Assignament no.

Of

Multimedia communication

Submitted by : PRATEEK BAHUGUNA Submitted to : MRS. Karanvir kaur

Section : D2802

Rollno : 45
Q1. Explain the concept of adjunct protocols.

Ans 1. ADJUNCT PROTOCOLS ARE EXPLAINED BELOW ALONG WITH THEIR

CONCEPT :-

In computer networking, the Address Resolution Protocol (ARP) is the method for
finding a host's hardware address when only its network layer address is known.
Due to the overwhelming prevalence of IPv4 and Ethernet, ARP is primarily used to
translate IP addresses to Ethernet MAC addresses. It is also used for IP over other
LAN technologies, such as Token Ring, FDDI, or IEEE 802.11, and for IP over ATM.

ARP is used in four cases of two hosts communicating:

1. When two hosts are on the same network and one desires to send a packet to the
other

2. When two hosts are on different networks and must use a gateway/router to
reach the other host

3. When a router needs to forward a packet for one host through another router

4. When a router needs to forward a packet from one host to the destination host on
the same network

* ARP - is a low-level protocol used to bind addresses dynamically.

* ARP allows a host to find a physical address of a target host on the same
physical network, given only it’s IP address.

* ARP hides the underlying network physical addressing. It can be thought of as

part of physical network system and not the internet protocols.
 • ARP broadcasts special packets with the destination’s IP address to ALL hosts.
• The destination host (only) will respond with it’s physical address.
• When the response is received, the sender uses the physical address of destination host to
send all packets.

ARP Functionality:

* There are two main functional parts of the address resolution protocol:

o Determine the destination’s physical address before sending a packet.

o Answer requests that arrive for it’s own Physical-to-IP address binding.

* Because of lost/duplicate packets, ARP must handle this to avoid many re-
broadcasts.

* Bindings in ARP cache (actual cache table) must be removed after a fixed
period of time to ensure validity.

* When a packet is received, the sender’s IP address is stripped and the local
table is updated (ARP cache), then the rest of the packet is processed.

* Two types of incoming packets:

o Those to be processed (correct destination).

o Stray broadcast packets (can be dropped after updating the ARP cache).

* Application programs may request the destination address many times before
the binding is complete. This must be handled, by discarding enqueued requests,
when the correct binding returns.
 * ARP sets the field "TYPE" for the ID of a frame.

* ARP packets DO NOT have a fixed format header, so they can be used with
arbitrary physical addresses and arbitrary protocol addresses.

* The lengths of physical addresses may vary up to 48-bits.

Reverse Address Resolution Protocol (RARP) is a network layer protocol used to

resolve an IP address from a given hardware address (such as an Ethernet address).
It has been rendered obsolete by BOOTP and the more modern DHCP, which both
support a much greater feature set than RARP.

RARP is the complement of ARP

• RARP functionality supports multiple physical network types.

• All machines receive RARP requests but only those authorized to supply RARP services
can respond. Machines supplying RARP services are called RARP servers.
 • RARP is only used on LANs with a low probability of failure since bootstrapping
requires quick responses.

Primary and Backup RARP Servers:

• Primary servers respond while backup servers simply record the time of the incoming
requests.
• If the primary server is down, backup server will see reoccurring requests and take over.
This take over is done by using a random delay to see if other backup servers respond
first.

OSPF :- Open Shortest Path First (OSPF) is an adaptive routing protocol for
Internet Protocol (IP) networks. It uses a link state routing algorithm and falls into
the group of interior routing protocols, operating within a single autonomous system
(AS). It is defined as OSPF Version 2 in RFC 2328 for IPv4. The updates for IPv6 are
specified as OSPF Version 3 in RFC 5340. Research into the convergence time of
OSPF can be found in Stability Issues in OSPF Routing (2001).

OSPF is perhaps the most widely-used interior gateway protocol (IGP) in large
enterprise networks. IS-IS, another link-state routing protocol, is more common in
large service provider networks. The most widely-used exterior gateway protocol is
the Border Gateway Protocol (BGP), the principal routing protocol between
autonomous systems on the Internet.

ICMP :- The Internet Control Message Protocol (ICMP) is one of the core protocols of
the Internet Protocol Suite. It is chiefly used by the operating systems of networked
computers to send error messages indicating, for example, that a requested service
is not available or that a host or router could not be reached. ICMP can also be used
to relay query messages.

