n/ws evolved into – Enhanced Data rates for GSM evolution/EDGE
networks that offered high bandwidth packet data capable of multimedia
video. It falls under 2.75G & almost in the 3G.
IMT-2000 is the worldwide standard for 3G wireless communications,
defined by ITU.
VINTESH PATEL, SCET
33
35. Third Generation Networks
International Mobile Telecommunication - 2000
3rd Generation standards includes EDGE, CDMA 2000, UMTS, DECT and
WiMax. These standards are both revolutionary & evolutionary. i.e. they
are backward compatible to work with 2G systems as well as they are
revolutionary as they require – new networks & frequency allocation
techniques.
VINTESH PATEL, SCET
35
36. Third Generation Networks
CDMA - 2000
Third version of IS-95/CDMA-One(cdmaOne radio transmission
technology is spread spectrum, wideband radio interface)
Uses CDMA modulation technique
Meets specification of ITU & IMT – 2000
Ranges:
Indoor/Outdoor picocell(<50 meters e.g. one office floor)
Indoor/Outdoor microcell(upto 1km e.g. shopping mall)
Outdoor macrocell(1-35km radius)
Outdoor megacell(>35 kms radius)
Wireless Local Loop(WiLL)
VINTESH PATEL, SCET
36
38. Third Generation Networks
UMTS/WCDMA
UMTS/Universal Mobile Telecommunication System – some of the
encoding techniques are patented by Qualcomm & to avoid that Europe &
Japan have different flavor of CDMA i.e. WCDMA/Wideband CDMA
WCDMA is also known as UTRAN/UMTS Terresterial Radio Access
Network, uses FDD/Frequency Division Duplex.
Physical layer of UMTS/WCDMA uses DSSS/Direct Sequence SS with chip
rate of 3.84 Mcps => Channel bandwidth is 5MHz
Data Rate Supported is few kbps to 2 Mbps
Two Mode of operation : FDD & TDD
VINTESH PATEL, SCET
38
39. Third Generation Networks
Operational mode TDD/FDD of UMTS/WCDMA
FDD carries UPLINK – MS to BS & DOWNLINK – BS to MS on separate
frequencies of 5MHz each. Both transmissions are of equal size.
FDD used for large outdoor n/ws as it can support large no of users.
FDD works well when carrying voice traffic.
In TDD, X’mission shares the same frequency band by sending the UPLINK
& DOWNLINK channels during different timeslots.
TDD doesn’t support as many users as FDD, so works well in smaller cells.
TDD more suitable for carrying asymmetric data traffic like Internet.
In TDD UPLINK & DOWNLINK can be modified by assigning more/fewer
time slots to each link when ever necessary.
VINTESH PATEL, SCET
39
40. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
• 3rd Generation Networks
• Wireless LAN
VINTESH PATEL, SCET
40
41. Wireless LAN
WLAN/Wireless Local Area Network – users can be a part of network by
staying mobile.
Advantages
Mobility: productivity increases when users have access of network at any
location. Wire-free within operating range of WLAN
Low Cost Implementation: Easy to setup, relocate, change & manage. Can
operate in the regions where wiring may be impractical
Installation Speed & Simplicity: Installing WLAN is easy & fast & eliminate the
cabling structures.
Network Expansion: Easy expansion - very limited Infrastructure need to be
setup.
VINTESH PATEL, SCET
41
42. Wireless LAN
Advantages
Reduce Cost of Ownership: Initial setup require cost more than Wired LAN but
after that it is one can look for Long term benefits.
Reliability
Scalability
Usage of ISM Bands: 2.40 GHz, 2.484 GHz, 5.725 GHz, 5.850 GHz – Unlicensed
Band, anyone can use that for free use. 5.7 is C band satellite link & yet to be
unlicensed.
VINTESH PATEL, SCET
42
43. Wireless LAN - Applications
Office/Campus Environment
Factory/Mall Floor
Home Networks
Workgroup Environment
Public Places like Air-Ports, Railway Stations
War/Defense Sites
VINTESH PATEL, SCET
43
44. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
• 3rd Generation Networks
• Wireless LAN
• IEEE 802.11 Standards
VINTESH PATEL, SCET
44
45. IEEE 802.11 Standards
Complete list is there in the book of different standards. Do it yourself.
VINTESH PATEL, SCET
45
46. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
• 3rd Generation Networks
• Wireless LAN
• IEEE 802.11 Standards
• WLAN Architecture
VINTESH PATEL, SCET
46
47. Wireless LAN Architecture Types of Wireless LAN
802.11
Initial specifications of Wireless LAN by IEEE
Uses 2.4 GHz Band @Data Rate of 1Mbps & 2Mbps
This standard evolves in many flavors like 802.11b/g/n/a
Up to 54 Mpbs (in 802.11a) – latest MacAir – for personalized Routers
HyperLAN
Began in Europe
Current version i.e. HyperLAN works @5GHz
Next version of HyperLAN/2 will provide 54Mbps with QoS Support
VINTESH PATEL, SCET
47
48. Wireless LAN Architecture Types of Wireless LAN
HomeRF
For interoperability between PC & other consumer devices within home.
