Secure HTTP (S-HTTP)

An extension to the HTTP protocol to
support sending data securely over the web.
• Difference from SSL:
– SSL is designed to establish a secure connection
between two hosts.
– s-HTTP is designed to send individual messages

Some Features:
– Provides a variety of security mechanisms to HTTP
clients and servers.
– Does not require client-side public certificates (or
public keys), as it supports symmetric key-only
operation modes.
– Provides full flexibility of cryptographic algorithms.
• s-HTTP and HTTPS are not the same.
• HTTPS is an alternative to s-HTTP.
– HTTP runs on top of SSL or TSL.

What is a Penetration Test?

A process of actively evaluating the
information security measures in an
• Most common procedure:
– The security measures are actively analyzed for
design weaknesses, technical flaws and
– Results are delivered in a comprehensive report.

Ethical Hacking ….

Definition of ethical hacking
– A situation where a computer and network expert
attacks a security system on behalf of its owners,
seeking vulnerabilities that a malicious hacker
could exploit.
– To test a security system, ethical hacking uses
the same methods as their less principled
counterparts (hackers), but report problems
instead of taking advantage of them.
• Also called penetration testing.

Why is it Required?

There are several reasons why organizations
choose to perform a penetration test.
– To identify the threats facing the information
assets of the organization.
– Reduce the IT security costs by identifying and
resolving vulnerabilities and weaknesses.
– Provide the organization with information
– Gain and maintain certification to an industry
regulation (BS7789, HIPAA, etc.).

Secure Socket Layer (SSL)

SSL was first used by Netscape.
– To ensure security of data sent through HTTP,
• Uses TCP to provide reliable end-to-end
secure service.
• In general, SSL can be used for secure data
transfer for any network service running over

The main objectives of SSL are:
– Authenticate the client and server to each other.
– Ensure data integrity.
– Ensure data privacy.
• Required for both the protocol data and also
the application data.

SSL Architecture

SSL consists of two layers of protocols:
– SSL Record Protocol
• Ensures data security and integrity.
– Protocols required to establish SSL connection.
• Three protocols used in this layer:
SSL Handshake Protocol
SSL ChangeCipherSpec Protocol
SSL Alert Protocol

SSL Record Protocol

Mainly responsible for data encryption and
• Basic function:
– Take an application message to be sent.
– Fragment the application message data.
• 16 Kbytes or smaller.
– Encapsulate it with appropriate headers and
create an object called a record.
– Encrypt the record and forward it to TCP.

The Higher Layer Protocols

SSL Alert Protocol
– Used to send session messages associated with
data exchange and functioning of the protocol.
– Each message consists of two bytes:
• First byte is either 1 (warning) or 2 (fatal). If “fatal”, the
SSL session is terminated.
• Second byte contains one of the defined error codes.

SSL ChangeCipherSpec Protocol

Consists of a single message that carries the
value of 1.
– Purpose of this message is to cause the pending
session state to be established as a fixed state.
• Define the set of protocols to be used.
• Must be sent from client to server, and vice versa.

SSL Handshake Protocol

Used to initiate a session between the server and
the client.
– Within the application data, algorithms and keys
used for data encryption can be negotiated.
– Provides mutual authentication.
– Process of negotiation divided into four phases.

Client sends to the server
• SSL version
• Random (used to protect key exchange)
• Session ID
• CipherSuite
– Server sends back
• SSL version
• Random (a different number is generated)
• Session ID
• CipherSuite

Transport Layer Security (TLS)

Extension of SSL.
• Aim is to provide security and data integrity
features at the transport layer between two
web applications.
• Supported my most web servers and
browsers today.

Secure Shell (SSH)

Originally developed in 1995.
– As a secure replacement for telnet, rlogin, rcp,
– Allows port forwarding (tunneling over SSH)
– Built-in support for proxies/firewalls.
• Widely used nowadays.

In SSHv1 protocol, the server uses two keys:
– Long-term server identification key.
• Binds the connection to the server.
• 1024 bit RSA.
– Short-term encryption key, changed every hour.
• Makes later recovery impossible.
• Short-term keys are regenerated as a background task.
• 768 bit RSA.

Multiple authentication mechanisms
– Straight passwords (protected by SSH
– RSA based authentication.
• Client decrypts a challenge from the server; returns the
hash to the server.
– Plug-in mechanisms (biometrics, smartcard, etc.).

IP Security (IPSec)

Security built into the IP layer.
– Provides host-to-host (or firewall-to-firewall)
encryption and authentication.
– Required for IPv6, but optional for IPv4.
• Consists of two parts:
– IPSec proper (for encryption and authentication).
– IPSec key management.


Provides two modes of protection
– Tunnel Mode
– Transport Mode
• Authentication and Integrity
• Confidentiality
• Replay Protection

Private and Public Key Systems:

Symmetric encryption/decryption is much
faster than asymmetric encryption/
RSA: kilobits/second
DES: megabits/second

DES is about 100 times faster than RSA

Authentication Application::

Users wish to access services on servers.
• Three threats exist:
– User pretend to be another user.
– User alter the network address of a computer.
– User eavesdrop on exchanges and use a replay

Provides a centralized authentication server
(AS) to authenticate users to servers and
servers to users.
• Relies on conventional encryption.
– Makes no use of public-key encryption.
• Two versions: version 4 and 5.
• Version 4 makes use of DES.

Electronic Mail Security:: Pretty
Good Privacy (PGP)

PGP provides a confidentiality and
authentication service that can be used for
electronic mail and file storage applications.
• Why popular?
– It is availiable free on a variety of platforms.
– Based on well known algorithms.
– Wide range of applicability

Practical Encryption Algorithms

Data Encryption Standard (DES)
– Block size is 64 bits.
– Key is 56 bits.
– Block size is 64 bits.
– Key size is 128 bits.
• Advanced Encryption Standard (AES)
– Also known as Rijndael cryptosystem.
– Block size can be 128, 192, or 256 bits.
– Key size can be 128, 192, or 256 bits.

Block Encryption Algorithms

Data Encryption Standard (DES)
– The most widely used encryption scheme.
– Known as the Data Encryption Algorithm (DEA).
– It is a block cipher.
• The plaintext is 64-bits in length.
• The key is 56-bits in length.
• Longer plaintexts are processed in 64-bit blocks.


The overall processing at each iteration:
Li = Ri-1
Ri = Li-1 ⊕ F(Ri-1, Ki)
• Concerns about:
– The algorithm and the key length (56-bits)
– Longer key lengths essential for critical


Three categories:
a) Encryption/decryption:
• The sender encrypts a message with the recipient’s
public key.
b) Digital signature / authentication:
• The sender signs a message with its private key.
c) Key exchange:
• Two sides cooperate to exhange a session key.


Computationally easy for a party B to
generate a key pair
– Public key KUB
– Private key KRB
• Easy for sender to generate ciphertext:
C = E (M, KUB)
• Easy for the receiver to decrypt ciphertext
using private key:
M = D (C, KRB) = D (E (M, KUB), KRB)

Computationally infeasible to determine
KRB knowing KUB.
• Computationally infeasible to recover
message M, knowing KUB and ciphertext C.
• Either of the two keys can be used for
encryption, with the other used for
M = D (E (M, KUB), KRB) = D (E (M, KRB), KUB)

The RSA Public Key Algorithm

RSA Algorithm
– Developed by Ron Rivest, Adi Shamir and Len
Adleman at MIT, in 1977.
– A block cipher.
– The most widely implemented.
ICDCN’06, IIT Guwahati
The RSA Algorithm – Key Generation
1. Select p,q p and q both prime
2. Calculate n = p x q
3. Calculate
4. Select integer e
5. Calculate d
6. Public Key KU = {e,n}
7. Private key KR = {d,n}
Φ(n) = ( p −1)(q −1)
gcd(Φ(n),e) =1;1< e < Φ(n)
d = e−1 modΦ(n)
φ(n) is the number of positive numbers less than n
and relatively prime to n (called Euler totient).

The Security of RSA

RSA is secure since
– We use large number of bits in e and d.
– The problem of factoring n into two prime factors is
computationally very difficult.
• Knowing p and q will allow us to know Φ(n).
• This will help an intruder to know the values of e and d.
• Until recently, this was felt to be infeasible for numbers in the
range of 100 decimal digits or so (approximately 300 bits).
• A worldwide team cooperating over the internet and using
1600 computers recently cracked the code in eight months.
• Currently, a 1024-bit key size (about 300 decimal digits) is
considered strong enough for virtually all applications.
– Key sizes in the range of 1024 to 2048 bits seems safe.