ICMP :- differs from transport protocols such as TCP and UDP in that it is not
typically used to exchange data between systems, nor is it regularly employed by
end-user network

ICMP for Internet Protocol version 4 (IPv4) is also known as ICMPv4. IPv6 has a
similar protocol, ICMPv6.

The Internet Group Management Protocol (IGMP) is a communications protocol used

by hosts and adjacent routers on IP networks to establish multicast group
memberships.

IGMP :- IT is an integral part of the IP multicast specification. It is analogous to

ICMP for unicast connections. IGMP can be used for online streaming video and
gaming, and allows more efficient use of resources when supporting these types of
applications.

IGMP is used on IPv4 networks. Multicast management on IPv6 networks is handled

by Multicast Listener Discovery (MLD) which uses ICMPv6 messaging contrary to
IGMP's bare IP encapsulation.

Q2. Explain with diagram describe the operation of the IDEA scheme. Include in your
description the size of the key used and the number and size of sub keys associated
with each encryption stage.

ANS 2.
IDEA operates on 64-bit blocks using a 128-bit key, and consists of a series of eight
identical transformations (a round, see the illustration) and an output
transformation (the half-round). The processes for encryption and decryption are
similar. IDEA derives much of its security by interleaving operations from different
groups — modular addition and multiplication, and bitwise eXclusive OR (XOR) —
which are algebraically "incompatible" in some sense. In more detail, these
operators, which all deal with 16-bit quantities, are:

* Bitwise eXclusive OR (denoted with a blue circled plus ⊕).

* Addition modulo 216 (denoted with a green boxed plus ⊞).

* Multiplication modulo 216+1, where the all-zero word (0x0000) is interpreted as

216 (denoted by a red circled dot ⊙).

After the eight rounds comes a final "half round", the output transformation
illustrated below:

International Data Encryption Algorithm InfoBox Diagram Output Trans.png

Key schedule

Each round uses six 16-bit sub-keys, while the half-round uses four, a total of 52 for
8.5 rounds. The first eight sub-keys are extracted directly from the key, with K1
from the first round being the lower sixteen bits; further groups of eight keys are
created by rotating the main key left 25 bits between each group of eight. This
means that it is rotated less than once per round, on average, for a total of six
rotations.

Security

The designers analysed IDEA to measure its strength against differential

cryptanalysis and concluded that it is immune under certain assumptions. No
successful linear or algebraic weaknesses have been reported. As of 2007[update],
the best attack which applies to all keys can break IDEA reduced to 6 rounds (the
full IDEA cipher uses 8.5 rounds). Note that a "break" is any attack which requires
less than 2128 operations; the 6-round attack requires 264 known plaintexts and
2126.8 operations.
IDEA, unlike the other block cipher algorithms discussed in this section, is patented by the Swiss
firm of Ascom. They have, however, been generous in allowing, with permission, free
noncommercial use of their algorithm, with the result that IDEA is best known as the block
cipher algorithm used within the popular encryption program PGP.

The IDEA algorithm is interesting in its own right. It includes some steps which, at first, make it
appear that it might be a non-invertible hash function instead of a block cipher. Also, it is
interesting in that it entirely avoids the use of any lookup tables or S-boxes.

IDEA uses 52 subkeys, each 16 bits long. Two are used during each round proper, and four are
used before every round and after the last round. It has eight rounds.

The plaintext block in IDEA is divided into four quarters, each 16 bits long. Three operations are
used in IDEA to combine two 16 bit values to produce a 16 bit result, addition, XOR, and
multiplication. Addition is normal addition with carries, modulo 65,536. Multiplication, as used
in IDEA, requires some explanation.

Multiplication by zero always produces zero, and is not invertible. Multiplication modulo n is
also not invertible whenever it is by a number which is not relatively prime to n. The way
multiplication is used in IDEA, it is necessary that it be always invertible. This is true of
multiplication IDEA style.

