Internet Technology
Content
Internet Architecture Fortunately, nobody owns the Internet, there is no centralized control, and nobody can turn it off. Its evolution depends on rough consensus about technical proposals, and on running code. Engineering feed-back from real implementations is more important than any architectural principles. RFC 1958; B. Carpenter; Architectural Principles of the Internet; June, 1996.
1. INTRODUCTION Does increased security provide comfort to paranoid people? Or does security provide some very basic protections that we are naive to believe that we don't need? During this time when the Internet provides essential communication between tens of millions of people and is being increasingly used as a tool for commerce, security becomes a tremendously important issue to deal with. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography, which is the focus of this chapter. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. The reader is advised, then, that the topics covered in this chapter only describe the first of many steps necessary for better security in any number of situations. This paper has two major purposes. The first is to define some of the terms and concepts behind basic cryptographic methods, and to offer a way to compare the myriad cryptographic schemes in use today. The second is to provide some real examples of cryptography in use today. I would like to say at the outset that this paper is very focused on terms, concepts, and schemes in current use and is not a treatise of the whole field. No mention is made here about pre-computerized crypto schemes, the difference between a substitution and transposition cipher, cryptanalysis, or other history. Interested readers should check out some of the books in the bibliography below for this detailed — and interesting! — background information.
2. THE PURPOSE OF CRYPTOGRAPHY Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue that cryptography appeared spontaneously sometime after writing was invented, with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet. Within the context of any application-to-application communication, there are some specific security requirements, including:
•
• • •
Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or addressbased, both of which are notoriously weak.) Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. Integrity: Assuring the receiver that the received message has not been altered in any way from the original. Non-repudiation: A mechanism to prove that the sender really sent this message.
Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication. There are, in general, three types of cryptographic schemes typically used to accomplish these goals: secret key (or symmetric) cryptography, public-key (or asymmetric) cryptography, and hash functions, each of which is described below. In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext. In many of the descriptions below, two communicating parties will be referred to as Alice and Bob; this is the common nomenclature in the crypto field and literature to make it easier to identify the communicating parties. If there is a third or fourth party to the communication, they will be referred to as Carol and Dave. Mallory is a malicious party, Eve is an eavesdropper, and Trent is a trusted third party.
3. TYPES OF CRYPTOGRAPHIC ALGORITHMS There are several ways of classifying cryptographic algorithms. For purposes of this paper, they will be categorized based on the number of keys that are employed for encryption and decryption, and further defined by their application and use. The three types of algorithms that will be discussed are (Figure 1):
•
Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption
• •
Public Key Cryptography (PKC): Uses one key for encryption and another for decryption Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information
FIGURE 1: Three types of cryptography: secret-key, public key, and hash function.
3.1. Secret Key Cryptography
With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same ciphertext when using the same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher. Stream ciphers come in several flavors but two are worth mentioning here. Selfsynchronizing stream ciphers calculate each bit in the keystream as a function of the previous n bits in the keystream. It is termed "self-synchronizing" because the decryption process can stay synchronized with the encryption process merely by knowing how far into the n-bit keystream it is. One problem is error propagation; a garbled bit in transmission will result in n garbled bits at the receiving side. Synchronous stream ciphers generate the keystream in a fashion independent of the message stream but by using the same keystream generation function at sender and receiver. While stream ciphers do not propagate transmission errors, they are, by their nature, periodic so that the keystream will eventually repeat. Block ciphers can operate in one of several modes; the following four are the most important:
•
Electronic Codebook (ECB) mode is the simplest, most obvious application: the secret key is used to encrypt the plaintext block to form a ciphertext block.
•
•
•
Two identical plaintext blocks, then, will always generate the same ciphertext block. Although this is the most common mode of block ciphers, it is susceptible to a variety of brute-force attacks. Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryption scheme. In CBC, the plaintext is exclusively-ORed (XORed) with the previous ciphertext block prior to encryption. In this mode, two identical blocks of plaintext never encrypt to the same ciphertext. Cipher Feedback (CFB) mode is a block cipher implementation as a selfsynchronizing stream cipher. CFB mode allows data to be encrypted in units smaller than the block size, which might be useful in some applications such as encrypting interactive terminal input. If we were using 1-byte CFB mode, for example, each incoming character is placed into a shift register the same size as the block, encrypted, and the block transmitted. At the receiving side, the ciphertext is decrypted and the extra bits in the block (i.e., everything above and beyond the one byte) are discarded. Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a synchronous stream cipher. OFB prevents the same plaintext block from generating the same ciphertext block by using an internal feedback mechanism that is independent of both the plaintext and ciphertext bitstreams.
A nice overview of these different modes can be found at progressive-coding.com. Secret key cryptography algorithms that are in use today include:
•
Data Encryption Standard (DES): The most common SKC scheme used today, DES was designed by IBM in the 1970s and adopted by the National Bureau of Standards (NBS) [now the National Institute for Standards and Technology (NIST)] in 1977 for commercial and unclassified government applications. DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES has a complex set of rules and transformations that were designed specifically to yield fast hardware implementations and slow software implementations, although this latter point is becoming less significant today since the speed of computer processors is several orders of magnitude faster today than twenty years ago. IBM also proposed a 112-bit key for DES, which was rejected at the time by the government; the use of 112-bit keys was considered in the 1990s, however, conversion was never seriously considered. DES is defined in American National Standard X3.92 and three Federal Information Processing Standards (FIPS):
o o o
FIPS 46-3: DES FIPS 74: Guidelines for Implementing and Using the NBS Data Encryption Standard FIPS 81: DES Modes of Operation
Information about vulnerabilities of DES can be obtained from the Electronic Frontier Foundation. Two important variants that strengthen DES are:
o
o
Triple-DES (3DES): A variant of DES that employs up to three 56-bit keys and makes three encryption/decryption passes over the block; 3DES is also described in FIPS 46-3 and is the recommended replacement to DES. DESX: A variant devised by Ron Rivest. By combining 64 additional key bits to the plaintext prior to encryption, effectively increases the keylength to 120 bits.
More detail about DES, 3DES, and DESX can be found below in Section 5.4.
•
•
•
•
•
Advanced Encryption Standard (AES): In 1997, NIST initiated a very public, 4-1/2 year process to develop a new secure cryptosystem for U.S. government applications. The result, the Advanced Encryption Standard, became the official successor to DES in December 2001. AES uses an SKC scheme called Rijndael, a block cipher designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits. NIST initially selected Rijndael in October 2000 and formal adoption as the AES standard came in December 2001. FIPS PUB 197 describes a 128-bit block cipher employing a 128-, 192-, or 256-bit key. The AES process and Rijndael algorithm are described in more detail below in Section 5.9. CAST-128/256: CAST-128, described in Request for Comments (RFC) 2144, is a DES-like substitution-permutation crypto algorithm, employing a 128-bit key operating on a 64-bit block. CAST-256 (RFC 2612) is an extension of CAST-128, using a 128-bit block size and a variable length (128, 160, 192, 224, or 256 bit) key. CAST is named for its developers, Carlisle Adams and Stafford Tavares and is available internationally. CAST-256 was one of the Round 1 algorithms in the AES process. International Data Encryption Algorithm (IDEA): Secret-key cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally. Rivest Ciphers (aka Ron's Code): Named for Ron Rivest, a series of SKC algorithms. o RC1: Designed on paper but never implemented. o RC2: A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268. o RC3: Found to be breakable during development. o RC4: A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length. o RC5: A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040. o RC6: An improvement over RC5, RC6 was one of the AES Round 2 algorithms. Blowfish: A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from
•
•
•
•
•
•
•
•
32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products. Twofish: A 128-bit block cipher using 128-, 192-, or 256-bit keys. Designed to be highly secure and highly flexible, well-suited for large microprocessors, 8bit smart card microprocessors, and dedicated hardware. Designed by a team led by Bruce Schneier and was one of the Round 2 algorithms in the AES process. Camellia: A secret-key, block-cipher crypto algorithm developed jointly by Nippon Telegraph and Telephone (NTT) Corp. and Mitsubishi Electric Corporation (MEC) in 2000. Camellia has some characteristics in common with AES: a 128-bit block size, support for 128-, 192-, and 256-bit key lengths, and suitability for both software and hardware implementations on common 32-bit processors as well as 8-bit processors (e.g., smart cards, cryptographic hardware, and embedded systems). Also described in RFC 3713. Camellia's application in IPsec is described in RFC 4312 and application in OpenPGP in RFC 5581. MISTY1: Developed at Mitsubishi Electric Corp., a block cipher using a 128bit key and 64-bit blocks, and a variable number of rounds. Designed for hardware and software implementations, and is resistant to differential and linear cryptanalysis. Described in RFC 2994. Secure and Fast Encryption Routine (SAFER): Secret-key crypto scheme designed for implementation in software. Versions have been defined for 40-, 64-, and 128-bit keys. KASUMI: A block cipher using a 128-bit key that is part of the ThirdGeneration Partnership Project (3gpp), formerly known as the Universal Mobile Telecommunications System (UMTS). KASUMI is the intended confidentiality and integrity algorithm for both message content and signaling data for emerging mobile communications systems. SEED: A block cipher using 128-bit blocks and 128-bit keys. Developed by the Korea Information Security Agency (KISA) and adopted as a national standard encryption algorithm in South Korea. Also described in RFC 4269. ARIA: A 128-bit block cipher employing 128-, 192-, and 256-bit keys. Developed by cryptographers at the Academy, Research Institute and Agency (ARIA) in Korea in 2003. Described in RFC 5794. Skipjack: SKC scheme proposed for Capstone. Although the details of the algorithm were never made public, Skipjack was a block cipher using an 80bit key and 32 iteration cycles per 64-bit block.
3.2. Public-Key Cryptography
Public-key cryptography has been said to be the most significant new development in cryptography in the last 300-400 years. Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key. PKC depends upon the existence of so-called one-way functions, or mathematical functions that are easy to computer whereas their inverse function is relatively difficult to compute. Let me give you two simple examples:
1. Multiplication vs. factorization: Suppose I tell you that I have two numbers, 9 and 16, and that I want to calculate the product; it should take almost no time to calculate the product, 144. Suppose instead that I tell you that I have a number, 144, and I need you tell me which pair of integers I multiplied together to obtain that number. You will eventually come up with the solution but whereas calculating the product took milliseconds, factoring will take longer because you first need to find the 8 pair of integer factors and then determine which one is the correct pair. 2. Exponentiation vs. logarithms: Suppose I tell you that I want to take the number 3 to the 6th power; again, it is easy to calculate 36=729. But if I tell you that I have the number 729 and want you to tell me the two integers that I used, x and y so that logx 729 = y, it will take you longer to find all possible solutions and select the pair that I used. While the examples above are trivial, they do represent two of the functional pairs that are used with PKC; namely, the ease of multiplication and exponentiation versus the relative difficulty of factoring and calculating logarithms, respectively. The mathematical "trick" in PKC is to find a trap door in the one-way function so that the inverse calculation becomes easy given knowledge of some item of information. Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext. The important point here is that it does not matter which key is applied first, but that both keys are required for the process to work (Figure 1B). Because a pair of keys are required, this approach is also called asymmetric cryptography. In PKC, one of the keys is designated the public key and may be advertised as widely as the owner wants. The other key is designated the private key and is never revealed to another party. It is straight forward to send messages under this scheme. Suppose Alice wants to send Bob a message. Alice encrypts some information using Bob's public key; Bob decrypts the ciphertext using his private key. This method could be also used to prove who sent a message; Alice, for example, could encrypt some plaintext with her private key; when Bob decrypts using Alice's public key, he knows that Alice sent the message and Alice cannot deny having sent the message (nonrepudiation). Public-key cryptography algorithms that are in use today for key exchange or digital signatures include:
•
RSA: The first, and still most common, PKC implementation, named for the three MIT mathematicians who developed it — Ronald Rivest, Adi Shamir, and Leonard Adleman. RSA today is used in hundreds of software products and can be used for key exchange, digital signatures, or encryption of small blocks of data. RSA uses a variable size encryption block and a variable size key. The key-pair is derived from a very large number, n, that is the product of two prime numbers chosen according to special rules; these primes may be 100 or more digits in length each, yielding an n with roughly twice as many digits as the prime factors. The public key information includes n and a derivative of one of the factors of n; an attacker cannot determine the prime
factors of n (and, therefore, the private key) from this information alone and that is what makes the RSA algorithm so secure. (Some descriptions of PKC erroneously state that RSA's safety is due to the difficulty in factoring large prime numbers. In fact, large prime numbers, like small prime numbers, only have two factors!) The ability for computers to factor large numbers, and therefore attack schemes such as RSA, is rapidly improving and systems today can find the prime factors of numbers with more than 200 digits. Nevertheless, if a large number is created from two prime factors that are roughly the same size, there is no known factorization algorithm that will solve the problem in a reasonable amount of time; a 2005 test to factor a 200-digit number took 1.5 years and over 50 years of compute time (see the Wikipedia article on integer factorization.) Regardless, one presumed protection of RSA is that users can easily increase the key size to always stay ahead of the computer processing curve. As an aside, the patent for RSA expired in September 2000 which does not appear to have affected RSA's popularity one way or the other. A detailed example of RSA is presented below in
1. INTRODUCTION Does increased security provide comfort to paranoid people? Or does security provide some very basic protections that we are naive to believe that we don't need? During this time when the Internet provides essential communication between tens of millions of people and is being increasingly used as a tool for commerce, security becomes a tremendously important issue to deal with. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography, which is the focus of this chapter. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. The reader is advised, then, that the topics covered in this chapter only describe the first of many steps necessary for better security in any number of situations. This paper has two major purposes. The first is to define some of the terms and concepts behind basic cryptographic methods, and to offer a way to compare the myriad cryptographic schemes in use today. The second is to provide some real examples of cryptography in use today. I would like to say at the outset that this paper is very focused on terms, concepts, and schemes in current use and is not a treatise of the whole field. No mention is made here about pre-computerized crypto schemes, the difference between a substitution and transposition cipher, cryptanalysis, or other history. Interested readers should check out some of the books in the bibliography below for this detailed — and interesting! — background information.
2. THE PURPOSE OF CRYPTOGRAPHY Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue that cryptography appeared spontaneously sometime after writing was invented, with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet. Within the context of any application-to-application communication, there are some specific security requirements, including:
•
• • •
Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or addressbased, both of which are notoriously weak.) Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. Integrity: Assuring the receiver that the received message has not been altered in any way from the original. Non-repudiation: A mechanism to prove that the sender really sent this message.
Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication. There are, in general, three types of cryptographic schemes typically used to accomplish these goals: secret key (or symmetric) cryptography, public-key (or asymmetric) cryptography, and hash functions, each of which is described below. In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext. In many of the descriptions below, two communicating parties will be referred to as Alice and Bob; this is the common nomenclature in the crypto field and literature to make it easier to identify the communicating parties. If there is a third or fourth party to the communication, they will be referred to as Carol and Dave. Mallory is a malicious party, Eve is an eavesdropper, and Trent is a trusted third party.
3. TYPES OF CRYPTOGRAPHIC ALGORITHMS There are several ways of classifying cryptographic algorithms. For purposes of this paper, they will be categorized based on the number of keys that are employed for encryption and decryption, and further defined by their application and use. The three types of algorithms that will be discussed are (Figure 1):
•
Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption
• •
Public Key Cryptography (PKC): Uses one key for encryption and another for decryption Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information
FIGURE 1: Three types of cryptography: secret-key, public key, and hash function.
3.1. Secret Key Cryptography
With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same ciphertext when using the same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher. Stream ciphers come in several flavors but two are worth mentioning here. Selfsynchronizing stream ciphers calculate each bit in the keystream as a function of the previous n bits in the keystream. It is termed "self-synchronizing" because the decryption process can stay synchronized with the encryption process merely by knowing how far into the n-bit keystream it is. One problem is error propagation; a garbled bit in transmission will result in n garbled bits at the receiving side. Synchronous stream ciphers generate the keystream in a fashion independent of the message stream but by using the same keystream generation function at sender and receiver. While stream ciphers do not propagate transmission errors, they are, by their nature, periodic so that the keystream will eventually repeat. Block ciphers can operate in one of several modes; the following four are the most important:
•
Electronic Codebook (ECB) mode is the simplest, most obvious application: the secret key is used to encrypt the plaintext block to form a ciphertext block.
•
•
•
Two identical plaintext blocks, then, will always generate the same ciphertext block. Although this is the most common mode of block ciphers, it is susceptible to a variety of brute-force attacks. Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryption scheme. In CBC, the plaintext is exclusively-ORed (XORed) with the previous ciphertext block prior to encryption. In this mode, two identical blocks of plaintext never encrypt to the same ciphertext. Cipher Feedback (CFB) mode is a block cipher implementation as a selfsynchronizing stream cipher. CFB mode allows data to be encrypted in units smaller than the block size, which might be useful in some applications such as encrypting interactive terminal input. If we were using 1-byte CFB mode, for example, each incoming character is placed into a shift register the same size as the block, encrypted, and the block transmitted. At the receiving side, the ciphertext is decrypted and the extra bits in the block (i.e., everything above and beyond the one byte) are discarded. Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a synchronous stream cipher. OFB prevents the same plaintext block from generating the same ciphertext block by using an internal feedback mechanism that is independent of both the plaintext and ciphertext bitstreams.
A nice overview of these different modes can be found at progressive-coding.com. Secret key cryptography algorithms that are in use today include:
•
Data Encryption Standard (DES): The most common SKC scheme used today, DES was designed by IBM in the 1970s and adopted by the National Bureau of Standards (NBS) [now the National Institute for Standards and Technology (NIST)] in 1977 for commercial and unclassified government applications. DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES has a complex set of rules and transformations that were designed specifically to yield fast hardware implementations and slow software implementations, although this latter point is becoming less significant today since the speed of computer processors is several orders of magnitude faster today than twenty years ago. IBM also proposed a 112-bit key for DES, which was rejected at the time by the government; the use of 112-bit keys was considered in the 1990s, however, conversion was never seriously considered. DES is defined in American National Standard X3.92 and three Federal Information Processing Standards (FIPS):
o o o
FIPS 46-3: DES FIPS 74: Guidelines for Implementing and Using the NBS Data Encryption Standard FIPS 81: DES Modes of Operation
Information about vulnerabilities of DES can be obtained from the Electronic Frontier Foundation. Two important variants that strengthen DES are:
o
o
Triple-DES (3DES): A variant of DES that employs up to three 56-bit keys and makes three encryption/decryption passes over the block; 3DES is also described in FIPS 46-3 and is the recommended replacement to DES. DESX: A variant devised by Ron Rivest. By combining 64 additional key bits to the plaintext prior to encryption, effectively increases the keylength to 120 bits.
More detail about DES, 3DES, and DESX can be found below in Section 5.4.
•
•
•
•
•
Advanced Encryption Standard (AES): In 1997, NIST initiated a very public, 4-1/2 year process to develop a new secure cryptosystem for U.S. government applications. The result, the Advanced Encryption Standard, became the official successor to DES in December 2001. AES uses an SKC scheme called Rijndael, a block cipher designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits. NIST initially selected Rijndael in October 2000 and formal adoption as the AES standard came in December 2001. FIPS PUB 197 describes a 128-bit block cipher employing a 128-, 192-, or 256-bit key. The AES process and Rijndael algorithm are described in more detail below in Section 5.9. CAST-128/256: CAST-128, described in Request for Comments (RFC) 2144, is a DES-like substitution-permutation crypto algorithm, employing a 128-bit key operating on a 64-bit block. CAST-256 (RFC 2612) is an extension of CAST-128, using a 128-bit block size and a variable length (128, 160, 192, 224, or 256 bit) key. CAST is named for its developers, Carlisle Adams and Stafford Tavares and is available internationally. CAST-256 was one of the Round 1 algorithms in the AES process. International Data Encryption Algorithm (IDEA): Secret-key cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally. Rivest Ciphers (aka Ron's Code): Named for Ron Rivest, a series of SKC algorithms. o RC1: Designed on paper but never implemented. o RC2: A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268. o RC3: Found to be breakable during development. o RC4: A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length. o RC5: A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040. o RC6: An improvement over RC5, RC6 was one of the AES Round 2 algorithms. Blowfish: A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from
•
•
•
•
•
•
•
•
32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products. Twofish: A 128-bit block cipher using 128-, 192-, or 256-bit keys. Designed to be highly secure and highly flexible, well-suited for large microprocessors, 8bit smart card microprocessors, and dedicated hardware. Designed by a team led by Bruce Schneier and was one of the Round 2 algorithms in the AES process. Camellia: A secret-key, block-cipher crypto algorithm developed jointly by Nippon Telegraph and Telephone (NTT) Corp. and Mitsubishi Electric Corporation (MEC) in 2000. Camellia has some characteristics in common with AES: a 128-bit block size, support for 128-, 192-, and 256-bit key lengths, and suitability for both software and hardware implementations on common 32-bit processors as well as 8-bit processors (e.g., smart cards, cryptographic hardware, and embedded systems). Also described in RFC 3713. Camellia's application in IPsec is described in RFC 4312 and application in OpenPGP in RFC 5581. MISTY1: Developed at Mitsubishi Electric Corp., a block cipher using a 128bit key and 64-bit blocks, and a variable number of rounds. Designed for hardware and software implementations, and is resistant to differential and linear cryptanalysis. Described in RFC 2994. Secure and Fast Encryption Routine (SAFER): Secret-key crypto scheme designed for implementation in software. Versions have been defined for 40-, 64-, and 128-bit keys. KASUMI: A block cipher using a 128-bit key that is part of the ThirdGeneration Partnership Project (3gpp), formerly known as the Universal Mobile Telecommunications System (UMTS). KASUMI is the intended confidentiality and integrity algorithm for both message content and signaling data for emerging mobile communications systems. SEED: A block cipher using 128-bit blocks and 128-bit keys. Developed by the Korea Information Security Agency (KISA) and adopted as a national standard encryption algorithm in South Korea. Also described in RFC 4269. ARIA: A 128-bit block cipher employing 128-, 192-, and 256-bit keys. Developed by cryptographers at the Academy, Research Institute and Agency (ARIA) in Korea in 2003. Described in RFC 5794. Skipjack: SKC scheme proposed for Capstone. Although the details of the algorithm were never made public, Skipjack was a block cipher using an 80bit key and 32 iteration cycles per 64-bit block.