Uses FHSS & provide 1Mbps to 2Mbps @2.4Ghz
Bluetooth
Promoted by IBM, Sony, Microsoft, Motorola, Nokia & Other Giants
It is WPAN/Wireless Personal Area Network @2.4Ghz
Offers 1Mbps using FHSS in <10 meters
MANET
Is working group within IETF to investigate & develop the standard for Mobile Adhoc
Networks.
VINTESH PATEL, SCET
48
49. Wireless LAN Architecture –
Adhoc vs. Infrastructure Mode
Two basic types of (topologically),
Infrastructure based Networks
In Infrastructure based networks, the MS/s are associated with the AP-Access
Point/BS-Base Stations like in the STAR topology.
In Infrastructure based networks, the area covered by one AP/BS forms BSS/Basic
Service Set & combination of more than one BSS forms ESS/Extened Service Set
Adhoc Networks
In ad-hoc networks, there is no AP/BS. A number of MS forms a cluster to make the
network for communication.
VINTESH PATEL, SCET
49
53. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
• 3rd Generation Networks
• Wireless LAN
• IEEE 802.11 Standards
• WLAN Architecture
• Mobility in Wireless LAN
VINTESH PATEL, SCET
53
54. Mobility in Wireless LAN
When station wants to access BSS, the station needs to get synch information from
AP/from other station in the case of ad hoc networks.
Two means by which stations can get this information
Passive Scanning
Station waits to receive BEACON Frame from AP(AP continuously broadcasts it’s
beacon frame to indicate its presence)
Active Scanning
Station tries to locate AP by transmitting PROBE REQUEST Frame & PROBE
RESPONSE from the AP
VINTESH PATEL, SCET
54
55. Mobility in Wireless LAN
The Authentication Process
Once station has located an AP & decides to join its’ BSS, it goes through the
authentication process. This is interchange of authentication infon betn the AP and MS,
where WLAN device proves its identity.
The Association Process
After authentication, the information exchange about the MS & BSS starts,
which allows DSS-set of Aps to know about the current position of the station. MS can
start Tx/Rx once the association process completes.
VINTESH PATEL, SCET
55
56. Mobility in Wireless LAN
Roaming
• Process of moving from one cell(here BSS) to another without losing the connection.
• Similar to the cellular phone’s handover, with 2 differences,
• On packet-based LAN system, the transition from once cell to another be performed between packet
transmission, while in telephony where the transition occur during a phone conversation
• On voice system, a temporary disconnection during H/O-Handoff doesn’t affect the conversation.
However, in packet-based environment it significantly reduces the performance as transmission
performed by the upper layer protocols.
• The 802.11 standard doesn’t define how roaming should be performed, but defines the
basic tools – that includes active/passive scanning & re-association process, where
station that roaming from one AP to another becomes associated with the new AP. The
IAPP/Inter Access Point Protocol specification addresses the common roaming protocols
enabling wirelss station to move across multivendor APs.
VINTESH PATEL, SCET
56
57. Mobility in Wireless LAN
Roaming
• IAPP = Announce Protocol + Handover Protocol
• The Announce Protocol – provides coordination information between AP. This
information relates to network wide configuration information about active APs.
• The Handover Protocol - allows APs to coordinate with each other & determine the
status of a station to a new AP. The new AP updates the necessary table/data in the
MAC layer. This type of roaming is called HORIZONTAL roaming.
• MobileIP is another protocol that is used to allow application layer roaming.
VINTESH PATEL, SCET
57
59. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
• 3rd Generation Networks
• Wireless LAN
• IEEE 802.11 Standards
• WLAN Architecture
• Mobility in Wireless LAN
• Deploying Wireless LAN
VINTESH PATEL, SCET
59
60. Deploying Wireless LAN
Network Design
Basic Steps
- Identify the areas that need to be covered
- Identify the number of users that need to be serve
- Form above 2 steps identify the APs need to be placed
- Goal: Provide RF/network coverage to every user
- Obstacles: environments objects – walls & other impediments
- Based on that also Multipath & RF Inference(caused by another 2.4Ghz signals that are
present) need to be taken into account
VINTESH PATEL, SCET
60
61. Deploying
Wireless LAN
Channel
Selection
Within 2.4Ghz band, IEEE 802.11 standard define 13 ‘center
frequency channel’
Channel 1 – 2.412 GHz
Channel 6 – 2.437 GHz
Channel 11 - 2.462 GHz
Fig shows a three-store
building serviced by Nine
Aps configured with 3
channels.
VINTESH PATEL, SCET
61
62. Deploying Wireless
LAN
Scaling
Capability and
Bandwidth
Fig (a) shows one AP provides the bandwidth of 11Mbps & Fig (b)
shows at the same time 3 APs can provides 33Mbps of bandwidth for
a user.
Uses “Aggregate bandwidth”
in localized coverage area
helps to service more dense
population of wireless clients
to increase bandwidth
available to each users.
VINTESH PATEL, SCET
62
63. Deploying Wireless LAN
Configuring the Wireless LAN
Includes configurations of AP as well as MS
Includes –
Assign IP Address to MS
The WEP/Wired Equivalent Privacy security – shared key between AP & MS
IP Address to MS can also possible by DHCP
Advance configurations can include SSID, Beacon Interval, Channel Selection etc.
