Topic 3 Data Efficiency and Security

Topic 3 DATA EFFICIENCY AND SECURITY

DEPARTMENT OF ELECTRICAL

ENGINEERING

EP601 DATA COMMUNICATION

1

TOPIC 3 :

At the end of this learning session, student must be able to;

Define data efficiency. Describe data efficiency devices:

a. Front End Processor (FEP) b. Multiplexer

Explain data efficiency techniques:

a. FDM b. TDM c. STDM d. Data Compression: Run length encoding,LZW (Lempel-Ziv_Welch),

Huffman coding. Define data security. Explain the importance of data security. Explain encryption and decryption techniques:

a. Caesar Cipher b. Mapping c. Data Encryptions Standard (DES) d. Rivest-Shamir-Adelman (RSA)

2

What is data efficiency ?

Data efficiency will always be the objective of data communication network that is to transfer the highest possible volume of accurate information through the network with the lowest cost.

We have links with limited bandwidths. But wise use of available bandwidth would result efficiency.

An efficient system maximizes the utilization of all resources; bandwidth is the resources.

Efficiency can be achieved by multiplexing.

Multiplexing allows several transmission sources to share a larger transmission capacity.

3

Data efficiency devices

a. Front End Processor (FEP)

b. Multiplexer

4

Data efficiency devices:

a) Front End Processor (FEP)

A front-end processor (FEP) is a type of computer used in a network to help the main host computer manage the other connected computers.

Why use FEP? - to keep the main computer from having to perform all the processing, which requires a lot of computer resources.

Purpose - takes over the process of managing the data transmissions going from the host to the nodes, back to the host and out to other places and reports directly to the host.

6

FEP Is typically a small computer that is closely

coupled to the central computer/host.

FEP is programmed to handle all the polling and selection procedures, allowing the central computer to devote its time to the main task of application processing

Advantage FEP : central processor need to be involved only when a data message has been received or is to be sent.

All communication overhead associated with each message transfer are handled by FEP, central computer need only initiate the transfer of each message to and from the FEP.

7

Polling and Selecting

The Polling and Selecting access method is not very common because it requires the use of a central controller to execute and monitor the process

Polling: Polling refers to the process of a host computer

asking an intelligent terminal if it has any data to send to the host computer. This task is typically accomplished by a front-end processor (FEP), which handles all the routine communications procedures for the host computer.

Selecting: Selecting occurs when a host computer or a

FEP sends data to a terminal after the terminal indicates that it is ready to accept data.

8

Incoming

and outgoing

jobs

Front-end

processor Main

system

Job 1

Job 2

Job 3

Job 4

9

Communications

link

Multiplexor Front-end

processor

Host

computer

10

MULTIPLEXING

One of the most widely used devices for improving data communication efficiency ; minimize the number of transmission line required.

The aim of multiplexing is to share an expensive resource.

Allows several devices to share single communication facility.

Multiplexing is the set of techniques that allows the simultaneously transmission multiple signals across a single data link and then recovering the separate signals at the receiving end.

It is an efficient method of employing a single high- bandwidth channel to transmit various separate low-bandwidth signals.

11

MULTIPLEXING cont

Figure above illustrate the multiplexing as an efficiency devices.

N inputs share the bandwidth of one link.

n inputs to the multiplexer (MUX) is connected by a single data link to a demultiplexer (DEMUX).

The MUX combines data from the n input lines to a single stream.

DEMUX accepts the multiplexed data stream, separates the stream data into multiple output lines.

12

FIGURE : MULTIPLEXING

13

Data efficiency techniques

a. Frequency Division Multiplexing (FDM)

b. Time Division Multiplexing (TDM)

c. Synchronous Time Division Multiplexing (STDM) & Statistical Time Division Multiplexing

(STDM)

d. Data Compression: Run length encoding, LZW (Lempel-Ziv_Welch), Huffman coding.

14


FDM is analog multiplexing technique that combine analog signal

Multiple signals share the common bandwidth of a single communication channel, each occupying a separate portion of the bandwidth.

Each signal is allocated a different frequency band.