Introduction to Wi-Fi Network

It is important to know
Nearer access point to you.
How to use it efficiently.
Firewall disable option.
Wireless radio on option.
On Demand option .
Data backup.

Radio Issues (Contd..)

Select Advanced Tab

Remove the Tick mark for 'Wireless Device Off'

Press OK

Check your Front Panel Dashboard WLAN LED status. It should glow for the Laptop to Transmit / Receive data.

Networking Components Needed for WLAN

Client for Microsoft Networks
File and Printer Sharing for Microsoft Networks
QoS Packet Scheduler
AEGIS Protocol (IEEE 802.1x) v
WLAN Transport
Internet Protocol (TCP/IP)

De-select all others

Troubleshooting with Commands

If the output shows Gateway as, your configuration is correct.
Otherwise, try the following commands:

C:\> ipconfig /release
if wrong/automatic IP address is released, it will display new IP address as
Repeat command till you get this new IP address

C:\> ipconfig /renew
It will get new IP address from DHCP server automatically. Check with 'ipconfig /all' command again to verify the gateway.

NAT: Sharing an IP Address

Network Address Translation…that indirection thing again
Some IP addresses are *not* globally unique; designated for local use/reuse
Host has local address “behind” the NAT device
NAT translates outgoing packet headers
Rewrites source IP address to be NAT’s IP address
Rewrites source port
Saves map of internal-external address/port mappings

NAT Example

Hypothetical example:
Source’s internal socket is IP, port 1341
Translated to IP (address assigned to customer by IAP) port 5280
Traffic from NAT device identifies translated address/port as source
NAT forwards traffic sent to it (IP with port 5280 to source host ( using port 1341

NAT Advantages and Disadvantages

Rest of Internet unaffected
Transparent: benefit of indirection
Internal addresses don’t need to be globally unique
Allows simultaneous use: benefit of local namespace
Multiple hosts can share one external IP address
E.g., useful for home networks
…but protocols that depend on IP address of host (e.g., early versions of Kerberos) get confused
Host says it has an internal IP address
Different (external) address used for routing

The End-to-End Principle

If function needs to be done as endpoint-to-endpoint service, don’t implement it link-to-link
More generally, if function will need to be (re)done at higher layer, don’t do it at lower layer
Examples in TCP/IP
Error detection
Guaranteed delivery of packets
Not encryption -- implemented at higher layer

The End-to-End Principle

If function needs to be done as endpoint-to-endpoint service, don’t implement it link-to-link
More generally, if function will need to be (re)done at higher layer, don’t do it at lower layer
Examples in TCP/IP
Error detection
Guaranteed delivery of packets
Not encryption -- implemented at higher layer

Why Fragment Messages?

If part of message is lost or garbled, you only have to resend the affected packet(s)
Store-and-forward delay is minimized
A can send packet 1 to B while receiving packet 2 from S
Not possible if whole message sent at once

TCP Protocol: Guaranteed Delivery

Error Detection on TCP Packets
Checksum detects if IP packet is corrupt
E.g., parity check: even or odd number of 1s in payload
If error detected, discard packet
Sender remembers packets it sent
Receiver ACKs each packet received
Clever optimization: piggyback ACK to data packet already flowing other direction
If ACK not received within a specified timeout interval, the sender resends packet
Receiver may get two copies!
Just ignore the second one

TCP Guaranteed Delivery Demo

Same as before, except
The sender will retransmit if ACK not received within the timeout interval
When packet reaches destination, receiver must acknowledge by telling the class the sequence number of the packet received
The TCP header includes error checking information.

Identifying A Connection: Another Use Of TCP Ports

Each side of a TCP connection is referred to as a socket, and can be identified by the IP address and port
A logical connection between a source and destination host is uniquely identified by the two sockets involved

TCP Congestion

If a router is overworked
Its queues fill up
It drops additional packets
Because TCP provides guaranteed delivery through ACK, the source clients resend the packets
Even more congestion

Flow Control

Similar to congestion, but not due to network interference
Destination host’s own traffic is too much
Destination unable to receive so fast
TCP flow control implementation is similar to solution for congestion control
Receiver can explicitly request lower send rate in ACKs

Summary of TCP/IP

Best-effort delivery to remote destination
Globally unique addresses
Routers forward to next hop
Message fragmentation and reassembly
Guaranteed delivery
Port numbers
Congestion and flow control

Commercial Provision of TCP/IP

Internet Access Providers (IAPs)
Customers connect computer or network to IAP (ISP)
IAP connects to rest of the Internet
Routes may involve intermediate transit carriers
Transit traffic = neither source nor destination address is a direct customer of the carrier
Interconnection between transit carriers
NAPs (multilateral peering between IAPs)
Paid interconnects (small providers to big ones that carry lots of transit traffic)
Usually flat rate based on maximum bitrate, not actual bitrate of transfers

TCP Services

TCP picks up where IP leaves off
Message fragmentation and reassembly
Packet sequence numbers
Guarantees delivery
Error detection
ACKs and retransmits
Maintains conversational context
Specifies process at destination
Port numbers in TCP packet header

Layered Headers

Each layer adds its own header to the message that it receives from the layer above
As far as the lower layer is concerned, the higher layers’ headers are just a part of the message to be delivered
The higher layers never see the lower layer headers because the lower layers remove them before passing the message up

Layered Headers In TCP/IP

The TCP layer fragments a message into packets, puts headers on the packets, and passes them to the IP layer
The IP layer adds its own header to each packet that it receives from TCP
The IP layer removes its header before passing the delivered packet back to the TCP layer
The TCP layer removes its headers and reassembles the message before passing the result back to the layer above

TCP Protocol: Message Fragmentation And Reassembly

TCP client at source divides message into packets
Each packet gets a sequence number
Stored in the header
TCP packet becomes payload of IP packet
TCP software at destination reassembles
If arrive out of order, use sequence number

TCP Fragmentation And Sequencing Demo

Same routing tables as on Thursday
Don’t forget to decrement HopLimit
New message takes several index cards
Each index card is a TCP fragment
The card is placed in a small envelope that has a TCP header
The small envelope is placed in a big envelope with an IP header

Transmission Control Protocol

How does the router know where to send an IP packet?
What’s in the packet? What’s in the router?
How does a destination host know what order a series of packets was sent in?
If we were to define a streaming audio protocol as a spanning layer…
Where would it have to run?
Could people use different media players to listen to audio streamed with this protocol?

Understand TCP and relationship to IP
Commercial Internet Provision
Network Address Translation
The End-to-End Principle

Transmission efficiency

Transmission efficiency = (useful data/total No bits transmitted)*100
For example for asynchronous transmission of 8-bit characters with one start and one stop bits, we have:
Transmission efficiency = (8/10)*100 = 80%
Let's consider now the synchronous transmission of a block of 480 8-bit characters, assuming 7 synchronisation characters, one start of block character, and one end of block character.
The total number of bits transmitted is 480*8 + 7*8 + 2*8 = 3912 bits. So, we have:
Transmission efficiency = (3840/3912)*100 = 98.16%
Effective Data Rate = (Transmission Efficiency/100)*Capacity

Interfacing (6) - Multiplexing

Another form of interfacing a number of DTEs located together to a resource like a central computer is Multiplexing.
Multiplexing is a data transmission function that permits two or more data sources to share a common transmission medium such that each data source has its own channel. This is achieved by the use of Multiplexers.
A Multiplexer is a communications device that enable a number of lower data rate devices, normally situated in the same location, to share a single higher data rate transmission line. The capacity of the latter must be in excess of the combined rates of the low rate devices.

Interfacing (8) - Protocols

A Protocol is the set of rules that regulate and control the communication between two or more entities.
The communication interfaces define the physical level protocol between communicating devices. They define:
Transmission mode
The connectors, and
Control to be used during communication.
In computer based communications a communication interface is accessed and controlled by software. This control software is normally called the interface/device controller/driver

What is understood by the term Communication?

The term communication is defined as the act of disseminating information. It presupposes that:

there is information to disseminate
the desire to disseminate exists
there is an agency to send/transmit information
there is a means of encoding information
there is a medium to carry the information
there is a recipient to receive the information
the recipient is capable of understanding the information received

Data Transfer Requirements (1)

Consider the internal work of The Little Man Computer when data is to be transferred from the calculator to a memory location (for example location 99). This transfer will require:

identifying the destination, i.e. getting its address (in this case 99)

advising it that data will be written into it

preparing the internal bus structure for data transfer

instructing the calculator when and how to send its data.