VINTESH PATEL, SCET
63
64. Deploying Wireless LAN
Managing 802.11 N/ws Managing Access Point
Task of managing AP can be broken down in 2 parts
Management tools – Typically provided by AP
Monitoring & Reporting – Provide real time monitoring & alerting
VINTESH PATEL, SCET
64
65. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
• 3rd Generation Networks
• Wireless LAN
• IEEE 802.11 Standards
• WLAN Architecture
• Mobility in Wireless LAN
• Deploying Wireless LAN
• Mobile Adhoc N/w & Wireless sensor N/w
VINTESH PATEL, SCET
65
67. MANET & Wireless sensor N/w
Mobile Adhoc N/w
MANET is autonomous system of mobile stations connected by wireless links from a
network.
Peer to Peer, Multi-hop Routing of data packets from source to destination via
intermediate stations(which work as routers).
Challenges in setting up the Adhoc network
1. Dynamic Topology
Nodes are allowed to move in arbitrary fashion. No predefined fix topology. On Demand
network configurations.
2. Limited Security
More vulnerable to attack as any node can join/leave at anytime. This requires higher
openness & flexibility.
VINTESH PATEL, SCET
67
68. MANET & Wireless sensor N/w
Mobile Adhoc N/w
3. Bandwidth Limitation
Wireless networks are generally bandwidth limited. It is more limited in adhoc networks
as no Backbone to handle higher bandwidth.
Que: Why wired network can provide more bandwidth?
4. Routing
The Routing in Adhoc networks is more complex. Depends on many factors like, routing
path, topology, protocol, selection of routes etc.
VINTESH PATEL, SCET
68
69. MANET & Wireless sensor N/w
Wireless Sensor Networks / WSN
Special class of wireless Adhoc networks.
“A wireless sensor network (WSN) consists of
spatially distributed autonomous sensors to
monitor physical or environmental conditions,
such as temperature, sound, pressure, etc.
and to cooperatively pass their data through
the network to a main location.”
- Wikipedia
Nodes/Motes in WSN are mostly of type use
& throw. So efficient design required in all
terms like routing, energy consumptions,
sensing etc.
VINTESH PATEL, SCET
69
70. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
• 3rd Generation Networks
• Wireless LAN WLAN Architecture
• Mobility in Wireless LAN
• Deploying Wireless LAN
• Mobile Adhoc N/w & Wireless sensor N/w
• Wireless LAN Security
• 3G vs WiFi
VINTESH PATEL, SCET
70
71. Wireless LAN Security
In Wired Networks, one have to physically connected to the network in order to Tx & Rx data.
In contrast, in wireless n/ws, the radio Tx & Rx is used. Any one in the range can see the
communications, so Security is necessary.
SSID/Service Set Identifier
According to 802.11 standard, MS connects to AP by providing SSID of the
network. i.e. ID of the Basic Service Set/BSS covered by one AP.
MS must know SSID of the AP/network or else it’s packets are rejected by AP.
Advice: one have to change default/factory set SSID provided.
VINTESH PATEL, SCET
71
72. Wireless LAN Security
Limiting RF Transmission
It is important to control RF
transmission by AP/Access Point.
Proper selection of Antenna used can
improve the coverage of network as
well as power transmitted can also be
optimized.
Omni direction antenna, have 360
degree coverage.
Directional Antenna, have one
proper angular coverage of the area.
VINTESH PATEL, SCET
72
73. Wireless LAN Security
MAC Address Access Control
Many AP are configured using MAC
Filtering.
List of the MAC Address representing
the MSs are allowed/blocked
(depends on the configurations of AP)
to use the service.
Idea behind MAC Filtering: Every
Network Card contains Unique MAC
Address.
VINTESH PATEL, SCET
73
74. Wireless LAN Security
Authentication Modes
Two types of Authentication are defined in 802.11,
Open System Authentication – NO Authentication at all
Shared Key Authentication – based on Symmetric Encryption
It is assumed key is transmitted to both end through some secure channel.
The authenticated station receives the challenge text packet from AP & it send that
packet by applying some transformation/modification as response – This completes the
One Way Authentication.
To achieve Two Way Authentication, this process is repeated on both the side.
VINTESH PATEL, SCET
74
75. Wireless LAN Security
WEP/Wired Equipment Privacy
WEP is designed to provide these services,
Reasonable Strong Encryption:
It relies on the difficulty to find out the secrete key through brute force attack.
It increases as the key length increases.
Self Synchronization:
Each packet contains the information & required to decrypt.
There is no need to deal with packet lost.
Efficient:
It can be implement in software with reasonable efficiency.
Exportable:
Limiting Key length leads to greater possibility of export beyond US
WEP algorithm is RC4 cryptographic algorithm from RSA Data Security.
RC4 –> Stream Cipher & Symmetric Cryptographic Algorithm.
VINTESH PATEL, SCET
75
78. Wireless LAN Security
802.1X Authentication
802.1X requires 3 entities,
The Supplicant – resides on the wireless LAN client.
The Authenticator – resides on AP.
The Authenticator Server – resides on server authenticating client (e.g. KERBEROS / Other
Authenticator Server)
VINTESH PATEL, SCET
78
79. Wireless LAN Security
802.1X Authentication
The authenticator creates one logical port
per client, based on clients’ association ID.