Modulation equipment is needed to move each signal to the required frequency band (channel)

Multiple carriers are used, each is called sub-carrier

Multiplexing equipment is needed to combine the modulated signals

15


16

Example of FDM

One of FDM's most common applications is cable television. Only one cable reaches a customer's home but the service provider can send multiple television channels or signals simultaneously over that cable to all subscribers without interference. Receivers must tune to the appropriate frequency (channel) to access the desired signal

17

FREQUENCY DIVISION MULTIPLEXING

18

FDM Transmitter

FDM Receiver

a. Frequency Division Multiplexing (FDM) cont

19


FDM Multiplexer Multiple signals are each used to modulate a

separate carrier. Each carrier is on a different frequency. The modulated carriers are then added together

to form single complex signal which is transmitted over the single channel.

This signal is then used to modulate a radio transmitter.

FDM demultiplexer The demultiplexer uses a series of filters to

decompose the multiplexed signal into its component signals.

The individual signals are then passed to the demodulator that separates them from their carriers and pass them to the waiting receiver.

20

Advantages of FDM User can be added to the system by simply adding another

pair of transmitter modulator and receiver demodulators. FDM system support full duplex information flow which is

required by most of application. Noise problem for analog communication has lesser effect.

Disadvantages of FDM In FDM system, the initial cost is high. This may include the

cable between the two ends and the associated connectors for the cable.

In FDM system, a problem for one user can sometimes affect others.

In FDM system, each user requires a precise carrier frequency.

21



Digital multiplexing technique for combining several low-rate channels into one high-rate channel.

Each signal occupy the entire bandwidth of the channel. However, each signal is transmitted for only a brief period of time.

The multiple signals take turns transmitting over a single channel.

TDM may be used with both digital and analog signals. The transmission between nodes must be digital and is formatted into serial data words.

TDM assigns each terminal a dedicated time slot.

22


Refer to the figure, the same link is used as in FDM, however the link is shown sectioned by time rather than by frequency

Signal 1, 2, 3 and 4 occupy the link sequentially

The time domain is divided into several recurrent time slots of fixed length, one for each sub-channel.

A sample byte or data block of sub-channel 1 is transmitted during time slot 1, sub-channel 2 during time slot 2, etc.

23

TDM (cont..)

Consider an application requiring four terminals at an airport to reach a

central computer. Each terminal communicated at 2400 bit/s, so rather

than acquire four individual circuits to carry such a low-speed

transmission, the airline has installed a pair of multiplexers. A pair of 9600

bit/s modems and one dedicated analog communications circuit from the

airport ticket desk back to the airline data center are also installed. 24

a) Synchronous TDM

Time Slot and Frames Interleaving Empty Slots Data Rate Management Frame Synchronizing Digital Signal Service T Lines E Lines

TDM (cont..)

b)Statistical TDM

Addressing

Slot Size

No Synchronization Bit

Bandwidth

TDM has two different schemes:

25

c. Synchronous Time Division Multiplexing (STDM)

A data transmission technique in which several users make use of a single channel by means of a system in which time slots are allotted on a fixed basis, usually in round-robin fashion.

STDM assign time slot of equal length to all packet regardless whether or not anything is to be sent by each station with an assigned time slot

Time slot X means it is assigned to user and cannot be used by any other user .

In synchronous TDM, the data rate of the link is n times faster, and the unit duration is n times shorter.

Synchronous TDM is called synchronous as the time slots are pre-assigned to sources and fixed.

The time slots for each source are transmitted whether or not the source has data to send.

26

c. STDM (cont)

Each input unit becomes one output unit and occupies one output time slot.

However , the duration of output TS is n times shorter than the duration of input TS.

If input TS is Ts, then the output TS is T/n s. Where n is the number of connection. (unit in the output connection has a shorter duration means travel faster)

As in the figure, n is 3 , the rate of the output link must be 3 times the data rate of a connection 27

Statistical TDM (STDM)

In statistical TDM (STDM), time slots are assigned to users on a first come, first served basis (on-demand basis)

Any user can be assigned to any time slot at any time. Since time slots are not dedicated to a particular user, then

each time slot must carry an explicit address that

identifies the user for that time slot.

The objective of STDM technology is efficient use of bandwidth on the shared facility. If there is enough traffic

being generated by users, there will be no empty time slots

on the medium.