3.2. Public-Key Cryptography
Public-key cryptography has been said to be the most significant new development in cryptography in the last 300-400 years. Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key. PKC depends upon the existence of so-called one-way functions, or mathematical functions that are easy to computer whereas their inverse function is relatively difficult to compute. Let me give you two simple examples:
1. Multiplication vs. factorization: Suppose I tell you that I have two numbers, 9 and 16, and that I want to calculate the product; it should take almost no time to calculate the product, 144. Suppose instead that I tell you that I have a number, 144, and I need you tell me which pair of integers I multiplied together to obtain that number. You will eventually come up with the solution but whereas calculating the product took milliseconds, factoring will take longer because you first need to find the 8 pair of integer factors and then determine which one is the correct pair. 2. Exponentiation vs. logarithms: Suppose I tell you that I want to take the number 3 to the 6th power; again, it is easy to calculate 36=729. But if I tell you that I have the number 729 and want you to tell me the two integers that I used, x and y so that logx 729 = y, it will take you longer to find all possible solutions and select the pair that I used. While the examples above are trivial, they do represent two of the functional pairs that are used with PKC; namely, the ease of multiplication and exponentiation versus the relative difficulty of factoring and calculating logarithms, respectively. The mathematical "trick" in PKC is to find a trap door in the one-way function so that the inverse calculation becomes easy given knowledge of some item of information. Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext. The important point here is that it does not matter which key is applied first, but that both keys are required for the process to work (Figure 1B). Because a pair of keys are required, this approach is also called asymmetric cryptography. In PKC, one of the keys is designated the public key and may be advertised as widely as the owner wants. The other key is designated the private key and is never revealed to another party. It is straight forward to send messages under this scheme. Suppose Alice wants to send Bob a message. Alice encrypts some information using Bob's public key; Bob decrypts the ciphertext using his private key. This method could be also used to prove who sent a message; Alice, for example, could encrypt some plaintext with her private key; when Bob decrypts using Alice's public key, he knows that Alice sent the message and Alice cannot deny having sent the message (nonrepudiation). Public-key cryptography algorithms that are in use today for key exchange or digital signatures include:
•
RSA: The first, and still most common, PKC implementation, named for the three MIT mathematicians who developed it — Ronald Rivest, Adi Shamir, and Leonard Adleman. RSA today is used in hundreds of software products and can be used for key exchange, digital signatures, or encryption of small blocks of data. RSA uses a variable size encryption block and a variable size key. The key-pair is derived from a very large number, n, that is the product of two prime numbers chosen according to special rules; these primes may be 100 or more digits in length each, yielding an n with roughly twice as many digits as the prime factors. The public key information includes n and a derivative of one of the factors of n; an attacker cannot determine the prime
factors of n (and, therefore, the private key) from this information alone and that is what makes the RSA algorithm so secure. (Some descriptions of PKC erroneously state that RSA's safety is due to the difficulty in factoring large prime numbers. In fact, large prime numbers, like small prime numbers, only have two factors!) The ability for computers to factor large numbers, and therefore attack schemes such as RSA, is rapidly improving and systems today can find the prime factors of numbers with more than 200 digits. Nevertheless, if a large number is created from two prime factors that are roughly the same size, there is no known factorization algorithm that will solve the problem in a reasonable amount of time; a 2005 test to factor a 200-digit number took 1.5 years and over 50 years of compute time (see the Wikipedia article on integer factorization.) Regardless, one presumed protection of RSA is that users can easily increase the key size to always stay ahead of the computer processing curve. As an aside, the patent for RSA expired in September 2000 which does not appear to have affected RSA's popularity one way or the other. A detailed example of RSA is presented below in
What is the Internet architecture? It is by definition a meta-network, a constantly changing collection of thousands of individual networks intercommunicating with a common protocol. The Internet's architecture is described in its name, a short from of the compound word "internetworking". This architecture is based in the very specification of the standard TCP/IP protocol, designed to connect any two networks which may be very different in internal hardware, software, and technical design. Once two networks are interconnected, communication with TCP/IP is enabled end-to-end, so that any node on the Internet has the near magical ability to communicate with any other no matter where they are. This openness of design has enabled the Internet architecture to grow to a global scale. In practice, the Internet technical architecture looks a bit like a multi-dimensional river system, with small tributaries feeding medium-sized streams feeding large rivers. For example, an individual's access to the Internet is often from
home over a modem to a local Internet service provider who connects to a regional network connected to a national network. At the office, a desktop computer might be connected to a local area network with a company connection to a corporate Intranet connected to several national Internet service providers. In general, small local Internet service providers connect to mediumsized regional networks which connect to large national networks, which then connect to very large bandwidth networks on the Internet backbone. Most Internet service providers have several redundant network cross-connections to other providers in order to ensure continuous availability. The companies running the Internet backbone operate very high bandwidth networks relied on by governments, corporations, large organizations, and other Internet service providers. Their technical infrastructure often includes global connections through underwater cables and satellite links to enable communication between countries and continents. As always, a larger scale introduces new phenomena: the number of packets flowing through the switches on the backbone is so large that it exhibits the kind of complex non-linear patterns usually found in natural, analog systems like the flow of water or development of the rings of Saturn (RFC 3439, S2.2). Each communication packet goes up the hierarchy of Internet networks as far as necessary to get to its destination network where local routing takes over to deliver it to the addressee. In the same
way, each level in the hierarchy pays the next level for the bandwidth they use, and then the large backbone companies settle up with each other. Bandwidth is priced by large Internet service providers by several methods, such as at a fixed rate for constant availability of a certain number of megabits per second, or by a variety of use methods that amount to a cost per gigabyte. Due to economies of scale and efficiencies in management, bandwidth cost drops dramatically at the higher levels of the architecture. Resources. The network topology page provides information and resources on the real-time construction of the Internet network, including graphs and statistics. The following references provide additional information about the Internet architecture: How the Domain Name System (DNS) works Here is some background information on how DNS servers work, specifically in relation to Bytemark Hosting’s content DNS and resolving DNS services. These are both important to owners of virtual machines or dedicated hosts, especially those wanting to host the DNS service for their own domains. It is assumed you understand what an IP address is, and know the process of registering and using a domain through a domain registrar while being “a little fuzzy” about what the DNS actually does. The difference between Content and Resolving DNS services From our experience, people expect DNS servers to provide a single service: to convert names such as www.bytemark.co.uk to IP addresses such as 80.68.80.52. Although many DNS servers
around the internet operate in this simplistic manner, this view is not a thorough understanding of the system, and may result in insecurities if a systems administrator new to DNS tries to set up a server in this fashion. DNS servers should provide one of two services: content or resolution services. Content servers A content server is one which actually contains authorititive DNS records. These records are just single pieces of information such as:
• •
•
the name www.bytemark.co.uk refers to IP address 80.68.88.52 the domain bytemark.co.uk should have its mail delivered to address 80.68.80.228 the IP address 80.68.81.18 has the name abc.bytemark.co.uk
And so on. These records are “authoratitive” because the person who owns the server claims that they are correct in the global naming system, and is providing a content DNS service to provide these answers to anybody who asks for them. Content servers are usually authoratitive for a fixed set of domains, owned or administered by the person who has set the server up. If a content server does not itself know the answer to a particular DNS query, it may know that the domain has been delegated to another server, and so may answer with a referral instead. A referral is a hint to the client making the request that it will find the answer from another content server. Resolving servers A resolving server’s job is not to return any authoratitive information directly. Its job is to search for information on behalf of clients, and to return it. A resolving server usually remembers past queries so that if a lot of people ask for the same information, it can return it quickly without having to
search for it twice. Hence a resolving server is sometimes known as a “DNS cache” or “caching DNS resolver”. Most organisations providing internet access to a group of people maintain their own resolving server or servers. They are necessary part of the internet infrastructure because:
•
•
Most DNS information does not change most of the time. Hence it makes sense for an organisation to set up their own server which will be able to more quickly return DNS information that is commonly requested by that particular organisation. Resolving a DNS query from scratch can be a complicated procedure, and most internet software (email clients, web browsers) does not need to know how to do it. A commonly-used server to do the job means internet applications need only have to deal with issuing a single question and receiving a single answer.
How a DNS query is resolved Below we explain what happens when you type www.bytemark.co.uk into your computer’s web browser.
1.
2.
3.
Your web browser asks the resolving DNS server what the address of www.bytemark.co.uk is. Your computer already knows where the local resolving DNS server is through its network configuration. For customers on the Bytemark network, the resolving DNS servers are 80.68.80.24 and 80.68.80.25. On a linux machine these addresses are listed in /etc/resolv.conf. The Resolving DNS server does not know the address. So it asks a root server the same question. The 13 root servers have globally well-known IP addresses, and are run by a US-based company called ICANN The root server replies that it does not know, but it gives the address of the server which knows about .uk domains. All UK domains are managed by a non-profit organisation called Nominet
4. 5.
6. 7.
8.
The resolving DNS server asks the .uk server what the address of www.bytemark.co.uk is. The .uk server replies that it does not know, but it gives the address of the server which knows about .bytemark.co.uk domain. This server is (finally!) at an IP address which we manage, on one of our servers. We pay Nominet an annual fee (via a domain registar) to maintain this referral for our domain, and for them to maintain the address as belonging to us. The resolving DNS server asks the .bytemark.co.uk server what the address of www.bytemark.co.uk is. Our server answers the query with the IP address of www.bytemark-hosting.co.uk, and marks the response as “authoratitve”. This is an assertion that the answer is correct and complete. It also adds to its reply that “this data is valid for 24 hours”, so that anyone who is asking can confidently re-use the information for that time without having to issue another query. The resolving DNS server finally has its answer, and can reply back to the web browser with the IP address. Crucially it marks its answer as “non-authoratitive”, so that the web browser knows it has the information indirectly.
The commercial side So from the above, you should be able to see the technical side of what has become quite a slick commercial process. Your domain registrar, to whom you pay £10 or so per year for his services per domain, ensures that your chosen name is redirected at the content servers of your choice. Your registrar usually has paid to have indirect access to the servers that run the top-level internet domains such as .com, .net, .co.uk and so on. If you want to tell your registar that you wish to handle your own DNS, you need to give them a minimum of two content server IP addresses to delegate to, and after that the technical control over your domain is yours. You need to ensure that the
IP addresses which you nominate will respond authoratitively to queries for your domain; if they do not, you have what is sometimes called a “lame delegation”. If you are using Bytemark Hosting’s Virtual Machine service, you will be able to send DNS data to any of our DNS servers through our Content DNS service of course you can set up your own Virtual Machine to server DNS data as well. Multiple answers to DNS queries Our example above makes a simplification: it pretends that DNS queries only ever have one answer. In fact, certain queries usually return more than one answer. For instance if you ask what the address of www.yahoo.com is, you’ll (at the time of writing) get 13 different IPs supplied in the response. Each IP will still respond with Yahoo’s home page, so that if one of them falls over, the others will still keep Yahoo’s front page visible. In the example, if you ask which server is responsible for the .uk domain, you will get five different IPs supplied in response. All of them should serve the same data; it is very important that machine which server content DNS data for “toplevel” domains are always available. While you can perform the same trick for your own web or mail services if you need resilience, you will be forced to supply more than one DNS server when you ask your registrar to redelegate your domain. That is to say, it is a condition of “owning” a domain that you must have 2 separate IPs which will answer authoratitively for it. Our Content DNS Service makes this easy to manage. Introduction to How Domain Name Servers Work Computer Networking Image Gallery
If you're online a lot, you use domain name servers hundreds of times a day -- and you may not even know it. See more computer networking pictures. If you spend any time on the Internet sending e-mail or browsing the Web, then you use domain name servers without even realizing it. Domain name servers, or DNS, are an incredibly important but completely hidden part of the Internet, and they are fascinating. The DNS system forms one of the largest and most active distributed databases on the planet. Without DNS, the Internet would shut down very quickly. When you use the Web or send an e-mail message, you use a domain name to do it. For example, the URL "http://www.howstuffworks.com" contains the domain name howstuffworks.com. So does the e-mail address "[email protected]." Human-readable names like "howstuffworks.com" are easy for people to remember, but they don't do machines any good. All of the machines use names called IP addresses to refer to one another. For example, the machine that humans refer to as "www.howstuffworks.com" has the IP address 70.42.251.42. Every time you use a domain name, you use the Internet's domain name servers (DNS) to translate the human-readable domain name into the machine-readable IP address. During a day of browsing and e-mailing, you might access the domain name servers hundreds of times!
DNS Servers and IP Addresses Domain name servers translate domain names to IP addresses. That sounds like a simple task, and it would be -- except for five things:
•
There are billions of IP addresses currently in use, and most machines have a human-readable name as well.
•
• • •
There are many billions of DNS requests made every day. A single person can easily make a hundred or more DNS requests a day, and there are hundreds of millions of people and machines using the Internet daily. Domain names and IP addresses change daily. New domain names get created daily. Millions of people do the work to change and add domain names and IP addresses every day.
The DNS system is a database, and no other database on the planet gets this many requests. No other database on the planet has millions of people changing it every day, either. That is what makes the DNS system so unique. IP Addresses To keep all of the machines on the Internet straight, each machine is assigned a unique address called an IP address. IP stands for Internet protocol, and these addresses are 32-bit numbers normally expressed as four "octets" in a "dotted decimal number." A typical IP address looks like this: 70.42.251.42 The four numbers in an IP address are called octets because they can have values between 0 and 255 (28 possibilities per octet). Every machine on the Internet has its own IP address. A server has a static IP address that does not change very often. A home machine that is dialing up through a modem often has an IP address that is assigned by the ISP when you dial in. That IP address is unique for your session and may be different the next time you dial in. In this way, an ISP only needs one IP address for each modem it supports, rather than for every customer. If you are working on a Windows machine, you can view your current IP address with the command WINIPCFG.EXE (IPCONFIG.EXE for Windows 2000/XP). On a UNIX machine, type nslookup along with a machine name (such as
"nslookup www.howstuffworks.com") to display the IP address of the machine (use the command hostname to learn the name of your machine). For more information on IP addresses, see IANA. As far as the Internet's machines are concerned, an IP address is all that you need to talk to a server. For example, you can type in your browser the URL http://70.42.251.42 and you will arrive at the machine that contains the Web server for HowStuffWorks. Domain names are strictly a human convenience. Domain Names If we had to remember the IP addresses of all of the Web sites we visit every day, we would all go nuts. Human beings just are not that good at remembering strings of numbers. We are good at remembering words, however, and that is where domain names come in. You probably have hundreds of domain names stored in your head. For example:
• • • • • •
www.howstuffworks.com - a typical name www.yahoo.com - the world's best-known name www.mit.edu - a popular EDU name encarta.msn.com - a Web server that does not start with www www.bbc.co.uk - a name using four parts rather than three ftp.microsoft.com - an FTP server rather than a Web server
The COM, EDU and UK portions of these domain names are called the top-level domain or first-level domain. There are several hundred top-level domain names, including COM, EDU, GOV, MIL, NET, ORG and INT, as well as unique two-letter combinations for every country. Within every top-level domain there is a huge list of secondlevel domains. For example, in the COM first-level domain, you've got:
• • • • •
howstuffworks yahoo msn microsoft plus millions of others...
Every name in the COM top-level domain must be unique, but there can be duplication across domains. For example, howstuffworks.com and howstuffworks.org are completely different machines. In the case of bbc.co.uk, it is a third-level domain. Up to 127 levels are possible, although more than four is rare. The left-most word, such as www or encarta, is the host name. It specifies the name of a specific machine (with a specific IP address) in a domain. A given domain can potentially contain millions of host names as long as they are all unique within that domain. Because all of the names in a given domain need to be unique, there has to be a single entity that controls the list and makes sure no duplicates arise. For example, the COM domain cannot contain any duplicate names, and a company called Network Solutions is in charge of maintaining this list. When you register a domain name, it goes through one of several dozen registrars who work with Network Solutions to add names to the list. Network Solutions, in turn, keeps a central database known as the whois database that contains information about the owner and name servers for each domain. If you go to the whois form, you can find information about any domain currently in existence. While it is important to have a central authority keeping track of the database of names in the COM (and other) top-level domain, you would not want to centralize the database of all of the information in the COM domain. For example, Microsoft has hundreds of thousands of IP addresses and host names. Microsoft wants to maintain its own domain name server for the
microsoft.com domain. Similarly, Great Britain probably wants to administrate the uk top-level domain, and Australia probably wants to administrate the au domain, and so on. For this reason, the DNS system is a distributed database. Microsoft is completely responsible for dealing with the name server for microsoft.com -- it maintains the machines that implement its part of the DNS system, and Microsoft can change the database for its domain whenever it wants to because it owns its domain name servers. Every domain has a domain name server somewhere that handles its requests, and there is a person maintaining the records in that DNS. This is one of the most amazing parts of the DNS system -- it is completely distributed throughout the world on millions of machines administered by millions of people, yet it behaves like a single, integrated database! The Distributed System Name servers do two things all day long:
• •
They accept requests from programs to convert domain names into IP addresses. They accept requests from other name servers to convert domain names into IP addresses.
When a request comes in, the name server can do one of four things with it:
• •
•
•
It can answer the request with an IP address because it already knows the IP address for the domain. It can contact another name server and try to find the IP address for the name requested. It may have to do this multiple times. It can say, "I don't know the IP address for the domain you requested, but here's the IP address for a name server that knows more than I do." It can return an error message because the requested domain name is invalid or does not exist.
When you type a URL into your browser, the browser's first step is to convert the domain name and host name into an IP address so that the browser can go request a Web page from the machine at that IP address (see How Web Servers Work for details on the whole process). To do this conversion, the browser has a conversation with a name server. When you set up your machine on the Internet, you (or the software that you installed to connect to your ISP) had to tell your machine what name server it should use for converting domain names to IP addresses. On some systems, the DNS is dynamically fed to the machine when you connect to the ISP, and on other machines it is hard-wired. If you are working on a Windows 95/98/ME machine, you can view your current name server with the command WINIPCFG.EXE (IPCONFIG for Windows 2000/XP). On a UNIX machine, type nslookup along with your machine name. Any program on your machine that needs to talk to a name server to resolve a domain name knows what name server to talk to because it can get the IP address of your machine's name server from the operating system. The browser therefore contacts its name server and says, "I need for you to convert a domain name to an IP address for me." For example, if you type "www.howstuffworks.com" into your browser, the browser needs to convert that URL into an IP address. The browser will hand "www.howstuffworks.com" to its default name server and ask it to convert it. The name server may already know the IP address for www.howstuffworks.com. That would be the case if another request to resolve www.howstuffworks.com came in recently (name servers cache IP addresses to speed things up). In that case, the name server can return the IP address immediately. Let's assume, however, that the name server has to start from scratch. A name server would start its search for an IP address by contacting one of the root name servers. The root servers know
the IP address for all of the name servers that handle the toplevel domains. Your name server would ask the root for www.howstuffworks.com, and the root would say (assuming no caching), "I don't know the IP address for www.howstuffworks.com, but here's the IP address for the COM name server." Obviously, these root servers are vital to this whole process, so:
• •
There are many of them scattered all over the planet. Every name server has a list of all of the known root servers. It contacts the first root server in the list, and if that doesn't work it contacts the next one in the list, and so on.
client/server architecture A network architecture in which each computer or process on the network is either a client or a server. Servers are powerful computers or processes dedicated to managing disk drives (file servers), printers (print servers), or network traffic (network servers ). Clients are PCs or workstations on which users run applications. Clients rely on servers for resources, such as files, devices, and even processing power. Another type of network architecture is known as a peer-to-peer architecture because each node has equivalent responsibilities. Both client/server and peer-to-peer architectures are widely used, and each has unique advantages and disadvantages. Client-server architectures are sometimes called two-tier architectures. Digital Subscriber Line (DSL) is a family of technologies that provides digital data transmission over the wires of a local telephone network. DSL originally stood for digital subscriber loop. In telecommunications marketing, the term Digital Subscriber Line is widely understood to mean Asymmetric Digital Subscriber Line (ADSL), the most commonly installed technical variety of DSL. DSL service is delivered
simultaneously with regular telephone on the same telephone line. This is possible because DSL uses a higher frequency. These frequency bands are subsequently separated by filtering. The data throughput of consumer DSL services typically ranges from 256 Kb/s to 20 Mbit/s in the direction to the customer (downstream), depending on DSL technology, line conditions, and service-level implementation. In ADSL, the data throughput in the upstream direction, (i.e. in the direction to the service provider) is lower, hence the designation of asymmetric service. In Symmetric Digital Subscriber Line (SDSL) service, the downstream and upstream data rates are equal. Definition: DSL is a high-speed Internet service like cable Internet. DSL provides high-speed networking over ordinary phone lines using broadband modem technology. DSL technology allows Internet and telephone service to work over the same phone line without requiring customers to disconnect either their voice or Internet connections. DSL technology theoretically supports data rates of 8.448 Mbps, although typical rates are 1.544 Mbps or lower. DSL Internet services are used primarily in homes and small businesses. DSL Internet service only works over a limited physical distance and remains unavailable in many areas where the local telephone infrastructure does not support DSL technology. Uniform Resource Locators (URLs) URLs, or Uniform Resource Locators, are the method by which documents or data are addressed in the World Wide Web. The URL contains the following information:
• •
the internet name of the site containing the resource (document or data) the type of service the resource is served by (eg, HTTP, Gopher, WAIS)
• •
the Internet port number of the service. If this is omitted the browser assumes a commonly accepted default value. the location of the resource in the directory structure of the server.
URLs are more sophisticated than this brief introduction would imply. For more detail, have a look at the URL overview document, found at the URL: http://www.w3.org/hypertext/WWW/Addressing/URL/Overvie w.html. 8.0 Structure of an URL The following is an outline of the most common form of a URL: http://www.address.edu:1234/path/subdir /file.ext | | | | | |service | | | | |____ host ______| | | | | | |port| | | file and | |_ resource details _| 8.0.1 Service The above figure gives a general outline of URL structure. This outline if followed by most, but not all, URLs. Specific cases are discussed in subsequent sections.
The first part is the service specifier, (here HTTP service) which specifies the access method. Specifically this is the part before the colon. Some examples of services are: http:, gopher:, wais: and ftp:. 8.0.2 Address and Port number The second part is usually the internet address of the server, indicated by the double forward slash (//). This address can also contain the (optional) port number the service listens at. The full name is then specified by a string like //www.address.edu:1234/, where :1234 means Port number 1234. If you want to use the default port number you can leave out both the colon and the number, i.e. //www.address.edu/. 8.0.3 Resource Location The forward slash after the host and port specifications indicates the end of the address and the beginning of the specification for the file/resource to be accessed. This field varies depending on the service being accessed. A few simple examples follow: more detailed ones are given in the documents listed below. 8.0.4 Special Cases In some cases the internet address and resource location are omitted. The common examples of this are news: (for accessing Usenet news group information) and mailto: (for sending e-mail). 8.0.5 Query Strings The URL scheme also allows you to include a query string that is to be passed to the designated URL. This is indicated by placing a question mark at the end of the URL, followed by the desired query string. For example: http://www.where.edu/cgi-bin/program? query_string_data
The query string must be specially encoded, using what is known as URL encoding. This is discussed in the CGI documentation found at NCSA and elsewhere in this document collection. 8.0.6 Some Simple URL Examples http://info.cern.ch/hypertext/WWW/Addressin g/URL/Overview.html Retrieve the named HTML document from the CERN http server running on the default port. gopher://gumby.brain.headache.edu:151/7fone book.txt Access the searchable index 'fonebook.txt' from the named gopher server, running on port number 151. news:alt.rec.motorcycle Access the newsgroup alt.rec.motorcycle. Web server A computer that delivers (serves up) Web pages. Every Web server has an IP address and possibly a domain name. For example, if you enter the URL http://www.pcwebopedia.com/index.html in your browser, this sends a request to the server whose domain name is pcwebopedia.com. The server then fetches the page named index.html and sends it to your browser. Any computer can be turned into a Web server by installing server software and connecting the machine to the Internet. There are many Web server software applications, including public domain software from NCSA and Apache, and commercial packages from Microsoft, Netscape and others. A web server is a computer program that delivers (serves) content, such as web pages, using the Hypertext Transfer Protocol (HTTP), over the World Wide Web. The term web server can also refer to the computer or virtual machine running the program.
In large commercial deployments, a server computer running a web server can be rack-mounted with other servers to operate a web farm. Contents [hide]
• • • • • •
• • • •
1 Overview 2 History of web servers 3 Common features 4 Path translation 5 Load limits 6 Kernel-mode and user-mode Web servers o 6.1 Overload causes o 6.2 Overload symptoms o 6.3 Anti-overload techniques 7 Market structure 8 See also 9 References 10 External links
Overview The primary function of a web server is to deliver web pages to clients. This means delivery of HTML documents and any additional content that may be included by a document, such as images, style sheets and JavaScripts. A client, commonly a web browser or web crawler, initiates communication by making a request for a specific resource using HTTP and the server responds with the content of that resource, or an error message if unable to do so. The resource is typically a real file on the server's secondary memory, but this is not necessarily the case and depends on how the web server is implemented. While the primary function is to serve content, a full implementation of HTTP also includes a way of receiving
content from clients. This feature is used for submitting web forms, including uploading of files. Many generic web servers also support server-side scripting, e.g., Apache HTTP Server and PHP. This means that the behaviour of the web server can be scripted in separate files, while the actual server software remains unchanged. Usually, this functionality is used to create HTML documents on-the-fly as opposed to return fixed documents. This is referred to as dynamic and static content respectively. The former is primarily used for retrieving and/or modifying information in databases. The latter is, however, typically much faster and easily cached. Web servers are not always used for serving the world wide web, rather they can also be found embedded in devices such as printers, routers, webcams and serving only a local network. The web server may then be used as a part of a system for monitoring and/or administrating the device in question. This usually means that no additional software has to be installed on the client computer, since only a web browser is required (which by now is included with most operating systems). History of web servers The world's first web server. In 1989 Tim Berners-Lee proposed to his employer CERN (European Organization for Nuclear Research) a new project, which had the goal of easing the exchange of information between scientists by using a hypertext system. As a result of the implementation of this project, in 1990 Berners-Lee wrote two programs:
• •
a browser called WorldWideWeb; the world's first web server, later known as CERN httpd, which ran on NeXTSTEP.
Between 1991 and 1994 the simplicity and effectiveness of early technologies used to surf and exchange data through the World Wide Web helped to port them to many different operating systems and spread their use among lots of different social groups of people, first in scientific organizations, then in universities and finally in industry. In 1994 Tim Berners-Lee decided to constitute the World Wide Web Consortium (W3C) to regulate the further development of the many technologies involved (HTTP, HTML, etc.) through a standardization process. Common features
1. 2. 3.
4.
Virtual hosting to serve many Web sites using one IP address. Large file support to be able to serve files whose size is greater than 2 GB on 32 bit OS. Bandwidth throttling to limit the speed of responses in order to not saturate the network and to be able to serve more clients. Server-side scripting to generate dynamic Web pages, but still keeping Web server and Web site implementations separate from each other.
Path translation Web servers are able to map the path component of a Uniform Resource Locator (URL) into:
• •
a local file system resource (for static requests); an internal or external program name (for dynamic requests).