Data Transfer Requirements (2)

From this example, you will have noted that transferral of data requires:

a sender to send the message, in this case the calculator
addressing to identify the destination, in this case memory address 99
a transmission medium to allow data flow, in this case the Little Man Computer’s internal bus
a receiver to receive the message - the memory location addressed as 99
co-operation between sender and receiver.
to be error free
is compatible with the transmission medium
is in a format which can be used by the receiver
has been successfully received

Basic Elements of a Communication System

From the above discussion, in any communication between two entities we can
identify the following basic elements:

1. Sender
2. Receiver
3. Addressing - identifies where the Receiver is
4. Protocol - set of co-operation rules to achieve communication
5. Transmission code - “language” being used
6. Transmission rate - speed at which “what is being communicated” is being sent
7. Transmission synchronisation - how to recognise what is being communicated
8. Transmission medium
9. Error detection and correction
10. Transmission efficiency - how much of what is being sent is useful to the receiver

Data Transmission Fundamentals - Some Terminology

Data transmission between sender and receiver occurs over some transmission medium.
Transmission may be simplex, half-duplex, or full-duplex
Transmission media may be classified as guided or unguided. In both cases communications is in the form of electromagnetic waves.
The term direct link, also known as data link, is used to refer to a transmission path in which signals propagate directly from transmitter (sender) to receiver with no intermediate devices, other than amplifiers or repeaters used to increase signal strength.
A guided transmission medium is point-to-point if it provides a direct link between two devices, and those are the only two devices sharing the medium.
In a multipoint guided configuration, more than two devices share the same medium.

Signalling Technologies

Baseband is the transmission of digital signals without modulation. In a baseband communication network, digital signals (0s and 1s) are put onto the medium as voltage pulses. The entire bandwidth is consumed by the signal.
Broadband uses coaxial cable to provide data transfer by means of analogue signals. The bandwidth is divided in different frequency bands or channels. In a broadband communication network involving computers, digital signals are passed onto the medium through a modem and transmitted over one of the channels. So, several different communication networks can be implemented over the same medium.
Analogue transmission is used to mean the transmission of analogue signals without regard to their content.
Digital transmission, on the other hand, is used to mean the content of the signal.



LAN is a group of computers, printers and other interconnected devices.

Characteristics of a LAN include:

Limited geographic operation
High speed data transfer rates
Full time connectivity to local services
Generally lower in cost than a WAN
Cabling is primary transmission medium

Wide Area Network (WAN) is a computer network that covers a broad area (i.e., any network whose communications links cross metropolitan, regional, or national boundaries [1]). This is in contrast with personal area networks (PANs), local area networks (LANs), campus area networks (CANs), or metropolitan area networks (MANs) which are usually limited to a room, building, campus or specific metropolitan area (e.g., a city) respectively. The largest and most well-known example of a WAN is the Internet.

Characteristics of WAN

1.Connect Multiple LANs via an Ethernet Network
Connect multiple LANs using Ethernet technology. Build a network as a single overall LAN segment.

2.Wide-Area LAN that utilizes a High-Speed Layer 2 Switch
Layer 2 switch within each backbone houses a access line. Users have access to a full-mesh WAN architecture that does not rely on Layer 3 or other higher order layers.

3.Layer 2 Level Advanced Security
Virtual LAN technology (VLAN) is used to assign a user ID for each user, allowing network segmentation below the IP layer.

4.Compatible with a Variety of Access Lines
Offers a number of network services compatible with bandwidths from 128kbps to 1Gbps, as well as Ether/ ATM/ DSL/ MDN, etc.

Characteristics of a MAN

A MAN is a relatively new class of network, it serves a role similar to an ISP, but for corporate users with large LANs.They typically use wireless infrastructure or Optical fiber connections to link their sites.

1.The network size falls intermediate between LANs and WANs. A MAN typically covers an area of between 5 and 50 km diameter. Many MANs cover an area the size of a city, although in some cases MANs may be as small as a group of buildings or as large as the North of Scotland.

2.A MAN (like a WAN) is not generally owned by a single organisation. The MAN, its communications links and equipment are generally owned by either a consortium of users or by a single network provider who sells the service to the users. This level of service provided to each user must therefore be negotiated with the MAN operator, and some performance guarantees are normally specified.

3.A MAN often acts as a high speed network to allow sharing of regional resources (similar to a large LAN). It is also frequently used to provide a shared connection to other networks using a link to a WAN.


Classless addressing

Classless addressing

Classful addressing has created many problems
Many ISPs and service users need more addresses
Idea is to have variable-length blocks that belong to no class
Three restrictions on classless address blocks;
The addresses in a block must be contiguous, one after another
The number of addresses in a block must be a power of 2
The first address must be evenly divisible by the number of addresses

Mask and Address Blocks

In IPv4 addressing, a block of addresses can be defined as x.y.z.t /n in which x.y.z.t defines one of the addresses and the /n defines the mask.
The first address in the block can be found by setting the rightmost 32 − n bits to 0s
The last address in the block can be found by setting the rightmost 32 − n bits to 1s
The number of addresses in the block can be found by using the formula 232−n

The binary representation is 1100110 00010000 00100101 00100111
If we set 32 − 28 rightmost bits to 0, we get 11001101 00010000 00100101 00100000
 (First address)
If we set 32 − 28 rightmost bits to 1, we get 11001101 00010000 00100101 00101111
 (Last address)
The value of n is 28, which means that number of addresses is 232−28 or 16

Network Address

The first address in a block is normally not assigned to any device; it is used as the network address that represents the organization to the rest of the world

Two-Level Hierarchy: No Subnetting

Each address in the block can be considered as a two-level hierarchical structure: the leftmost n bits (prefix) define the network; the rightmost 32 − n bits define the host

Address Allocation and Distribution: Example

The first group has 64 customers; each needs 256 addresses.
The second group has 128 customers; each needs 128 addresses.
The third group has 128 customers; each needs 64 addresses.

Network Address Translation: NAT

NAT enables a user to have a large set of addresses internally and one address, or a small set of addresses, externally.

Addresses Translation
Address translation for source address of outgoing packet and for destination address of incoming packet

Translation Table

Using (1) one IP address, (2) a pool of IP address, and (3) both IP addresses and port numbers

Five-Column Translation Table

IPv6 Addresses

Despite all short-term solutions, such as classless addressing, DHCP (Dynamic Host Configuration Protocol), and NAT, still address-hungry
An IPv6 address is 128 bits long
Hexadecimal colon notation:

IPv6 Address Space

IPv6 Addresses

Unicast addresses: define a single computer
Two types: geographically based and provider-based
Prefixes for provider-based unicast address
Type id (3 bits), Registry id (5 bits)

IPv6 Addresses

Anycast addresses: define a group of nodes
Unlike multicast, a packet is delivered to only one of the members of the anycast group, the nearest

Logical Addressing

Logical Addressing

Position of network layer

The network layer is responsible for the delivery of individual packets from the source to the destination host

Network Layer: Logical Addressing

19.1 IPv4 Addresses
19.2 IPv6 Addresses

IPv4 Addresses

An IP address is a 32-bits long
The IP addresses are unique and universal
The address space of IPv4 is 232 or 4,294,967,296
Binary notation: 01110101 10010101 00011101 00000010
Dotted-decimal notation:


Change the following IP addresses from binary notation to dotted-decimal notation.
a. 10000001 00001011 00001011 11101111
b. 11111001 10011011 11111011 00001111

We replace each group of 8 bits with its equivalent decimal number and add dots for separation:

Classful addressing

In classful addressing, the address space is divided into five classes: A, B, C, D, E
A new architecture, called classless addressing was introduced in the mid-1990s

Classful Addressing: Example

Find the class of each address.
a. 00000001 00001011 00001011 11101111
b. 11000001 10000011 00011011 11111111

Classful Addressing: Example Solution

a. The first bit is 0. This is a class A address.
b. The first 2 bits are 1; the third bit is 0. This is a class C address.
c. The first byte is 14; the class is A.
d. The first byte is 252; the class is E.