The logical port has two data parts –
Uncontrolled data path – allows n/w traffic
through the n/w.
Controlled data path – requires successful
authentication to allow n/w traffic.
Complete association with an AP involves
3 states –
Unauthenticated & Unassociated
Authenticated & Unassociated
Authenticated & Associated
VINTESH PATEL, SCET
79
80. Topic Timeline
• Introduction
• Spread Spectrum Technology
• CDMA vs GSM (will be covered after completion of GSM)
• Wireless Data
• 3rd Generation Networks
• Wireless LAN WLAN Architecture
• Mobility in Wireless LAN
• Deploying Wireless LAN
• Mobile Adhoc N/w & Wireless sensor N/w
• Wireless LAN Security
• 3G vs WiFi
VINTESH PATEL, SCET
80
84. UNIT 4 – PART II
Chapter 17 – Voice Over Internet Protocol & Convergence
Chapter 20 – Information Security
VINTESH PATEL, SCET
84
85. Topic Timeline
• Voice Over Internet Protocol – VoIP - Introduction
VINTESH PATEL, SCET
85
86. Voice Over Internet Protocol - VoIP
Traditionally, circuit switch technologies were used in voice communications.
Uses FDMA/TDMA.
Provides good QoS & digitized voice or analog voice.
In 1995, hobbyists in Israel made attempt to send voice over/though IP n/w
Then comes Internet Phone Software by VocalTec & era of VoIP begins
VINTESH PATEL, SCET
86
87. Topic Timeline
• Voice Over Internet Protocol – VoIP
• H.323 Framework for VoIP
VINTESH PATEL, SCET
87
88. H.323 Framework for VoIP
It’s a standard that provides
foundation for multipoint
conferencing audio, video and
data over IP n/ws – Standardize
by ITU.
It is a part of the ITU-T H.32x
series of protocols, which also
address multimedia
communications over ISDN, the
PSTN or SS7, and 3G mobile
networks.
VINTESH PATEL, SCET
88
90. H.323 Framework for VoIP
In H.323 implementations, Along with end user devices three additional logical entities
are required, they are also known as endpoints
Gateways
Gatekeepers
Multipoint Control Units
Gateway
Purpose: to do media & signal translations from IP to ckt n/w & vice-versa
Translation between audio/video/call setup/clearing
Primary Application:
Establishing links along PSTN terminals
Establishing links with remote H.320 – complaint terminals over Integrated Service Digital
Network/ISDN n/w
Establishing links with remote H.324 – complaint terminals over PSTN n/w
VINTESH PATEL, SCET
90
91. H.323 Framework for VoIP
Gatekeeper
Works as central point of control for all calls
within its zone for all registered endpoints.
Terminals must use the service provided by
Gatekeepers.
Performs functions like Bandwidth
management & address translation.
Plays a major role in multipoint connections
by redirecting the H.245 Control Channel to
multipoint controller.
GateWAY can use GateKEEPER to translate
incoming E.164 address to IP Address.
VINTESH PATEL, SCET
91
92. H.323 Framework for VoIP
Multipoint Control Unit
Provides conference between three or more end points.
MCU consists of MicroController.
VINTESH PATEL, SCET
92
93. Topic Timeline
• Voice Over Internet Protocol – VoIP
• H.323 Framework for VoIP
• SIP/Session Initiation Protocol
VINTESH PATEL, SCET
93
94. SIP/Session
Initiation Protocol
Architecture
• Protocol to control Telephone
over IP
• Designed specially for Internet
• SIP supports Five Points for
establishing & terminating
multimedia communication:
•
•
•
•
•
•
User Location
User Capabilities
User Availability
Call Setup
Call Handling
Call Teardown
VINTESH PATEL, SCET
94
95. SIP/Session Initiation Protocol
Supports Five Facts
User Location: Determines the location & end system to be used for
communication
User Capabilities: Determination of media & media parameters to be used
User Availability: Determining the called parties’ willingness to engage in
communication
Call Setup: “ringing” establishing call parameters at both parties
Call Handling: manage the transfer of Data/Voice
Call Teardown: at the end of the call, terminate call & release all resources
VINTESH PATEL, SCET
95
97. SIP/Session Initiation Protocol
Entities in Effect
Proxy Server:
SIP Proxies functions are similar to Routers and routing decisions & modifying the
request before forwarding it to the next network element. But more capabilities then
regular routers.
VINTESH PATEL, SCET
97
98. SIP/Session Initiation Protocol
Entities in Effect
Registrar Server:
• Can be defined as the Server Maintaining the whereabouts of domain.
• Accepts the REGISTER request from nodes in VoIP network.
• REGISTER requests are generated by clients in order to create/remove mapping with
their externally known SIP address & IP address they wish to be connect at.
• Uses location service in order to store & retrieve location information.
Redirect Server
• Does same function like in case of forwarding the call in PSTN / cellular networks.
• It receives REQUEST & RESPONSE with redirection response.
• The alternate address is returned as contact headers in the response of SIP message.
VINTESH PATEL, SCET
98
99. SIP/Session Initiation Protocol
Entities in Effect
Presence Server:
• Allows the calling party to know ability & willingness of the other party to participate
in the call.
