Final Flashcards
Put the steps in the most correct order for closing TCP Connection.
- Client Sends segment with FIN bit set; 2. Server sends ACK of received segment; 3. Server sends segment with FIN bit set; 4. Client sends ACK of received segment.
How might authentication work with public key encryption?
Sender encrypts a signature with a registered private key and distributes public key. If public key decrypts signature, we know the sender is who they say they are
Use the RSA algorithm discussed in lecture to develop a public key and a private key for public-key encryption. Let p = 5, q = 11, e = 7, m is the original message, c is the encrypted message.
f. Kprivate(Kpublic(m)) = ?
m
Use the RSA algorithm discussed in lecture to develop a public key and a private key for public-key encryption. Let p = 5, q = 11, e = 7, m is the original message, c is the encrypted message.
e. Kprivate(c) = ?
(c^d) % n
Use the RSA algorithm discussed in lecture to develop a public key and a private key for public-key encryption. Let p = 5, q = 11, e = 7, m is the original message, c is the encrypted message.
d. c = Kpublic(m) = ?
(m^e) % n
Use the RSA algorithm discussed in lecture to develop a public key and a private key for public-key encryption. Let p = 5, q = 11, e = 7, m is the original message, c is the encrypted message.
c) d = ?
23
There are several possibilities. Choose d so that ed-1 is exactly divisible by z. If we choose d = 23, ed-1 = 7 x 23 - 1 = 160, which is divisible by 40.
Use the RSA algorithm discussed in lecture to develop a public key and a private key for public-key encryption. Let p = 5, q = 11, e = 7, m is the original message, c is the encrypted message.
b) z = ?
(p-1)(q-1) = 4 x 10 = 40
Use the RSA algorithm discussed in lecture to develop a public key and a private key for public-key encryption. Let p = 5, q = 11, e = 7, m is the original message, c is the encrypted message.
a) n = ?
pq = 5 x 11 = 55
What are some of the major components of networking security?
Confidentiality: Intruders should not be able to understand the contents of a message.
Integrity: Intruders should not be able to change the contents of a message, without the end users being aware of it.
Authentication: End users should be able to verify they are actually speaking to whom they think they are speaking to. Availability: Services should be accessible, and not interrupted by attacks (resilience to DDoS, etc…)
What are some considerations which might be made before instituting a security policy at a company?
Cost vs. Benefit - How much are we willing to spend to achieve a certain level of security?
Will we secure stored information and transmitted information, or just one or the other?
How will we educate our users so that our policy is not breached from the inside? Each computer is attached to a shared medium, with a terminator on each end to absorb signal and prevent reflections. A ring topology does not have a terminator. Rather, its “ends” are connected to each other to form a ring
What are some of the performance issues involved with mobility?
Data loss due to transmission medium and hand-offs - interpreted as congestion.
Additional overhead
Overall lower throughput
In ____________ routing, the correspondent contacts the home agent to get the mobile device’s care-of address, and sends packets to the visited network
Direct
DevRTT formula
(1 - β) ⋅ DevRTT + β ⋅ | SampleRtt - EstimatedRtt |
What is network congestion? What causes it?
In the simplest terms, network congestion is the increase in end-to-end delay due to high bandwidth utilization at some point in the network. It is caused by end systems sending data faster than the network is capable of handling (those darned routers!).
What are some consequences of a congested network?
Packets are dropped, delayed, or routed through a non-optimal path. Because of this, sending hosts will attempt to retransmit (if using TCP), which causes an increase in network congestion. If this were to continue, there would be a congestion collapse (essentially a network super-slow-down).
Given a nodal delay of 3 ms when there is no traffic on the network (i.e., when usage = 0%).
What is the effective delay when network usage is 25%? 75%? 99%?
(Nodal Delay / (1-usage) = 3ms/(1-.25) = 4ms
(Nodal Delay / (1-usage) = 3ms/(1-.75) = 12ms
(Nodal Delay / (1-usage) = 3ms/(1-.99) = 300ms
What is the goal of congestion control? What, in general, is used to do this?
To optimizing network utilization, such that a high throughput is ensured, with the restriction that utilization is not pushed so high that delay and packet loss become major factors. This is accomplished by attempting to detect and avoid congestion, and if congestion is un-avoidable, the sender should reduce their data output.
How is TCP’s timeout interval set?
TimeoutInterval = EstimatedRTT + (4 * DevRTT)
EstimatedRTT is an exponential weighted moving average based on recent and past sampled round trip time values.
EstimatedRTT(n) = (1 - α)EstimatedRTT(n-1) + (α)SampleRTT(new)
DevRTT is a factor which increases when the most recent sampled round trip time is different from the most recent estimated round trip time. It is another exponential weighted moving average, strongly weighted toward the most recent deviation value.
What are the two major approaches to network congestion control?
Network core assistance: The network core senses when congestion is an issue - directly - and sends messages (either to the destination host, which bounces it back to the source host, or directly back to the source host) indicating congestion in the core, and possibly advising on a course of action.
Host inference: A source host attempts to infer congestion in the network core based on observables (e.g. round trip time, dropped packets)
In basic terms, how is congestion control implemented in TCP? What is this method called?
When no congestion is perceived, the sliding window size gradually increases (additive increase).
When there is perceived congestion, the sliding window size is drastically reduced (multiplicative decrease).
Together this makes up an additive-increase multiplicative-decrease (AIMD) scheme.
What is an MSS?
Maximum Segment Size. This is the maximum amount of transport-layer data which can be sent, such that it will fit within one link-layer data frame. This ranges from the 500’s for a dial-up modem to around 1460 for cable internet.
Describe TCP’s “Slow Start” mode. What is its purpose?
The purpose of TCP Slow Start is that it allows for a very slow start, but a rapid increase, in the size of the congestion window. By doubling the CongWin every time the transmitted packets ACK within the timeout interval, there is an exponential increase in the rate of transmission (until a threshold is reached).
Describe TCP’s “Fast Retransmit” technique. What is its purpose? What affect does this have on congestion control?
TCP’s fast retransmit (from RDT) is intended to more quickly infer the loss of a packet, and retransmit it, to increase data throughput. If a host receives three duplicate (so four total) ACKs “requesting” the same segment number, it assumes the segment starting with that sequence number was dropped, and retransmits the segment, even if the timer for that segment has not expired.
In terms of congestion control, this assumed loss is perceived as congestion, but given less weight than a full timeout. The CongWin is cut in half, rather than set to 1 MSS (as in a timeout).
Describe the steps of the TCP connection setup.
1) SYN: Client host sends a segment to the Server host with the SYN bit set, the ACK bit cleared, and some pre-generated sequence number.
2) SYN ACK: Server host sends a segment to the Client host with the SYN and ACK bits set, a locally generated sequence number, and an ACK number equal to the first segment’s sequence number plus one.
3) ACK: Client host sends a segment to the Server host with the ACK bit set, the SYN bit cleared, and the ACK number is the previous segment’s sequence number plus one. Note that this segment may contain actual application data in the payload.