The number 65,537, which is 2^16+1, is a prime number. (Incidentally, 2^8+1, or 257, is also
prime, and so is 2^4+1, or 17, but 2^32+1 is not prime, so IDEA cannot be trivially scaled up to
a 128-bit block size.) Thus, if one forms a multiplication table for the numbers from 1 through
65,536, each row and column will contain every number once only, forming a Latin square, and
providing an invertible operation. The numbers that 16 bits normally represent are from 0 to
65,535 (or, perhaps even more commonly, from -32,768 to 32,767). In IDEA, for purposes of
multiplication, a 16 bit word containing all zeroes is considered to represent the number 65,536;
other numbers are represented in conventional unsigned notation, and multiplication is modulo
the prime number 65,537.

Description of IDEA

Let the four quarters of the plaintext be called A, B, C, and D, and the 52 subkeys called K(1)
through K(52).

Before round 1, or as the first part of it, the following is done:

Multiply A by K(1). Add K(2) to B. Add K(3) to C. Multiply D by K(4).

Round 1 proper consists of the following:

Calculate A xor C (call it E) and B xor D (call it F).

Multiply E by K(5). Add the new value of E to F.

Multiply the new value of F by K(6). Add the result, which is also the new value of F, to E.

Change both A and C by XORing the current value of F with each of them; change both B and D
by XORing the current value of E with each of them.

Swap B and C.

Repeat all of this eight times, or seven more times, using K(7) through K(12) the second time, up
to K(43) through K(48) the eighth time. Note that the swap of B and C is not performed after
round 8.

Then multiply A by K(49). Add K(50) to B. Add K(51) to C. Multiply D by K(52).

The intricacies of IDEA encryption may be made somewhat clearer by examining the following
diagrams:

Details: Overview:

Decryption

How can the round in IDEA be reversed, since all four quarters of the block are changed at the
same time, based on a function of all four of their old values? Well, the trick to that is that A xor
C isn't changed when both A and C are XORed by the same value, that value cancels out, no
matter what that value might be. And the same applies to B xor D. And since the values used are
functions of (A xor C) and (B xor D), they are still available.

This cross-footed round, rather than a Feistel round, is the most striking distinguishing factor of
IDEA, although its use of multiplication, addition, and XOR to avoid the use of S-boxes is also
important.

Those that are added are replaced by their two's complement. Those that are multiplied in are
replaced by their multiplicative inverse, modulo 65,537, in IDEA notation when used to change
blocks directly, but those used to calculate the cross-footed F-functions are not changed. Keys
XORed in would not need to be changed, but there aren't any such keys in IDEA. Due to the
placement of the swap, the first four keys for decryption are moved somewhat differently than
the other keys used for the same operation between rounds.

The decryption key schedule is:

The first four subkeys for decryption are:

KD(1) = 1/K(49)
KD(2) = -K(50)
KD(3) = -K(51)
KD(4) = 1/K(52)
and they do not quite follow the same pattern as the remaining subkeys which
follow.

The following is repeated eight times, adding 6 to every decryption key's index and subtracting 6
from every encryption key's index:

KD(5) = K(47)
KD(6) = K(48)

KD(7) = 1/K(43)
KD(8) = -K(45)
KD(9) = -K(44)
KD(10) = 1/K(46)

Subkey generation

The 128-bit key of IDEA is taken as the first eight subkeys, K(1) through K(8). The next eight
subkeys are obtained the same way, after a 25-bit circular left shift, and this is repeated until all
encryption subkeys are derived.

This method of subkey generation is regular, and this may be a weakness. However, IDEA is
considered to be highly secure, having stood up to all forms of attack so far tried by the academic
community.
Q3. Differentiate between MAC address and IP address. Explain the various fields
involved in IP datagram.

ANS 3.

IP Address (Internet Protocol Address):

This number is an exclusive number all information technology devices (printers,

routers, modems, et al) use which identifies and allows them the ability to
communicate with each other on a computer network. There is a standard of
communication which is called an Internet Protocol standard (IP). In laymans terms
it is the same as your home address. In order for you to receive snail mail at home
the sending party must have your correct mailing address (IP address) in your town
(network) or you do not receive bills, pizza coupons or your tax refund. The same is
true for all equipment on the internet. Without this specific address, information
cannot be received. IP addresses may either be assigned permanently for an Email
server/Business server or a permanent home resident or temporarily, from a pool of
available addresses (first come first serve) from your Internet Service Provider

Domain Name System (DNS): This allows the IP address to be translated to words. It
is much easier for us to remember a word than a series of numbers. The same is
true for email addresses.