For a static request the URL path specified by the client is relative to the Web server's root directory. Consider the following URL as it would be requested by a client:
http://www.example.com/path/file.html The client's user agent will translate it into a connection to www.example.com with the following HTTP 1.1 request: GET /path/file.html HTTP/1.1 Host: www.example.com The Web server on www.example.com will append the given path to the path of its root directory. On Unix machines, this is commonly /var/www (on Apache, usually /home/www). The result is the local file system resource: /var/www/path/file.html The Web server will then read the file, if it exists, and send a response to the client's Web browser. The response will describe the content of the file and contain the file itself. Load limits A Web server (program) has defined load limits, because it can handle only a limited number of concurrent client connections (usually between 2 and 80,000, by default between 500 and 1,000) per IP address (and TCP port) and it can serve only a certain maximum number of requests per second depending on:
• • • • •
its own settings; the HTTP request type; content origin (static or dynamic); the fact that the served content is or is not cached; the hardware and software limits of the OS where it is working.
When a Web server is near to or over its limits, it becomes unresponsive.
Kernel-mode and user-mode Web servers A Web server can be either implemented into the OS kernel, or in user space (like other regular applications). An in-kernel Web server (like TUX on GNU/Linux or Microsoft IIS on Windows) will usually work faster, because, as part of the system, it can directly use all the hardware resources it needs, such as non-paged memory, CPU time-slices, network adapters, or buffers. Web servers that run in user-mode have to ask the system the permission to use more memory or more CPU resources. Not only do these requests to the kernel take time, but they are not always satisfied because the system reserves resources for its own usage and has the responsibility to share hardware resources with all the other running applications. Also, applications cannot access the system's internal buffers, which causes useless buffer copies that create another handicap for user-mode web servers. As a consequence, the only way for a user-mode web server to match kernel-mode performance is to raise the quality of its code to much higher standards, similar to that of the code used in web servers that run in the kernel. This is a significant issue under Windows, where the user-mode overhead is about six times greater than that under Linux.[1] Overload causes At any time Web servers can be overloaded because of:
•
• •
Too much legitimate Web traffic. Thousands or even millions of clients connecting to the Web site in a short interval, e.g., Slashdot effect; DDoS. Distributed Denial of Service attacks; Computer worms that sometimes cause abnormal traffic because of millions of infected computers (not coordinated among them);
• • •
•
XSS viruses can cause high traffic because of millions of infected browsers and/or Web servers; Internet Web robots. Traffic not filtered/limited on large Web sites with very few resources (bandwidth, etc.); Internet (network) slowdowns, so that client requests are served more slowly and the number of connections increases so much that server limits are reached; Web servers (computers) partial unavailability. This can happen because of required or urgent maintenance or upgrade, hardware or software failures, back-end (e.g., DB) failures, etc.; in these cases the remaining Web servers get too much traffic and become overloaded.
Overload symptoms The symptoms of an overloaded Web server are:
• •
• •
requests are served with (possibly long) delays (from 1 second to a few hundred seconds); 500, 502, 503, 504 HTTP errors are returned to clients (sometimes also unrelated 404 error or even 408 error may be returned); TCP connections are refused or reset (interrupted) before any content is sent to clients; in very rare cases, only partial contents are sent (but this behavior may well be considered a bug, even if it usually depends on unavailable system resources).
Anti-overload techniques To partially overcome above load limits and to prevent overload, most popular Web sites use common techniques like:
•
managing network traffic, by using: o Firewalls to block unwanted traffic coming from bad IP sources or having bad patterns; o HTTP traffic managers to drop, redirect or rewrite requests having bad HTTP patterns;
• •
Bandwidth management and traffic shaping, in order to smooth down peaks in network usage; deploying Web cache techniques; using different domain names to serve different (static and dynamic) content by separate Web servers, i.e.: o http://images.example.com
o o o o
http://www.example.com
•
• •
• • • •
using different domain names and/or computers to separate big files from small and medium sized files; the idea is to be able to fully cache small and medium sized files and to efficiently serve big or huge (over 10 - 1000 MB) files by using different settings; using many Web servers (programs) per computer, each one bound to its own network card and IP address; using many Web servers (computers) that are grouped together so that they act or are seen as one big Web server, see also: Load balancer; adding more hardware resources (i.e. RAM, disks) to each computer; tuning OS parameters for hardware capabilities and usage; using more efficient computer programs for Web servers, etc.; using other workarounds, especially if dynamic content is involved
What is a Web Browser? Surfing the web is made possible by Web browsers. Browsers are basically software programs that allow you to search for and view various kinds of information on the Web, such as web sites, video, audio, etc.
The Most Popular Web Browsers Here are just a few of Web browsers available to you for a free download:
•
•
•
•
Microsoft's Internet Explorer: Most Internet users are using Internet Explorer because it's easy to use and most Web sites are written with Internet Explorer in mind, meaning that they are compatible. Opera: Opera is another popular browser that's easy to use; however, it can have some compatibility issues with various websites. Mozilla's Firefox: Firefox is rapidly gaining ground right behind Internet Explorer because of its tabbed browsing, superior security features, and fast load. Mac Safari: Specifically for Mac users, Safari is an excellent choice for a Web browser, with fast load and good compatibility with most websites out there.
Breakdown of a Web Browser We all know what a Web browser looks like, but it's good to have a complete breakdown of the various parts of most Web browsers just for reference's sake. The parts of a browser include:
•
• •
•
Status bar: This is the box at the bottom of your browser window. The status bar displays all sorts of information, depending on what you're doing at the time, but mostly it's for showing load speed and the URL of whatever address your mouse is hovering over. Address bar:This is the box at the top of your browser window that displays the entire URL, or Web site address. Title bar: The title bar is at the very top of your browser window; in both Firefox and Internet Explorer it is the blue bar there at the top. You'll see the title of the Web page there; for example, you should see "What Is A Web Browser?" at the top of your browser window right now. Toolbar Icons: The toolbar and its icons are at the top of your browser window right underneath the Title Bar. This
•
•
is where you'll see the Back button, the Home button, the Refresh button, etc. Display Window: The Display Window is just a fancy term for your browser work space; it's the frame through which you see this website right now. Scroll Bars: If you've ever been to a website that you had to "scroll down" to read something, then you've used the scroll bars. They're just navigational/directional aids.
There's more if you REALLY want to get into the nuts and bolts of a Web browser, but these parts are the basic ones that anyone should be concerned about. And of course, not all browsers are created equal - so some of the above definitions might not be appropriate. Which Web Browser is the Best? This is a good question and one that is really only answered by personal preference. I was a diehard Internet Explorer user for many years until I tried Firefox, and then I dropped IE like a hot potato. I can't tell you which one to use, but I can say that I believe that Firefox is by far a superior browser; tabbed browsing capability, superior security options, and fast loading have made me a happy Firefox user. How do you know which browser will work best for you? Well, they are all free to download, and so it can be a good idea to test them all if you are in doubt - and especially if you are a Web designer who needs to know what designs will work in what browser. As already stated, it does not cost a thing to download these browsers, so go ahead and test them out. The browser you choose to use can make all the difference in your search experience. How Hypertext Works HTML Code On the Web, hypertext is written in HTML, or Hypertext Markup
Language. Here's a piece of HTML code that shows how one document links to another. The phrase "Hardware Reviews" appears on a table of contents page on Smart Computing’s Web site, and it links to an article on a separate page. Hypertext documents can be linked in many ways, and one of the most common on the Web is when a word or phrase on one page links to an entirely new page. Here are some examples of string-to-lexia links, where clicking a string of words calls up a new page (lexia). As you can see, this linking can continue through many layers. 3.1 Introduction to SGML SGML is a system for defining markup languages. Authors mark up their documents by representing structural, presentational, and semantic information alongside content. HTML is one example of a markup language. Here is an example of an HTML document: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd "> <HTML> <HEAD> <TITLE>My first HTML document</TITLE> </HEAD> <BODY> <P>Hello world! </BODY> </HTML>
An HTML document is divided into a head section (here, between <HEAD> and </HEAD>) and a body (here, between <BODY> and </BODY>). The title of the document appears in the head (along with other information about the document), and the content of the document appears in the body. The body in this example contains just one paragraph, marked up with <P>. Each markup language defined in SGML is called an SGML application. An SGML application is generally characterized by: An SGML declaration. The SGML declaration specifies which characters and delimiters may appear in the application. 2. A document type definition (DTD). The DTD defines the syntax of markup constructs. The DTD may include additional definitions such as character entity references. 3. A specification that describes the semantics to be ascribed to the markup. This specification also imposes syntax restrictions that cannot be expressed within the DTD. 4. Document instances containing data (content) and markup. Each instance contains a reference to the DTD to be used to interpret it.
1.
This specification includes an SGML declaration, three document type definitions (see the section on HTML version information for a description of the three), and a list of character references.
Hypertext - Definition In computing, hypertext is a user interface paradigm for displaying documents which contain automated cross-references to other documents called hyperlinks. Selecting a hyperlink causes the computer to display the linked document within a very short period of time.
A document can be static (prepared and stored in advance) or dynamically generated (in response to user input). Therefore, a well-constructed hypertext system can encompass, incorporate or supersede many other user interface paradigms like menus and command
lines, and can be used to access both static collections of cross-referenced documents and interactive applications. The documents and applications can be local or can come from anywhere with the assistance of a computer network like the Internet. The most famous implementation of hypertext is the World Wide Web.
The term "hypertext" is often used where the term hypermedia would be more appropriate. What is hypertext and hypermedia? The operation of the Web relies mainly on hypertext as its means of interacting with users. Hypertext is basically the same as regular text - it can be stored, read, searched, or edited - with an important exception: hypertext contains connections within the text to other documents. For instance, suppose you were able to somehow select (with a mouse or with your finger) the word "hypertext" in the sentence before this one. In a hypertext system, you would then have one or more documents related to hypertext appear before you - a history of hypertext, for example, or the Webster's definition of hypertext. These new texts would themselves have links and connections to other documents - continually selecting text would take you on a free-associative tour of information. In this way, hypertext links, called hyperlinks, can create a complex virtual web of connectionsWhat is the Internet? The Internet is the catch-all word used to describe the massive world-wide network of computers. The word "internet" literally means "network of networks". In itself, the Internet is comprised of thousands of smaller regional networks scattered throughout the globe. On any given day it connects roughly 20 million users in over 50 countries. The World-Wide Web is mostly used on the Internet; they do not mean the same thing. The Web refers to a body of information - an abstract space of knowledge, while the Internet refers to the physical side of the global network, a giant mass of cables and computers.
SGML
- SGML (Standard Generalized Markup Language) is a standard for how to specify a document markup language or tag set. Such a specification is itself a document type definition (DTD). SGML is not in itself a document language, but a description of how to specify one. It is metadata. SGML is based on the idea that documents have structural and other semantic elements that can be described without reference to how such elements should be displayed. The actual display of such a document may vary, depending on the output medium and style preferences. Some advantages of documents based on SGML are:
•
•
•
They can be created by thinking in terms of document structure rather than appearance characteristics (which may change over time). They will be more portable because an SGML compiler can interpret any document by reference to its document type definition (DTD). Documents originally intended for the print medium can easily be re-adapted for other media, such as the computer display screen.
The language that this Web browser uses, Hypertext Markup Language (HTML), is an example of an SGML-based language. There is a document type definition for HTML (and reading the HTML specification is effectively reading an expanded version of the document type definition). In today's distributed networking environment, many documents are being described with the Extensible Markup Language (XML) which is a data description language (and a document can be viewed as a collection of data) that uses SGML principles.
SGML is based somewhat on earlier generalized markup languages developed at IBM, including General Markup Language (GML) and ISIL. HTML, which stands for HyperText Markup Language, is the predominant markup language for web pages. A markup language is a set of markup tags, and HTML uses markup tags to describe web pages. HTML is written in the form of HTML elements consisting of "tags" surrounded by angle brackets (like <html>) within the web page content. HTML tags normally come in pairs like <b> and </b>. The first tag in a pair is the start tag, the second tag is the end tag (they are also called opening tags and closing tags). The purpose of a web browser (like Internet Explorer or Firefox) is to read HTML documents and display them as web pages. The browser does not display the HTML tags, but uses the tags to interpret the content of the page. HTML is the building blocks of all basic websites. It allows images and objects to be embedded and can be used to create interactive forms. It provides a means to create structured documents by denoting structural semantics for text such as headings, paragraphs, lists, links, quotes and other items. It can embed scripts in languages such as JavaScript which affect the behavior of HTML webpages. HTML can also be used to include Cascading Style Sheets (CSS) to define the appearance and layout of text and other material. The W3C, maintainer of both HTML and CSS standards, encourages the use of CSS over explicit presentational markup.[1] What is XML?
• •
XML stands for EXtensible Markup Language XML is a markup language much like HTML
• • • •
XML was designed to carry data, not to display data XML tags are not predefined. You must define your own tags XML is designed to be self-descriptive XML is a W3C Recommendation
The Difference Between XML and HTML XML is not a replacement for HTML. XML and HTML were designed with different goals:
• •
XML was designed to transport and store data, with focus on what data is HTML was designed to display data, with focus on how data looks
HTML is about displaying information, while XML is about carrying information. Extensible Markup Language (XML) is a set of rules for encoding documents in machine-readable form. It is defined in the XML 1.0 Specification[4] produced by the W3C, and several other related specifications, all gratis open standards.[5] XML's design goals emphasize simplicity, generality, and usability over the Internet.[6] It is a textual data format with strong support via Unicode for the languages of the world. Although the design of XML focuses on documents, it is widely used for the representation of arbitrary data structures, for example in web services. Many application programming interfaces (APIs) have been developed that software developers use to process XML data, and several schema systems exist to aid in the definition of XML-based languages. As of 2009, hundreds of XML-based languages have been developed,[7] including RSS, Atom, SOAP, and XHTML. XML-
based formats have become the default for most officeproductivity tools, including Microsoft Office (Office Open XML), OpenOffice.org (OpenDocument), and Apple's iWork.[8] Website Meta Language ``WML is the Unix toolkit for getting your webdesigner's HTML job done.'' WML is a free and extensible Webdesigner's off-line HTML generation toolkit for Unix, distributed under the GNU General Public License (GPL v2). It is written in ANSI C and Perl 5, built via a GNU Autoconf based source tree and runs out-of-thebox on all major Unix derivates. It is Open Source Software and can be used free of charge both in educational and commercial environments. WML consists of a control frontend driving up to nine backends in a sequential pass-oriented filtering scheme. Each backend provides one particular core language. For maximum power WML additionally ships with a well-suited set of include files which provide higher-level features built on top of the backends core languages. While not trivial and idiot proof WML provides most of the core features real hackers always wanted for HTML generation. A typical use case of WML today is the generation of HTMLbased static pages for archivable documentation. Recently we implemented an electronic "systems operations handbook" for a German fellow who enjoys semi-automatic information updates through embedded Perl. Extensible Markup Language (XML) Recent: Balisage Conference [details]
1. 2.
Introduction Working Groups
3. 4. 5.
Events Other Resources Contact
Nearby: XML Specifications and Translations of them. Introduction Extensible Markup Language (XML) is a simple, very flexible text format derived from SGML (ISO 8879). Originally designed to meet the challenges of large-scale electronic publishing, XML is also playing an increasingly important role in the exchange of a wide variety of data on the Web and elsewhere. This page describes the work being done at W3C within the XML Activity, and how it is structured. Work at W3C takes place in Working Groups. The Working Groups within the XML Activity are listed below, together with links to their individual web pages. You can find and download formal technical specifications here, because we publish them. This is not a place to find tutorials, products, courses, books or other XML-related information. There are some links below that may help you find such resources. You will find links to W3C Recommendations, Proposed Recommendations, Working Drafts, conformance test suites and other documents on the pages for each Working Group. Each document also contains email addresses you can use to send comments or questions, for example if you have been writing software to implement them and have found problems or errors. Please do not send us email asking us to help you learn a language or specification; there are plenty of resources online, and the people editing and developing the specifications are very busy. We are interested in technical comments and errata.
If your organization would like to join the W3C, or if you would like to participate formally in a working group (and have the necessary resources to attend meetings), you can read more about the Consortium. The Motive Web Design Glossary client-side, server-side If a webpage content can be customised or used to complete an activity, interaction is either client-side or server-side. client-side …supports interaction within a webpage Client-side scripting enables interaction within a webpage. The code required to process user-input is downloaded and compiled by the browser or plug-in. An example of a client-side interaction is a rollover (typically triggered when choosing a navigation option). Client-side scripting languages include JavaScript. server-side information is sent to a server to be processed With server-side scripting, completing an activity involves sending information to another computer (server) across the internet. The server then runs a program that process the information and returns the results, typically a webpage. Search engines use server-side processing. When a keyword is sent, a program on a server matches the word or phrase entered against an index of website content. (To complete the same search as a client-side process would require the browser to download the entire search engine program and index.) Server-side scripting languages include ASP and PHP.
stateless interaction Macromedia Flash application architecture enables a third type of scripting/interaction. Flash can store and process information both client-side and server-side. An example of this interaction is a Flash-based checkout process. Information the user enters (such as delivery and billing addresses, credit card details, etc.) can be stored and validated client-side. Once the required information has been completed a connection is established to the server and the order sent for processing. client-side vs server-side client-side interaction
• • • •
response to interaction may be more immediate (once the program code has been downloaded) services are secure (as no information is sent from the browser) reliant on the user having using a specific browser and/or plug-in on their computer affected by the processing speed of the user’s computer
server-side interaction
•
• • •
complex processes are often more efficient (as the program and the associated resources are not downloaded to the browser) there are security considerations when sending sensitive information does not rely on the user having specific browser or plugin affected by the processing speed of the host server
How the user connects to the internet affects both forms of interaction. For client-side scripting, the connection type
affects the time it takes program code to be downloaded. For server-side processiWireless Application Protocol From Wikipedia, the free encyclopedia Jump to: navigation, search Not to be confused with Wi-Fi Protected Access or Wireless access point. Wireless Application Protocol (WAP) is an open international standard[1] for application-layer network communications in a wireless-communication environment. Most use of WAP involves accessing the mobile web from a mobile phone or from a PDA. A WAP browser is a commonly used web browser for small mobile devices such as cell phones or PDAs, developed to allow a realistic browsing experience to users. Given then, the inherent physical and technical limitations of these devices such as size and data transfer speeds, new code was created, and the WAP browser accesses websites written in, or dynamically converted to, WML (Wireless Markup Language). Before the introduction of WAP, service providers had extremely limited opportunities to offer interactive data services, but needed interactivity to support now-commonplace activities such as:
• • • • •
Email by mobile phone Tracking of stock-market prices Sports results News headlines new Music downloads
Wireless Application Protocol (WAP) is an enabling technology based on the Internet client server architecture model, for transmission and presentation of information from the World Wide Web (WWW) and other applications utilizing the Internet Protocol (IP) to a mobile phone or other wireless terminal.
The Address Resolution Protocol (ARP) is a computer networking protocol for determining a network host's Link Layer or hardware address when only its Internet Layer (IP) or Network Layer address is known. This function is critical in local area networking as well as for routing internetworking traffic across gateways (routers) based on IP addresses when the next-hop router must be determined. ARP was defined by RFC 826 in 1982.[1] It is Internet Standard STD 37. ARP has been implemented in many types of networks, such as Internet Protocol (IP) network, CHAOS, DECNET, Xerox PARC Universal Packet, Token Ring, FDDI, IEEE 802.11 and other LAN technologies, as well as the modern high capacity networks, such as Asynchronous Transfer Mode (ATM). Due to the overwhelming prevalence of IPv4 and Ethernet in general networking, ARP is most frequently used to translate IPv4 addresses (OSI Layer 3) into Ethernet MAC addresses (OSI Layer 2). In the next generation Internet Protocol, IPv6, ARP's functionality is provided by the Neighbor Discovery Protocol (NSMTP (pronounced as separate letters) Short for Simple Mail Transfer Protocol, a protocol for sending e-mail messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client using either POP or IMAP. In addition, SMTP is generally used to send messages from a mail client to a mail server. This is why you need to specify both the POP or IMAP server and the SMTP server when you configure your e-mail application. DP).
File Transfer Protocol Show me everything on Cloud computing and SaaS definition File Transfer Protocol (FTP), a standard Internet protocol, is the simplest way to exchange files between computers on the Internet. Like the Hypertext Transfer Protocol (HTTP), which transfers displayable Web pages and related files, and the Simple Mail Transfer Protocol (SMTP), which transfers e-mail, FTP is an application protocol that uses the Internet's TCP/IP protocols. FTP is commonly used to transfer Web page files from their creator to the computer that acts as their server for everyone on the Internet. It's also commonly used to download programs and other files to your computer from other servers. As a user, you can use FTP with a simple command line interface (for example, from the Windows MS-DOS Prompt window) or with a commercial program that offers a graphical user interface. Your Web browser can also make FTP requests to download programs you select from a Web page. Using FTP, you can also update (delete, rename, move, and copy) files at a server. You need to logon to an FTP server. However, publicly available files are easily accessed using anonymous FTP. Basic FTP support is usually provided as part of a suite of programs that come with TCP/IP. However, any FTP client program with a graphical user interface usually must be downloaded from the company that makes it. Address Resolution Protocol Digg This! StumbleUpon Del.icio.us
- Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network. For
example, in IP Version 4, the most common level of IP in use today, an address is 32 bits long. In an Ethernet local area network, however, addresses for attached devices are 48 bits long. (The physical machine address is also known as a Media Access Control or MAC address.) A table, usually called the ARP cache, is used to maintain a correlation between each MAC address and its corresponding IP address. ARP provides the protocol rules for making this correlation and providing address conversion in both directions. How ARP Works When an incoming packet destined for a host machine on a particular local area network arrives at a gateway, the gateway asks the ARP program to find a physical host or MAC address that matches the IP address. The ARP program looks in the ARP cache and, if it finds the address, provides it so that the packet can be converted to the right packet length and format and sent to the machine. If no entry is found for the IP address, ARP broadcasts a request packet in a special format to all the machines on the LAN to see if one machine knows that it has that IP address associated with it. A machine that recognizes the IP address as its own returns a reply so indicating. ARP updates the ARP cache for future reference and then sends the packet to the MAC address that replied. Since protocol details differ for each type of local area network, there are separate ARP Requests for Comments (RFC) for Ethernet, ATM, Fiber Distributed-Data Interface, HIPPI, and other protocols. There is a Reverse ARP (RARP) for host machines that don't know their IP address. RARP enables them to request their IP address from the gateway's ARP cache.
Routing protocol From Wikipedia, the free encyclopedia Jump to: navigation, search A routing protocol is a protocol that specifies how routers communicate with each other, disseminating information that enables them to select routes then any two nodes on a computer network, the choice of the route being done by routing algorithms. Each router has a priori knowledge only of networks attached to it directly. A routing protocol shares this information first among immediate neighbors, and then throughout the network. This way, routers gain knowledge of the topology of the network. For a discussion of the concepts behind routing protocols, see: Routing. The term routing protocol may refer specifically to one operating at layer three of the OSI model, which similarly disseminates topology information between routers. Although there are many types of routing protocols, three major classes are in widespread use on IP networks:
• • •
Interior gateway routing via link-state routing protocols, such as OSPF and IS-IS Interior gateway routing via path vector or distance vector protocols, such as RIP, IGRP and EIGRP Exterior gateway routing. BGP v4 is the routing protocol used by the public Internet.
Many routing protocols are defined in documents called RFCs.[1]
[2][3][4]
The specific characteristics of routing protocols include
• •
the manner in which they either prevent routing loops from forming or break them up if they do the manner in which they select preferred routes, using information about hop costs
• • •
the time they take to converge how well they scale up many other factors
Contents [hide]
• • • •
1 Routed versus routing protocols 2 Examples o 2.1 Interior routing protocols 3 References 4 Further reading
[edit] Routed versus routing protocols In some cases, routing protocols can themselves run over routed protocols: for example, BGP runs over TCP which runs over IP; care is taken in the implementation of such systems not to create a circular dependency between the routing and routed protocols. That a routing protocol runs over particular transport mechanism does not mean that the routing protocol is of layer (N+1) if the transport mechanism is of layer (N). Routing protocols, according to the OSI Routing framework, are layer management protocols for the network layer, regardless of their transport mechanism:
• •
• •
IS-IS runs over the data link layer OSPF, IGRP, and EIGRP run directly over IP; OSPF and EIGRP have their own reliable transmission mechanism while IGRP assumed an unreliable transport RIP runs over UDP BGP runs over TCP
[edit] Examples [edit] Interior routing protocols Interior Gateway Protocols (IGPs) exchange routing information
within a single routing domain. A given autonomous system [5] can contain multiple routing domains, or a set of routing domains can be coordinated without being an Internetparticipating autonomous system. Common examples include:
• • • • •
IGRP (Interior Gateway Routing Protocol) EIGRP (Enhanced Interior Gateway Routing Protocol) OSPF (Open Shortest Path First) RIP (Routing Information Protocol) IS-IS (Intermediate System to Intermediate System)
Note that IGRP, a Cisco proprietary routing protocol, is no longer supported. EIGRP accepts IGRP configuration commands, but the internals of IGRP and EIGRP are completely different.