17.1 Architecture
17.2 SONET Layers
17.3 SONET Frames
17.4 STS Multiplexing
17.5 SONET Networks
17.6 Virtual Tributaries

Digital transmission standards for fiber-optic cable
Independently developed in USA & Europe
SONET(Synchronous Optical Network) by ANSI
SDH(Synchronous Digital Hierarchy) by ITU-T
Synchronous network using synchronous TDM multiplexing
All clocks in the system are locked to a master clock
It contains the standards for fiber-optic equipments
Very flexible to carry other transmission systems (DS-0, DS-1, etc)

SONET/SDH Architecture

Architecture of a SONET system: signals, devices, and connections
Signals: SONET(SDH) defines a hierarchy of electrical signaling levels called STSs(Synchronous Transport Signals, (STMs)). Corresponding optical signals are called OCs(Optical Carriers)

SONET/SDH Architecture

SONET devices: STS multiplexer/demultiplexer, regenerator, add/drop multiplexer, terminals

SONET/SDH Architecture

Connections: SONET devices are connected using sections, lines, and paths
Section: optical link connecting two neighbor devices: mux to mux, mux to regenerator, or regenerator to regenerator
Lines: portion of network between two multiplexers
Paths: end-to-end portion of the network between two STS multiplexers

SONET Layers

SONET defines four layers: path, line, section, and photonic
Path layer is responsible for the movement of a signal from its optical source to its optical destination
Line layers is for the movement of a signal across a physical line
Section layer is for the movement of a signal across a physical section, handling framing, scrambling, and error control
Photonic layer corresponds to the physical layer of OSI model

SONET Layers

SONET Frames

Each synchronous transfer signal STS-n is composed of 8000 frames. Each frame is a two-dimensional matrix of bytes with 9 rows by 90 × n columns.

A SONET STS-n signal is transmitted at 8000 frames per second
Each byte in a SONET frame can carry a digitized voice channel
774 voice channels are supported by STS 1 signaling simultaneously.
Prove that STS-1 has data rate of 51.84 Mbps.

SONET Frames

In SONET, the data rate of an STS-n signal is n times the data rate of an STS-1 signal
In SONET, the duration of any frame is 125 μs

Concatenated Signal

The suffix c (for concatenated) means that the STS-n is not considered as n STS-1 signals. So, it cannot be demultiplexed into n STS-1 signals
An STS-3c signal can carry 44 ATM cells as its SPE
SPE of an STS-3c can carry 9 x 260 = 2340 which can accommodate approximately 44 ATM cells, each of 53 bytes

Add/Drop Multiplexer

Only remove the corresponding bytes and replace them with the new bytes including the bytes in the section and line overhead

Wired LANs: Ethernet

Wired LANs: Ethernet

IEEE Standards
Standard Ethernet
Changes in the Standard
Fast Ethernet
Gigabit Ethernet

IEEE Standards

In 1985, the Computer Society of the IEEE started a project, called Project 802, to set standards to enable intercommunication among equipment from a variety of manufacturers. Project 802 is a way of specifying functions of the physical layer and the data link layer of major LAN protocols.

IEEE 802 Working Group

Active working groups Inactive or disbanded working groups
802.1 Higher Layer LAN Protocols Working
802.3 Ethernet Working Group
802.11 Wireless LAN Working Group
802.15 Wireless Personal Area Network
(WPAN) Working Group
802.16 Broadband Wireless Access Working
802.17 Resilient Packet Ring Working Group
802.18 Radio Regulatory TAG
802.19 Coexistence TAG
802.20 Mobile Broadband Wireless Access
(MBWA) Working Group
802.21 Media Independent Handoff Working
802.22 Wireless Regional Area Networks 802.2 Logical Link Control Working Group
802.4 Token Bus Working Group
802.5 Token Ring Working Group
802.7 Broadband Area Network Working
802.8 Fiber Optic TAG
802.9 Integrated Service LAN Working
802.10 Security Working Group
802.12 Demand Priority Working Group
802.14 Cable Modem Working Group

Logical Link Control (LLC)

Framing: LLC defines a protocol data unit (PDU)
To provide flow and error control for the upper-layer protocols that actually demand these services

Standard Ethernet

The original Ethernet was created in 1976 at Xerox’s Palo Alto Research Center (PARC). Since then, it has gone through four generations

MAC Sublayer

Preamble: alerting the receiving system to the coming frame and enabling it to synchronize its input timing


The least significant bit of the first byte defines the type of address. If the bit is 0, the address is unicast; otherwise, it is multicast
The broadcast destination address is a special case of the multicast address in which all bits are 1s
Ethernet address in hexadecimal notation


Access method: 1-persistent CSMA/CD
Slot time = rount-trip time + time required to send the jam sequence
512 bits for Ethernet, 51.2 μs for 10 Mbps Ethernet

Slot time and collision

Slot time and maximum network length
MaxLength = PropagationSpeed x SlotTime/2
MaxLength = (2 x 108) x (51.2 x 10-6/2) = 5120 m
MaxLength = 2500 m 48 % of the theoretical calculation by considering delay times in repeaters and interfaces, and the time required to send the jam sequence

Fast Ethernet

Under the name of IEEE 802.3u
Upgrade the data rate to 100 Mbps
Make it compatible with Standard Ethernet
Keep the same 48-bit address and the same frame format
Keep the same min. and max. frame length

MAC Sublayer
CSMA/CD for the half-duplex approach
No need for CSMA/CD for full-duplex Fast Ethernet

Autonegotiation: allow two devices to negotiate the mode or data rate of operation

Gigabit Ethernet

Under the name of IEEE 802.3z
Upgrade the data rate to 1 Gbps
Make it compatible with Standard or Fast Ethernet
Keep the same 48-bit address and the same frame format
Keep the same min. and max. frame length
Support autonegotiation as defined in Fast Ethernet

MAC Sublayer
Most of all implmentations follows full-duplex approach
In the full-duplex mode of Gigabit Ethernet, there is no collision; the maximum length of the cable is determined by the signal attenuation in the cable.
Half-duplex mode (very rare)
Traditional: 0.512 μs (25m)
Carrier Extension: 512 bytes (4096 bits) min. length
Frame bursting to improve the inefficiency of carrier extension

Ten-Gigabit Ethernet

Under the name of IEEE 802.3ae
Upgrade the data rate to 10 G bps
Make it compatible with Standard, Fast, and Giga Ethernet
Keep the same 48-bit address and the same frame format
Keep the same min. and max. frame length
Allow the interconnection of existing LANs into a MAN or WAN
Make Ethernet compatible with Frame Relay and ATM

Multiple Access

Multiple Access

Random Access
Controlled Access

Data Link Layer: Two sublayers

Data link layer divided into two functionality-oriented sublayers
IEEE made this division for LANs

Medium Access Protocols

Random Access

Each station has the right to the medium without being controlled by any other station
Collision, a access conflict, if more than one station tries to send


The earliest random access method developed at the Univ. of Hawaii in the early 1970s
Designed for a radio (wireless) LAN
Pure ALOHA and Slotted ALOHA

Pure ALOHA Protocol: Procedure

The throughput for pure ALOHA is S = G × e −2G .
The maximum throughput Smax = 0.184 when G= (1/2).

Slotted ALOHA

Pure ALOHA vulnerable time = 2 x Tfr because there is no rule that defines when the station can send
Slotted ALOHA was invented to improve the efficiency of pure ALOHA

throughput for slotted ALOHA is S = G × e−G .
The maximum throughput Smax = 0.368 when G = 1
Slotted ALOHA vulnerable time = Tfr

Carrier Sense Multiple Access (CSMA)

“Sense before transmit”
“Listen before talk”
CSMA can reduce the possibility of collision, but it can not eliminate it

CSMA: Vulnerable Time

Vulnerable time for CSMA is the propagation time Tp needed for a signal to propagate from one end of the medium to the other

Persistence Strategy

Nonpersistent strategy
Reduces the chance of collision
Reduces the efficiency of the network
Increases the chance of collision
Reduces the chance of collision and improves the efficiency by combining the other two strategies.

CSMA/CD: Min. Frame Size

Example: A network using CSMA/CD has a bandwidth of 10 Mbps. If the maximum propagation time (including the delays in the devices and ignoring the time needed to send a jamming signal, as we see later) is 25.6 μs, what is the minimum size of the frame?

The frame transmission time is Tfr = 2 × Tp = 51.2 μs. This means, in the worst case, a station needs to transmit for a period of 51.2 μs to detect the collision. The minimum size of the frame is 10 Mbps × 51.2 μs = 512 bits or 64 bytes. This is actually the minimum size of the frame for Standard Ethernet.