For example, it is much easier for you to remember a web address name such as
whatismyip.com than it is to remember 192.168.1.1 or in the case of email it is
much easier to remember email@somedomain.com than email@192.168.1.1
Dynamic IP Address: An IP address that is not static and could change at any time.
This IP address is issued to you from a pool of IP addresses allocated by your ISP or
DHCP Server. This is for a large number of customers that do not require the same
IP Address all the time for a variety of reasons. Your computer will automatically get
this number as it logs on to the network and saves you the trouble of having to
know details regarding the specific network configurations. This number can be
assigned to anyone using a dial-up connection, Wireless and High Speed Internet
connections. If you need to run your own email server or web server, it would be
best to have a static IP.

Static IP Address: An IP address that is fixed and never changes. This is in contrast
to a dynamic IP address which may change at any time. Most ISP's a single static IP
or a block of static IP's for a few extra bucks a month.

IP version 4: Currently used by most network devices. However, with more and
more computers accessing the internet, IPv4 addresses are running out quickly. Just
like in a city, addresses have to be created for new neighborhoods but, if your
neighborhood gets too large, you will have to come up with an entire new pool of
addresses. IPv4 is limited to 4,294,967,296 addresses.

IP version 5: This is an experimental protocol for UNIX based systems. In keeping

with standard UNIX (a computer Operating System) release conventions, all odd-
numbered versions are considered experimental. It was never intended to be used
by the general public.

IP version 6: The replacement for the aging IPv4. The estimated number of unique
addresses for IPv6 is 340,282,366,920,938,463,463,374,607,431,768,211,456 or
2^128.

The old and current standard of addresses was this: 192.168.100.100 the new way
can be written different ways but means the same and are all valid:

* 1080:0000:0000:0000:0000:0034:0000:417A
* 1080:0:0:0:0:34:0:417A

* 1080::34:0:417A

What Is a MAC Address?

The MAC address is a unique value associated with a network adapter. MAC
addresses are also known as hardware addresses or physical addresses. They
uniquely identify an adapter on a LAN.

MAC addresses are 12-digit hexadecimal numbers (48 bits in length). By

convention, MAC addresses are usually written in one of the following two formats:

MM:MM:MM:SS:SS:SS

MM-MM-MM-SS-SS-SS

The first half of a MAC address contains the ID number of the adapter manufacturer.
These IDs are regulated by an Internet standards body (see sidebar). The second
half of a MAC address represents the serial number assigned to the adapter by the
manufacturer. In the example,

00:A0:C9:14:C8:29

The prefix

00A0C9

indicates the manufacturer is Intel Corporation.

Why MAC Addresses?

Recall that TCP/IP and other mainstream networking architectures generally adopt
the OSI model. In this model, network functionality is subdivided into layers. MAC
addresses function at the data link layer (layer 2 in the OSI model). They allow
computers to uniquely identify themselves on a network at this relatively low level.

MAC vs. IP Addressing

Whereas MAC addressing works at the data link layer, IP addressing functions at the
network layer (layer 3). It's a slight oversimplification, but one can think of IP
addressing as supporting the software implementation and MAC addresses as
supporting the hardware implementation of the network stack. The MAC address
generally remains fixed and follows the network device, but the IP address changes
as the network device moves from one network to another.

IP networks maintain a mapping between the IP address of a device and its MAC
address. This mapping is known as the ARP cache or ARP table. ARP, the Address
Resolution Protocol, supports the logic for obtaining this mapping and keeping the
cache up to date.

DHCP also usually relies on MAC addresses to manage the unique assignment of IP
addresses to devices.

IP Datagram Structure

The term 'datagram' or 'packet' is used to describe a chunk of IP data. Each IP

datagram contains a specific set of fields in a specific order so that the reader
knows how to decode and read the stream of data received. The description of the
IP datagram format in this tutorial is suitable for most purposes.

An IP datagram looks something like this:

Version IHL TOS Total Length

Identification Flags Fragment Offset
TTL Protocol Header Checksum
Source IP Address
 Destination IP Address
Options Padding

Payload (TCP/UDP/ICMP etc.)

VERSION (4 bits)

The version field is set to the value '4' in decimal or '0100' in binary. The value
indicates the version of IP (4 or 6, there is no version 5).