Border Gateway Protocol The Border Gateway Protocol (BGP) is the routing protocol used to exchange routing information across the Internet. It makes it possible for ISPs to connect to each other and for end-users to connect to more than one ISP. BGP is the only protocol that is designed to deal with a network of the Internet's size, and the only protocol that can deal well with having multiple connections to unrelated routing domains. BGP first became an Internet standard in 1989 and was originally defined in RFC 1105. The current version, BGP4 was adopted in 1995 and is defined in RFC 4271. (This RFC obsoletes RFC 1771.) An overview of all BGP RFCs can be found in the BGP RFC section on this website. BGP has proven to be scalable, stable and provides the
mechanisms needed to support complex routing policies. When people talk about "BGP" today, they implicitly mean BGP4. There is no need to specify the -4 version number because no one uses earlier versions, and very few vendors even still support them. The Border Gateway Protocol is an inter-Autonomous System routing protocol. The primary function of a BGP speaking system is to exchange network reachability information with other BGP systems. This network reachability information includes information on the list of Autonomous Systems (ASs) that reachability information traverses. This information is sufficient to construct a graph of AS connectivity from which routing loops may be pruned and some policy decisions at the AS level may be enforced.
Interior Gateway Routing Protocol From Wikipedia, the free encyclopedia Jump to: navigation, search Interior Gateway Routing Protocol (IGRP) is a distance vector interior routing protocol (IGP) invented by Cisco. It is used by routers to exchange routing data within an autonomous system. IGRP is a proprietary protocol. IGRP was created in part to overcome the limitations of RIP (maximum hop count of only 15, and a single routing metric) when used within large networks. IGRP supports multiple metrics for each route, including bandwidth, delay, load, MTU, and reliability; to compare two routes these metrics are combined together into a single metric, using a formula which can be adjusted through the use of pre-set constants. The maximum hop count of IGRP-
routed packets is 255 (default 100), and routing updates are broadcast every 90 seconds (by default).[1] IGRP is considered a classful routing protocol. Because the protocol has no field for a subnet mask, the router assumes that all interface addresses within the same Class A, Class B, or Class C network have the same subnet mask as the subnet mask configured for the interfaces in question. This contrasts with classless routing protocols that can use variable length subnet masks. Classful protocols have become less popular as they are wasteful of IP address space. Cryptography (or cryptology; from Greek κρυπτός, kryptos, "hidden, secret"; and γράφ, gráph, "writing", or -λογία, -logia, respectively)[1] is the practice and study of hiding information. Modern cryptography intersects the disciplines of mathematics, computer science, and engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. Cryptology prior to the modern age was almost synonymous with encryption, the conversion of information from a readable state to nonsense. The sender retained the ability to decrypt the information and therefore avoid unwanted persons being able to read it. Since WWI and the advent of the computer, the methods used to carry out cryptology have become increasingly complex and its application more widespread. Alongside the advancement in cryptology-related technology, the practice has raised a number of legal issues, some of which remain unresolved.
1. INTRODUCTION Does increased security provide comfort to paranoid people? Or does security provide some very basic protections that we are naive to believe that we don't need? During this time when the
Internet provides essential communication between tens of millions of people and is being increasingly used as a tool for commerce, security becomes a tremendously important issue to deal with. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography, which is the focus of this chapter. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. The reader is advised, then, that the topics covered in this chapter only describe the first of many steps necessary for better security in any number of situations. This paper has two major purposes. The first is to define some of the terms and concepts behind basic cryptographic methods, and to offer a way to compare the myriad cryptographic schemes in use today. The second is to provide some real examples of cryptography in use today. I would like to say at the outset that this paper is very focused on terms, concepts, and schemes in current use and is not a treatise of the whole field. No mention is made here about precomputerized crypto schemes, the difference between a substitution and transposition cipher, cryptanalysis, or other history. Interested readers should check out some of the books in the bibliography below for this detailed — and interesting! — background information.
2. THE PURPOSE OF CRYPTOGRAPHY Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue that cryptography appeared spontaneously sometime after
writing was invented, with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet. Within the context of any application-to-application communication, there are some specific security requirements, including:
•
• • •
Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or address-based, both of which are notoriously weak.) Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. Integrity: Assuring the receiver that the received message has not been altered in any way from the original. Non-repudiation: A mechanism to prove that the sender really sent this message.
Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication. There are, in general, three types of cryptographic schemes typically used to accomplish these goals: secret key (or symmetric) cryptography, public-key (or asymmetric) cryptography, and hash functions, each of which is described below. In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext. In many of the descriptions below, two communicating parties will be referred to as Alice and Bob; this is the common nomenclature in the crypto field and literature to make it easier to identify the communicating parties. If there is a third or fourth party to the communication, they will be referred to as Carol and
Dave. Mallory is a malicious party, Eve is an eavesdropper, and Trent is a trusted third party.
3. TYPES OF CRYPTOGRAPHIC ALGORITHMS There are several ways of classifying cryptographic algorithms. For purposes of this paper, they will be categorized based on the number of keys that are employed for encryption and decryption, and further defined by their application and use. The three types of algorithms that will be discussed are (Figure 1):
• • •
Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption Public Key Cryptography (PKC): Uses one key for encryption and another for decryption Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information
FIGURE 1: Three types of cryptography: secret-key, public key, and hash function. 3.1. Secret Key Cryptography With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the
secret. The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same ciphertext when using the same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher. Stream ciphers come in several flavors but two are worth mentioning here. Self-synchronizing stream ciphers calculate each bit in the keystream as a function of the previous n bits in the keystream. It is termed "self-synchronizing" because the decryption process can stay synchronized with the encryption process merely by knowing how far into the n-bit keystream it is. One problem is error propagation; a garbled bit in transmission will result in n garbled bits at the receiving side. Synchronous stream ciphers generate the keystream in a fashion independent of the message stream but by using the same keystream generation function at sender and receiver. While stream ciphers do not propagate transmission errors, they are, by their nature, periodic so that the keystream will eventually repeat. Block ciphers can operate in one of several modes; the following four are the most important:
•
Electronic Codebook (ECB) mode is the simplest, most obvious application: the secret key is used to encrypt the plaintext block to form a ciphertext block. Two identical plaintext blocks, then, will always generate the same ciphertext block. Although this is the most common mode
•
•
•
of block ciphers, it is susceptible to a variety of brute-force attacks. Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryption scheme. In CBC, the plaintext is exclusively-ORed (XORed) with the previous ciphertext block prior to encryption. In this mode, two identical blocks of plaintext never encrypt to the same ciphertext. Cipher Feedback (CFB) mode is a block cipher implementation as a self-synchronizing stream cipher. CFB mode allows data to be encrypted in units smaller than the block size, which might be useful in some applications such as encrypting interactive terminal input. If we were using 1-byte CFB mode, for example, each incoming character is placed into a shift register the same size as the block, encrypted, and the block transmitted. At the receiving side, the ciphertext is decrypted and the extra bits in the block (i.e., everything above and beyond the one byte) are discarded. Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a synchronous stream cipher. OFB prevents the same plaintext block from generating the same ciphertext block by using an internal feedback mechanism that is independent of both the plaintext and ciphertext bitstreams.
A nice overview of these different modes can be found at progressive-coding.com. Secret key cryptography algorithms that are in use today include:
•
Data Encryption Standard (DES): The most common SKC scheme used today, DES was designed by IBM in the 1970s and adopted by the National Bureau of Standards (NBS) [now the National Institute for Standards and Technology (NIST)] in 1977 for commercial and unclassified government applications. DES is a block-
cipher employing a 56-bit key that operates on 64-bit blocks. DES has a complex set of rules and transformations that were designed specifically to yield fast hardware implementations and slow software implementations, although this latter point is becoming less significant today since the speed of computer processors is several orders of magnitude faster today than twenty years ago. IBM also proposed a 112-bit key for DES, which was rejected at the time by the government; the use of 112-bit keys was considered in the 1990s, however, conversion was never seriously considered. DES is defined in American National Standard X3.92 and three Federal Information Processing Standards (FIPS):
o o
o
FIPS 46-3: DES FIPS 74: Guidelines for Implementing and Using the NBS Data Encryption Standard FIPS 81: DES Modes of Operation
Information about vulnerabilities of DES can be obtained from the Electronic Frontier Foundation. Two important variants that strengthen DES are:
o
o
Triple-DES (3DES): A variant of DES that employs up to three 56-bit keys and makes three encryption/decryption passes over the block; 3DES is also described in FIPS 46-3 and is the recommended replacement to DES. DESX: A variant devised by Ron Rivest. By combining 64 additional key bits to the plaintext prior to encryption, effectively increases the keylength to 120 bits.
More detail about DES, 3DES, and DESX can be found below in Section 5.4.
•
•
•
•
Advanced Encryption Standard (AES): In 1997, NIST initiated a very public, 4-1/2 year process to develop a new secure cryptosystem for U.S. government applications. The result, the Advanced Encryption Standard, became the official successor to DES in December 2001. AES uses an SKC scheme called Rijndael, a block cipher designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits. NIST initially selected Rijndael in October 2000 and formal adoption as the AES standard came in December 2001. FIPS PUB 197 describes a 128bit block cipher employing a 128-, 192-, or 256-bit key. The AES process and Rijndael algorithm are described in more detail below in Section 5.9. CAST-128/256: CAST-128, described in Request for Comments (RFC) 2144, is a DES-like substitutionpermutation crypto algorithm, employing a 128-bit key operating on a 64-bit block. CAST-256 (RFC 2612) is an extension of CAST-128, using a 128-bit block size and a variable length (128, 160, 192, 224, or 256 bit) key. CAST is named for its developers, Carlisle Adams and Stafford Tavares and is available internationally. CAST-256 was one of the Round 1 algorithms in the AES process. International Data Encryption Algorithm (IDEA): Secretkey cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally. Rivest Ciphers (aka Ron's Code): Named for Ron Rivest, a series of SKC algorithms. o RC1: Designed on paper but never implemented. o RC2: A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268.
•
•
•
•
RC3: Found to be breakable during development. o RC4: A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length. o RC5: A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040. o RC6: An improvement over RC5, RC6 was one of the AES Round 2 algorithms. Blowfish: A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from 32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products. Twofish: A 128-bit block cipher using 128-, 192-, or 256bit keys. Designed to be highly secure and highly flexible, well-suited for large microprocessors, 8-bit smart card microprocessors, and dedicated hardware. Designed by a team led by Bruce Schneier and was one of the Round 2 algorithms in the AES process. Camellia: A secret-key, block-cipher crypto algorithm developed jointly by Nippon Telegraph and Telephone (NTT) Corp. and Mitsubishi Electric Corporation (MEC) in 2000. Camellia has some characteristics in common with AES: a 128-bit block size, support for 128-, 192-, and 256-bit key lengths, and suitability for both software and hardware implementations on common 32-bit processors as well as 8-bit processors (e.g., smart cards, cryptographic hardware, and embedded systems). Also described in RFC 3713. Camellia's application in IPsec is described in RFC 4312 and application in OpenPGP in RFC 5581. MISTY1: Developed at Mitsubishi Electric Corp., a block cipher using a 128-bit key and 64-bit blocks, and a variable number of rounds. Designed for hardware and
o
•
•
•
•
•
software implementations, and is resistant to differential and linear cryptanalysis. Described in RFC 2994. Secure and Fast Encryption Routine (SAFER): Secret-key crypto scheme designed for implementation in software. Versions have been defined for 40-, 64-, and 128-bit keys. KASUMI: A block cipher using a 128-bit key that is part of the Third-Generation Partnership Project (3gpp), formerly known as the Universal Mobile Telecommunications System (UMTS). KASUMI is the intended confidentiality and integrity algorithm for both message content and signaling data for emerging mobile communications systems. SEED: A block cipher using 128-bit blocks and 128-bit keys. Developed by the Korea Information Security Agency (KISA) and adopted as a national standard encryption algorithm in South Korea. Also described in RFC 4269. ARIA: A 128-bit block cipher employing 128-, 192-, and 256-bit keys. Developed by cryptographers at the Academy, Research Institute and Agency (ARIA) in Korea in 2003. Described in RFC 5794. Skipjack: SKC scheme proposed for Capstone. Although the details of the algorithm were never made public, Skipjack was a block cipher using an 80-bit key and 32 iteration cycles per 64-bit block.
3.2. Public-Key Cryptography Public-key cryptography has been said to be the most significant new development in cryptography in the last 300-400 years. Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key.
PKC depends upon the existence of so-called one-way functions, or mathematical functions that are easy to computer whereas their inverse function is relatively difficult to compute. Let me give you two simple examples:
1.
2.
Multiplication vs. factorization: Suppose I tell you that I have two numbers, 9 and 16, and that I want to calculate the product; it should take almost no time to calculate the product, 144. Suppose instead that I tell you that I have a number, 144, and I need you tell me which pair of integers I multiplied together to obtain that number. You will eventually come up with the solution but whereas calculating the product took milliseconds, factoring will take longer because you first need to find the 8 pair of integer factors and then determine which one is the correct pair. Exponentiation vs. logarithms: Suppose I tell you that I want to take the number 3 to the 6th power; again, it is easy to calculate 36=729. But if I tell you that I have the number 729 and want you to tell me the two integers that I used, x and y so that logx 729 = y, it will take you longer to find all possible solutions and select the pair that I used.
While the examples above are trivial, they do represent two of the functional pairs that are used with PKC; namely, the ease of multiplication and exponentiation versus the relative difficulty of factoring and calculating logarithms, respectively. The mathematical "trick" in PKC is to find a trap door in the oneway function so that the inverse calculation becomes easy given knowledge of some item of information. Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext. The important point here is that it does not matter which key is applied first, but that both keys are required for the process to
work (Figure 1B). Because a pair of keys are required, this approach is also called asymmetric cryptography. In PKC, one of the keys is designated the public key and may be advertised as widely as the owner wants. The other key is designated the private key and is never revealed to another party. It is straight forward to send messages under this scheme. Suppose Alice wants to send Bob a message. Alice encrypts some information using Bob's public key; Bob decrypts the ciphertext using his private key. This method could be also used to prove who sent a message; Alice, for example, could encrypt some plaintext with her private key; when Bob decrypts using Alice's public key, he knows that Alice sent the message and Alice cannot deny having sent the message (non-repudiation). Public-key cryptography algorithms that are in use today for key exchange or digital signatures include:
•
RSA: The first, and still most common, PKC implementation, named for the three MIT mathematicians who developed it — Ronald Rivest, Adi Shamir, and Leonard Adleman. RSA today is used in hundreds of software products and can be used for key exchange, digital signatures, or encryption of small blocks of data. RSA uses a variable size encryption block and a variable size key. The key-pair is derived from a very large number, n, that is the product of two prime numbers chosen according to special rules; these primes may be 100 or more digits in length each, yielding an n with roughly twice as many digits as the prime factors. The public key information includes n and a derivative of one of the factors of n; an attacker cannot determine the prime factors of n (and, therefore, the private key) from this information alone and that is what makes the RSA algorithm so secure. (Some descriptions of PKC erroneously state that RSA's safety is due to the difficulty in factoring large prime numbers. In fact, large prime numbers, like small prime numbers, only have two factors!) The ability for computers
to factor large numbers, and therefore attack schemes such as RSA, is rapidly improving and systems today can find the prime factors of numbers with more than 200 digits. Nevertheless, if a large number is created from two prime factors that are roughly the same size, there is no known factorization algorithm that will solve the problem in a reasonable amount of time; a 2005 test to factor a 200digit number took 1.5 years and over 50 years of compute time (see the Wikipedia article on integer factorization.) Regardless, one presumed protection of RSA is that users can easily increase the key size to always stay ahead of the computer processing curve. As an aside, the patent for RSA expired in September 2000 which does not appear to have affected RSA's popularity one way or the other. A detailed example of RSA is presented below in
Simple Network Management Protocol (SNMP) is a UDPbased network protocol. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). It consists of a set of standards for network management, including an application layer protocol, a database schema, and a set of data objects.[1] SNMP exposes management data in the form of variables on the managed systems, which describe the system configuration. These variables can then be queried (and sometimes set) by managing applications. Open Shortest Path First (OSPF) is an adaptive routing protocol for Internet Protocol (IP) networks. It uses a link state routing algorithm and falls into the group of interior routing protocols, operating within a single autonomous system (AS). It is defined as OSPF Version 2 in RFC 2328 (1998) for IPv4.[1]
The updates for IPv6 are specified as OSPF Version 3 in RFC 5340 (2008).[2] OSPF is perhaps the most widely-used interior gateway protocol (IGP) in large enterprise networks. IS-IS, another link-state routing protocol, is more common in large service provider networks. The most widely-used exterior gateway protocol is the Border Gateway Protocol (BGP), the principal routing protocol between autonomous systems on the Internet. A computer virus is a computer program that can copy itself[1] and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.[2][3] As stated above, the term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, adware, and spyware programs that do not have the reproductive ability. Malware includes computer viruses, worms, trojans, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a Trojan is a program that appears harmless but hides malicious functions. Worms and Trojans, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user,
but many are surreptitious or simply do nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves. The Internet backbone refers to the principal data routes between large, strategically interconnected networks and core routers in the Internet. These data routes are hosted by commercial, government, academic and other high-capacity network centers, the Internet exchange points andnetwork access points, that interchange Internet traffic between the countries, continents and across the oceans of the world. Traffic interchange between the Internet service providers, often Tier 1 networks, participating in the Internet backbone exchange traffic by privately negotiatedinterconnection agreements, primarily governed by the principle of settlement-free peering..........in 1987 NFS(national foundation of science) developed 1st internet backbone & named it NFS.net.it consistd of t1 lines,each of 70 networks.its speed was 1.45 kbps.They then colaberated with ibm & introduced faster backbone t3 whose speed was 54kbps Internet privacy From Wikipedia, the free encyclopedia that anyone can edit Internet privacy consists of privacy over the media of the Internet: the ability to control what information one reveals about oneself over the Internet, and to control who can access that information. Many people use the term to mean universal Internet privacy: every user of the Internet possessing Internet privacy. Internet privacy forms a subset of computer privacy. A number of experts within the field of Internet security and privacy believe that security doesn't exist; "Privacy is dead - get over it"[1]according to Steve Rambam, private investigator specializing in Internet privacy cases. On the
other hand, in his essay The Value of Privacy, security expert Bruce Schneier says, "Privacy protects us from abuses by those in power, even if we're doing nothing wrong at the time of surveillance."[2][3] IP address An Internet Protocol (IP) address is a numerical label that is assigned to devices participating in a computer network, that uses the Internet Protocol for communication between its nodes.[1] An IP address serves two principal functions: host or network interface identification and location addressing. Its role has been characterized as follows: "A name indicates what we seek. An address indicates where it is. A route indicates how to get there."[2] The designers of TCP/IP defined an IP address as a 32bit number[1] and this system, known as Internet Protocol Version 4 or IPv4, is still in use today. However, due to the enormous growth of the Internet and the resulting depletion of available addresses, a new addressing system (IPv6), using 128 bits for the address, was developed in 1995[3] and last standardized byRFC 2460 in 1998.[4] Although IP addresses are stored as binary numbers, they are usually displayed in humanreadable notations, such as 208.77.188.166 (for IPv4), and 2001:db8:0:1234:0:567:1:1 (for IPv6). The Internet Protocol also routes data packets between networks; IP addresses specify the locations of the source and destination nodes in the topology of the routing system. For this purpose, some of the bits in an IP address are used to designate a subnetwork. The number of these bits is indicated in CIDR notation, appended to the IP address; e.g.,208.77.188.166/24. As the development of private networks raised the threat of IPv4 address exhaustion, RFC 1918 set aside a group of private address spaces that may be used by anyone on private networks. They are often used with network
address translators to connect to the global public Internet. The Internet Assigned Numbers Authority (IANA), which manages the IP address space allocations globally, cooperates with five Regional Internet Registries (RIRs) to allocate IP address blocks to Local Internet Registries (Internet service providers) and other entities Network Computer From Wikipedia, the free encyclopedia Network Computer (often abbreviated NC) is a trademark of Oracle Corporation that was used, from approximately 1996 to 2000, to market a range of diskless desktop computer devices. The devices were designed and manufactured by an alliance, which included Sun Microsystems, IBM, and others. The devices were designed with minimum specifications, based on theNetwork Computer Reference Profile. The brand was also employed as a marketing term to try to popularize this design of computer within enterprise and among consumers. The term, today, is also used somewhat interchangeably to describe a diskless desktop computer or a thin client. The NC brand was mainly intended to denote and forecast a range of desktop computers from various suppliers that, by virtue of their diskless design and use of inexpensive components and software, were cheaper and easier to manage than standard fat client desktops. However, due to the commoditization of standard desktop components, and due to the increasing availability and popularity of various software options for using full desktops as diskless nodes, thin clients, and hybrid clients, the Network Computer brand never achieved the popularity hoped for by Oracle and was eventually mothballed.
In computer networks, a proxy server is a server (a computer system or an application program) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly. A proxy server has many potential purposes, including: To keep machines behind it anonymous (mainly for security).[1] To speed up access to resources (using caching). Web proxies are commonly used to cache web pages from a web server.[2] To apply access policy to network services or content, e.g. to block undesired sites. To log / audit usage, i.e. to provide company employee Internet usage reporting. To bypass security/ parental controls. To scan transmitted content for malware before delivery. To scan outbound content, e.g., for data leak protection. To circumvent regional restrictions.
A proxy server that passes requests and replies unmodified is usually called a gateway or sometimes tunneling proxy. A proxy server can be placed in the user's local computer or at various points between the user and the destination servers on the Internet. A reverse proxy is (usually) an Internet-facing proxy used as a front-end to control and protect access to a server on a private network, commonly also performing tasks such as load-balancing, authentication, decryption or caching. Satellite Internet access is Internet access via geostationary satellite and is available almost worldwide, including vessels at sea and mobile land vehicles. Similar, but slower Internet service is also available through Low Earth Orbit (LEO) satellites, however their coverage areas also include the polar regions at extreme latitudes, making them truly global. Satellite Internet access is often used in locations where terrestrialInternet access is not available. End users should be aware of the different types of satellite communication systems and the technical issues involving each, such as latencyand signal loss due to precipitation, in order to make informed decisions on which system will serve them best Latency is the delay between requesting data and the receipt of a response, or in the case of one-way communication, between the actual moment of a signal's broadcast and the time received at its destination. Compared to ground-based communication, all geostationary satellite communications experience high latency due to the signal having to travel to an altitude of 35,786 km (22,236 mi) above sea level (from theequator) out into space to a satellite in geostationary orbit and back to Earth again. This latency problem with satellite communications can be mitigated with TCP acceleration features that shorten the round trip time (RTT) per packet by splitting the feedback
loop between the sender and the receiver. Such acceleration features are present in recent technology developments embedded in new satellite Internet services likeTooway[1]. The signal delay can be as much as 250 milliseconds to 900 milliseconds (one way), which makes this service unusable for applications requiring real-time user input, such as online games or remote surgery. This delay can be irritating with interactive applications, such as VoIP,videoconferencing, or other person to person communication. The functionality of live interactive access to a distant computer can also be subject to the problems caused by high latency. However these problems are more than tolerable for basic email access and web browsing, and in most cases are barely noticeable.[citation
needed]
For geostationary satellites there is no way to eliminate this problem. The delay is primarily due to the great distances travelled which, even at the speed of light (about 300,000 km/second or 186,000 miles per second), can be significant. Even if all other signalling delays could be eliminated it still takes electromagnetic radio waves about 250 milliseconds, or one quarter of a second, to travel from ground level to the satellite and back to the ground, a total of over 71,400 km (44,366 mi) to travel from the source to the destination, and over 143,000 km (88,856 mi) for a round trip (user to ISP, and then back to user—with zero network delays). Factoring in other normal delays from network sources gives a typical one-way connection latency of 500–700 ms from the user to the ISP, or about 1,000–1,400 milliseconds latency for the total Round Trip Time (RTT) back to the user. This is far worse than most dial-up modem users' experience, at typically only 150–200 ms total latency. However, Medium Earth Orbit (MEO) and Low Earth Orbit (LEO) satellites do not have such great delays. The
current LEO constellations ofGlobalstar and Iridium satellites have delays of less than 40 ms round trip, but their throughput is less than broadband at 64 kbps per channel. The Globalstar constellation orbits 1,420 km above the earth and Iridium orbits at 670 km altitude. The proposed O3b Networks MEO constellation scheduled for deployment in 2010 would orbit at 8,062 km, with RTT latency of approximately 125 ms. The proposed new network is also designed for much higher throughput with links well in excess of 1 Gbps (Gigabits per second). A proposed alternative to geostationary relay satellites is a special-purpose solar-powered ultralight aircraft, which would fly along a circular path above a fixed ground location, operating under autonomous computer control at a height of approximately 20,000 meters. Onboard batteries would be charged during daylight hours by solar panels covering the wings, and would provide power to the plane during night. Ground-based satellite dishes would relay signals to and from the aircraft, resulting in a greatly reduced round-trip signal latency of only 0.25 milliseconds. The planes could then run forever without refueling.[citation needed] Several such schemes involving various types of aircraft have been proposed in the past.