CSMA/CD: Energy Level & Throughput

Throughput of CSMA/CD is greater than that of ALOHA
The max. throughput occurs at a different value of G and is based on the persistent method and the value of p in the p-persistent approach
The max throughput is around 50% when G=1 for 1-persistent, up to 90% when G is between 3 and 8 for non-persistent

CSMA/CA (Collision Avoidance)

Invented for wireless network where we cannot detect collisions
Collision are avoided through the use of CSMA/CA’s three strategies: the interframe space, the contention windows, and acknowledgement
IFS can also be used to define the priority of a station or a frame
If the station finds the channel busy, it does not restart the timer of the contention window; it stops the timer and restarts it when the channel becomes idle

Controlled Access

The stations consult one another to find which station has the right to send
Reservation/Polling/ Token passing
Reservation access method

Polling: Select and Poll Functions

Channelization: FDMA

Available bandwidth of the common channel is divided into bands that are separated by guard bands
FDMA is an access method in data link layer protocol. But, FDM is a physical layer technique

Channelization: TDMA

The bandwidth is just one channel that is timeshared between different stations
TDMA is an access method. But, TDM is a physical layer technique

One channel carries all transmissions simultaneously
Two properties: If we multiply each code by another, we get 0. If we multiply each code by itself, we get 4
Data = (d1.c1 + d2.c2 + d3.c3 + d4.c4) .c1
= d1.c1.c1 + d2.c2.c1 + d3.c3.c1 + d4.c4.c1 = 4.d1

CDMA: Chips

Orthogonal sequences have the following properties:
Each sequence is made of N elements, where N is the number of stations
If we multiply a sequence by a number, every element in the sequence is multiplied by that element (scalar multiplication)
If we multiply two equal sequence, element by element, and add the results, we get N (inner product)
If we multiply two different sequence, element by element, and add the results, we get 0
Adding two sequence means adding the corresponding elements. The result is another sequence
Data representation in CDMA

Data Link Control

Data Link Control

Line Discipline
Flow Control
Error Control

Data Link Layer



Automatic Repeat Request (ARQ)
Stop and Wait
Go Back N
Selective Repeat

Flow and Error Control

Flow control refers to a set of procedures used to restrict the amount of data that the sender can send before waiting for acknowledgment.

Error control is based on automatic repeat request (ARQ), which is the retransmission of data.


In a Stop-and-Wait ARQ system, the bandwidth of the line is 1 Mbps, and 1 bit takes 20 ms to make a round trip. What is the bandwidth-delay product? If the system data frames are 1000 bits in length, what is the utilization percentage of the link?

The bandwidth-delay product is 1  106  20  10-3 = 20,000 bits The system can send 20,000 bits during the time it takes for the data to go from the sender to the receiver and then back again. However, the system sends only 1000 bits. We can say that the link utilization is only 1000/20,000, or 5%. For this reason, for a link with high bandwidth or long delay, use of Stop-and-Wait ARQ wastes the capacity of the link.

Error Detection and Correction

Block Coding
Linear Block Codes
Cyclic Codes
Hamming Codes

Type of Errors

An electromagnetic signal is subject to interference from heat, magnetism, and other forms of electricity
Single-bit error: 0  1 or 1  0
Burst error: 2 or more bits have changed

Sender site:
1. The message is divided into 16-bit words.
2. The value of the checksum word is set to 0.
3. All words including the checksum are added using one’s complement
4. The sum is complemented and becomes the checksum.
5. The checksum is sent with the data.

Receiver site:
1. The message (including checksum) is divided into 16-bit words.
2. All words are added using one’s complement addition.
3. The sum is complemented and becomes the new checksum.
4. If the value of checksum is 0, the message is accepted; otherwise, it is
Forward Error Correction

Purpose: An FEC (n, m) encoder
Take m-bit original data as input
Add r=n-k check bits to the original data to produce a n-bit codeword
The receiver can fix any error

Hamming Distance

Code: set of codewords
Hamming distance between 2 codewords is the number of bit positions where the 2 codewords differ
HammingDist(10001001, 10110001) = 3
Hamming distance of a code is the minimum Hamming distance between any two codewords in the code
HammingDist({0000000000,0000011111,1111100000,1111111111}) = 5

Interesting Findings

To detect d single-bit errors
Need a distance-(d+1) code
Appling d single-bit errors to a codeword must result in an invalid codeword. (WHY?)
To correct d single-bit errors
Need a distance-(2d+1) code
Given an incorrect codeword, the corresponding correct one must be the codeword closest in Hamming distance (WHY?)

Linear Block Code: Hamming Code

All Hamming codes discussed in our textbook have dmin = 3.
The relationship between k and n in these codes is n = 2k − 1

Single-Bit Error

Only one bit of a given data unit is changed
The least likely type of error in serial transmission
Single-bit error can happen in parallel transmission

Burst Error

Two or more bits in the data unit have changed
Burst error does not necessarily mean that the errors occur in consecutive bits
Most likely to happen in a serial transmission
Number of bits affected depends on the data rate and duration of noise

Single Bit Error vs. Burst Error

Error Detection
Error detection uses the concept of redundancy, which means adding extra bits for detecting errors at the destination.

Redundancy for Error Detection
Parity Check
Modular Arithmetic

In modulo-N arithmetic, we use only the integers in the range 0 to N-1, inclusive.
Adding: 0 + 0 = 0 0 + 1 = 1 1 + 0 = 1 1 + 1 = 0
Subtracting: 0 – 0 = 0 0 – 1 = 1 1 – 0 = 1 1 – 1 = 0
XORing of two single bits or two words

Block Coding

Divide the message into blocks, each of k bits, called datawords.
Add r redundant bits to each block to make the length n = k + r. The resulting n-bit blocks are called codewords
Example: 4B/5B block coding
k = 4 and n = 5.
2k = 16 datawords and 2n = 32 codewords.

Error Detection in Block Coding

Assume the sender encodes the dataword 01 as 011 and sends it to the receiver. Consider the following cases:

1. The receiver receives 011 which is a valid codeword. The receiver extracts the dataword 01 from it.
2. The codeword is corrupted during transmission, and 111 is received. This is not a valid codeword and is discarded.
3. The codeword is corrupted during transmission, and 000 is received. This is a valid codeword. The receiver incorrectly extracts the dataword 00. Two corrupted bits have made the error undetectable.
 An error-detecting code can detect only the types of errors for which it is designed; other types of errors may remain undetected

Linear Block Code: Parity-Check Code

A simple parity-check code is a single-bit error-detecting code in which n = k + 1 with dmin = 2.

Encoder and Decoder for Parity-Check Code

The result of addition over all 5 bits: syndrome

2-d Parity Check
2 Dimensional Parity-Check Code
2 Dimensional Parity-Check Code
Cyclic Code: CRC

Cyclic codes are special linear block codes with one extra property.
Cyclic Redundancy Check (CRC)


Tendency is to replace the checksum with a CRC
Not as strong as CRC in error-checking capability
One’s complement arithmetic
We can represent unsigned numbers between 0 and 2n – 1 using only n bits
If the number has more than n bits, the extra leftmost bits need to be added to the n rightmost bits (wrapping)
A negative number can be represented by inverting all bits. It is the same as subtracting the number from 2n – 1

Internet Checksum

Circuit Switching

Circuit Switching

Switched network

A switched network consists of a series of inter-linked nodes, called switches.
Switches are hardware and/or software devices capable of creating temporary connections between two or more devices linked to the switch but not to each other.

Classification of Switched Networks


Circuit switching creates a direct physical connection between two devices such as phones or computers.
Circuit switch connects input links to output links
We can use switches to reduce the number and length of links.

Circuit switch

A circuit switch is a device with n inputs and m outputs that creates a temporary connection between an input link and an output link.
The number of inputs does not have to match the number of outputs.

Circuit Switch Types

Evolution of Switching System:
Manual operators
Step-by-step switch (Strowger switch)
Crossbar switch
Space-Division switches
Multistage switches
Time-Division switches
Time-slot interchange technique
Time-space-time switches
Hybrids combine Time & Space switching

Manual Switching

Patch-cord panel switch invented in 1877
Operators connect users on demand
Establish circuit to allow electrical current to flow from inlet to outlet
Only N connections required to central office

Step-by-step (Strowger) Switch

Electromagnetic switch
Sequence of dialed numbers selects output line

Crossbar Space Switch

N x N array of crosspoints
Connect an input to an output by closing a crosspoint
Non blocking: Any input can connect to idle output
Complexity: N2 crosspoints

Crossbar Switches: Problem

The number of switches is huge.
connect n inputs by m output -- require n * m crosspoint.
Ex : 1000 input, 1000 output → 1,000,000 crosspoint

fewer than 25% of the crosspoints are in use at a given time.