IHL (4 bits)

The Internet Header Length (IHL) describes how big the header is in 32-bit words.
For instance, the minimum value is 5, as that is the minimum size of an IP header
that contains all the correct fields is 160 bits, or 20 bytes. This allows the receiver to
know exactly where the payload data begins.

TOS (8 bits)

Type of service allows the intermediate receiving stations (the routers) to have
some notion of the quality of service desired. This allows the network to make
adaptations for delay, throughput, or reliability.

TOTAL LENGTH (16 bits)

This informs the receiver of the datagram where the end of the data in this
datagram is. This is the length of the entire datagram in octets, including the
header. This is why an IP datagram can be up to 65,535 bytes long, as that is the
maximum value of this 16-bit field.

IDENTIFICATION (16 bits)

Sometimes, a device in the the middle of the network path cannot handle the
datagram at the size it was originally transmitted, and must break it into fragments.
If an intermediate system needs to break up the datagram, it uses this field to aid in
identifying the fragments.

FLAGS (3 bits)

The flags field contains single-bit flags that indicate whether the datagram is a
fragment, whether it is permitted to be fragmented, and whether the datagram is
the last fragment, or there are more fragments. The first bit in this field is always
zero.

FRAGMENT OFFSET (13 bits)

 When a datagram is fragmented, it is necessary to reassemble the fragments in
the correct order. The fragment offset numbers the fragments in such a way that
they can be reassembled correctly.

TIME TO LIVE (8 bits)

This field determines how long a datagram will exist. At each hop along a network
path, the datagram is opened and it's time to live field is decremented by one (or
more than one in some cases). When the time to live field reaches zero, the
datagram is said to have 'expired' and is discarded. This prevents congestion on the
network that is created when a datagram cannot be forwarded to it's destination.
Most applications set the time to live field to 30 or 32 by default.

PROTOCOL (8 bits)

This indicates what type of protocol is encapsulated within the IP datagram.

Some of the common values seen in this field include:

Number
Protocol
(Decimal)
ICMP 1
IGMP 2
TCP 6
UDP 17

HEADER CHECKSUM (16 bits)

According to RFC 791, the header checksum formula is:"the 16-bit ones
compliment of the ones compliment sum of all 16-bit words in the header."

The checksum allows IP to detect datagrams with corrupted headers and discard
them. Since the time to live field changes at each hop, the checksum must be re-
calculated at each hop. In some cases, this is replaced with a cyclic redundancy
check algorithm.

SOURCE ADDRESS (32 bits)

This is the IP address of the sender of the IP datagram.

DESTINATION ADDRESS (32 bits)

This is the IP address of the intended receiver(s) of the datagram. If the host
portion of this address is set to all 1's, the datagram is an 'all hosts' broadcast.
OPTIONS & PADDING (variable)

Various options can be included in the header by a particular vendor's

implementation of IP. If options are included, the header must be padded with
zeroes to fill in any unused octets so that the header is a multiple of 32 bits, and
matches the count of bytes in the Internet Header Length (IHL) field.

Q4. With the aid of an example, explain the meaning of “Absolute URL” and “relative
URL” including the relationship between the two.

Ans 4. Let us see what is the difference between the two :-

What is the difference between an absolute and a relative URL?

An absolute URL contains more information than a relative URL does. Relative URLs
are more convenient because they are shorter and often more portable. However,
you can use them only to reference links on the same server as the page that
contains them.

Linking with absolute URLs

An absolute URL typically takes the following form:

protocol://hostname/other_information

The protocol is usually http://, but can also be ftp://, gopher://, or file://. The
hostname is the name of the computer. For example, the hostname of Indiana
University's central web server is www.indiana.edu. The other_information includes
directory and file information. You must use absolute URLs when referring to links
on different servers.