1. INTRODUCTION Does increased security provide comfort to paranoid people? Or does security provide some very basic protections that we are naive to believe that we don't need? During this time when the Internet provides essential communication between tens of millions of people and is being increasingly used as a tool for commerce, security becomes a tremendously important issue to deal with. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography, which is the focus of this chapter. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. The reader is advised, then, that the topics covered in this chapter only describe the first of many steps necessary for better security in any number of situations. This paper has two major purposes. The first is to define some of the terms and concepts behind basic cryptographic methods, and to offer a way to compare the myriad cryptographic schemes in use today. The second is to provide some real examples of cryptography in use today. I would like to say at the outset that this paper is very focused on terms, concepts, and schemes in current use and is not a treatise of the whole field. No mention is made here about pre-computerized crypto schemes, the difference between a substitution and transposition cipher, cryptanalysis, or other history. Interested readers should check out some of the books in the bibliography below for this detailed — and interesting! — background information.
2. THE PURPOSE OF CRYPTOGRAPHY Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue that cryptography appeared spontaneously sometime after writing was invented, with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet. Within the context of any application-to-application communication, there are some specific security requirements, including:
•
• • •
Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or addressbased, both of which are notoriously weak.) Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. Integrity: Assuring the receiver that the received message has not been altered in any way from the original. Non-repudiation: A mechanism to prove that the sender really sent this message.
Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication. There are, in general, three types of cryptographic schemes typically used to accomplish these goals: secret key (or symmetric) cryptography, public-key (or asymmetric) cryptography, and hash functions, each of which is described below. In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext. In many of the descriptions below, two communicating parties will be referred to as Alice and Bob; this is the common nomenclature in the crypto field and literature to make it easier to identify the communicating parties. If there is a third or fourth party to the communication, they will be referred to as Carol and Dave. Mallory is a malicious party, Eve is an eavesdropper, and Trent is a trusted third party.
3. TYPES OF CRYPTOGRAPHIC ALGORITHMS There are several ways of classifying cryptographic algorithms. For purposes of this paper, they will be categorized based on the number of keys that are employed for encryption and decryption, and further defined by their application and use. The three types of algorithms that will be discussed are (Figure 1):
•
Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption
• •
Public Key Cryptography (PKC): Uses one key for encryption and another for decryption Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information
FIGURE 1: Three types of cryptography: secret-key, public key, and hash function.
3.1. Secret Key Cryptography
With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same ciphertext when using the same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher. Stream ciphers come in several flavors but two are worth mentioning here. Selfsynchronizing stream ciphers calculate each bit in the keystream as a function of the previous n bits in the keystream. It is termed "self-synchronizing" because the decryption process can stay synchronized with the encryption process merely by knowing how far into the n-bit keystream it is. One problem is error propagation; a garbled bit in transmission will result in n garbled bits at the receiving side. Synchronous stream ciphers generate the keystream in a fashion independent of the message stream but by using the same keystream generation function at sender and receiver. While stream ciphers do not propagate transmission errors, they are, by their nature, periodic so that the keystream will eventually repeat. Block ciphers can operate in one of several modes; the following four are the most important:
•
Electronic Codebook (ECB) mode is the simplest, most obvious application: the secret key is used to encrypt the plaintext block to form a ciphertext block.
•
•
•
Two identical plaintext blocks, then, will always generate the same ciphertext block. Although this is the most common mode of block ciphers, it is susceptible to a variety of brute-force attacks. Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryption scheme. In CBC, the plaintext is exclusively-ORed (XORed) with the previous ciphertext block prior to encryption. In this mode, two identical blocks of plaintext never encrypt to the same ciphertext. Cipher Feedback (CFB) mode is a block cipher implementation as a selfsynchronizing stream cipher. CFB mode allows data to be encrypted in units smaller than the block size, which might be useful in some applications such as encrypting interactive terminal input. If we were using 1-byte CFB mode, for example, each incoming character is placed into a shift register the same size as the block, encrypted, and the block transmitted. At the receiving side, the ciphertext is decrypted and the extra bits in the block (i.e., everything above and beyond the one byte) are discarded. Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a synchronous stream cipher. OFB prevents the same plaintext block from generating the same ciphertext block by using an internal feedback mechanism that is independent of both the plaintext and ciphertext bitstreams.
A nice overview of these different modes can be found at progressive-coding.com. Secret key cryptography algorithms that are in use today include:
•
Data Encryption Standard (DES): The most common SKC scheme used today, DES was designed by IBM in the 1970s and adopted by the National Bureau of Standards (NBS) [now the National Institute for Standards and Technology (NIST)] in 1977 for commercial and unclassified government applications. DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES has a complex set of rules and transformations that were designed specifically to yield fast hardware implementations and slow software implementations, although this latter point is becoming less significant today since the speed of computer processors is several orders of magnitude faster today than twenty years ago. IBM also proposed a 112-bit key for DES, which was rejected at the time by the government; the use of 112-bit keys was considered in the 1990s, however, conversion was never seriously considered. DES is defined in American National Standard X3.92 and three Federal Information Processing Standards (FIPS):
o o o
FIPS 46-3: DES FIPS 74: Guidelines for Implementing and Using the NBS Data Encryption Standard FIPS 81: DES Modes of Operation
Information about vulnerabilities of DES can be obtained from the Electronic Frontier Foundation. Two important variants that strengthen DES are:
o
o
Triple-DES (3DES): A variant of DES that employs up to three 56-bit keys and makes three encryption/decryption passes over the block; 3DES is also described in FIPS 46-3 and is the recommended replacement to DES. DESX: A variant devised by Ron Rivest. By combining 64 additional key bits to the plaintext prior to encryption, effectively increases the keylength to 120 bits.
More detail about DES, 3DES, and DESX can be found below in Section 5.4.
•
•
•
•
•
Advanced Encryption Standard (AES): In 1997, NIST initiated a very public, 4-1/2 year process to develop a new secure cryptosystem for U.S. government applications. The result, the Advanced Encryption Standard, became the official successor to DES in December 2001. AES uses an SKC scheme called Rijndael, a block cipher designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits. NIST initially selected Rijndael in October 2000 and formal adoption as the AES standard came in December 2001. FIPS PUB 197 describes a 128-bit block cipher employing a 128-, 192-, or 256-bit key. The AES process and Rijndael algorithm are described in more detail below in Section 5.9. CAST-128/256: CAST-128, described in Request for Comments (RFC) 2144, is a DES-like substitution-permutation crypto algorithm, employing a 128-bit key operating on a 64-bit block. CAST-256 (RFC 2612) is an extension of CAST-128, using a 128-bit block size and a variable length (128, 160, 192, 224, or 256 bit) key. CAST is named for its developers, Carlisle Adams and Stafford Tavares and is available internationally. CAST-256 was one of the Round 1 algorithms in the AES process. International Data Encryption Algorithm (IDEA): Secret-key cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally. Rivest Ciphers (aka Ron's Code): Named for Ron Rivest, a series of SKC algorithms. o RC1: Designed on paper but never implemented. o RC2: A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268. o RC3: Found to be breakable during development. o RC4: A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length. o RC5: A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040. o RC6: An improvement over RC5, RC6 was one of the AES Round 2 algorithms. Blowfish: A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from
•
•
•
•
•
•
•
•
32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products. Twofish: A 128-bit block cipher using 128-, 192-, or 256-bit keys. Designed to be highly secure and highly flexible, well-suited for large microprocessors, 8bit smart card microprocessors, and dedicated hardware. Designed by a team led by Bruce Schneier and was one of the Round 2 algorithms in the AES process. Camellia: A secret-key, block-cipher crypto algorithm developed jointly by Nippon Telegraph and Telephone (NTT) Corp. and Mitsubishi Electric Corporation (MEC) in 2000. Camellia has some characteristics in common with AES: a 128-bit block size, support for 128-, 192-, and 256-bit key lengths, and suitability for both software and hardware implementations on common 32-bit processors as well as 8-bit processors (e.g., smart cards, cryptographic hardware, and embedded systems). Also described in RFC 3713. Camellia's application in IPsec is described in RFC 4312 and application in OpenPGP in RFC 5581. MISTY1: Developed at Mitsubishi Electric Corp., a block cipher using a 128bit key and 64-bit blocks, and a variable number of rounds. Designed for hardware and software implementations, and is resistant to differential and linear cryptanalysis. Described in RFC 2994. Secure and Fast Encryption Routine (SAFER): Secret-key crypto scheme designed for implementation in software. Versions have been defined for 40-, 64-, and 128-bit keys. KASUMI: A block cipher using a 128-bit key that is part of the ThirdGeneration Partnership Project (3gpp), formerly known as the Universal Mobile Telecommunications System (UMTS). KASUMI is the intended confidentiality and integrity algorithm for both message content and signaling data for emerging mobile communications systems. SEED: A block cipher using 128-bit blocks and 128-bit keys. Developed by the Korea Information Security Agency (KISA) and adopted as a national standard encryption algorithm in South Korea. Also described in RFC 4269. ARIA: A 128-bit block cipher employing 128-, 192-, and 256-bit keys. Developed by cryptographers at the Academy, Research Institute and Agency (ARIA) in Korea in 2003. Described in RFC 5794. Skipjack: SKC scheme proposed for Capstone. Although the details of the algorithm were never made public, Skipjack was a block cipher using an 80bit key and 32 iteration cycles per 64-bit block.
3.2. Public-Key Cryptography
Public-key cryptography has been said to be the most significant new development in cryptography in the last 300-400 years. Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key. PKC depends upon the existence of so-called one-way functions, or mathematical functions that are easy to computer whereas their inverse function is relatively difficult to compute. Let me give you two simple examples:
1. Multiplication vs. factorization: Suppose I tell you that I have two numbers, 9 and 16, and that I want to calculate the product; it should take almost no time to calculate the product, 144. Suppose instead that I tell you that I have a number, 144, and I need you tell me which pair of integers I multiplied together to obtain that number. You will eventually come up with the solution but whereas calculating the product took milliseconds, factoring will take longer because you first need to find the 8 pair of integer factors and then determine which one is the correct pair. 2. Exponentiation vs. logarithms: Suppose I tell you that I want to take the number 3 to the 6th power; again, it is easy to calculate 36=729. But if I tell you that I have the number 729 and want you to tell me the two integers that I used, x and y so that logx 729 = y, it will take you longer to find all possible solutions and select the pair that I used. While the examples above are trivial, they do represent two of the functional pairs that are used with PKC; namely, the ease of multiplication and exponentiation versus the relative difficulty of factoring and calculating logarithms, respectively. The mathematical "trick" in PKC is to find a trap door in the one-way function so that the inverse calculation becomes easy given knowledge of some item of information. Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext. The important point here is that it does not matter which key is applied first, but that both keys are required for the process to work (Figure 1B). Because a pair of keys are required, this approach is also called asymmetric cryptography. In PKC, one of the keys is designated the public key and may be advertised as widely as the owner wants. The other key is designated the private key and is never revealed to another party. It is straight forward to send messages under this scheme. Suppose Alice wants to send Bob a message. Alice encrypts some information using Bob's public key; Bob decrypts the ciphertext using his private key. This method could be also used to prove who sent a message; Alice, for example, could encrypt some plaintext with her private key; when Bob decrypts using Alice's public key, he knows that Alice sent the message and Alice cannot deny having sent the message (nonrepudiation). Public-key cryptography algorithms that are in use today for key exchange or digital signatures include:
•
RSA: The first, and still most common, PKC implementation, named for the three MIT mathematicians who developed it — Ronald Rivest, Adi Shamir, and Leonard Adleman. RSA today is used in hundreds of software products and can be used for key exchange, digital signatures, or encryption of small blocks of data. RSA uses a variable size encryption block and a variable size key. The key-pair is derived from a very large number, n, that is the product of two prime numbers chosen according to special rules; these primes may be 100 or more digits in length each, yielding an n with roughly twice as many digits as the prime factors. The public key information includes n and a derivative of one of the factors of n; an attacker cannot determine the prime
factors of n (and, therefore, the private key) from this information alone and that is what makes the RSA algorithm so secure. (Some descriptions of PKC erroneously state that RSA's safety is due to the difficulty in factoring large prime numbers. In fact, large prime numbers, like small prime numbers, only have two factors!) The ability for computers to factor large numbers, and therefore attack schemes such as RSA, is rapidly improving and systems today can find the prime factors of numbers with more than 200 digits. Nevertheless, if a large number is created from two prime factors that are roughly the same size, there is no known factorization algorithm that will solve the problem in a reasonable amount of time; a 2005 test to factor a 200-digit number took 1.5 years and over 50 years of compute time (see the Wikipedia article on integer factorization.) Regardless, one presumed protection of RSA is that users can easily increase the key size to always stay ahead of the computer processing curve. As an aside, the patent for RSA expired in September 2000 which does not appear to have affected RSA's popularity one way or the other. A detailed example of RSA is presented below in
1. INTRODUCTION Does increased security provide comfort to paranoid people? Or does security provide some very basic protections that we are naive to believe that we don't need? During this time when the Internet provides essential communication between tens of millions of people and is being increasingly used as a tool for commerce, security becomes a tremendously important issue to deal with. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography, which is the focus of this chapter. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. The reader is advised, then, that the topics covered in this chapter only describe the first of many steps necessary for better security in any number of situations. This paper has two major purposes. The first is to define some of the terms and concepts behind basic cryptographic methods, and to offer a way to compare the myriad cryptographic schemes in use today. The second is to provide some real examples of cryptography in use today. I would like to say at the outset that this paper is very focused on terms, concepts, and schemes in current use and is not a treatise of the whole field. No mention is made here about pre-computerized crypto schemes, the difference between a substitution and transposition cipher, cryptanalysis, or other history. Interested readers should check out some of the books in the bibliography below for this detailed — and interesting! — background information.
2. THE PURPOSE OF CRYPTOGRAPHY Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue that cryptography appeared spontaneously sometime after writing was invented, with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet. Within the context of any application-to-application communication, there are some specific security requirements, including:
•
• • •
Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or addressbased, both of which are notoriously weak.) Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. Integrity: Assuring the receiver that the received message has not been altered in any way from the original. Non-repudiation: A mechanism to prove that the sender really sent this message.
Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication. There are, in general, three types of cryptographic schemes typically used to accomplish these goals: secret key (or symmetric) cryptography, public-key (or asymmetric) cryptography, and hash functions, each of which is described below. In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext. In many of the descriptions below, two communicating parties will be referred to as Alice and Bob; this is the common nomenclature in the crypto field and literature to make it easier to identify the communicating parties. If there is a third or fourth party to the communication, they will be referred to as Carol and Dave. Mallory is a malicious party, Eve is an eavesdropper, and Trent is a trusted third party.
3. TYPES OF CRYPTOGRAPHIC ALGORITHMS There are several ways of classifying cryptographic algorithms. For purposes of this paper, they will be categorized based on the number of keys that are employed for encryption and decryption, and further defined by their application and use. The three types of algorithms that will be discussed are (Figure 1):
•
Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption
• •
Public Key Cryptography (PKC): Uses one key for encryption and another for decryption Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information
FIGURE 1: Three types of cryptography: secret-key, public key, and hash function.
3.1. Secret Key Cryptography
With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same ciphertext when using the same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher. Stream ciphers come in several flavors but two are worth mentioning here. Selfsynchronizing stream ciphers calculate each bit in the keystream as a function of the previous n bits in the keystream. It is termed "self-synchronizing" because the decryption process can stay synchronized with the encryption process merely by knowing how far into the n-bit keystream it is. One problem is error propagation; a garbled bit in transmission will result in n garbled bits at the receiving side. Synchronous stream ciphers generate the keystream in a fashion independent of the message stream but by using the same keystream generation function at sender and receiver. While stream ciphers do not propagate transmission errors, they are, by their nature, periodic so that the keystream will eventually repeat. Block ciphers can operate in one of several modes; the following four are the most important:
•
Electronic Codebook (ECB) mode is the simplest, most obvious application: the secret key is used to encrypt the plaintext block to form a ciphertext block.
•
•
•
Two identical plaintext blocks, then, will always generate the same ciphertext block. Although this is the most common mode of block ciphers, it is susceptible to a variety of brute-force attacks. Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryption scheme. In CBC, the plaintext is exclusively-ORed (XORed) with the previous ciphertext block prior to encryption. In this mode, two identical blocks of plaintext never encrypt to the same ciphertext. Cipher Feedback (CFB) mode is a block cipher implementation as a selfsynchronizing stream cipher. CFB mode allows data to be encrypted in units smaller than the block size, which might be useful in some applications such as encrypting interactive terminal input. If we were using 1-byte CFB mode, for example, each incoming character is placed into a shift register the same size as the block, encrypted, and the block transmitted. At the receiving side, the ciphertext is decrypted and the extra bits in the block (i.e., everything above and beyond the one byte) are discarded. Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a synchronous stream cipher. OFB prevents the same plaintext block from generating the same ciphertext block by using an internal feedback mechanism that is independent of both the plaintext and ciphertext bitstreams.
A nice overview of these different modes can be found at progressive-coding.com. Secret key cryptography algorithms that are in use today include:
•
Data Encryption Standard (DES): The most common SKC scheme used today, DES was designed by IBM in the 1970s and adopted by the National Bureau of Standards (NBS) [now the National Institute for Standards and Technology (NIST)] in 1977 for commercial and unclassified government applications. DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES has a complex set of rules and transformations that were designed specifically to yield fast hardware implementations and slow software implementations, although this latter point is becoming less significant today since the speed of computer processors is several orders of magnitude faster today than twenty years ago. IBM also proposed a 112-bit key for DES, which was rejected at the time by the government; the use of 112-bit keys was considered in the 1990s, however, conversion was never seriously considered. DES is defined in American National Standard X3.92 and three Federal Information Processing Standards (FIPS):
o o o
FIPS 46-3: DES FIPS 74: Guidelines for Implementing and Using the NBS Data Encryption Standard FIPS 81: DES Modes of Operation
Information about vulnerabilities of DES can be obtained from the Electronic Frontier Foundation. Two important variants that strengthen DES are:
o
o
Triple-DES (3DES): A variant of DES that employs up to three 56-bit keys and makes three encryption/decryption passes over the block; 3DES is also described in FIPS 46-3 and is the recommended replacement to DES. DESX: A variant devised by Ron Rivest. By combining 64 additional key bits to the plaintext prior to encryption, effectively increases the keylength to 120 bits.
More detail about DES, 3DES, and DESX can be found below in Section 5.4.
•
•
•
•
•
Advanced Encryption Standard (AES): In 1997, NIST initiated a very public, 4-1/2 year process to develop a new secure cryptosystem for U.S. government applications. The result, the Advanced Encryption Standard, became the official successor to DES in December 2001. AES uses an SKC scheme called Rijndael, a block cipher designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits. NIST initially selected Rijndael in October 2000 and formal adoption as the AES standard came in December 2001. FIPS PUB 197 describes a 128-bit block cipher employing a 128-, 192-, or 256-bit key. The AES process and Rijndael algorithm are described in more detail below in Section 5.9. CAST-128/256: CAST-128, described in Request for Comments (RFC) 2144, is a DES-like substitution-permutation crypto algorithm, employing a 128-bit key operating on a 64-bit block. CAST-256 (RFC 2612) is an extension of CAST-128, using a 128-bit block size and a variable length (128, 160, 192, 224, or 256 bit) key. CAST is named for its developers, Carlisle Adams and Stafford Tavares and is available internationally. CAST-256 was one of the Round 1 algorithms in the AES process. International Data Encryption Algorithm (IDEA): Secret-key cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally. Rivest Ciphers (aka Ron's Code): Named for Ron Rivest, a series of SKC algorithms. o RC1: Designed on paper but never implemented. o RC2: A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268. o RC3: Found to be breakable during development. o RC4: A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length. o RC5: A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040. o RC6: An improvement over RC5, RC6 was one of the AES Round 2 algorithms. Blowfish: A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from
•
•
•
•
•
•
•
•
32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products. Twofish: A 128-bit block cipher using 128-, 192-, or 256-bit keys. Designed to be highly secure and highly flexible, well-suited for large microprocessors, 8bit smart card microprocessors, and dedicated hardware. Designed by a team led by Bruce Schneier and was one of the Round 2 algorithms in the AES process. Camellia: A secret-key, block-cipher crypto algorithm developed jointly by Nippon Telegraph and Telephone (NTT) Corp. and Mitsubishi Electric Corporation (MEC) in 2000. Camellia has some characteristics in common with AES: a 128-bit block size, support for 128-, 192-, and 256-bit key lengths, and suitability for both software and hardware implementations on common 32-bit processors as well as 8-bit processors (e.g., smart cards, cryptographic hardware, and embedded systems). Also described in RFC 3713. Camellia's application in IPsec is described in RFC 4312 and application in OpenPGP in RFC 5581. MISTY1: Developed at Mitsubishi Electric Corp., a block cipher using a 128bit key and 64-bit blocks, and a variable number of rounds. Designed for hardware and software implementations, and is resistant to differential and linear cryptanalysis. Described in RFC 2994. Secure and Fast Encryption Routine (SAFER): Secret-key crypto scheme designed for implementation in software. Versions have been defined for 40-, 64-, and 128-bit keys. KASUMI: A block cipher using a 128-bit key that is part of the ThirdGeneration Partnership Project (3gpp), formerly known as the Universal Mobile Telecommunications System (UMTS). KASUMI is the intended confidentiality and integrity algorithm for both message content and signaling data for emerging mobile communications systems. SEED: A block cipher using 128-bit blocks and 128-bit keys. Developed by the Korea Information Security Agency (KISA) and adopted as a national standard encryption algorithm in South Korea. Also described in RFC 4269. ARIA: A 128-bit block cipher employing 128-, 192-, and 256-bit keys. Developed by cryptographers at the Academy, Research Institute and Agency (ARIA) in Korea in 2003. Described in RFC 5794. Skipjack: SKC scheme proposed for Capstone. Although the details of the algorithm were never made public, Skipjack was a block cipher using an 80bit key and 32 iteration cycles per 64-bit block.