Folded switch

An n-by-n folded switch can connect n lines in full-duplex mode. For example, it can connect n telephones in such a way that each phone can be connected to every other phone.
Circuit switching uses space-division switch [paths in the circuit are separated from each other spatially] or time-division switch.

Circuit Switching

Uses a dedicated path between two stations
Has three phases
Establish (Call Setup)
Channel capacity dedicated for duration of connection
if no data, capacity wasted
Set up (connection) takes time
Once connected, transfer is transparent

Blocking or Non-blocking

blocking network
may be unable to connect stations because all paths are in use
used on voice systems
non-blocking network
permits all stations to connect at once
used for some data connections

Space-Division Switch

Paths in the circuit are separated from each other spatially.
Crossbar Switch
Crossbar switch connects n inputs to m outputs in a grid, using electronic micro-switches (transistors) at each cross-point.
Limitation is the number of cross-points required.

Multistage switch

Multistage switch combines crossbar switches in several stages.
Design of a multistage switch depends on the number of stages and the number of switches required (or desired) in each stage.
Normally, the middle stages have fewer switches than do the first and last stages.

MULTIPLE Switching paths

Multiple paths are available in multistage switches.
Blocking refers to times when two inputs are looking for the same output. The output port is blocked.

Design of a Three-Stage Switch

Three steps
Divide the N input lines into groups, each of n lines. For each group, use one crossbar of size n x k, where k is the number of crossbars in the middle stage
Use k crossbars, each of size (N/n) x (N/n) in the middle stage
Use N/n crossbars, each of size k x n at the third stage
N/n(n x k) + k(N/n x N/n) + N/n(k x n) = 2kN + k(N/n)2
In a three-stage switch, the total number of crosspoints is 2kN + k(N/n)2 which is much smaller than the number of crosspoints in a single-stage switch (N2).

Multistage Switch: Example

Design a three-stage, 200 × 200 switch (N = 200) with k = 4 and n = 20.

In the first stage we have N/n or 10 crossbars, each of size 20 × 4. In the second stage, we have 4 crossbars, each of size 10 × 10. In the third stage, we have 10 crossbars, each of size 4 × 20. The total number of crosspoints is 2kN + k(N/n)2, or 2000 crosspoints. This is 5 percent of the number of crosspoints in a single-stage switch (200 × 200 = 40,000).

Time Division Switching

Modern digital systems use intelligent control of space & time division elements
Use digital time division techniques to set up and maintain virtual circuits
Partition low speed bit stream into pieces that share higher speed stream
Individual pieces manipulated by control logic to flow from input to output

Time-slot interchange

TSI consists of random access memory (RAM) with several memory locations. The size of each location is the same as the size of a single time slot.
The number of locations is the same as the number of inputs.
The RAM fills up with incoming data from time slots in the order received. Slots are then sent out in an order based on the decisions of a control unit.

TDM bus

Input and output lines are connected to a high-speed bus through input and output gates (microswitches)
Each input gate is closed during one of the four slots.
During the same time slot, only one output gate is also closed. This pair of gates allows a burst of data to be transferred from one specific input line to one specific output line using the bus.
The control unit opens and closes the gates according to switching need.

Comparison of SDM and TDM

Number of cross points required.
No cross points.
Processing delay.

Time- and Space-Division Switch Combination

Space division: instantaneous, crosspoints
Time division: no crosspoint, processing delay
Space-and time-division switching combinations take advantage of the best of both

TST switch

Combine Space division and time division switching.
This results in switches that are optimized both physically (the number of crosspoints) and temporally (the amount of delay).

Transmission Media

Guided Media
Unguided Media: Wireless

Transmission Medium & Physical Layer

Classes of Transmission Media

Twisted-pair Cable
UTP and STP Cables
UTP Connector
UTP Performance
Parallel Flat Wire
Coaxial Cable
Optical Fiber

Noise Effect on Twisted-Pair

Cumulative effect of noise is equal on both sides
Twisting does not always eliminate the noise, but does significantly reduce it

Optical Fiber

Optical fiber is made of glass or plastic
It transmits signals in the form of light

The Nature of Light
The speed of light
300,000 Km/sec in a vacuum
Depends on the density of the medium through which it is traveling
Other properties of light
Refraction, Critical angle, Reflection

Bending of Light Ray
Optical Fiber
Propagation Modes
Fiber Types
Fiber Construction

Fiber-optic Cable Connectors

SC (subscriber channel) connector used for cable TV. It uses push/pull locking system
ST (straight-tip) connector used for connecting cable to networking device. It uses a reliable bayonet locking system
MT-RJ is the same size as RJ45

Advantages/Disadvantages of Optical Fiber

Higher bandwidth
Less signal attenuation
Immunity to electromagnetic interference
Resistance to corrosive materials
Light weight
Greater immunity to tapping
Installation and maintenance
Unidirectional light propagation

Electromagnetic Spectrum for wireless

Propagation Methods


Wireless Transmission Waves

Wireless Transmission Waves

Radio waves are used for multicast communications, such as radio and television, and paging systems
Microwaves are used for unicast communication such as cellular telephones, satellite networks, and wireless LANs
Infrared signals can be used for short-range communication in a closed area using line-of-sight propagation

Omnidirectional & Unidirectional Antennas


Infrared waves with frequencies from 300 GHz to 400 THz for short-range communication in a closed area using line-of-sight propagation
Having high frequencies, it cannot penetrate walls
IrDA (Infrared Data Association) for standards
Example: IrDA port for wireless keyboard
Originally defined a data rate of 75 kbps for a distance up to 8 m
Recent standard for a data rate of 4 Mbps

Multiplexing and Spreading Circuit Switching and Telephone Network

In this lecture we will cover the following topics:
6. Multiplexing and Spreading
6.1 Multiplexing
6.2 Spread spectrum
6.3 Summary (part 6)
7. Circuit Switching and Telephone Network
7.1 Circuit-switched networks
7.2 Datagram networks
7.3 Virtual circuit networks
7.4 Structure of a switch
7.5 Telephone network
7.6 Dial-up modem
7.7 Digital subscriber line
7.8 Summary (part 7)

Bandwidth utilization is the wise use of
available bandwidth to achieve
specific goals.
Efficiency can be achieved by multiplexing; privacy
and anti-jamming can be achieved by spreading


Whenever the bandwidth of a medium linking two devices is greater than the bandwidth needs of the devices, the link can be shared. Multiplexing is the set of techniques that allows the simultaneous transmission of multiple signals across a single data link. As data and telecommunications use increases, so does traffic.

Topics discussed in this section:
Frequency Division Multiplexing (FDM)
Wavelength Division Multiplexing (WDM)
Time Division Multiplexing (TDM)
Statistical Time Division Multiplexing (Stat TDM)

Dividing a link into channels

Categories of multiplexing

Frequency Division Multiplexing (FDM)

FDM can be used when the BW of a link is greater than the combined BW of signals to be transmitted.
Signals generated by each sending device modulate different carrier frequencies, which are then combined into a single composite signal
Guard bands are used to prevent signals from overlapping


Assume that a voice channel occupies a bandwidth of 4 kHz. We need to combine three voice channels into a link with a bandwidth of 12 kHz, from 20 to 32 kHz. Show the configuration, using the frequency domain. Assume there are no guard bands.
We shift (modulate) each of the three voice channels to a different bandwidth, as shown in figure in next slide. We use the 20-24 kHz bandwidth for the first channel, the 24-28 kHz bandwidth for the second channel, and the 28-32 kHz bandwidth for the third one. Then we combine them as shown in the figure.

Wavelength Division Multiplexing (WDM)

WDM is designed to use the high data rate capability of fiber optic
• Using a fiber-optic cable for one single line wastes the available
bandwidth. Multiplexing allows us to connect several lines into one.
• WDM is conceptually the same as FDM, except that the multiplexing
and demultiplexing involve optical signals

Time Division Multiplexing (TDM)

TDM is a digital multiplexing technique for combining several low-rate channels into one high-rate one.