Linking with relative URLs

Relative URLs can take a number of different forms. When referring to a file that
occurs in the same directory as the referring page, a URL can be as simple as the
name of the file. For example, if you want to create a link in your home page to the
file foobar.html, which is in the same directory as your home page, you would use:

<a href="foobar.html">The Wonderful World of Foobar!</a>

If the file you want to link to is in a subdirectory of the referring page's directory,
you need to enter only the directory information and the name of the file. So if
foobar.html were in the foobar subdirectory of your www directory, you could refer
to it from your home page by using:

<a href="foobar/foobar.html">The Wonderful World of Foobar!</a>

If the file you want to link to is in a higher directory than the referring page, use .. ,
which means to go up a directory. For example, to link from foobar.html to
home.html, which is in the directory above, you would use:

<a href="../home.html">Go back to my home page</a>

Absolute URL

An Absolute URL is, thus, something that is independent or free from any
relationship. When you use an absolute URL, you point directly to a file. Hence, an
absolute URL specifies the exact location of a file/directory on the internet. It also
follows that each absolute URL is unique, which means that if two URLs are
identical, they point to the same file.

For example:

http://www.webdevelopersnotes.com/images/email.gif specifies an image file

email.gif located in the images directory, under www.webdevelopersnotes.com
domain name.

Similarly, the absolute URL of the document you are viewing is

http://www.webdevelopersnotes.com/design/ relative_and_absolute_urls.php3 which
is a page in the directory called design on this web site.
Relative URL

A relative URL points to a file/directory in relation to the present file/directory.

Let us understand relative URLs through a small exercise.

Look at the two URL above. We want to include (display) the image file email.gif
stored in the images directory of www.webdevelopersnotes.com domain on this
(relative_and_absolute_urls.php3 stored in the design directory) page.

There are two ways to do this. We can either refer to it using an absolute URL or use
a relative URL. The <img> tag for this image display will be as follows:

Using an Absolute URL in an <img> tag

<img src="http://www.webdevelopersnotes.com/images/email.gif"

width="..." height="..." />

Using a Relative URL in an <IMG> tag

<img src="../images/email.gif" width="..." height="..." />

The absolute URL is straight forward but in the relative URL you'll notice that I have
refered to the image with ../images/email.gif. In order to understand the relative
URL, let me tell you about the directory structure of this web site.

This web site has several sections and the files and web pages for each section
have been segregated into different directories. This helps me to keep things
organized and uncluttered on the web site. Under the document or server root
directory (the main directory of the web site), I have a directory called images
which stores all common images used on the pages of this web site. The image
email.gif resides in this directory. I have another directory called design which is at
the same level as images i.e. it is also in the document root directory. This design
directory contains the files and web pages for the "Web Page Design" section of this
web site. Diagramatically, the scenario can be represented as:

Relative and absolute URLs - explanation

Now to access email.gif file from relative_and_absolute_urls.php3 page using a

relative URL we put ../images/email.gif in the SRC attribute. We, thus, instruct the
browser to first go one level up (i.e. to the document root) and then move to the
images directory and pick up the file email.gif. The two peroids (..) instruct the
server to move up one directory (which is the root directory), then enter images
directory (/images) and finally point at email.gif.

Q5. Explain with diagram describe the operation of the IDEA scheme. Include in your
description the size of the key used and the number and size of sub keys associated
with each encryption stage.

Ans 5.

IDEA operates on 64-bit blocks using a 128-bit key, and consists of a series of eight
identical transformations (a round, see the illustration) and an output
transformation (the half-round). The processes for encryption and decryption are
similar. IDEA derives much of its security by interleaving operations from different
groups — modular addition and multiplication, and bitwise eXclusive OR (XOR) —
which are algebraically "incompatible" in some sense. In more detail, these
operators, which all deal with 16-bit quantities, are:
 * Bitwise eXclusive OR (denoted with a blue circled plus ⊕).

* Addition modulo 216 (denoted with a green boxed plus ⊞).

* Multiplication modulo 216+1, where the all-zero word (0x0000) is interpreted as

216 (denoted by a red circled dot ⊙).

After the eight rounds comes a final "half round", the output transformation
illustrated below:

International Data Encryption Algorithm InfoBox Diagram Output Trans.png

Key schedule

Each round uses six 16-bit sub-keys, while the half-round uses four, a total of 52 for
8.5 rounds. The first eight sub-keys are extracted directly from the key, with K1
from the first round being the lower sixteen bits; further groups of eight keys are
created by rotating the main key left 25 bits between each group of eight. This
means that it is rotated less than once per round, on average, for a total of six
rotations.