3.2. Public-Key Cryptography
Public-key cryptography has been said to be the most significant new development in cryptography in the last 300-400 years. Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key. PKC depends upon the existence of so-called one-way functions, or mathematical functions that are easy to computer whereas their inverse function is relatively difficult to compute. Let me give you two simple examples:
1. Multiplication vs. factorization: Suppose I tell you that I have two numbers, 9 and 16, and that I want to calculate the product; it should take almost no time to calculate the product, 144. Suppose instead that I tell you that I have a number, 144, and I need you tell me which pair of integers I multiplied together to obtain that number. You will eventually come up with the solution but whereas calculating the product took milliseconds, factoring will take longer because you first need to find the 8 pair of integer factors and then determine which one is the correct pair. 2. Exponentiation vs. logarithms: Suppose I tell you that I want to take the number 3 to the 6th power; again, it is easy to calculate 36=729. But if I tell you that I have the number 729 and want you to tell me the two integers that I used, x and y so that logx 729 = y, it will take you longer to find all possible solutions and select the pair that I used. While the examples above are trivial, they do represent two of the functional pairs that are used with PKC; namely, the ease of multiplication and exponentiation versus the relative difficulty of factoring and calculating logarithms, respectively. The mathematical "trick" in PKC is to find a trap door in the one-way function so that the inverse calculation becomes easy given knowledge of some item of information. Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext. The important point here is that it does not matter which key is applied first, but that both keys are required for the process to work (Figure 1B). Because a pair of keys are required, this approach is also called asymmetric cryptography. In PKC, one of the keys is designated the public key and may be advertised as widely as the owner wants. The other key is designated the private key and is never revealed to another party. It is straight forward to send messages under this scheme. Suppose Alice wants to send Bob a message. Alice encrypts some information using Bob's public key; Bob decrypts the ciphertext using his private key. This method could be also used to prove who sent a message; Alice, for example, could encrypt some plaintext with her private key; when Bob decrypts using Alice's public key, he knows that Alice sent the message and Alice cannot deny having sent the message (nonrepudiation). Public-key cryptography algorithms that are in use today for key exchange or digital signatures include:
•
RSA: The first, and still most common, PKC implementation, named for the three MIT mathematicians who developed it — Ronald Rivest, Adi Shamir, and Leonard Adleman. RSA today is used in hundreds of software products and can be used for key exchange, digital signatures, or encryption of small blocks of data. RSA uses a variable size encryption block and a variable size key. The key-pair is derived from a very large number, n, that is the product of two prime numbers chosen according to special rules; these primes may be 100 or more digits in length each, yielding an n with roughly twice as many digits as the prime factors. The public key information includes n and a derivative of one of the factors of n; an attacker cannot determine the prime
factors of n (and, therefore, the private key) from this information alone and that is what makes the RSA algorithm so secure. (Some descriptions of PKC erroneously state that RSA's safety is due to the difficulty in factoring large prime numbers. In fact, large prime numbers, like small prime numbers, only have two factors!) The ability for computers to factor large numbers, and therefore attack schemes such as RSA, is rapidly improving and systems today can find the prime factors of numbers with more than 200 digits. Nevertheless, if a large number is created from two prime factors that are roughly the same size, there is no known factorization algorithm that will solve the problem in a reasonable amount of time; a 2005 test to factor a 200-digit number took 1.5 years and over 50 years of compute time (see the Wikipedia article on integer factorization.) Regardless, one presumed protection of RSA is that users can easily increase the key size to always stay ahead of the computer processing curve. As an aside, the patent for RSA expired in September 2000 which does not appear to have affected RSA's popularity one way or the other. A detailed example of RSA is presented below in
What is the Internet architecture? It is by definition a meta-network, a constantly changing collection of thousands of individual networks intercommunicating with a common protocol. The Internet's architecture is described in its name, a short from of the compound word "internetworking". This architecture is based in the very specification of the standard TCP/IP protocol, designed to connect any two networks which may be very different in internal hardware, software, and technical design. Once two networks are interconnected, communication with TCP/IP is enabled end-to-end, so that any node on the Internet has the near magical ability to communicate with any other no matter where they are. This openness of design has enabled the Internet architecture to grow to a global scale. In practice, the Internet technical architecture looks a bit like a multi-dimensional river system, with small tributaries feeding medium-sized streams feeding large rivers. For example, an individual's access to the Internet is often from
home over a modem to a local Internet service provider who connects to a regional network connected to a national network. At the office, a desktop computer might be connected to a local area network with a company connection to a corporate Intranet connected to several national Internet service providers. In general, small local Internet service providers connect to mediumsized regional networks which connect to large national networks, which then connect to very large bandwidth networks on the Internet backbone. Most Internet service providers have several redundant network cross-connections to other providers in order to ensure continuous availability. The companies running the Internet backbone operate very high bandwidth networks relied on by governments, corporations, large organizations, and other Internet service providers. Their technical infrastructure often includes global connections through underwater cables and satellite links to enable communication between countries and continents. As always, a larger scale introduces new phenomena: the number of packets flowing through the switches on the backbone is so large that it exhibits the kind of complex non-linear patterns usually found in natural, analog systems like the flow of water or development of the rings of Saturn (RFC 3439, S2.2). Each communication packet goes up the hierarchy of Internet networks as far as necessary to get to its destination network where local routing takes over to deliver it to the addressee. In the same
way, each level in the hierarchy pays the next level for the bandwidth they use, and then the large backbone companies settle up with each other. Bandwidth is priced by large Internet service providers by several methods, such as at a fixed rate for constant availability of a certain number of megabits per second, or by a variety of use methods that amount to a cost per gigabyte. Due to economies of scale and efficiencies in management, bandwidth cost drops dramatically at the higher levels of the architecture. Resources. The network topology page provides information and resources on the real-time construction of the Internet network, including graphs and statistics. The following references provide additional information about the Internet architecture: How the Domain Name System (DNS) works Here is some background information on how DNS servers work, specifically in relation to Bytemark Hosting’s content DNS and resolving DNS services. These are both important to owners of virtual machines or dedicated hosts, especially those wanting to host the DNS service for their own domains. It is assumed you understand what an IP address is, and know the process of registering and using a domain through a domain registrar while being “a little fuzzy” about what the DNS actually does. The difference between Content and Resolving DNS services From our experience, people expect DNS servers to provide a single service: to convert names such as www.bytemark.co.uk to IP addresses such as 80.68.80.52. Although many DNS servers
around the internet operate in this simplistic manner, this view is not a thorough understanding of the system, and may result in insecurities if a systems administrator new to DNS tries to set up a server in this fashion. DNS servers should provide one of two services: content or resolution services. Content servers A content server is one which actually contains authorititive DNS records. These records are just single pieces of information such as:
• •
•
the name www.bytemark.co.uk refers to IP address 80.68.88.52 the domain bytemark.co.uk should have its mail delivered to address 80.68.80.228 the IP address 80.68.81.18 has the name abc.bytemark.co.uk
And so on. These records are “authoratitive” because the person who owns the server claims that they are correct in the global naming system, and is providing a content DNS service to provide these answers to anybody who asks for them. Content servers are usually authoratitive for a fixed set of domains, owned or administered by the person who has set the server up. If a content server does not itself know the answer to a particular DNS query, it may know that the domain has been delegated to another server, and so may answer with a referral instead. A referral is a hint to the client making the request that it will find the answer from another content server. Resolving servers A resolving server’s job is not to return any authoratitive information directly. Its job is to search for information on behalf of clients, and to return it. A resolving server usually remembers past queries so that if a lot of people ask for the same information, it can return it quickly without having to
search for it twice. Hence a resolving server is sometimes known as a “DNS cache” or “caching DNS resolver”. Most organisations providing internet access to a group of people maintain their own resolving server or servers. They are necessary part of the internet infrastructure because:
•
•
Most DNS information does not change most of the time. Hence it makes sense for an organisation to set up their own server which will be able to more quickly return DNS information that is commonly requested by that particular organisation. Resolving a DNS query from scratch can be a complicated procedure, and most internet software (email clients, web browsers) does not need to know how to do it. A commonly-used server to do the job means internet applications need only have to deal with issuing a single question and receiving a single answer.
How a DNS query is resolved Below we explain what happens when you type www.bytemark.co.uk into your computer’s web browser.
1.
2.
3.
Your web browser asks the resolving DNS server what the address of www.bytemark.co.uk is. Your computer already knows where the local resolving DNS server is through its network configuration. For customers on the Bytemark network, the resolving DNS servers are 80.68.80.24 and 80.68.80.25. On a linux machine these addresses are listed in /etc/resolv.conf. The Resolving DNS server does not know the address. So it asks a root server the same question. The 13 root servers have globally well-known IP addresses, and are run by a US-based company called ICANN The root server replies that it does not know, but it gives the address of the server which knows about .uk domains. All UK domains are managed by a non-profit organisation called Nominet
4. 5.
6. 7.
8.
The resolving DNS server asks the .uk server what the address of www.bytemark.co.uk is. The .uk server replies that it does not know, but it gives the address of the server which knows about .bytemark.co.uk domain. This server is (finally!) at an IP address which we manage, on one of our servers. We pay Nominet an annual fee (via a domain registar) to maintain this referral for our domain, and for them to maintain the address as belonging to us. The resolving DNS server asks the .bytemark.co.uk server what the address of www.bytemark.co.uk is. Our server answers the query with the IP address of www.bytemark-hosting.co.uk, and marks the response as “authoratitve”. This is an assertion that the answer is correct and complete. It also adds to its reply that “this data is valid for 24 hours”, so that anyone who is asking can confidently re-use the information for that time without having to issue another query. The resolving DNS server finally has its answer, and can reply back to the web browser with the IP address. Crucially it marks its answer as “non-authoratitive”, so that the web browser knows it has the information indirectly.
The commercial side So from the above, you should be able to see the technical side of what has become quite a slick commercial process. Your domain registrar, to whom you pay £10 or so per year for his services per domain, ensures that your chosen name is redirected at the content servers of your choice. Your registrar usually has paid to have indirect access to the servers that run the top-level internet domains such as .com, .net, .co.uk and so on. If you want to tell your registar that you wish to handle your own DNS, you need to give them a minimum of two content server IP addresses to delegate to, and after that the technical control over your domain is yours. You need to ensure that the
IP addresses which you nominate will respond authoratitively to queries for your domain; if they do not, you have what is sometimes called a “lame delegation”. If you are using Bytemark Hosting’s Virtual Machine service, you will be able to send DNS data to any of our DNS servers through our Content DNS service of course you can set up your own Virtual Machine to server DNS data as well. Multiple answers to DNS queries Our example above makes a simplification: it pretends that DNS queries only ever have one answer. In fact, certain queries usually return more than one answer. For instance if you ask what the address of www.yahoo.com is, you’ll (at the time of writing) get 13 different IPs supplied in the response. Each IP will still respond with Yahoo’s home page, so that if one of them falls over, the others will still keep Yahoo’s front page visible. In the example, if you ask which server is responsible for the .uk domain, you will get five different IPs supplied in response. All of them should serve the same data; it is very important that machine which server content DNS data for “toplevel” domains are always available. While you can perform the same trick for your own web or mail services if you need resilience, you will be forced to supply more than one DNS server when you ask your registrar to redelegate your domain. That is to say, it is a condition of “owning” a domain that you must have 2 separate IPs which will answer authoratitively for it. Our Content DNS Service makes this easy to manage. Introduction to How Domain Name Servers Work Computer Networking Image Gallery
If you're online a lot, you use domain name servers hundreds of times a day -- and you may not even know it. See more computer networking pictures. If you spend any time on the Internet sending e-mail or browsing the Web, then you use domain name servers without even realizing it. Domain name servers, or DNS, are an incredibly important but completely hidden part of the Internet, and they are fascinating. The DNS system forms one of the largest and most active distributed databases on the planet. Without DNS, the Internet would shut down very quickly. When you use the Web or send an e-mail message, you use a domain name to do it. For example, the URL "http://www.howstuffworks.com" contains the domain name howstuffworks.com. So does the e-mail address "[email protected]." Human-readable names like "howstuffworks.com" are easy for people to remember, but they don't do machines any good. All of the machines use names called IP addresses to refer to one another. For example, the machine that humans refer to as "www.howstuffworks.com" has the IP address 70.42.251.42. Every time you use a domain name, you use the Internet's domain name servers (DNS) to translate the human-readable domain name into the machine-readable IP address. During a day of browsing and e-mailing, you might access the domain name servers hundreds of times!
DNS Servers and IP Addresses Domain name servers translate domain names to IP addresses. That sounds like a simple task, and it would be -- except for five things:
•
There are billions of IP addresses currently in use, and most machines have a human-readable name as well.
•
• • •
There are many billions of DNS requests made every day. A single person can easily make a hundred or more DNS requests a day, and there are hundreds of millions of people and machines using the Internet daily. Domain names and IP addresses change daily. New domain names get created daily. Millions of people do the work to change and add domain names and IP addresses every day.
The DNS system is a database, and no other database on the planet gets this many requests. No other database on the planet has millions of people changing it every day, either. That is what makes the DNS system so unique. IP Addresses To keep all of the machines on the Internet straight, each machine is assigned a unique address called an IP address. IP stands for Internet protocol, and these addresses are 32-bit numbers normally expressed as four "octets" in a "dotted decimal number." A typical IP address looks like this: 70.42.251.42 The four numbers in an IP address are called octets because they can have values between 0 and 255 (28 possibilities per octet). Every machine on the Internet has its own IP address. A server has a static IP address that does not change very often. A home machine that is dialing up through a modem often has an IP address that is assigned by the ISP when you dial in. That IP address is unique for your session and may be different the next time you dial in. In this way, an ISP only needs one IP address for each modem it supports, rather than for every customer. If you are working on a Windows machine, you can view your current IP address with the command WINIPCFG.EXE (IPCONFIG.EXE for Windows 2000/XP). On a UNIX machine, type nslookup along with a machine name (such as
"nslookup www.howstuffworks.com") to display the IP address of the machine (use the command hostname to learn the name of your machine). For more information on IP addresses, see IANA. As far as the Internet's machines are concerned, an IP address is all that you need to talk to a server. For example, you can type in your browser the URL http://70.42.251.42 and you will arrive at the machine that contains the Web server for HowStuffWorks. Domain names are strictly a human convenience. Domain Names If we had to remember the IP addresses of all of the Web sites we visit every day, we would all go nuts. Human beings just are not that good at remembering strings of numbers. We are good at remembering words, however, and that is where domain names come in. You probably have hundreds of domain names stored in your head. For example:
• • • • • •
www.howstuffworks.com - a typical name www.yahoo.com - the world's best-known name www.mit.edu - a popular EDU name encarta.msn.com - a Web server that does not start with www www.bbc.co.uk - a name using four parts rather than three ftp.microsoft.com - an FTP server rather than a Web server
The COM, EDU and UK portions of these domain names are called the top-level domain or first-level domain. There are several hundred top-level domain names, including COM, EDU, GOV, MIL, NET, ORG and INT, as well as unique two-letter combinations for every country. Within every top-level domain there is a huge list of secondlevel domains. For example, in the COM first-level domain, you've got:
• • • • •
howstuffworks yahoo msn microsoft plus millions of others...
Every name in the COM top-level domain must be unique, but there can be duplication across domains. For example, howstuffworks.com and howstuffworks.org are completely different machines. In the case of bbc.co.uk, it is a third-level domain. Up to 127 levels are possible, although more than four is rare. The left-most word, such as www or encarta, is the host name. It specifies the name of a specific machine (with a specific IP address) in a domain. A given domain can potentially contain millions of host names as long as they are all unique within that domain. Because all of the names in a given domain need to be unique, there has to be a single entity that controls the list and makes sure no duplicates arise. For example, the COM domain cannot contain any duplicate names, and a company called Network Solutions is in charge of maintaining this list. When you register a domain name, it goes through one of several dozen registrars who work with Network Solutions to add names to the list. Network Solutions, in turn, keeps a central database known as the whois database that contains information about the owner and name servers for each domain. If you go to the whois form, you can find information about any domain currently in existence. While it is important to have a central authority keeping track of the database of names in the COM (and other) top-level domain, you would not want to centralize the database of all of the information in the COM domain. For example, Microsoft has hundreds of thousands of IP addresses and host names. Microsoft wants to maintain its own domain name server for the
microsoft.com domain. Similarly, Great Britain probably wants to administrate the uk top-level domain, and Australia probably wants to administrate the au domain, and so on. For this reason, the DNS system is a distributed database. Microsoft is completely responsible for dealing with the name server for microsoft.com -- it maintains the machines that implement its part of the DNS system, and Microsoft can change the database for its domain whenever it wants to because it owns its domain name servers. Every domain has a domain name server somewhere that handles its requests, and there is a person maintaining the records in that DNS. This is one of the most amazing parts of the DNS system -- it is completely distributed throughout the world on millions of machines administered by millions of people, yet it behaves like a single, integrated database! The Distributed System Name servers do two things all day long:
• •
They accept requests from programs to convert domain names into IP addresses. They accept requests from other name servers to convert domain names into IP addresses.
When a request comes in, the name server can do one of four things with it:
• •
•
•
It can answer the request with an IP address because it already knows the IP address for the domain. It can contact another name server and try to find the IP address for the name requested. It may have to do this multiple times. It can say, "I don't know the IP address for the domain you requested, but here's the IP address for a name server that knows more than I do." It can return an error message because the requested domain name is invalid or does not exist.
When you type a URL into your browser, the browser's first step is to convert the domain name and host name into an IP address so that the browser can go request a Web page from the machine at that IP address (see How Web Servers Work for details on the whole process). To do this conversion, the browser has a conversation with a name server. When you set up your machine on the Internet, you (or the software that you installed to connect to your ISP) had to tell your machine what name server it should use for converting domain names to IP addresses. On some systems, the DNS is dynamically fed to the machine when you connect to the ISP, and on other machines it is hard-wired. If you are working on a Windows 95/98/ME machine, you can view your current name server with the command WINIPCFG.EXE (IPCONFIG for Windows 2000/XP). On a UNIX machine, type nslookup along with your machine name. Any program on your machine that needs to talk to a name server to resolve a domain name knows what name server to talk to because it can get the IP address of your machine's name server from the operating system. The browser therefore contacts its name server and says, "I need for you to convert a domain name to an IP address for me." For example, if you type "www.howstuffworks.com" into your browser, the browser needs to convert that URL into an IP address. The browser will hand "www.howstuffworks.com" to its default name server and ask it to convert it. The name server may already know the IP address for www.howstuffworks.com. That would be the case if another request to resolve www.howstuffworks.com came in recently (name servers cache IP addresses to speed things up). In that case, the name server can return the IP address immediately. Let's assume, however, that the name server has to start from scratch. A name server would start its search for an IP address by contacting one of the root name servers. The root servers know
the IP address for all of the name servers that handle the toplevel domains. Your name server would ask the root for www.howstuffworks.com, and the root would say (assuming no caching), "I don't know the IP address for www.howstuffworks.com, but here's the IP address for the COM name server." Obviously, these root servers are vital to this whole process, so:
• •
There are many of them scattered all over the planet. Every name server has a list of all of the known root servers. It contacts the first root server in the list, and if that doesn't work it contacts the next one in the list, and so on.
client/server architecture A network architecture in which each computer or process on the network is either a client or a server. Servers are powerful computers or processes dedicated to managing disk drives (file servers), printers (print servers), or network traffic (network servers ). Clients are PCs or workstations on which users run applications. Clients rely on servers for resources, such as files, devices, and even processing power. Another type of network architecture is known as a peer-to-peer architecture because each node has equivalent responsibilities. Both client/server and peer-to-peer architectures are widely used, and each has unique advantages and disadvantages. Client-server architectures are sometimes called two-tier architectures. Digital Subscriber Line (DSL) is a family of technologies that provides digital data transmission over the wires of a local telephone network. DSL originally stood for digital subscriber loop. In telecommunications marketing, the term Digital Subscriber Line is widely understood to mean Asymmetric Digital Subscriber Line (ADSL), the most commonly installed technical variety of DSL. DSL service is delivered
simultaneously with regular telephone on the same telephone line. This is possible because DSL uses a higher frequency. These frequency bands are subsequently separated by filtering. The data throughput of consumer DSL services typically ranges from 256 Kb/s to 20 Mbit/s in the direction to the customer (downstream), depending on DSL technology, line conditions, and service-level implementation. In ADSL, the data throughput in the upstream direction, (i.e. in the direction to the service provider) is lower, hence the designation of asymmetric service. In Symmetric Digital Subscriber Line (SDSL) service, the downstream and upstream data rates are equal. Definition: DSL is a high-speed Internet service like cable Internet. DSL provides high-speed networking over ordinary phone lines using broadband modem technology. DSL technology allows Internet and telephone service to work over the same phone line without requiring customers to disconnect either their voice or Internet connections. DSL technology theoretically supports data rates of 8.448 Mbps, although typical rates are 1.544 Mbps or lower. DSL Internet services are used primarily in homes and small businesses. DSL Internet service only works over a limited physical distance and remains unavailable in many areas where the local telephone infrastructure does not support DSL technology. Uniform Resource Locators (URLs) URLs, or Uniform Resource Locators, are the method by which documents or data are addressed in the World Wide Web. The URL contains the following information:
• •
the internet name of the site containing the resource (document or data) the type of service the resource is served by (eg, HTTP, Gopher, WAIS)
• •
the Internet port number of the service. If this is omitted the browser assumes a commonly accepted default value. the location of the resource in the directory structure of the server.
URLs are more sophisticated than this brief introduction would imply. For more detail, have a look at the URL overview document, found at the URL: http://www.w3.org/hypertext/WWW/Addressing/URL/Overvie w.html. 8.0 Structure of an URL The following is an outline of the most common form of a URL: http://www.address.edu:1234/path/subdir /file.ext | | | | | |service | | | | |____ host ______| | | | | | |port| | | file and | |_ resource details _| 8.0.1 Service The above figure gives a general outline of URL structure. This outline if followed by most, but not all, URLs. Specific cases are discussed in subsequent sections.
The first part is the service specifier, (here HTTP service) which specifies the access method. Specifically this is the part before the colon. Some examples of services are: http:, gopher:, wais: and ftp:. 8.0.2 Address and Port number The second part is usually the internet address of the server, indicated by the double forward slash (//). This address can also contain the (optional) port number the service listens at. The full name is then specified by a string like //www.address.edu:1234/, where :1234 means Port number 1234. If you want to use the default port number you can leave out both the colon and the number, i.e. //www.address.edu/. 8.0.3 Resource Location The forward slash after the host and port specifications indicates the end of the address and the beginning of the specification for the file/resource to be accessed. This field varies depending on the service being accessed. A few simple examples follow: more detailed ones are given in the documents listed below. 8.0.4 Special Cases In some cases the internet address and resource location are omitted. The common examples of this are news: (for accessing Usenet news group information) and mailto: (for sending e-mail). 8.0.5 Query Strings The URL scheme also allows you to include a query string that is to be passed to the designated URL. This is indicated by placing a question mark at the end of the URL, followed by the desired query string. For example: http://www.where.edu/cgi-bin/program? query_string_data
The query string must be specially encoded, using what is known as URL encoding. This is discussed in the CGI documentation found at NCSA and elsewhere in this document collection. 8.0.6 Some Simple URL Examples http://info.cern.ch/hypertext/WWW/Addressin g/URL/Overview.html Retrieve the named HTML document from the CERN http server running on the default port. gopher://gumby.brain.headache.edu:151/7fone book.txt Access the searchable index 'fonebook.txt' from the named gopher server, running on port number 151. news:alt.rec.motorcycle Access the newsgroup alt.rec.motorcycle. Web server A computer that delivers (serves up) Web pages. Every Web server has an IP address and possibly a domain name. For example, if you enter the URL http://www.pcwebopedia.com/index.html in your browser, this sends a request to the server whose domain name is pcwebopedia.com. The server then fetches the page named index.html and sends it to your browser. Any computer can be turned into a Web server by installing server software and connecting the machine to the Internet. There are many Web server software applications, including public domain software from NCSA and Apache, and commercial packages from Microsoft, Netscape and others. A web server is a computer program that delivers (serves) content, such as web pages, using the Hypertext Transfer Protocol (HTTP), over the World Wide Web. The term web server can also refer to the computer or virtual machine running the program.
In large commercial deployments, a server computer running a web server can be rack-mounted with other servers to operate a web farm. Contents [hide]
• • • • • •
• • • •
1 Overview 2 History of web servers 3 Common features 4 Path translation 5 Load limits 6 Kernel-mode and user-mode Web servers o 6.1 Overload causes o 6.2 Overload symptoms o 6.3 Anti-overload techniques 7 Market structure 8 See also 9 References 10 External links
Overview The primary function of a web server is to deliver web pages to clients. This means delivery of HTML documents and any additional content that may be included by a document, such as images, style sheets and JavaScripts. A client, commonly a web browser or web crawler, initiates communication by making a request for a specific resource using HTTP and the server responds with the content of that resource, or an error message if unable to do so. The resource is typically a real file on the server's secondary memory, but this is not necessarily the case and depends on how the web server is implemented. While the primary function is to serve content, a full implementation of HTTP also includes a way of receiving
content from clients. This feature is used for submitting web forms, including uploading of files. Many generic web servers also support server-side scripting, e.g., Apache HTTP Server and PHP. This means that the behaviour of the web server can be scripted in separate files, while the actual server software remains unchanged. Usually, this functionality is used to create HTML documents on-the-fly as opposed to return fixed documents. This is referred to as dynamic and static content respectively. The former is primarily used for retrieving and/or modifying information in databases. The latter is, however, typically much faster and easily cached. Web servers are not always used for serving the world wide web, rather they can also be found embedded in devices such as printers, routers, webcams and serving only a local network. The web server may then be used as a part of a system for monitoring and/or administrating the device in question. This usually means that no additional software has to be installed on the client computer, since only a web browser is required (which by now is included with most operating systems). History of web servers The world's first web server. In 1989 Tim Berners-Lee proposed to his employer CERN (European Organization for Nuclear Research) a new project, which had the goal of easing the exchange of information between scientists by using a hypertext system. As a result of the implementation of this project, in 1990 Berners-Lee wrote two programs:
• •
a browser called WorldWideWeb; the world's first web server, later known as CERN httpd, which ran on NeXTSTEP.
Between 1991 and 1994 the simplicity and effectiveness of early technologies used to surf and exchange data through the World Wide Web helped to port them to many different operating systems and spread their use among lots of different social groups of people, first in scientific organizations, then in universities and finally in industry. In 1994 Tim Berners-Lee decided to constitute the World Wide Web Consortium (W3C) to regulate the further development of the many technologies involved (HTTP, HTML, etc.) through a standardization process. Common features
1. 2. 3.
4.
Virtual hosting to serve many Web sites using one IP address. Large file support to be able to serve files whose size is greater than 2 GB on 32 bit OS. Bandwidth throttling to limit the speed of responses in order to not saturate the network and to be able to serve more clients. Server-side scripting to generate dynamic Web pages, but still keeping Web server and Web site implementations separate from each other.
Path translation Web servers are able to map the path component of a Uniform Resource Locator (URL) into:
• •
a local file system resource (for static requests); an internal or external program name (for dynamic requests).
For a static request the URL path specified by the client is relative to the Web server's root directory. Consider the following URL as it would be requested by a client:
http://www.example.com/path/file.html The client's user agent will translate it into a connection to www.example.com with the following HTTP 1.1 request: GET /path/file.html HTTP/1.1 Host: www.example.com The Web server on www.example.com will append the given path to the path of its root directory. On Unix machines, this is commonly /var/www (on Apache, usually /home/www). The result is the local file system resource: /var/www/path/file.html The Web server will then read the file, if it exists, and send a response to the client's Web browser. The response will describe the content of the file and contain the file itself. Load limits A Web server (program) has defined load limits, because it can handle only a limited number of concurrent client connections (usually between 2 and 80,000, by default between 500 and 1,000) per IP address (and TCP port) and it can serve only a certain maximum number of requests per second depending on:
• • • • •
its own settings; the HTTP request type; content origin (static or dynamic); the fact that the served content is or is not cached; the hardware and software limits of the OS where it is working.