Synchronous Time Division Multiplexing

Note: In synchronous TDM, the data rate of the link is n times faster, and the unit duration is n times shorter


Figure in next slide shows synchronous TDM with a data stream for each
input and one data stream for the output. The unit of data is 1 bit. Find (a)
the input bit duration, (b) the output bit duration, (c) the output bit rate, and
(d) the output frame rate.
a. The input bit duration is the inverse of the bit rate: 1/1 Mbps = 1 μs.
b. The output bit duration is one-fourth of the input bit duration, or 0.25 μs.
c. The output bit rate is the inverse of the output bit duration or 1/(4μs) or
4 Mbps. This can also be deduced from the fact that the output rate is 4
times as fast as any input rate; so the output rate = 4 × 1 Mbps = 4
d. The frame rate is always the same as any input rate. So the frame rate is
1,000,000 frames per second. Because we are sending 4 bits in each
frame, we can verify the result of the previous question by multiplying
the frame rate by the number of bits per frame.


TDM can be visualized as two fast rotating switches, one on the MUX
side and the other on the DEMUX side. The switches are synchronized
and rotate at the same speed but in opposite directions. On the MUX
side, as the switch opens in front of a connection, that connection has
the opportunity to send a unit onto the path. This process is called

Digital hierarchy

Telephone companies implement TDM through a hierarchy of digital signals, called Digital Signal (DS) Service.
The following figure shows the data rates supported by each level:

T-1 line for multiplexing telephone lines

T-1 frame structure

DS-1 requires 8 kbps overhead due to the synchronization bit:
T1 line = 24 slots x 8 bits + 1 bit for synchronization = 193 bits x 8kbps
= 1.544Mbps

E line rates


In spread spectrum (SS),, we combine signals from different
sources tto fit into a larger bandwidth,, butt our goals are to
prevent eavesdropping and jamming.. To achieve these
goals,, spread spectrum techniques add redundancy.

Topics discussed in this section:
Frequency Hopping Spread Spectrum (FHSS)
Direct Sequence Spread Spectrum (DSSS)

Spread spectrum

Input is fed into a channel encoder that produces an analog signal
with a relatively narrow BW around a center frequency.
• This signal is further modulated using a sequence of digits known as a
spreading code or spreading sequence.
• The effect of this modulation is to increase significantly the BW
(spread the spectrum) of the signal to be transmitted.
• On the receiving end, the same digit sequence is used to demodulate
the spread spectrum signal.

Frequency hopping spread spectrum (FHSS)

With FHSS the signal is broadcast over a random series of
radio frequencies, hopping from frequency to frequency at
fixed intervals.
A receiver, hopping between frequencies in synchronization with the transmitter picks up the message.

For transmission, binary data are fed into a modulator using FSK or
PSK. The resulting signal is entered on a base frequency. A
pseudorandom code generator serves as an index into a table of
frequencies (spreading code). Each k bits of the spreading sequence
specifies one of the 2k carrier frequencies. At each k-bit interval a new
carrier frequency is selected.

This frequency is then
modulated to produce a
new signal with the same
shape but centered on the
selected carrier frequency.

Direct Sequence Spread Spectrum (DSSS)

With DSSS each bit in the original signal is represented by multiple bits in the transmitted signal using a spreading code.
The spreading code spreads the signal across a wider frequency band in direct proportion to the number of bits used. eg. a 10-bit spreading code spreads the signal across a frequency band that is 10 times greater than a 1-bit spreading code.

Analog Transmission

Analog Transmission

Binary amplitude shift keying
Binary phase shift keying


Find the bandwidth for a signal transmitting at 12 Mbps for QPSK. The value of d = 0.

For QPSK, 2 bits is carried by one signal element.
This means that r = 2.
So the signal rate (baud rate) is S = N × (1/r) = 6 Mbaud.
With a value of d = 0, we have B = S = 6 MHz.

Concept of a constellation diagram
Constellation diagrams for ASK (OOK), BPSK, and QPSK
Constellation diagrams for some QAMs

Modem Standards

Modem = Modulator/Demodulator
Telephone modem:

Telephone Line Bandwidth

V.32 Modem

Use 32-QAM
Data is divided into 4-bit sections, each adding a redundant bit to form a 5-bit => reduce value density => reduce noise interference (how?)
baud rate = 2400 (why?)

V.32bis Modem

1st modem standard to support 14,400bps
Can adjust upstream or downstream speed depending on line or signal quality
Use 128-QAM => 6-bit data => Bit rate = 14,400 bps

V.34bis Modem

960-point constellation => bit rate = 28,800 bps
1664-point constellation => bit rate = 33,600 bps

33.6Kbps: max bit rate of traditional modems

Traditional Modems

56K Modem: V.90
56K Modem: V.92

Similar to V.90
Modem can adjust speed
If noise allows => upload max 48 Kbps, download still 56 Kbps

V.92: can interrupt the Internet connection when there is an incoming call (if call-waiting service is installed)

Encoding and Modulating

Encoding and Modulating

Different Conversion Schemes

Digital to Digital Encoding

Types of Digital to Digital Encoding

Unipolar Encoding
Unipolar --->DC component (Average Amplitude is non zero)

--->Synchronization ( Due to unvarying signal)
Bipolar Encoding Scheme
Types of Bipolar Encoding

Bipolar AMI Encoding
B8ZS Encoding
HDB3 Encoding

Analog to Digital Encoding


Digital to Analog Encoding

Digital to Analog Modulation

Digital-to-analog modulation: the process of changing one of the characteristics of an analog signal based on the information in a digital signal
“Don’t forget”: Characteristics of a sine wave are amplitude, frequency, phase.

Carrier Signal

Produce a high-frequency signal that acts as a basis for the information signal => carrier signal
Modulate the carrier signal to reflect the digital information. The information signal is called the modulating signal
Tune in the carrier frequency to receive

Digital-Analog Modulation Schemes


Now we will study


Amplitude Shift Keying (ASK)

Peak amplitude during each bit duration is constant

Bit Rate vs. Baud Rate

Bit rate is the number of bits per second
- More important in speaking of computer efficiency
Baud rate is the number of signal units per second that are required to represent those bits
More important in speaking of data transmission
Determine the bandwidth required to send the signal
Analogy in transportation: a baud is analogous to a car while a bit is analogous to a passenger (1: male, 0: female). The number of cars determines the traffic; that of passengers does not

Baud Rate Example

An analog signal carries 4 bits in each signal unit. If 1000 signal units are sent per second, find the baud rate and the bit rate

Baud rate = 1000 bauds per second (baud/s)
Bit rate = 1000 x 4 = 4000 bps

The bit rate of a signal is 3000. If each signal unit carries 6 bits, what is the baud rate?

Baud rate = 3000 / 6 = 500 baud/s

ASK Disadvantage(2)

Highly susceptible to noise interference because ASK relies on amplitude to differentiate between 1 and 0
Need a great gap between amplitude values so that noise can be detected and removed
OOK (on/off keying)
A popular ASK technique
Zero voltage represent a bit value (e.g., 0)
Save energy in transmitting information
Used to transmit digital data over optical fiber

ASK: Bandwidth Requirement

Question: What is the min bw for an ASK signal transmitting at 2000 bps? The transmission mode is half-duplex.

Frequency Shift Keying (FSK)

FSK: Baud Rate and Bandwidth
Question: Find the maximum bit rates for an FSK signal if the bandwidth of the medium is 12,000 Hz and the difference between the two carriers is 2000 Hz. Transmission is in full-duplex mode.


Less susceptible to error
Commonly used for high-freq (3-30 MHz) radio
Also used at even high freq on LANs that use coaxial cable

Phase Shift Keying (PSK)

2-PSK: only 2 phase values are used, each for 1 or 0


PSK: Baud Rate and Bandwidth

Same as in ASK, but can transmit more bps given same bandwidth

PSK: Questions

Given a bandwidth of 5000 Hz for an 8-PSK signal, what are the baud rate and bit rate? Transmission is in half-duplex mode.

For PSK the baud rate is the same as the bandwidth, which means the baud rate is 5000. But in 8-PSK the bit rate is 3 times the baud rate, so the bit rate is 15,000 bps.