In addition, STDM tends to provide bandwidth to those users who need it most (i.e., those users with a lot of traffic to

send), what is sometimes referred to as bandwidth on

demand.

28

In synchronous TDM many slots are wasted.

Statistical TDM allocates time slots dynamically, on demand

Statistical TDM (STDM) cont

29

Data Compression

Data compression implies sending or storing a smaller number of bits.

Nowadays almost every multimedia data as audio or video will be used in a compressed form.

Generally these methods can be divided into two broad categories: lossless and lossy methods.

30

Data Compression

Lossless methods:

Run length encoding (RLE)

Lempel-Ziv_Welch (LZW )

Huffman coding.

31

Run length encoding (RLE)

Run Length Encoding is one of the oldest compression methods.

Any sequence of identical symbols will be replaced by a counter identifying the number of repetitions and the particular symbol or one occurrence of the symbol followed by the number of occurrences.

For instance, the original contents 'aaaa' would be coded as '4a'.

32

Example of RLE

Original data : AAAAAAAAAAAAAAA ---- 15 byte

The compressed data : 15A --- 2byte data

Assume that our 15-character string now contains four different character :

AAAAAAbbbXXXXXt

The compressed data :

6A3b5X1t ----- four 2-byte packets:

33

More example of RLE

Original Data : WWWWWWWWWWWWBWWWWWWWWWWWWBBBWWWWWWWWWWWWWWWWWWWWWWWWBWW

WWWWWWWWWWWW

If we apply the run-length encoding (RLE) data compression to the above data , we get the following:

12W1B12W3B24W1B14W Interpreted as twelve Ws, one B, twelve Ws,

three Bs, etc. The RLE code represents the original 67

characters in only 18 characters.

34

Lempel-Ziv Coding (LZ) Lempel-Ziv Coding (LZ) is based on the fundamental work of

Abraham Lempel and Jacob Ziv.

Their original algorithms are generally denoted as LZ77 and LZ78.

Four types of LZ coding are :

Lempel-Ziv 77 (LZ77)

Lempel-Ziv- Storer - Szymanski (LZSS)

Lempel-Ziv 78 (LZ78)

Lempel-Ziv-Welch (LZW)

Lempel Ziv (LZ) encoding is an example of a category of algorithms

called dictionary-based encoding.

The idea is to create a dictionary (a table) of strings used during the

communication session.

LZW compression uses a code table, with 4096 as a common choice

for the number of table entries. 35

The algorithm presented by Terry Welch defines mechanisms to create the dictionary and to ensure that it will be identical for both the encoding and decoding process.

The LZW code is usually of size 12 bits, with 4096 possible codes.

Compression is achieved by using codes 256

through 4095 to represent sequences of bytes.

As the encoding continues, LZW identifies repeated sequences in the data, and adds them to the code table.

Decoding is achieved by taking each code from the compressed file, and translating it through the code table to find what character or characters it represents.

Lempel- Ziv-Welch (LZW) encoding cont..

36

37

Example 1: Compression using LZW

Use the LZW algorithm to compress the string

BABAABAAA

COMPRESSION USING LZW

39

Example 2: Decompression using LZW

Use LZW to decompress the output sequence of Example 1:

DECOMPRESSION USING LZW

Example of LZW encoding

Input string is "^WED^WE^WEE^WEB^WET".

A 19-symbol input has been

reduced to 7-symbol plus 5-

code output. 41

Example of LZW decoding Input string is

"^WEDEBT".

42

Huffman coding

The Huffman coding is a procedure to generate a binary code tree.

Huffman coding assigns shorter codes to symbols that occur more frequently and longer

codes to those that occur less frequently.

It is a variable length code, in which the encoding depends on the frequency of letters

occurring in the data set.

43

Application

Both the .mp3 and .jpg file formats use Huffman coding at one stage of the compression.

Alternative method that achieves higher compression but is slower is patented by IBM,

making Huffman Codes attractive.

44

Huffman coding (cont)

Step in Huffman encoding :

To each character, associate a binary tree consisting of just one node. To each tree, assign the characters frequency,

which we call the trees weight.