When a Web server is near to or over its limits, it becomes unresponsive.
Kernel-mode and user-mode Web servers A Web server can be either implemented into the OS kernel, or in user space (like other regular applications). An in-kernel Web server (like TUX on GNU/Linux or Microsoft IIS on Windows) will usually work faster, because, as part of the system, it can directly use all the hardware resources it needs, such as non-paged memory, CPU time-slices, network adapters, or buffers. Web servers that run in user-mode have to ask the system the permission to use more memory or more CPU resources. Not only do these requests to the kernel take time, but they are not always satisfied because the system reserves resources for its own usage and has the responsibility to share hardware resources with all the other running applications. Also, applications cannot access the system's internal buffers, which causes useless buffer copies that create another handicap for user-mode web servers. As a consequence, the only way for a user-mode web server to match kernel-mode performance is to raise the quality of its code to much higher standards, similar to that of the code used in web servers that run in the kernel. This is a significant issue under Windows, where the user-mode overhead is about six times greater than that under Linux.[1] Overload causes At any time Web servers can be overloaded because of:
•
• •
Too much legitimate Web traffic. Thousands or even millions of clients connecting to the Web site in a short interval, e.g., Slashdot effect; DDoS. Distributed Denial of Service attacks; Computer worms that sometimes cause abnormal traffic because of millions of infected computers (not coordinated among them);
• • •
•
XSS viruses can cause high traffic because of millions of infected browsers and/or Web servers; Internet Web robots. Traffic not filtered/limited on large Web sites with very few resources (bandwidth, etc.); Internet (network) slowdowns, so that client requests are served more slowly and the number of connections increases so much that server limits are reached; Web servers (computers) partial unavailability. This can happen because of required or urgent maintenance or upgrade, hardware or software failures, back-end (e.g., DB) failures, etc.; in these cases the remaining Web servers get too much traffic and become overloaded.
Overload symptoms The symptoms of an overloaded Web server are:
• •
• •
requests are served with (possibly long) delays (from 1 second to a few hundred seconds); 500, 502, 503, 504 HTTP errors are returned to clients (sometimes also unrelated 404 error or even 408 error may be returned); TCP connections are refused or reset (interrupted) before any content is sent to clients; in very rare cases, only partial contents are sent (but this behavior may well be considered a bug, even if it usually depends on unavailable system resources).
Anti-overload techniques To partially overcome above load limits and to prevent overload, most popular Web sites use common techniques like:
•
managing network traffic, by using: o Firewalls to block unwanted traffic coming from bad IP sources or having bad patterns; o HTTP traffic managers to drop, redirect or rewrite requests having bad HTTP patterns;
• •
Bandwidth management and traffic shaping, in order to smooth down peaks in network usage; deploying Web cache techniques; using different domain names to serve different (static and dynamic) content by separate Web servers, i.e.: o http://images.example.com
o o o o
http://www.example.com
•
• •
• • • •
using different domain names and/or computers to separate big files from small and medium sized files; the idea is to be able to fully cache small and medium sized files and to efficiently serve big or huge (over 10 - 1000 MB) files by using different settings; using many Web servers (programs) per computer, each one bound to its own network card and IP address; using many Web servers (computers) that are grouped together so that they act or are seen as one big Web server, see also: Load balancer; adding more hardware resources (i.e. RAM, disks) to each computer; tuning OS parameters for hardware capabilities and usage; using more efficient computer programs for Web servers, etc.; using other workarounds, especially if dynamic content is involved
What is a Web Browser? Surfing the web is made possible by Web browsers. Browsers are basically software programs that allow you to search for and view various kinds of information on the Web, such as web sites, video, audio, etc.
The Most Popular Web Browsers Here are just a few of Web browsers available to you for a free download:
•
•
•
•
Microsoft's Internet Explorer: Most Internet users are using Internet Explorer because it's easy to use and most Web sites are written with Internet Explorer in mind, meaning that they are compatible. Opera: Opera is another popular browser that's easy to use; however, it can have some compatibility issues with various websites. Mozilla's Firefox: Firefox is rapidly gaining ground right behind Internet Explorer because of its tabbed browsing, superior security features, and fast load. Mac Safari: Specifically for Mac users, Safari is an excellent choice for a Web browser, with fast load and good compatibility with most websites out there.
Breakdown of a Web Browser We all know what a Web browser looks like, but it's good to have a complete breakdown of the various parts of most Web browsers just for reference's sake. The parts of a browser include:
•
• •
•
Status bar: This is the box at the bottom of your browser window. The status bar displays all sorts of information, depending on what you're doing at the time, but mostly it's for showing load speed and the URL of whatever address your mouse is hovering over. Address bar:This is the box at the top of your browser window that displays the entire URL, or Web site address. Title bar: The title bar is at the very top of your browser window; in both Firefox and Internet Explorer it is the blue bar there at the top. You'll see the title of the Web page there; for example, you should see "What Is A Web Browser?" at the top of your browser window right now. Toolbar Icons: The toolbar and its icons are at the top of your browser window right underneath the Title Bar. This
•
•
is where you'll see the Back button, the Home button, the Refresh button, etc. Display Window: The Display Window is just a fancy term for your browser work space; it's the frame through which you see this website right now. Scroll Bars: If you've ever been to a website that you had to "scroll down" to read something, then you've used the scroll bars. They're just navigational/directional aids.
There's more if you REALLY want to get into the nuts and bolts of a Web browser, but these parts are the basic ones that anyone should be concerned about. And of course, not all browsers are created equal - so some of the above definitions might not be appropriate. Which Web Browser is the Best? This is a good question and one that is really only answered by personal preference. I was a diehard Internet Explorer user for many years until I tried Firefox, and then I dropped IE like a hot potato. I can't tell you which one to use, but I can say that I believe that Firefox is by far a superior browser; tabbed browsing capability, superior security options, and fast loading have made me a happy Firefox user. How do you know which browser will work best for you? Well, they are all free to download, and so it can be a good idea to test them all if you are in doubt - and especially if you are a Web designer who needs to know what designs will work in what browser. As already stated, it does not cost a thing to download these browsers, so go ahead and test them out. The browser you choose to use can make all the difference in your search experience. How Hypertext Works HTML Code On the Web, hypertext is written in HTML, or Hypertext Markup
Language. Here's a piece of HTML code that shows how one document links to another. The phrase "Hardware Reviews" appears on a table of contents page on Smart Computing’s Web site, and it links to an article on a separate page. Hypertext documents can be linked in many ways, and one of the most common on the Web is when a word or phrase on one page links to an entirely new page. Here are some examples of string-to-lexia links, where clicking a string of words calls up a new page (lexia). As you can see, this linking can continue through many layers. 3.1 Introduction to SGML SGML is a system for defining markup languages. Authors mark up their documents by representing structural, presentational, and semantic information alongside content. HTML is one example of a markup language. Here is an example of an HTML document: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd "> <HTML> <HEAD> <TITLE>My first HTML document</TITLE> </HEAD> <BODY> <P>Hello world! </BODY> </HTML>
An HTML document is divided into a head section (here, between <HEAD> and </HEAD>) and a body (here, between <BODY> and </BODY>). The title of the document appears in the head (along with other information about the document), and the content of the document appears in the body. The body in this example contains just one paragraph, marked up with <P>. Each markup language defined in SGML is called an SGML application. An SGML application is generally characterized by: An SGML declaration. The SGML declaration specifies which characters and delimiters may appear in the application. 2. A document type definition (DTD). The DTD defines the syntax of markup constructs. The DTD may include additional definitions such as character entity references. 3. A specification that describes the semantics to be ascribed to the markup. This specification also imposes syntax restrictions that cannot be expressed within the DTD. 4. Document instances containing data (content) and markup. Each instance contains a reference to the DTD to be used to interpret it.
1.
This specification includes an SGML declaration, three document type definitions (see the section on HTML version information for a description of the three), and a list of character references.
Hypertext - Definition In computing, hypertext is a user interface paradigm for displaying documents which contain automated cross-references to other documents called hyperlinks. Selecting a hyperlink causes the computer to display the linked document within a very short period of time.
A document can be static (prepared and stored in advance) or dynamically generated (in response to user input). Therefore, a well-constructed hypertext system can encompass, incorporate or supersede many other user interface paradigms like menus and command
lines, and can be used to access both static collections of cross-referenced documents and interactive applications. The documents and applications can be local or can come from anywhere with the assistance of a computer network like the Internet. The most famous implementation of hypertext is the World Wide Web.
The term "hypertext" is often used where the term hypermedia would be more appropriate. What is hypertext and hypermedia? The operation of the Web relies mainly on hypertext as its means of interacting with users. Hypertext is basically the same as regular text - it can be stored, read, searched, or edited - with an important exception: hypertext contains connections within the text to other documents. For instance, suppose you were able to somehow select (with a mouse or with your finger) the word "hypertext" in the sentence before this one. In a hypertext system, you would then have one or more documents related to hypertext appear before you - a history of hypertext, for example, or the Webster's definition of hypertext. These new texts would themselves have links and connections to other documents - continually selecting text would take you on a free-associative tour of information. In this way, hypertext links, called hyperlinks, can create a complex virtual web of connectionsWhat is the Internet? The Internet is the catch-all word used to describe the massive world-wide network of computers. The word "internet" literally means "network of networks". In itself, the Internet is comprised of thousands of smaller regional networks scattered throughout the globe. On any given day it connects roughly 20 million users in over 50 countries. The World-Wide Web is mostly used on the Internet; they do not mean the same thing. The Web refers to a body of information - an abstract space of knowledge, while the Internet refers to the physical side of the global network, a giant mass of cables and computers.
SGML
- SGML (Standard Generalized Markup Language) is a standard for how to specify a document markup language or tag set. Such a specification is itself a document type definition (DTD). SGML is not in itself a document language, but a description of how to specify one. It is metadata. SGML is based on the idea that documents have structural and other semantic elements that can be described without reference to how such elements should be displayed. The actual display of such a document may vary, depending on the output medium and style preferences. Some advantages of documents based on SGML are:
•
•
•
They can be created by thinking in terms of document structure rather than appearance characteristics (which may change over time). They will be more portable because an SGML compiler can interpret any document by reference to its document type definition (DTD). Documents originally intended for the print medium can easily be re-adapted for other media, such as the computer display screen.
The language that this Web browser uses, Hypertext Markup Language (HTML), is an example of an SGML-based language. There is a document type definition for HTML (and reading the HTML specification is effectively reading an expanded version of the document type definition). In today's distributed networking environment, many documents are being described with the Extensible Markup Language (XML) which is a data description language (and a document can be viewed as a collection of data) that uses SGML principles.
SGML is based somewhat on earlier generalized markup languages developed at IBM, including General Markup Language (GML) and ISIL. HTML, which stands for HyperText Markup Language, is the predominant markup language for web pages. A markup language is a set of markup tags, and HTML uses markup tags to describe web pages. HTML is written in the form of HTML elements consisting of "tags" surrounded by angle brackets (like <html>) within the web page content. HTML tags normally come in pairs like <b> and </b>. The first tag in a pair is the start tag, the second tag is the end tag (they are also called opening tags and closing tags). The purpose of a web browser (like Internet Explorer or Firefox) is to read HTML documents and display them as web pages. The browser does not display the HTML tags, but uses the tags to interpret the content of the page. HTML is the building blocks of all basic websites. It allows images and objects to be embedded and can be used to create interactive forms. It provides a means to create structured documents by denoting structural semantics for text such as headings, paragraphs, lists, links, quotes and other items. It can embed scripts in languages such as JavaScript which affect the behavior of HTML webpages. HTML can also be used to include Cascading Style Sheets (CSS) to define the appearance and layout of text and other material. The W3C, maintainer of both HTML and CSS standards, encourages the use of CSS over explicit presentational markup.[1] What is XML?
• •
XML stands for EXtensible Markup Language XML is a markup language much like HTML
• • • •
XML was designed to carry data, not to display data XML tags are not predefined. You must define your own tags XML is designed to be self-descriptive XML is a W3C Recommendation
The Difference Between XML and HTML XML is not a replacement for HTML. XML and HTML were designed with different goals:
• •
XML was designed to transport and store data, with focus on what data is HTML was designed to display data, with focus on how data looks
HTML is about displaying information, while XML is about carrying information. Extensible Markup Language (XML) is a set of rules for encoding documents in machine-readable form. It is defined in the XML 1.0 Specification[4] produced by the W3C, and several other related specifications, all gratis open standards.[5] XML's design goals emphasize simplicity, generality, and usability over the Internet.[6] It is a textual data format with strong support via Unicode for the languages of the world. Although the design of XML focuses on documents, it is widely used for the representation of arbitrary data structures, for example in web services. Many application programming interfaces (APIs) have been developed that software developers use to process XML data, and several schema systems exist to aid in the definition of XML-based languages. As of 2009, hundreds of XML-based languages have been developed,[7] including RSS, Atom, SOAP, and XHTML. XML-
based formats have become the default for most officeproductivity tools, including Microsoft Office (Office Open XML), OpenOffice.org (OpenDocument), and Apple's iWork.[8] Website Meta Language ``WML is the Unix toolkit for getting your webdesigner's HTML job done.'' WML is a free and extensible Webdesigner's off-line HTML generation toolkit for Unix, distributed under the GNU General Public License (GPL v2). It is written in ANSI C and Perl 5, built via a GNU Autoconf based source tree and runs out-of-thebox on all major Unix derivates. It is Open Source Software and can be used free of charge both in educational and commercial environments. WML consists of a control frontend driving up to nine backends in a sequential pass-oriented filtering scheme. Each backend provides one particular core language. For maximum power WML additionally ships with a well-suited set of include files which provide higher-level features built on top of the backends core languages. While not trivial and idiot proof WML provides most of the core features real hackers always wanted for HTML generation. A typical use case of WML today is the generation of HTMLbased static pages for archivable documentation. Recently we implemented an electronic "systems operations handbook" for a German fellow who enjoys semi-automatic information updates through embedded Perl. Extensible Markup Language (XML) Recent: Balisage Conference [details]
1. 2.
Introduction Working Groups
3. 4. 5.
Events Other Resources Contact
Nearby: XML Specifications and Translations of them. Introduction Extensible Markup Language (XML) is a simple, very flexible text format derived from SGML (ISO 8879). Originally designed to meet the challenges of large-scale electronic publishing, XML is also playing an increasingly important role in the exchange of a wide variety of data on the Web and elsewhere. This page describes the work being done at W3C within the XML Activity, and how it is structured. Work at W3C takes place in Working Groups. The Working Groups within the XML Activity are listed below, together with links to their individual web pages. You can find and download formal technical specifications here, because we publish them. This is not a place to find tutorials, products, courses, books or other XML-related information. There are some links below that may help you find such resources. You will find links to W3C Recommendations, Proposed Recommendations, Working Drafts, conformance test suites and other documents on the pages for each Working Group. Each document also contains email addresses you can use to send comments or questions, for example if you have been writing software to implement them and have found problems or errors. Please do not send us email asking us to help you learn a language or specification; there are plenty of resources online, and the people editing and developing the specifications are very busy. We are interested in technical comments and errata.
If your organization would like to join the W3C, or if you would like to participate formally in a working group (and have the necessary resources to attend meetings), you can read more about the Consortium. The Motive Web Design Glossary client-side, server-side If a webpage content can be customised or used to complete an activity, interaction is either client-side or server-side. client-side …supports interaction within a webpage Client-side scripting enables interaction within a webpage. The code required to process user-input is downloaded and compiled by the browser or plug-in. An example of a client-side interaction is a rollover (typically triggered when choosing a navigation option). Client-side scripting languages include JavaScript. server-side information is sent to a server to be processed With server-side scripting, completing an activity involves sending information to another computer (server) across the internet. The server then runs a program that process the information and returns the results, typically a webpage. Search engines use server-side processing. When a keyword is sent, a program on a server matches the word or phrase entered against an index of website content. (To complete the same search as a client-side process would require the browser to download the entire search engine program and index.) Server-side scripting languages include ASP and PHP.
stateless interaction Macromedia Flash application architecture enables a third type of scripting/interaction. Flash can store and process information both client-side and server-side. An example of this interaction is a Flash-based checkout process. Information the user enters (such as delivery and billing addresses, credit card details, etc.) can be stored and validated client-side. Once the required information has been completed a connection is established to the server and the order sent for processing. client-side vs server-side client-side interaction
• • • •
response to interaction may be more immediate (once the program code has been downloaded) services are secure (as no information is sent from the browser) reliant on the user having using a specific browser and/or plug-in on their computer affected by the processing speed of the user’s computer
server-side interaction
•
• • •
complex processes are often more efficient (as the program and the associated resources are not downloaded to the browser) there are security considerations when sending sensitive information does not rely on the user having specific browser or plugin affected by the processing speed of the host server
How the user connects to the internet affects both forms of interaction. For client-side scripting, the connection type
affects the time it takes program code to be downloaded. For server-side processiWireless Application Protocol From Wikipedia, the free encyclopedia Jump to: navigation, search Not to be confused with Wi-Fi Protected Access or Wireless access point. Wireless Application Protocol (WAP) is an open international standard[1] for application-layer network communications in a wireless-communication environment. Most use of WAP involves accessing the mobile web from a mobile phone or from a PDA. A WAP browser is a commonly used web browser for small mobile devices such as cell phones or PDAs, developed to allow a realistic browsing experience to users. Given then, the inherent physical and technical limitations of these devices such as size and data transfer speeds, new code was created, and the WAP browser accesses websites written in, or dynamically converted to, WML (Wireless Markup Language). Before the introduction of WAP, service providers had extremely limited opportunities to offer interactive data services, but needed interactivity to support now-commonplace activities such as:
• • • • •
Email by mobile phone Tracking of stock-market prices Sports results News headlines new Music downloads
Wireless Application Protocol (WAP) is an enabling technology based on the Internet client server architecture model, for transmission and presentation of information from the World Wide Web (WWW) and other applications utilizing the Internet Protocol (IP) to a mobile phone or other wireless terminal.
The Address Resolution Protocol (ARP) is a computer networking protocol for determining a network host's Link Layer or hardware address when only its Internet Layer (IP) or Network Layer address is known. This function is critical in local area networking as well as for routing internetworking traffic across gateways (routers) based on IP addresses when the next-hop router must be determined. ARP was defined by RFC 826 in 1982.[1] It is Internet Standard STD 37. ARP has been implemented in many types of networks, such as Internet Protocol (IP) network, CHAOS, DECNET, Xerox PARC Universal Packet, Token Ring, FDDI, IEEE 802.11 and other LAN technologies, as well as the modern high capacity networks, such as Asynchronous Transfer Mode (ATM). Due to the overwhelming prevalence of IPv4 and Ethernet in general networking, ARP is most frequently used to translate IPv4 addresses (OSI Layer 3) into Ethernet MAC addresses (OSI Layer 2). In the next generation Internet Protocol, IPv6, ARP's functionality is provided by the Neighbor Discovery Protocol (NSMTP (pronounced as separate letters) Short for Simple Mail Transfer Protocol, a protocol for sending e-mail messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client using either POP or IMAP. In addition, SMTP is generally used to send messages from a mail client to a mail server. This is why you need to specify both the POP or IMAP server and the SMTP server when you configure your e-mail application. DP).
File Transfer Protocol Show me everything on Cloud computing and SaaS definition File Transfer Protocol (FTP), a standard Internet protocol, is the simplest way to exchange files between computers on the Internet. Like the Hypertext Transfer Protocol (HTTP), which transfers displayable Web pages and related files, and the Simple Mail Transfer Protocol (SMTP), which transfers e-mail, FTP is an application protocol that uses the Internet's TCP/IP protocols. FTP is commonly used to transfer Web page files from their creator to the computer that acts as their server for everyone on the Internet. It's also commonly used to download programs and other files to your computer from other servers. As a user, you can use FTP with a simple command line interface (for example, from the Windows MS-DOS Prompt window) or with a commercial program that offers a graphical user interface. Your Web browser can also make FTP requests to download programs you select from a Web page. Using FTP, you can also update (delete, rename, move, and copy) files at a server. You need to logon to an FTP server. However, publicly available files are easily accessed using anonymous FTP. Basic FTP support is usually provided as part of a suite of programs that come with TCP/IP. However, any FTP client program with a graphical user interface usually must be downloaded from the company that makes it. Address Resolution Protocol Digg This! StumbleUpon Del.icio.us
- Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network. For
example, in IP Version 4, the most common level of IP in use today, an address is 32 bits long. In an Ethernet local area network, however, addresses for attached devices are 48 bits long. (The physical machine address is also known as a Media Access Control or MAC address.) A table, usually called the ARP cache, is used to maintain a correlation between each MAC address and its corresponding IP address. ARP provides the protocol rules for making this correlation and providing address conversion in both directions. How ARP Works When an incoming packet destined for a host machine on a particular local area network arrives at a gateway, the gateway asks the ARP program to find a physical host or MAC address that matches the IP address. The ARP program looks in the ARP cache and, if it finds the address, provides it so that the packet can be converted to the right packet length and format and sent to the machine. If no entry is found for the IP address, ARP broadcasts a request packet in a special format to all the machines on the LAN to see if one machine knows that it has that IP address associated with it. A machine that recognizes the IP address as its own returns a reply so indicating. ARP updates the ARP cache for future reference and then sends the packet to the MAC address that replied. Since protocol details differ for each type of local area network, there are separate ARP Requests for Comments (RFC) for Ethernet, ATM, Fiber Distributed-Data Interface, HIPPI, and other protocols. There is a Reverse ARP (RARP) for host machines that don't know their IP address. RARP enables them to request their IP address from the gateway's ARP cache.
Routing protocol From Wikipedia, the free encyclopedia Jump to: navigation, search A routing protocol is a protocol that specifies how routers communicate with each other, disseminating information that enables them to select routes then any two nodes on a computer network, the choice of the route being done by routing algorithms. Each router has a priori knowledge only of networks attached to it directly. A routing protocol shares this information first among immediate neighbors, and then throughout the network. This way, routers gain knowledge of the topology of the network. For a discussion of the concepts behind routing protocols, see: Routing. The term routing protocol may refer specifically to one operating at layer three of the OSI model, which similarly disseminates topology information between routers. Although there are many types of routing protocols, three major classes are in widespread use on IP networks:
• • •
Interior gateway routing via link-state routing protocols, such as OSPF and IS-IS Interior gateway routing via path vector or distance vector protocols, such as RIP, IGRP and EIGRP Exterior gateway routing. BGP v4 is the routing protocol used by the public Internet.
Many routing protocols are defined in documents called RFCs.[1]
[2][3][4]
The specific characteristics of routing protocols include
• •
the manner in which they either prevent routing loops from forming or break them up if they do the manner in which they select preferred routes, using information about hop costs
• • •
the time they take to converge how well they scale up many other factors
Contents [hide]
• • • •
1 Routed versus routing protocols 2 Examples o 2.1 Interior routing protocols 3 References 4 Further reading
[edit] Routed versus routing protocols In some cases, routing protocols can themselves run over routed protocols: for example, BGP runs over TCP which runs over IP; care is taken in the implementation of such systems not to create a circular dependency between the routing and routed protocols. That a routing protocol runs over particular transport mechanism does not mean that the routing protocol is of layer (N+1) if the transport mechanism is of layer (N). Routing protocols, according to the OSI Routing framework, are layer management protocols for the network layer, regardless of their transport mechanism:
• •
• •
IS-IS runs over the data link layer OSPF, IGRP, and EIGRP run directly over IP; OSPF and EIGRP have their own reliable transmission mechanism while IGRP assumed an unreliable transport RIP runs over UDP BGP runs over TCP
[edit] Examples [edit] Interior routing protocols Interior Gateway Protocols (IGPs) exchange routing information
within a single routing domain. A given autonomous system [5] can contain multiple routing domains, or a set of routing domains can be coordinated without being an Internetparticipating autonomous system. Common examples include:
• • • • •
IGRP (Interior Gateway Routing Protocol) EIGRP (Enhanced Interior Gateway Routing Protocol) OSPF (Open Shortest Path First) RIP (Routing Information Protocol) IS-IS (Intermediate System to Intermediate System)
Note that IGRP, a Cisco proprietary routing protocol, is no longer supported. EIGRP accepts IGRP configuration commands, but the internals of IGRP and EIGRP are completely different.
Border Gateway Protocol The Border Gateway Protocol (BGP) is the routing protocol used to exchange routing information across the Internet. It makes it possible for ISPs to connect to each other and for end-users to connect to more than one ISP. BGP is the only protocol that is designed to deal with a network of the Internet's size, and the only protocol that can deal well with having multiple connections to unrelated routing domains. BGP first became an Internet standard in 1989 and was originally defined in RFC 1105. The current version, BGP4 was adopted in 1995 and is defined in RFC 4271. (This RFC obsoletes RFC 1771.) An overview of all BGP RFCs can be found in the BGP RFC section on this website. BGP has proven to be scalable, stable and provides the
mechanisms needed to support complex routing policies. When people talk about "BGP" today, they implicitly mean BGP4. There is no need to specify the -4 version number because no one uses earlier versions, and very few vendors even still support them. The Border Gateway Protocol is an inter-Autonomous System routing protocol. The primary function of a BGP speaking system is to exchange network reachability information with other BGP systems. This network reachability information includes information on the list of Autonomous Systems (ASs) that reachability information traverses. This information is sufficient to construct a graph of AS connectivity from which routing loops may be pruned and some policy decisions at the AS level may be enforced.