Security

The designers analysed IDEA to measure its strength against differential

cryptanalysis and concluded that it is immune under certain assumptions. No
successful linear or algebraic weaknesses have been reported. As of 2007[update],
the best attack which applies to all keys can break IDEA reduced to 6 rounds (the
full IDEA cipher uses 8.5 rounds). Note that a "break" is any attack which requires
less than 2128 operations; the 6-round attack requires 264 known plaintexts and
2126.8 operations.

IDEA, unlike the other block cipher algorithms , is patented by the Swiss firm of Ascom. They
have, however, been generous in allowing, with permission, free noncommercial use of their
algorithm, with the result that IDEA is best known as the block cipher algorithm used within the
popular encryption program PGP.
The IDEA algorithm is interesting in its own right. It includes some steps which, at first, make it
appear that it might be a non-invertible hash function instead of a block cipher. Also, it is
interesting in that it entirely avoids the use of any lookup tables or S-boxes.

IDEA uses 52 subkeys, each 16 bits long. Two are used during each round proper, and four are
used before every round and after the last round. It has eight rounds.

The plaintext block in IDEA is divided into four quarters, each 16 bits long. Three operations are
used in IDEA to combine two 16 bit values to produce a 16 bit result, addition, XOR, and
multiplication. Addition is normal addition with carries, modulo 65,536. Multiplication, as used
in IDEA, requires some explanation.

Multiplication by zero always produces zero, and is not invertible. Multiplication modulo n is
also not invertible whenever it is by a number which is not relatively prime to n. The way
multiplication is used in IDEA, it is necessary that it be always invertible. This is true of
multiplication IDEA style.

The number 65,537, which is 2^16+1, is a prime number. (Incidentally, 2^8+1, or 257, is also
prime, and so is 2^4+1, or 17, but 2^32+1 is not prime, so IDEA cannot be trivially scaled up to
a 128-bit block size.) Thus, if one forms a multiplication table for the numbers from 1 through
65,536, each row and column will contain every number once only, forming a Latin square, and
providing an invertible operation. The numbers that 16 bits normally represent are from 0 to
65,535 (or, perhaps even more commonly, from -32,768 to 32,767). In IDEA, for purposes of
multiplication, a 16 bit word containing all zeroes is considered to represent the number 65,536;
other numbers are represented in conventional unsigned notation, and multiplication is modulo
the prime number 65,537.

Description of IDEA

Let the four quarters of the plaintext be called A, B, C, and D, and the 52 subkeys called K(1)
through K(52).

Before round 1, or as the first part of it, the following is done:

Multiply A by K(1). Add K(2) to B. Add K(3) to C. Multiply D by K(4).

Round 1 proper consists of the following:

Calculate A xor C (call it E) and B xor D (call it F).

Multiply E by K(5). Add the new value of E to F.

Multiply the new value of F by K(6). Add the result, which is also the new value of F, to E.

Change both A and C by XORing the current value of F with each of them; change both B and D
by XORing the current value of E with each of them.
Swap B and C.

Repeat all of this eight times, or seven more times, using K(7) through K(12) the second time, up
to K(43) through K(48) the eighth time. Note that the swap of B and C is not performed after
round 8.

Then multiply A by K(49). Add K(50) to B. Add K(51) to C. Multiply D by K(52).

The intricacies of IDEA encryption may be made somewhat clearer by examining the following
diagrams:

Details: Overview:

Decryption

How can the round in IDEA be reversed, since all four quarters of the block are changed at the
same time, based on a function of all four of their old values? Well, the trick to that is that A xor
C isn't changed when both A and C are XORed by the same value, that value cancels out, no
matter what that value might be. And the same applies to B xor D. And since the values used are
functions of (A xor C) and (B xor D), they are still available.

This cross-footed round, rather than a Feistel round, is the most striking distinguishing factor of
IDEA, although its use of multiplication, addition, and XOR to avoid the use of S-boxes is also
important.
Those that are added are replaced by their two's complement. Those that are multiplied in are
replaced by their multiplicative inverse, modulo 65,537, in IDEA notation when used to change
blocks directly, but those used to calculate the cross-footed F-functions are not changed. Keys
XORed in would not need to be changed, but there aren't any such keys in IDEA. Due to the
placement of the swap, the first four keys for decryption are moved somewhat differently than
the other keys used for the same operation between rounds.