Look for the two lightest-weight trees. If there were more than two, choose any two. Merge the two into a single tree

with a new root node whose left and right subtrees are the two

we chose. Assign the sum of the weight of the merged trees

as the weight of the new tree.

Repeat the steps above until just one tree is left. A characters code is found by starting at the root and

following the branches that lead to that character. The

code itself is the bit value of each branch on the path, taken in

sequence.

45


Example:

Letter Frequency

A 4

B 4

C 5

D 6

E 12

We build the tree from the

bottom up.

Start with singleton vertices,

labeled with their frequencies

A

4

B

4

C

5

D

6

E

12

sho/polisas

46


A B C E D

Find the two smallest frequencies, and combine them into a new tree.

4

A B

4

C

5

D

6

E

12

8

47


Repeat

Now, we consider 8, 5, 6, and 12. The two smallest are 5 and 6 Combine them as in the first step, yielding new

vertex with frequency label 11

A

4

B

4

C

5

D

6

E

12

8 11

48


Repeat

Now, we consider 8, 11, and 12.

The two smallest are 8 and 11

Combine them

A

4

B

4

C

5

D

6

E

12

8 11

19

49


Finally, combine the two remaining vertices (12 and 19) to get a single tree.

8

A

4

B

4

C

5

D

6

E

12

11

19

31

50


The final code

A

4

B

4

C

5

D

6

E

12

Letter Code

A 000

B 001

C 010

D 011

E 1

51


A B C D E

1

0

0

0

1

1

1 0

Left branch is 0 Right branch is 1

Length of entire encoding of

text. 4 As, 4 Bs, 5 Cs, 6 Ds, and 12 Es 4x3 + 4x3 + 5x3 + 6x3 + 12x1

= 12 + 12 + 15 + 18 + 12

= 69 bits

Compare to fixed length code 5 characters: need 3 bits each

4x3 + 4x3 + 5x3 + 6x3 + 12x3

= 12 + 12 + 15 + 18 + 36

= 93 bits

A savings of 24 bits.

Longer text would mean more savings

Letter Code

A 000

B 001

C 010

D 011

E 1

52


53

Exercise 1:

57

Length of entire encoding of text.

Compare to fixed length code A savings of bits.

Example of Huffman Coding 2nd example

58

Final tree and code

59

Example of Huffman Coding 2nd example

Encoding : refer to code generated in example 2

Let us see how to encode text using the code for our five characters.

Figure a below shows the original and the encoded text.

Figure a: Huffman encoding 60

Huffman Decoding

Figure b below shows how decoding takes place.

Figure b: Huffman decoding 61

Example of Huffman Coding 3rd example

62

Data Security means protecting a database from destructive forces and the unwanted actions of unauthorized users.

Data security is the practice of keeping data protected from corruption and unauthorized access. The focus behind data security is to ensure privacy while protecting personal or corporate data.

WHAT IS DATA SECURITY?

63

Determining who has access, as well as the

degree of access.

Protecting the data from unauthorized use and sabotage.

Protecting the data from physical harm or accident.

THE IMPORTANCE OF DATA SECURITY

64

Encryption refers to the coding of information in order to keep it secret.

Encryption is a process of converting a plaintext into enciphered text or ciphertext, also called cryptogram.

Decryption is a deciphering process or reversing the encrypting process to recover the original information, which is to convert ciphertext back to its original form of plaintext.

ENCRYPTION AND DECRYPTION

65

a. Caesar Cipher

b. Mapping

c. Data Encryptions Standard (DES)

d. Rivest-Shamir-Adelman (RSA)

ENCRYPTION AND DECRYPTION TECHNIQUES

66

What is cipher ? - put (a message) into secret writing or encode the message.

Caesar Ciphers is a substitution cipher, in which each character in the plaintext is substituted by another character in the ciphertext.

The Caesar Cipher replaces each letter by the letter that appears k positions later to the right in the alphabet. k, is known as a key.

Also known as shift cipher.

Is named after Julius Caesar, who used it in his private correspondence.

CAESAR CIPHERS

67

In this example, if k=3 (shift 3 space or position to the right)

The message (plain text) : "RETURN TO ROME

would be encrypted as (ciphertext) :

"UHWXUA WR URPH

In this example, 'R' is shifted to 'U', 'E' is shifted to 'H', and so on.