Interior Gateway Routing Protocol From Wikipedia, the free encyclopedia Jump to: navigation, search Interior Gateway Routing Protocol (IGRP) is a distance vector interior routing protocol (IGP) invented by Cisco. It is used by routers to exchange routing data within an autonomous system. IGRP is a proprietary protocol. IGRP was created in part to overcome the limitations of RIP (maximum hop count of only 15, and a single routing metric) when used within large networks. IGRP supports multiple metrics for each route, including bandwidth, delay, load, MTU, and reliability; to compare two routes these metrics are combined together into a single metric, using a formula which can be adjusted through the use of pre-set constants. The maximum hop count of IGRP-
routed packets is 255 (default 100), and routing updates are broadcast every 90 seconds (by default).[1] IGRP is considered a classful routing protocol. Because the protocol has no field for a subnet mask, the router assumes that all interface addresses within the same Class A, Class B, or Class C network have the same subnet mask as the subnet mask configured for the interfaces in question. This contrasts with classless routing protocols that can use variable length subnet masks. Classful protocols have become less popular as they are wasteful of IP address space. Cryptography (or cryptology; from Greek κρυπτός, kryptos, "hidden, secret"; and γράφ, gráph, "writing", or -λογία, -logia, respectively)[1] is the practice and study of hiding information. Modern cryptography intersects the disciplines of mathematics, computer science, and engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. Cryptology prior to the modern age was almost synonymous with encryption, the conversion of information from a readable state to nonsense. The sender retained the ability to decrypt the information and therefore avoid unwanted persons being able to read it. Since WWI and the advent of the computer, the methods used to carry out cryptology have become increasingly complex and its application more widespread. Alongside the advancement in cryptology-related technology, the practice has raised a number of legal issues, some of which remain unresolved.
1. INTRODUCTION Does increased security provide comfort to paranoid people? Or does security provide some very basic protections that we are naive to believe that we don't need? During this time when the
Internet provides essential communication between tens of millions of people and is being increasingly used as a tool for commerce, security becomes a tremendously important issue to deal with. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography, which is the focus of this chapter. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. The reader is advised, then, that the topics covered in this chapter only describe the first of many steps necessary for better security in any number of situations. This paper has two major purposes. The first is to define some of the terms and concepts behind basic cryptographic methods, and to offer a way to compare the myriad cryptographic schemes in use today. The second is to provide some real examples of cryptography in use today. I would like to say at the outset that this paper is very focused on terms, concepts, and schemes in current use and is not a treatise of the whole field. No mention is made here about precomputerized crypto schemes, the difference between a substitution and transposition cipher, cryptanalysis, or other history. Interested readers should check out some of the books in the bibliography below for this detailed — and interesting! — background information.
2. THE PURPOSE OF CRYPTOGRAPHY Cryptography is the science of writing in secret code and is an ancient art; the first documented use of cryptography in writing dates back to circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in an inscription. Some experts argue that cryptography appeared spontaneously sometime after
writing was invented, with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly the Internet. Within the context of any application-to-application communication, there are some specific security requirements, including:
•
• • •
Authentication: The process of proving one's identity. (The primary forms of host-to-host authentication on the Internet today are name-based or address-based, both of which are notoriously weak.) Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver. Integrity: Assuring the receiver that the received message has not been altered in any way from the original. Non-repudiation: A mechanism to prove that the sender really sent this message.
Cryptography, then, not only protects data from theft or alteration, but can also be used for user authentication. There are, in general, three types of cryptographic schemes typically used to accomplish these goals: secret key (or symmetric) cryptography, public-key (or asymmetric) cryptography, and hash functions, each of which is described below. In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext. In many of the descriptions below, two communicating parties will be referred to as Alice and Bob; this is the common nomenclature in the crypto field and literature to make it easier to identify the communicating parties. If there is a third or fourth party to the communication, they will be referred to as Carol and
Dave. Mallory is a malicious party, Eve is an eavesdropper, and Trent is a trusted third party.
3. TYPES OF CRYPTOGRAPHIC ALGORITHMS There are several ways of classifying cryptographic algorithms. For purposes of this paper, they will be categorized based on the number of keys that are employed for encryption and decryption, and further defined by their application and use. The three types of algorithms that will be discussed are (Figure 1):
• • •
Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption Public Key Cryptography (PKC): Uses one key for encryption and another for decryption Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information
FIGURE 1: Three types of cryptography: secret-key, public key, and hash function. 3.1. Secret Key Cryptography With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the
secret. The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is so-called because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same ciphertext when using the same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher. Stream ciphers come in several flavors but two are worth mentioning here. Self-synchronizing stream ciphers calculate each bit in the keystream as a function of the previous n bits in the keystream. It is termed "self-synchronizing" because the decryption process can stay synchronized with the encryption process merely by knowing how far into the n-bit keystream it is. One problem is error propagation; a garbled bit in transmission will result in n garbled bits at the receiving side. Synchronous stream ciphers generate the keystream in a fashion independent of the message stream but by using the same keystream generation function at sender and receiver. While stream ciphers do not propagate transmission errors, they are, by their nature, periodic so that the keystream will eventually repeat. Block ciphers can operate in one of several modes; the following four are the most important:
•
Electronic Codebook (ECB) mode is the simplest, most obvious application: the secret key is used to encrypt the plaintext block to form a ciphertext block. Two identical plaintext blocks, then, will always generate the same ciphertext block. Although this is the most common mode
•
•
•
of block ciphers, it is susceptible to a variety of brute-force attacks. Cipher Block Chaining (CBC) mode adds a feedback mechanism to the encryption scheme. In CBC, the plaintext is exclusively-ORed (XORed) with the previous ciphertext block prior to encryption. In this mode, two identical blocks of plaintext never encrypt to the same ciphertext. Cipher Feedback (CFB) mode is a block cipher implementation as a self-synchronizing stream cipher. CFB mode allows data to be encrypted in units smaller than the block size, which might be useful in some applications such as encrypting interactive terminal input. If we were using 1-byte CFB mode, for example, each incoming character is placed into a shift register the same size as the block, encrypted, and the block transmitted. At the receiving side, the ciphertext is decrypted and the extra bits in the block (i.e., everything above and beyond the one byte) are discarded. Output Feedback (OFB) mode is a block cipher implementation conceptually similar to a synchronous stream cipher. OFB prevents the same plaintext block from generating the same ciphertext block by using an internal feedback mechanism that is independent of both the plaintext and ciphertext bitstreams.
A nice overview of these different modes can be found at progressive-coding.com. Secret key cryptography algorithms that are in use today include:
•
Data Encryption Standard (DES): The most common SKC scheme used today, DES was designed by IBM in the 1970s and adopted by the National Bureau of Standards (NBS) [now the National Institute for Standards and Technology (NIST)] in 1977 for commercial and unclassified government applications. DES is a block-
cipher employing a 56-bit key that operates on 64-bit blocks. DES has a complex set of rules and transformations that were designed specifically to yield fast hardware implementations and slow software implementations, although this latter point is becoming less significant today since the speed of computer processors is several orders of magnitude faster today than twenty years ago. IBM also proposed a 112-bit key for DES, which was rejected at the time by the government; the use of 112-bit keys was considered in the 1990s, however, conversion was never seriously considered. DES is defined in American National Standard X3.92 and three Federal Information Processing Standards (FIPS):
o o
o
FIPS 46-3: DES FIPS 74: Guidelines for Implementing and Using the NBS Data Encryption Standard FIPS 81: DES Modes of Operation
Information about vulnerabilities of DES can be obtained from the Electronic Frontier Foundation. Two important variants that strengthen DES are:
o
o
Triple-DES (3DES): A variant of DES that employs up to three 56-bit keys and makes three encryption/decryption passes over the block; 3DES is also described in FIPS 46-3 and is the recommended replacement to DES. DESX: A variant devised by Ron Rivest. By combining 64 additional key bits to the plaintext prior to encryption, effectively increases the keylength to 120 bits.
More detail about DES, 3DES, and DESX can be found below in Section 5.4.
•
•
•
•
Advanced Encryption Standard (AES): In 1997, NIST initiated a very public, 4-1/2 year process to develop a new secure cryptosystem for U.S. government applications. The result, the Advanced Encryption Standard, became the official successor to DES in December 2001. AES uses an SKC scheme called Rijndael, a block cipher designed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits. NIST initially selected Rijndael in October 2000 and formal adoption as the AES standard came in December 2001. FIPS PUB 197 describes a 128bit block cipher employing a 128-, 192-, or 256-bit key. The AES process and Rijndael algorithm are described in more detail below in Section 5.9. CAST-128/256: CAST-128, described in Request for Comments (RFC) 2144, is a DES-like substitutionpermutation crypto algorithm, employing a 128-bit key operating on a 64-bit block. CAST-256 (RFC 2612) is an extension of CAST-128, using a 128-bit block size and a variable length (128, 160, 192, 224, or 256 bit) key. CAST is named for its developers, Carlisle Adams and Stafford Tavares and is available internationally. CAST-256 was one of the Round 1 algorithms in the AES process. International Data Encryption Algorithm (IDEA): Secretkey cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally. Rivest Ciphers (aka Ron's Code): Named for Ron Rivest, a series of SKC algorithms. o RC1: Designed on paper but never implemented. o RC2: A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268.
•
•
•
•
RC3: Found to be breakable during development. o RC4: A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length. o RC5: A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040. o RC6: An improvement over RC5, RC6 was one of the AES Round 2 algorithms. Blowfish: A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from 32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products. Twofish: A 128-bit block cipher using 128-, 192-, or 256bit keys. Designed to be highly secure and highly flexible, well-suited for large microprocessors, 8-bit smart card microprocessors, and dedicated hardware. Designed by a team led by Bruce Schneier and was one of the Round 2 algorithms in the AES process. Camellia: A secret-key, block-cipher crypto algorithm developed jointly by Nippon Telegraph and Telephone (NTT) Corp. and Mitsubishi Electric Corporation (MEC) in 2000. Camellia has some characteristics in common with AES: a 128-bit block size, support for 128-, 192-, and 256-bit key lengths, and suitability for both software and hardware implementations on common 32-bit processors as well as 8-bit processors (e.g., smart cards, cryptographic hardware, and embedded systems). Also described in RFC 3713. Camellia's application in IPsec is described in RFC 4312 and application in OpenPGP in RFC 5581. MISTY1: Developed at Mitsubishi Electric Corp., a block cipher using a 128-bit key and 64-bit blocks, and a variable number of rounds. Designed for hardware and
o
•
•
•
•
•
software implementations, and is resistant to differential and linear cryptanalysis. Described in RFC 2994. Secure and Fast Encryption Routine (SAFER): Secret-key crypto scheme designed for implementation in software. Versions have been defined for 40-, 64-, and 128-bit keys. KASUMI: A block cipher using a 128-bit key that is part of the Third-Generation Partnership Project (3gpp), formerly known as the Universal Mobile Telecommunications System (UMTS). KASUMI is the intended confidentiality and integrity algorithm for both message content and signaling data for emerging mobile communications systems. SEED: A block cipher using 128-bit blocks and 128-bit keys. Developed by the Korea Information Security Agency (KISA) and adopted as a national standard encryption algorithm in South Korea. Also described in RFC 4269. ARIA: A 128-bit block cipher employing 128-, 192-, and 256-bit keys. Developed by cryptographers at the Academy, Research Institute and Agency (ARIA) in Korea in 2003. Described in RFC 5794. Skipjack: SKC scheme proposed for Capstone. Although the details of the algorithm were never made public, Skipjack was a block cipher using an 80-bit key and 32 iteration cycles per 64-bit block.
3.2. Public-Key Cryptography Public-key cryptography has been said to be the most significant new development in cryptography in the last 300-400 years. Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key.
PKC depends upon the existence of so-called one-way functions, or mathematical functions that are easy to computer whereas their inverse function is relatively difficult to compute. Let me give you two simple examples:
1.
2.
Multiplication vs. factorization: Suppose I tell you that I have two numbers, 9 and 16, and that I want to calculate the product; it should take almost no time to calculate the product, 144. Suppose instead that I tell you that I have a number, 144, and I need you tell me which pair of integers I multiplied together to obtain that number. You will eventually come up with the solution but whereas calculating the product took milliseconds, factoring will take longer because you first need to find the 8 pair of integer factors and then determine which one is the correct pair. Exponentiation vs. logarithms: Suppose I tell you that I want to take the number 3 to the 6th power; again, it is easy to calculate 36=729. But if I tell you that I have the number 729 and want you to tell me the two integers that I used, x and y so that logx 729 = y, it will take you longer to find all possible solutions and select the pair that I used.
While the examples above are trivial, they do represent two of the functional pairs that are used with PKC; namely, the ease of multiplication and exponentiation versus the relative difficulty of factoring and calculating logarithms, respectively. The mathematical "trick" in PKC is to find a trap door in the oneway function so that the inverse calculation becomes easy given knowledge of some item of information. Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext. The important point here is that it does not matter which key is applied first, but that both keys are required for the process to
work (Figure 1B). Because a pair of keys are required, this approach is also called asymmetric cryptography. In PKC, one of the keys is designated the public key and may be advertised as widely as the owner wants. The other key is designated the private key and is never revealed to another party. It is straight forward to send messages under this scheme. Suppose Alice wants to send Bob a message. Alice encrypts some information using Bob's public key; Bob decrypts the ciphertext using his private key. This method could be also used to prove who sent a message; Alice, for example, could encrypt some plaintext with her private key; when Bob decrypts using Alice's public key, he knows that Alice sent the message and Alice cannot deny having sent the message (non-repudiation). Public-key cryptography algorithms that are in use today for key exchange or digital signatures include:
•
RSA: The first, and still most common, PKC implementation, named for the three MIT mathematicians who developed it — Ronald Rivest, Adi Shamir, and Leonard Adleman. RSA today is used in hundreds of software products and can be used for key exchange, digital signatures, or encryption of small blocks of data. RSA uses a variable size encryption block and a variable size key. The key-pair is derived from a very large number, n, that is the product of two prime numbers chosen according to special rules; these primes may be 100 or more digits in length each, yielding an n with roughly twice as many digits as the prime factors. The public key information includes n and a derivative of one of the factors of n; an attacker cannot determine the prime factors of n (and, therefore, the private key) from this information alone and that is what makes the RSA algorithm so secure. (Some descriptions of PKC erroneously state that RSA's safety is due to the difficulty in factoring large prime numbers. In fact, large prime numbers, like small prime numbers, only have two factors!) The ability for computers
to factor large numbers, and therefore attack schemes such as RSA, is rapidly improving and systems today can find the prime factors of numbers with more than 200 digits. Nevertheless, if a large number is created from two prime factors that are roughly the same size, there is no known factorization algorithm that will solve the problem in a reasonable amount of time; a 2005 test to factor a 200digit number took 1.5 years and over 50 years of compute time (see the Wikipedia article on integer factorization.) Regardless, one presumed protection of RSA is that users can easily increase the key size to always stay ahead of the computer processing curve. As an aside, the patent for RSA expired in September 2000 which does not appear to have affected RSA's popularity one way or the other. A detailed example of RSA is presented below in
Simple Network Management Protocol (SNMP) is a UDPbased network protocol. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). It consists of a set of standards for network management, including an application layer protocol, a database schema, and a set of data objects.[1] SNMP exposes management data in the form of variables on the managed systems, which describe the system configuration. These variables can then be queried (and sometimes set) by managing applications. Open Shortest Path First (OSPF) is an adaptive routing protocol for Internet Protocol (IP) networks. It uses a link state routing algorithm and falls into the group of interior routing protocols, operating within a single autonomous system (AS). It is defined as OSPF Version 2 in RFC 2328 (1998) for IPv4.[1]
The updates for IPv6 are specified as OSPF Version 3 in RFC 5340 (2008).[2] OSPF is perhaps the most widely-used interior gateway protocol (IGP) in large enterprise networks. IS-IS, another link-state routing protocol, is more common in large service provider networks. The most widely-used exterior gateway protocol is the Border Gateway Protocol (BGP), the principal routing protocol between autonomous systems on the Internet. A computer virus is a computer program that can copy itself[1] and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.[2][3] As stated above, the term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, adware, and spyware programs that do not have the reproductive ability. Malware includes computer viruses, worms, trojans, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a Trojan is a program that appears harmless but hides malicious functions. Worms and Trojans, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user,
but many are surreptitious or simply do nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves. The Internet backbone refers to the principal data routes between large, strategically interconnected networks and core routers in the Internet. These data routes are hosted by commercial, government, academic and other high-capacity network centers, the Internet exchange points andnetwork access points, that interchange Internet traffic between the countries, continents and across the oceans of the world. Traffic interchange between the Internet service providers, often Tier 1 networks, participating in the Internet backbone exchange traffic by privately negotiatedinterconnection agreements, primarily governed by the principle of settlement-free peering..........in 1987 NFS(national foundation of science) developed 1st internet backbone & named it NFS.net.it consistd of t1 lines,each of 70 networks.its speed was 1.45 kbps.They then colaberated with ibm & introduced faster backbone t3 whose speed was 54kbps Internet privacy From Wikipedia, the free encyclopedia that anyone can edit Internet privacy consists of privacy over the media of the Internet: the ability to control what information one reveals about oneself over the Internet, and to control who can access that information. Many people use the term to mean universal Internet privacy: every user of the Internet possessing Internet privacy. Internet privacy forms a subset of computer privacy. A number of experts within the field of Internet security and privacy believe that security doesn't exist; "Privacy is dead - get over it"[1]according to Steve Rambam, private investigator specializing in Internet privacy cases. On the
other hand, in his essay The Value of Privacy, security expert Bruce Schneier says, "Privacy protects us from abuses by those in power, even if we're doing nothing wrong at the time of surveillance."[2][3] IP address An Internet Protocol (IP) address is a numerical label that is assigned to devices participating in a computer network, that uses the Internet Protocol for communication between its nodes.[1] An IP address serves two principal functions: host or network interface identification and location addressing. Its role has been characterized as follows: "A name indicates what we seek. An address indicates where it is. A route indicates how to get there."[2] The designers of TCP/IP defined an IP address as a 32bit number[1] and this system, known as Internet Protocol Version 4 or IPv4, is still in use today. However, due to the enormous growth of the Internet and the resulting depletion of available addresses, a new addressing system (IPv6), using 128 bits for the address, was developed in 1995[3] and last standardized byRFC 2460 in 1998.[4] Although IP addresses are stored as binary numbers, they are usually displayed in humanreadable notations, such as 208.77.188.166 (for IPv4), and 2001:db8:0:1234:0:567:1:1 (for IPv6). The Internet Protocol also routes data packets between networks; IP addresses specify the locations of the source and destination nodes in the topology of the routing system. For this purpose, some of the bits in an IP address are used to designate a subnetwork. The number of these bits is indicated in CIDR notation, appended to the IP address; e.g.,208.77.188.166/24. As the development of private networks raised the threat of IPv4 address exhaustion, RFC 1918 set aside a group of private address spaces that may be used by anyone on private networks. They are often used with network
address translators to connect to the global public Internet. The Internet Assigned Numbers Authority (IANA), which manages the IP address space allocations globally, cooperates with five Regional Internet Registries (RIRs) to allocate IP address blocks to Local Internet Registries (Internet service providers) and other entities Network Computer From Wikipedia, the free encyclopedia Network Computer (often abbreviated NC) is a trademark of Oracle Corporation that was used, from approximately 1996 to 2000, to market a range of diskless desktop computer devices. The devices were designed and manufactured by an alliance, which included Sun Microsystems, IBM, and others. The devices were designed with minimum specifications, based on theNetwork Computer Reference Profile. The brand was also employed as a marketing term to try to popularize this design of computer within enterprise and among consumers. The term, today, is also used somewhat interchangeably to describe a diskless desktop computer or a thin client. The NC brand was mainly intended to denote and forecast a range of desktop computers from various suppliers that, by virtue of their diskless design and use of inexpensive components and software, were cheaper and easier to manage than standard fat client desktops. However, due to the commoditization of standard desktop components, and due to the increasing availability and popularity of various software options for using full desktops as diskless nodes, thin clients, and hybrid clients, the Network Computer brand never achieved the popularity hoped for by Oracle and was eventually mothballed.
In computer networks, a proxy server is a server (a computer system or an application program) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly. A proxy server has many potential purposes, including: To keep machines behind it anonymous (mainly for security).[1] To speed up access to resources (using caching). Web proxies are commonly used to cache web pages from a web server.[2] To apply access policy to network services or content, e.g. to block undesired sites. To log / audit usage, i.e. to provide company employee Internet usage reporting. To bypass security/ parental controls. To scan transmitted content for malware before delivery. To scan outbound content, e.g., for data leak protection. To circumvent regional restrictions.
A proxy server that passes requests and replies unmodified is usually called a gateway or sometimes tunneling proxy. A proxy server can be placed in the user's local computer or at various points between the user and the destination servers on the Internet. A reverse proxy is (usually) an Internet-facing proxy used as a front-end to control and protect access to a server on a private network, commonly also performing tasks such as load-balancing, authentication, decryption or caching. Satellite Internet access is Internet access via geostationary satellite and is available almost worldwide, including vessels at sea and mobile land vehicles. Similar, but slower Internet service is also available through Low Earth Orbit (LEO) satellites, however their coverage areas also include the polar regions at extreme latitudes, making them truly global. Satellite Internet access is often used in locations where terrestrialInternet access is not available. End users should be aware of the different types of satellite communication systems and the technical issues involving each, such as latencyand signal loss due to precipitation, in order to make informed decisions on which system will serve them best Latency is the delay between requesting data and the receipt of a response, or in the case of one-way communication, between the actual moment of a signal's broadcast and the time received at its destination. Compared to ground-based communication, all geostationary satellite communications experience high latency due to the signal having to travel to an altitude of 35,786 km (22,236 mi) above sea level (from theequator) out into space to a satellite in geostationary orbit and back to Earth again. This latency problem with satellite communications can be mitigated with TCP acceleration features that shorten the round trip time (RTT) per packet by splitting the feedback
loop between the sender and the receiver. Such acceleration features are present in recent technology developments embedded in new satellite Internet services likeTooway[1]. The signal delay can be as much as 250 milliseconds to 900 milliseconds (one way), which makes this service unusable for applications requiring real-time user input, such as online games or remote surgery. This delay can be irritating with interactive applications, such as VoIP,videoconferencing, or other person to person communication. The functionality of live interactive access to a distant computer can also be subject to the problems caused by high latency. However these problems are more than tolerable for basic email access and web browsing, and in most cases are barely noticeable.[citation
needed]
For geostationary satellites there is no way to eliminate this problem. The delay is primarily due to the great distances travelled which, even at the speed of light (about 300,000 km/second or 186,000 miles per second), can be significant. Even if all other signalling delays could be eliminated it still takes electromagnetic radio waves about 250 milliseconds, or one quarter of a second, to travel from ground level to the satellite and back to the ground, a total of over 71,400 km (44,366 mi) to travel from the source to the destination, and over 143,000 km (88,856 mi) for a round trip (user to ISP, and then back to user—with zero network delays). Factoring in other normal delays from network sources gives a typical one-way connection latency of 500–700 ms from the user to the ISP, or about 1,000–1,400 milliseconds latency for the total Round Trip Time (RTT) back to the user. This is far worse than most dial-up modem users' experience, at typically only 150–200 ms total latency. However, Medium Earth Orbit (MEO) and Low Earth Orbit (LEO) satellites do not have such great delays. The
current LEO constellations ofGlobalstar and Iridium satellites have delays of less than 40 ms round trip, but their throughput is less than broadband at 64 kbps per channel. The Globalstar constellation orbits 1,420 km above the earth and Iridium orbits at 670 km altitude. The proposed O3b Networks MEO constellation scheduled for deployment in 2010 would orbit at 8,062 km, with RTT latency of approximately 125 ms. The proposed new network is also designed for much higher throughput with links well in excess of 1 Gbps (Gigabits per second). A proposed alternative to geostationary relay satellites is a special-purpose solar-powered ultralight aircraft, which would fly along a circular path above a fixed ground location, operating under autonomous computer control at a height of approximately 20,000 meters. Onboard batteries would be charged during daylight hours by solar panels covering the wings, and would provide power to the plane during night. Ground-based satellite dishes would relay signals to and from the aircraft, resulting in a greatly reduced round-trip signal latency of only 0.25 milliseconds. The planes could then run forever without refueling.[citation needed] Several such schemes involving various types of aircraft have been proposed in the past.