• Users interested in getting information of the other party’s precense can subscribe &
will receive the notifications of the Users’ Presence.
• This is achieved through the Event Server.
SAP(Session Announcement Protocol)/SDP(Session Description Protocol):
• SAP – used by Session Directory Clients
• SAP announcer periodically multicasts an announcement packet to known multicast
port & address
• The scope is same as the session it is announcing.
VINTESH PATEL, SCET
99
100. SIP/Session Initiation Protocol
Entities in Effect
SAP(Session Announcement Protocol)/SDP(Session Description Protocol):
• SDP describes multimedia session for purpose of session announcement, session
invitation and other types of multimedia session initiation.
• Many SDP messages are sent using SAP.
• Message can also be sent using Email/WWW.
QoS & Security
• In Internet Applications, RSVP/Resource ReSerVation Protocol is designed for Quality
Integrated Services. RSVP is used by the host to provide particular QoS.
• COPS/Common Open Policy Service protocol is used for simple REQ & RES that can
be used to exchange policy information between policy SERVER (PDP/Policy Decision
Point) and policy CLIENT(PEP/Policy Enforcement Point)
VINTESH PATEL, SCET
100
101. Topic Timeline
• Voice Over Internet Protocol – VoIP
• H.232 Framework for VoIP
• SIP/Session Initiation Protocol
• SIP vs H.323
VINTESH PATEL, SCET
101
105. Topic Timeline
• Voice Over Internet Protocol – VoIP
• H.232 Framework for VoIP
• SIP/Session Initiation Protocol
• H.323 vs SIP
• Real Time Protocols
VINTESH PATEL, SCET
105
106. Real Time Protocols
Good QoS is required to support real time communication
RTTP/Real Time Transport Protocols
RTP is both IEFT & ITU standard/H.255
It defines the packet format for multimedia data
Is used by many protocols, such as Realtime Streaming H.232 & SIP
RTCP/Real Time Control Protocols
Is based on periodic transmission of control protocol packets to all participants in session
RTSP/Real Time Streaming Protocols
Is a client server protocol, designed to address video streaming efficiency
VINTESH PATEL, SCET
106
107. Topic Timeline
• Voice Over Internet Protocol – VoIP
• H.232 Framework for VoIP
• SIP/Session Initiation Protocol
• H.323 vs SIP
• Real Time Protocols
• Convergence Technologies
VINTESH PATEL, SCET
107
108. Convergence Technologies
To make convergence & interworking between PSTN & IP network possible,
three functional elements are defined,
Media Gateway – Packetization of voice & other traffic
Signaling Gateway – Responsible for interfacing of SS#7 network & Forwarding signal
to IP Network
Media Gateway Controller – Plays role of mediator to enable & control access &
resource usage between IP & PSTN network
VINTESH PATEL, SCET
108
109. Convergence
Technologies
SCP – Service Control
Point (more detail on
Chapter-11 in Reference
Book – 1)
SCP addressable from
SS#7 Networks
VINTESH PATEL, SCET
109
110. Convergence Technologies
Media Gateway
MG/Media Gateway allows various type of media(i.e. Fax, Voice, Video etc) from one
type of n/w to another. These media must be transportable for IP networks as well as
digital/analog ckt s/w networks.
Integrity or Quality is controlled by encoding, echo cancelling, decoding etc.
MG function provides bi-directional interface between ckt s/w networks and media
related elements in IP networks.
Example: High scalable MG are implemented by High Speed Time Domain
Multiplexing(TDM) trunk interface, which are commonly used between s/wing
elements in ckt s/w networks. (Trunk – Line/Link)
VINTESH PATEL, SCET
110
111. Convergence Technologies
Media Gateway Controller
Key responsibility: Data flow related information & provide associated instructions on
interconnecting of 2 or more IP elements so that they can exchange information.
Maintains the information of all current data flow.
Instructs MG that how to setup, maintain and terminate the data flow.
Exchanges ISUP(ISDN/Integrated Services Digital Network User Part) messages with
Central Office via SG/Signaling Gateway
In H.323 these functions are performed by Gatekeepers
Sometimes, AKA SoftSwitch
VINTESH PATEL, SCET
111
112. Convergence Technologies
Signaling Gateway
SG implements interface between an SS7 network and other call oriented elements in
IP network.
Key Responsibility: Repack SS#7 packets into format understood by elements in each
network & to present actual view of elements in IP network to SS#7 network.
SG needs to implement SS#7 messaging that obeys all rules of SS#7 network, while
also accommodate variety of behavior in IP network.
It is necessary that SG understand all the messages & protocols of SS#7 network to
perform it functionality.
It should also provide protection against the undesirable traffic & malicious
instructions.
VINTESH PATEL, SCET
112
113. Convergence Technologies
Megaco/H.248 - Media Gateway Control Protocol
Defined in RFC 3015 & Adapted by ITU
Two basic components 1. Termination & 2. Contexts
Terminations represents stream entering/leaving MG. Examples – analog telephone
lines, ATM Stream, MPEG stream. They should be placed in Contexts, which are defined
as two or more termination stream are mixed & connected together.
Context are created by adding the first termination, & removing last terminations.