The decryption key schedule is:

The first four subkeys for decryption are:

KD(1) = 1/K(49)
KD(2) = -K(50)
KD(3) = -K(51)
KD(4) = 1/K(52)
and they do not quite follow the same pattern as the remaining subkeys which
follow.

The following is repeated eight times, adding 6 to every decryption key's index and subtracting 6
from every encryption key's index:

KD(5) = K(47)
KD(6) = K(48)

KD(7) = 1/K(43)
KD(8) = -K(45)
KD(9) = -K(44)
KD(10) = 1/K(46)

Subkey generation

The 128-bit key of IDEA is taken as the first eight subkeys, K(1) through K(8). The next eight
subkeys are obtained the same way, after a 25-bit circular left shift, and this is repeated until all
encryption subkeys are derived.

This method of subkey generation is regular, and this may be a weakness. However, IDEA is
considered to be highly secure, having stood up to all forms of attack so far tried by the academic
community.

Q6. Explain the steps involved in ARP. Also explain the difference between ARP and
RARP.

Ans 6.
Steps involved in ARP are as follows :-

1. If there are 2 systems A and B , then A should knew the ip address of B.

2. ARP request msg :- it includes sender side IP address and MAC address +
destination site IP address.

3. When the msg has reached other side then B , C , and D will check that
request msg has their IP address or not.

4. Then B after reciving data , reply back to A using ARP reply msg.

5. In recipt of reply msg ARP in A makes an entery of requested IP/MAC address

in own cache.

A B

DIFFERENCE B/W ARP AND RARP :-

In computer networking, the Address Resolution Protocol (ARP) is the method for
finding a host's hardware address when only its network layer address is known.
Due to the overwhelming prevalence of IPv4 and Ethernet, ARP is primarily used to
translate IP addresses to Ethernet MAC addresses. It is also used for IP over other
LAN technologies, such as Token Ring, FDDI, or IEEE 802.11, and for IP over ATM.

ARP is used in four cases of two hosts communicating:

1. When two hosts are on the same network and one desires to send a packet to the
other

2. When two hosts are on different networks and must use a gateway/router to
reach the other host

3. When a router needs to forward a packet for one host through another router

4. When a router needs to forward a packet from one host to the destination host on
the same network

* ARP - is a low-level protocol used to bind addresses dynamically.

* ARP allows a host to find a physical address of a target host on the same
physical network, given only it’s IP address.

* ARP hides the underlying network physical addressing. It can be thought of as

part of physical network system and not the internet protocols.

• ARP broadcasts special packets with the destination’s IP address to ALL hosts.
• The destination host (only) will respond with it’s physical address.
• When the response is received, the sender uses the physical address of destination host to
send all packets.

ARP Functionality:

* There are two main functional parts of the address resolution protocol:
 o Determine the destination’s physical address before sending a packet.

o Answer requests that arrive for it’s own Physical-to-IP address binding.

* Because of lost/duplicate packets, ARP must handle this to avoid many re-
broadcasts.

* Bindings in ARP cache (actual cache table) must be removed after a fixed
period of time to ensure validity.

* When a packet is received, the sender’s IP address is stripped and the local
table is updated (ARP cache), then the rest of the packet is processed.

* Two types of incoming packets:

o Those to be processed (correct destination).

o Stray broadcast packets (can be dropped after updating the ARP cache).

* Application programs may request the destination address many times before
the binding is complete. This must be handled, by discarding enqueued requests,
when the correct binding returns.

* ARP sets the field "TYPE" for the ID of a frame.

* ARP packets DO NOT have a fixed format header, so they can be used with
arbitrary physical addresses and arbitrary protocol addresses.

* The lengths of physical addresses may vary up to 48-bits.

Reverse Address Resolution Protocol (RARP) is a network layer protocol used to
resolve an IP address from a given hardware address (such as an Ethernet address).
It has been rendered obsolete by BOOTP and the more modern DHCP, which both
support a much greater feature set than RARP.

RARP is the complement of ARP

• RARP functionality supports multiple physical network types.

• All machines receive RARP requests but only those authorized to supply RARP services
can respond. Machines supplying RARP services are called RARP servers.
• RARP is only used on LANs with a low probability of failure since bootstrapping
requires quick responses.