CAESAR CIPHERS ---EXAMPLE

68

Use Caesar cipher with key = 15 to encrypt the message

assalamualaikum.

Solution :

Plaintext : a s s a l a m u a l a i k u m

Ciphertext :

Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ

Cipher: MNOPQRSTUVWXYZABCDEFGHIJKL

m d d m w m x f m w m u v f x

69

To decode the message, the receiver uses the same key k and recovers the plaintext by applying the inverse transformation, that is, by traversing the ciphertext string and replacing each character by the character k positions earlier in the alphabet.

DECRYPTING USING CAESAR CIPHER

70

Also known as transposition cipher.

There is no substitution, instead it changes the location of the symbols.

Mapping cipher will reorders symbols in a block of symbols.

Figure : Transposition or Mapping Cipher 71

DECRYPTING USING CAESAR CIPHER cont

Ali needs to send the message Enemy attacks to night to Lina.

The key used for encryption and decryption is a key using a block of five characters :

Solution : First remove the spaces in the message, then divide

the text into blocks of five characters. Then add a bogus (palsu) character z at the end of the fourth block.

enemy attac kston ightz The result of the encryption is : eemyn taact tkons hitzg

72

EXAMPLE:

Amin needs to send the message

kelas ganti data com ditunda to Fatin.

The key used for encryption and decryption is key using a block of four characters :

What is the result of encryption and decryption??

MAPPING CIPHER cont..

Lets do this exercise ..

73

Encryption methods can be SYMMETRIC in which encryption and decryption keys are the same, or ASYMMETRIC in which encryption and decryption keys differ.

The traditional cipher we have studied so far are character-oriented.

Modern cipher need to be bit-orientedwhy?.. The information need to be encrypted is not just text, it could be number, graphics, audio and video data.

LETS TAKE A LOOK AT SOME SIMPLE MODERN CIPHER.

74

Types of simple modern cipher :

XOR Cipher

Substitution Cipher, S-box

Transposition Cipher , P-box :

straight permutations

expansion permutation

Compression permutation

SIMPLE MODERN CIPHER cont

75

The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST).

DES is a widely-used method of data encryption in the world using a private (secret) key , developed in the 1970s

DES uses a 56-bit key and uses the block cipher method, which breaks text into 64-bit blocks and then encrypts them.

Data Encryption Standard (DES)

76

Figure : Encryption and decryption with DES

Data Encryption Standard (DES)continued

77

The encryption process is made of two permutations (P-boxes), which we call initial and final permutations, and sixteen Feistel rounds.

Data Encryption Standard (DES) cont

Figure : General structure of DES

78


Initial and final permutation steps in DES

79

Initial and final permutation tables


The initial and final permutations are straight P-boxes

that are inverses of each other 80

Example :

Find the output of the initial permutation box when the input is

given in hexadecimal as:

0000 0080 0000 0002

Solution : refer to initial & final permutation table

Only bit 25 and bit 63 are 1s; the other bits are 0s. In the initial

permutation, bit 25 becomes bit 37 and bit 63 becomes bit 57.

The result is

0000 0000 0800 0080 81


This function is made up

of four operation: an

XOR, an expansion

permutation, a group of

S-boxes and a straight

permutation.

The heart of DES is the DES function. The DES function

applies a 48-bit key to the rightmost 32 bits to produce a

32-bit output.

82


The round-key

generator creates

sixteen 48-bit

keys out of a 56-

bit cipher key.

83

Table 6.15 Trace of data for Example 6.5

We choose a random plaintext block and a random key, and

determine what the ciphertext block would be (all in

hexadecimal):

84

Table 6.15 Trace of data for Example 6.5 (Conintued

Example DES Cont .