There is a special context called NULL CONTEXT – it contains terminations that are not
connected to other terminations.
VINTESH PATEL, SCET
113
115. SIGTRAN/Signaling Transport &
SCTP/Stream Control Transmission
Signaling Transport (SIGTRAN) refers to a protocol stack for the transport of
Switched Circuit Network (SCN) signaling protocols (SS7/C7) over an IP network.
SIGTRAN is the evolution of SS7, which defines adaptors and a core transport
capabilities that blend SS7 and packet protocols to provide users with the best
both technologies have to offer.
Applications of SIGTRAN include: Internet dial-up remote access, IP telephony
interworking with PSTN and other services as identified.
Source: http://www.javvin.com/protocolSIGTRAN.html
VINTESH PATEL, SCET
115
116. SIGTRAN/Signaling Transport &
SCTP/Stream Control Transmission
SIGTRAN defines the protocol architecture through RFC2719 and SCTP/Stream Control
Transmission protocol through RFC2960
A RFC/Request for Comments is a publication of the IETF/Internet Engineering Task Force and
the Internet Society, the principal technical development and standards-setting bodies for the
Internet. i.e. Set of protocol suits
SCTP is end-to-end, connection oriented that transport in independent sequenced stream.
SCTP was designed to provide general purpose transport protocol for message-oriented
application, as in need for the transportation of signaling data.
In TCP/IP layer stack, SCTP resides in the Transport layer, along with TCP/UDP.
VINTESH PATEL, SCET
116
117. SIGTRAN/Signaling Transport &
SCTP/Stream Control Transmission
Difference between TCP & SCTP
Multihoming – SCTP supports multi-homed nodes, i.e. one node can be accessed by
Several IP Address which is not the case in TCP which allows the use of alternate
route for a particular node when there is the network failure. This make the node
fault tolerant.
In TCP if packet is lost, communication stops & waits leads to retransmission. This
phenomenon where packets are blocked by packet in front which has been lost is
known as Head- of -Line Blocking.
MultiStreaming – effective way of limiting Head- of -Line Blocking. The advantage of
multi streaming is that if one stream is failed then can work with another stream &
communication can be continued w/o interruption.
VINTESH PATEL, SCET
117
118. Topic Timeline
• Voice Over Internet Protocol – VoIP
• H.232 Framework for VoIP
• SIP/Session Initiation Protocol
• H.323 vs SIP
• Real Time Protocols
• Convergence Technologies
• Call Routing
VINTESH PATEL, SCET
118
119. Call Routing
Four Groups:
1.
2.
3.
4.
IP to IP
IP to PSTN
PSTN to IP
PSTN to PSTN via IP
VINTESH PATEL, SCET
119
120. Call Routing
SIP to SIP Call Flow
Say communicating parties are A & B.
Two SPI proxies are there for A & B in the system to facilitate session establishment.
A calls B using B’s SIP URI/Uniform Resource Identifier, similar to email address,
typically containing Username & Hostname. E.g. sip:bob@xyz.com where xyz.com is
domain name of B’s SPI provider. Say A has SIP URI – sip:alice@abc.com
It can be sips:alice@abc.com to indicate secured URI.
Transaction begins with A’s sending an INVITE request addressed to B’s SIP URI. The
format of INVITE is shown in next figure.
VINTESH PATEL, SCET
120
121. Call Routing
SIP to SIP Call Flow – INVITE format
SIP Message B’s SIP URI
Type
SIP Version No.
VINTESH PATEL, SCET
121
122. Call Routing
SIP Session
Setup
RPT = Resource Path Testing
Each Message starts with F &
the following number to F
shows the message serial
number in transaction
sequence.
VINTESH PATEL, SCET
122
124. Call Routing
SIP to PSTN Call Flow
Take the case where Party-A calls Party-B from IP Phone with IP address to PSTN phone
with valid Phone number.
When A calls B by using user agent(i.e. Skype like software) to B’s Phone Number(i.e.
say 011-12312123) then first B’s phone number is get converted to the E.164 format
(i.e. say +23121231110). In which last 3 digits specifies the SIP server to be reached to
route the message to(i.e. here in this case which is 1.1.0), which is SIP Proxy Server.
Before starting routing SIP Proxy make Query to the local database for the location of
B. That is equivalent to HLR system. The proxy finds out whether the user have
capability for calling the person or not.
The SIP Server on receiving this request, queries its database and finds out the number
belongs to the PSTN. Then SIP Server triggers CA/Calling Agent or MGC.
VINTESH PATEL, SCET
124
125. Call Routing
SIP to PSTN Call
Flow
…..
Here SG is responsible for
Message conversion from SIP
to PSTN format & vice-versa.
CA/MGC contacts MG/Media
Gateway using MGCP/Media
Gateway Control Protocol for
establishing the RTP path
and coded conversion.
VINTESH PATEL, SCET
125
126. Call Routing
PSTN to SIP Call Flow
When Party B(PSTN) calls Party A(IP), assume that Party A have number to be dialed from
normal telephone.
Now as idea is to have maximum traffic is to be transferred to IP network, the SSP to which
party is linked/associated.
Every SSP should be having a MG/SG linked to itself, which is not practical so in option to that
SSP handles those messages to some SSP which has MG/SG.
If number dialed by a person is XXX-XX-XXX then at the first Signaling Gateway, SIP proxy would
know that destination SIP proxy is in place ABC, then normal SIP package routes through the IP
network, this message also routes till reaches the SIP proxy @ABC.
VINTESH PATEL, SCET
126
128. Topic Timeline
• Voice Over Internet Protocol – VoIP
• H.232 Framework for VoIP
• SIP/Session Initiation Protocol
• H.323 vs SIP
• Real Time Protocols
• Convergence Technologies
• Call Routing
• Applications of VoIP – DIY
• IMS – IP Multimedia SubSystem
VINTESH PATEL, SCET
128
129. IMS/IP
Multimedia
Subsystem
IMS – emerging standard,
which looks at total
convergence of voice and
multimedia.
Sometimes referred as All
IP network, was specified by
3GPP/3rd Generation
Partnership Project.
REQUIREMENTS:VINTESH PATEL, SCET
129
131. IMS/IP
Multimedia
Subsystem
Architecture
Three Layers:
1.
Service/Application Layer
2.
Session Control Layer
3.
Communication Layer
CSCF provides registration &
routing of SIP signaling to
application server.
Session Control Layer includes
HSS/Home Subscriber Server
database that maintain unique
profile for each end user which
includes – IP Address, Roaming
Info, Telephony Services, Voice
Mail Services
VINTESH PATEL, SCET
131
132. Topic Timeline
• Voice Over Internet Protocol – VoIP
• H.232 Framework for VoIP
• SIP/Session Initiation Protocol
• H.323 vs SIP
• Real Time Protocols
• Convergence Technologies
• Call Routing
• Applications of VoIP – DIY
• IMS – IP Multimedia SubSystem
• Mobile VoIP
VINTESH PATEL, SCET
132
133. Mobile VoIP
H.323 & Magaco have not
addressed mobility for VoIP.
User mobility is defined as
the ability to communicate
of mobile users irrespective
of the terminal & user
mobility/location.
In VoIP context, roaming
referred to connectivity
between endpoints are
assured while they both/any
one is moving. Such
reachability can be
continuous or discrete.
VINTESH PATEL, SCET
133
135. Aspect of
Information
Security
Security Attack
Security Mechanism
Security Service
Security Attack
Any action that compromises the security of information owned by
an organization
Security Mechanism
A mechanism that is designed to detect, prevent, or recover from a
security attack.
Security Services
◦ It is something that enhances the security of the data processing
systems and the information transfers of an organization
◦ Intended to counter security attacks
◦ Makes the use of one or more security mechanisms to provide
the service
VINTESH PATEL, SCET
135
136. Information
Security
To build information security
system, we need to know answers
of questions like,
-
Who is enemy?
-
Vulnerabilities?
-
Weak leaks in system?
-
What need special protection?
-
Possible effects of
vulnerabilities after attack?
-
How much security system
costs, in terms of Money,
Resource & Time?
-
Strategy to recover from loss
due to attacks?
-
When to deploy system?
VINTESH PATEL, SCET
136
137. Information
Security
Classification of Attacks based on
Assets,
•
Attacks on Dynamic Assets
•
•
•
•
•
Interception
Modification
Fabrication
Interruption
Attacks on Static Assets
•
•
•
•
•
•
Virus & Worms
DoS
Intrusion
Replay Attacks
Buffer overflow Attacks
Trapdoor Attacks
VINTESH PATEL, SCET
137
138. Confidentiality
Components of
Information Security
Ensured by Encryption/Decryption of Data
Information Security = Secrecy of
Information/Message etc.
PT/Plain Text, CT/Cipher Text
•
Confidentiality
•
Availability
•
Integrity
•
Trust
•
.
Authorization
•
Key-space: The range of possible key values
Non-Repudiation
•
Terms:
Accounting
Cryptography | Cryptographers | Cryptanalyst | Cryptanalysis
Steganography?
VINTESH PATEL, SCET
138
139. Components of
Information Security
Information Security = Secrecy of
Information/Message etc.
Integrity
Ensured by adding additional information like
Checksum
Message Diagest
MAC/HASH
•
Confidentiality
•
Integrity
•
Authorization
•
Availability
It deals with privileges/rights.
•
Non-Repudiation
Transactions involves 2 parties: Subject/User & Object/Data
•
Trust
The privilege to an object is defined through ACL/Access Control List.
•
Accounting
e.g. Database Users with different rights/privileges have access
according to their rights only.
Ensures the no alternation of message @RX party
Authorization
VINTESH PATEL, SCET
139
140. Components of
Information Security
Information Security = Secrecy of
Information/Message etc.
•
Confidentiality
•
Integrity
•
Authorization
•
Availability
•
Non-Repudiation
•
Trust
•
Accounting
Availability
Media Mgt. is not under the scope of Security Protocols & Algorithms
Media Mgt. is needed to ensure Availability of Service
Example: Providing service to e-commerce webapp against the
threat(which targets the webapp to goes down due to too many request
– situation like GTU’s Exam Result Servers on first hour – DoS attacks)
which servers a purpose of making someone out from the competition
during particular season like Blackfriday.