85

RSA is a Public-Key Cryptosystem. Invented in 1977 by MIT professors Ronald L. Rivest, Adi Shamir and Leonard M. Adleman. The system is based on several mathematical principles in

number theory. Public-key (or two-key) cryptography involves the use

of two keys: 1 - A public-key, which may be known by anybody, and

can be used to encrypt messages, and verify signatures 2 - A private-key, known only to the recipient, used

to decrypt messages, and sign (create) signatures

digital signature is an electronic signature to

authenticate the identity of the sender of a message

RSA (Rivest-Shamir-Adelman)

86

87

RSA (Rivest-Shamir-Adelman) cont

1. Select two large prime numbers at random : p and q

2. Compute their product (hasil darab), n n is also called system modulus . n = p x q

3. Compute z = (p-1)(q-1) , also known as (n) , Eulers phi-function

4. Selecting at random the encryption key e ; relatively prime to z or (n) . gcd(e, (n)) = 1 , e < n

5. Finally compute d , the decryption key, such that the product of e and d is congruent (sepadan ) to 1 mod (n). e*d 1 mod (n) , 0

To encrypt a plaintext message block m, compute

C=Me mod n To decrypt the block, compute

M=Cd mod n Each plaintext block must be smaller than

the value of n.

Encryption with RSA

89

A prime number, or prime, is a number that is evenly divisible by only 1 and itself.

For instance 10 is not prime because it is evenly divisible by 1, 2, 5 and 10. But 11 is prime, since only 1 and 11 evenly divide it.

The numbers that evenly divide another number are called factors. The process of finding the factors of a number is called factoring.

Relatively Prime : Two numbers are relatively prime if they share only one factor, namely 1.

Prime Numbers & Relatively Prime

90

a = b mod (m) means that when a is divided by m the remainder is b.

Examples

11 = 1 mod (5)

20 = 2 mod (6)

Modular Arithmetic

91

1. Lets select prime ; p = 3 and q = 11 2. Then compute the modulus , n = p x q = 33 3. Compute Eulers phi-function, (n) = (p-1) X (q -1) (33) = (2) x (10) = 20 4. Select e : gcd(e,20)=1; lets choose e = 3 5. Compute d ; d x e = 1 mod 20 ; d < 20 3d = 1 mod 20 ; d = 7 , why

? 3 x 7= 1 mod 20 21 = 1 mod 20 ( 21divide by 20, the remainder

is 1) 6. Kpub= {e,n] ={3,33} 7. Kpvt={d,n} = { 7,33} C = Pe (mod n) ; cyphertext P = Cd (mod n) ; plaintext

RSA Example 1

92

What is the encryption and decryption

of M = 2 if Kpub= {3,33} and Kpvt= { 7,33} ?

C = ?? & P = ??

Try to solve this

93

RSA Example

94

1. Select primes: p=17 & q=11

2. Compute n = pq =1711=187

3. Compute (n)=(p1)(q-1)=1610=160

4. Select e : gcd(e,160)=1; choose e = 7

5. Determine d: de=1 mod 160 and d < 160

Value is d=23 since 237=161= 1 mod 160

6. Publish public key Kpub={7,187}

7. Keep secret private key Kpvt={23,187}

161divide by 160, the

remainder is 1

RSA Example 2

95

sample RSA encryption/decryption is:

given message M = 88 (M < n , 88

1. Select primes: p=7 & q=11 2. Compute n = pq =711=77 3. Compute (n)= (p1)(q-1)= 610 = 60 4. Select e : gcd(e,60)=1; if choose e = 13 5. Determine d: de=1 mod 60 and d < 60 Value is d=37 since 3713 =481= 1 mod 60

6. Publish public key Kpub= {e,n} ={13,77} 7. Keep secret private key Kpvt={d,n} =

{37,77}

481divide by 60, the

remainder is 1

RSA Example 3

97

EXERCISE: Upin sends the plaintext 5 to Ipin. Using the above public and private key in

example 3, what is the cyphertext , C and plaintext ,P?

Remember ; C = Pe (mod n) = 513 mod 77 ;

cyphertext P = C37 mod 77 ;

plaintext

Encrypt and decrypt

98

99

REFERENCES:

Main: Forouzan, B.A. (2012). Data Communications and Networking (5th edision). Mc Graw Hill. (ISBN: 978-0-07-131586-9) Additional: William Stallings. (2011). Data And Computer Communication (9th edition). Prentice Hall. (ISBN-10: 0131392050)

Topic 3 Data Efficiency and Security

Documents

Transcript of Topic 3 Data Efficiency and Security