Sometime against the terrorist organizations – area called CensorshipResistant Publishing through document entanglement.
Non-Repudiation
Authentication & non-repudiation have some overlapping properties.
Authentication: You are the one who you claim to be.
Non-Repudiation: We identify the identity of party beyond any point of
doubt. i.e. Authentication with formal record – which have some binding
like signature in cheque.
VINTESH PATEL, SCET
140
141. Components of
Information Security
Information Security = Secrecy of
Information/Message etc.
Trust
Mobile users expect to access resources & service anytime & anywhere.
This leads to security risks & access control problem.
To handle such dynamic ever-changing context, trust based
authentication system is necessary.
Trust involves developing a security policy, assigning cardinalities to
entities, verifying that the cardinalities fulfill the policy.
•
Confidentiality
•
Integrity
•
Authorization
Accounting
•
Availability
•
Non-Repudiation
•
Trust
For any Service, The provider need to be paid, irrespective to the service
type whether it is of kind Content Service or Network Service. So
Accounting & Billing is very critical aspect in mobile computing.
•
Accounting
Accounting is the process by which the usage of service is metered.
Based on the usage, the service provider collects the fees directly from
the user.
VINTESH PATEL, SCET
141
142. Security Techniques
& Algorithms
•
Stream & Block Cipher
•
Symmetric Key Cryptography
•
•
•
•
Public Key Cryptography
•
•
•
•
DES
3-DES/Triple DES
AES
Deffie Hellman
RSA
ECC
Hashing Algorithm
•
•
•
•
MD5
SHA
MAC
Strem & Block Cipher
In Stream Ciphers, a bit/byte is taken at a time &
processed(i.e. Encrypted/Decrypted).
Wireless LAN uses the Stream Cipher.
In this scenario, Key should be unique for every encryption.
While in Block Cipher, the blocks/chunks(like 64 Bits/128
Bits etc.) of PT/Plain Text is processed.
Majority of Cryptosystems uses the Block Cipher.
Security Protocols
•
•
•
•
•
•
SSL
TSL
WTSL
Multifactor Security
Digital Watermarking
Key Recovery
VINTESH PATEL, SCET
142
143. Security Techniques
& Algorithms
•
Same key is used for Encryption & Decryption at Sender & Receiver side
respectively.
Stream & Block Cipher
•
Symmetric Key Cryptography
Symmetric Key Cryptography
•
•
•
•
Public Key Cryptography
•
•
•
•
DES
3-DES/Triple DES
AES
Deffie Hellman
RSA
ECC
Hashing Algorithm
•
•
•
•
MD5
SHA
MAC
Secret
Secret
Key
Key
PlainText
Encryption
Decryption
Plaintext
Message
Algorithm
Algorithm
Message
Security Protocols
•
•
•
•
•
•
SSL
TSL
WTSL
Multifactor Security
Digital Watermarking
Key Recovery
VINTESH PATEL, SCET
Transmitted
CT/Cipher Text
143
144. Security Techniques
& Algorithms
•
Different keys are used for Encryption & Decryption at Sender & Receiver
side respectively.
Stream & Block Cipher
•
Public/ASymmetric Key Cryptography
Symmetric Key Cryptography
•
•
•
•
Public Key Cryptography
•
•
•
•
DES
3-DES/Triple DES
AES
Deffie-Hellman Key Exchange
RSA
ECC
Hashing Algorithm
•
•
•
•
MD5
SHA
MAC
Security Protocols
•
•
•
•
•
•
SSL
TSL
WTSL
Multifactor Security
Digital Watermarking
Key Recovery
VINTESH PATEL, SCET
144
145. Security Techniques
& Algorithms
•
Stream & Block Cipher
•
Symmetric Key Cryptography
•
•
•
•
Public Key Cryptography
•
•
•
•
DES
3-DES/Triple DES
AES
Deffie-Hellman Key Exchange
RSA
ECC
Hashing Algorithm
•
•
•
•
MD5
SHA
MAC
Security Protocols
•
•
•
•
•
•
SSL
TSL
WTSL
Multifactor Security
Digital Watermarking
Key Recovery
Hashing Algorithm
Authentication Functions
HASH
MAC
Message Encryption itself is providing Authentication
HASH vs MAC
HASH(Message) = Fixed Length of HaSh value i.e. Authenticator
MAC(Message, Key) = Fixed Length of HaSh value i.e. Authenticator
Why Hash?
Provides Authenticity of Message. Remember we are not hiding the
message but ensuring that the message has not been altered inbetween & came from legal Party.
Different Methods for Hashing –
MD5
SHA
MAC
VINTESH PATEL, SCET
145
147. Overview
Security Frameworks
for Mobile
Environment.
DIY
• 3GPP
• Mobile Virtual Private
Network
• Multifactor Security
• Smartcard Security
• RFID Security
• Mutual & Spatial
Authentication
• Mobile Agent Security
• Mobile Worm & Virus
VINTESH PATEL, SCET
147
148. References
“Mobile Computing” By Asoke K Telukder, Roopa R Yavagal, TMH
“Principle of Wireless Networks” By Pahlavan & Prashant – Highly recommended for
Specific Questions(& For Better Grades Specially in GTU)
VINTESH PATEL, SCET
148