PSK: Drawback
Modulation device is not able to distinguish small differences in phase => limit BitRate
Why not combine PSK and ASK: x variations in phase with y variations in amplitude result in xy variations => increase bit rate

Quadrature Amplitude Modulation

A combination of ASK and PSK: both phase and amplitude varied
#amplitude shifts << #phase shifts
Lower susceptible to noise than ASK, higher bit rate than PSK
QAM Modulator
QAM: Bandwidth

Bandwidth requirement is the same as in ASK and PSK

QAM: BitRate vs. Baud Rate

ASK, FSK, 2-PSK Bit 1 N N
4-PSK, 4-QAM Dibit 2 N 2N
8-PSK, 8-QAM Tribit 3 N 3N
16-QAM Quadbit 4 N 4N
32-QAM Pentabit 5 N 5N
64-QAM Hexabit 6 N 6N
128-QAM Septabit 7 N 7N
256-QAM Octabit 8 N 8N

Analog to Analog Modulation

Amplitude Modulation: AM
Carrier signal is modulated so that its amplitude varies with the changing amplitudes of the modulating signal

Freq, phase remain same

Example: AM

Let x(t) = cos(2fmt)
Derive an express for s(t)

s(t) = cos(2fct) + (na/2)cos(2(fc-fm)t) + (na/2)cos(2(fc+fm)t)

AM: Bandwidth

Audio signal bandwidth is ~5Khz => an AM radio station needs a minimum 10Khz

Frequency Modulation: FM

Freq. of carrier signal is modified to reflect the changing amplitudes of the modulating signal

Amp., phase remain same

FM: Bandwidth

The bandwidth of a stereo audio signal is usually 15 KHz. Therefore, an FM station needs at least a bandwidth of 150 KHz. Let PTA requires the minimum bandwidth to be at least 200 KHz (0.2 MHz).

Phase Modulation: PM

Only phase is varied to reflect the change of amplitude in modulating signal
Require simpler hardware than FM
Use in some systems as an alternative to FM

Analog to Analog Modulation

Representation of analog information by an analog signal
Why do we need it? Analog is already analog!!!
Because we may have to use a band-pass channel
Think about radio…
Amplitude modulation (AM)
Frequency modulation (FM)
Phase modulation (PM)



The transmission of binary data across a link can be accomplished in either parallel or serial mode.
In parallel mode, multiple bits are sent with each clock tick.
In serial mode, 1 bit is sent with each clock tick.
While there is only one way to send parallel data, there are three subclasses of serial transmission: asynchronous, synchronous, and isochronous.

Data transmission and modes

Parallel transmission
Serial transmission
Asynchronous transmission
Synchronous transmission

for more detail



A digital signal is superior to an analog signal.
The tendency today is to change an analog signal to digital data.
In this section we describe two techniques, pulse code modulation and delta modulation

Components of PCM encoder
Three different sampling methods for PCM

Nyquist sampling rate for low-pass and bandpass signals

According to the Nyquist theorem,
the sampling rate must be at least 2 times the highest frequency contained in the signal

Recovery of a sampled sine wave for different sampling rates

Sampling at the Nyquist rate can create a good approximation of the original sine wave.

Oversampling can also create the same approximation, but is redundant and unnecessary.

Sampling below the Nyquist rate does not produce a signal that looks like the original sine wave.

Sampling of a clock with only one hand

The second hand of a clock has a period of 60 s.
According to the Nyquist theorem, we need to sample hand every 30 s


An example of under-sampling is the seemingly backward rotation of the wheels of a forward-moving car in a movie.
A movie is filmed at 24 frames per second.
If a wheel is rotating more than 12 times per second, the under-sampling creates the impression of a backward rotation.

Telephone companies digitize voice by assuming a maximum frequency of 4000 Hz.
The sampling rate therefore is 8000 samples per second


A complex low-pass signal has a bandwidth of 200 kHz.
What is the minimum sampling rate for this signal?

The bandwidth of a low-pass signal is between 0 and f, where f is the maximum frequency in the signal.
Therefore, we can sample this signal at 2 times the highest frequency (200 kHz).
The sampling rate is therefore 400,000 samples per second

Quantization and encoding of a sampled signal

We have a low-pass analog signal of 4 kHz.
If we send the analog signal, we need a channel with a minimum bandwidth of 4 kHz.
If we digitize the signal and send 8 bits per sample, we need a channel with a minimum bandwidth of 8 × 4 kHz = 32 kHz

Digital Transmission

Digital Transmission


In this section, we see how we can represent digital data by using digital signals. The conversion involves three techniques: line coding, block coding, and scrambling. Line coding is always needed; block coding and scrambling may or may not be needed.

The baud or signal rate can be expressed as:
S = c x N x 1/r bauds
where N is data rate
c is the case factor (worst, best & avg.)
r is the ratio between data element & signal element

Topics discussed in this section:

Line Coding
Line Coding Schemes
Block Coding

Line Coding

Converting a string of 1’s and 0’s (digital data) into a sequence of signals that denote the 1’s and 0’s.
For example a high voltage level (+V) could represent a “1” and a low voltage level (0 or -V) could represent a “0”.

Mapping Data symbols onto Signal levels

A data symbol (or element) can consist of a number of data bits:
1 , 0 or
11, 10, 01, ……
A data symbol can be coded into a single signal element or multiple signal elements
1 -> +V, 0 -> -V
1 -> +V and -V, 0 -> -V and +V
The ratio ‘r’ is the number of data elements carried by a signal element.

Relationship between data rate and signal rate

The data rate defines the number of bits sent per sec - bps. It is often referred to the bit rate.
The signal rate is the number of signal elements sent in a second and is measured in bauds. It is also referred to as the modulation rate.
Goal is to increase the data rate whilst reducing the baud rate.

Data rate and Baud rate

The baud or signal rate can be expressed as:
S = c x N x 1/r bauds
where N is data rate
c is the case factor (worst, best & avg.)
r is the ratio between data element & signal element


A signal is carrying data in which one data element is encoded as one signal element ( r = 1). If the bit rate is 100 kbps, what is the average value of the baud rate if c is between 0 and 1?

We assume that the average value of c is 1/2 . The baud rate is then

Considerations for choosing a good signal element referred to as line encoding

Baseline wandering - a receiver will evaluate the average power of the received signal (called the baseline) and use that to determine the value of the incoming data elements. If the incoming signal does not vary over a long period of time, the baseline will drift and thus cause errors in detection of incoming data elements.
A good line encoding scheme will prevent long runs of fixed amplitude

Line encoding C/Cs

DC components - when the voltage level remains constant for long periods of time, there is an increase in the low frequencies of the signal. Most channels are bandpass and may not support the low frequencies.
This will require the removal of the dc component of a transmitted signal.

Self synchronization - the clocks at the sender and the receiver must have the same bit interval.
If the receiver clock is faster or slower it will misinterpret the incoming bit stream.

Error detection - errors occur during transmission due to line impairments.
Some codes are constructed such that when an error occurs it can be detected. For example: a particular signal transition is not part of the code. When it occurs, the receiver will know that a symbol error has occurred

Noise and interference - there are line encoding techniques that make the transmitted signal “immune” to noise and interference.
This means that the signal cannot be corrupted, it is stronger than error detection.

Complexity - the more robust and resilient the code, the more complex it is to implement and the price is often paid in baud rate or required bandwidth.

Line coding schemes


All signal levels are on one side of the time axis - either above or below
NRZ - Non Return to Zero scheme is an example of this code. The signal level does not return to zero during a symbol transmission.
Scheme is prone to baseline wandering and DC components. It has no synchronization or any error detection. It is simple but costly in power consumption.

Polar - NRZ

The voltages are on both sides of the time axis.
Polar NRZ scheme can be implemented with two voltages. E.g. +V for 1 and -V for 0.
There are two versions:
NZR - Level (NRZ-L) - positive voltage for one symbol and negative for the other
NRZ - Inversion (NRZ-I) - the change or lack of change in polarity determines the value of a symbol. E.g. a “1” symbol inverts the polarity a “0” does not.

In NRZ-L the level of the voltage determines the value of the bit. In NRZ-I the inversion or the lack of inversion determines the value of the bit.

Polar - RZ

The Return to Zero (RZ) scheme uses three voltage values. +, 0, -.
Each symbol has a transition in the middle. Either from high to zero or from low to zero.
This scheme has more signal transitions (two per symbol) and therefore requires a wider bandwidth.
No DC components or baseline wandering.
Self synchronization - transition indicates symbol value.
More complex as it uses three voltage level. It has no error detection capability

Polar - Biphase: Manchester and Differential Manchester

Manchester coding consists of combining the NRZ-L and RZ schemes.
Every symbol has a level transition in the middle: from high to low or low to high. Uses only two voltage levels.
Differential Manchester coding consists of combining the NRZ-I and RZ schemes.
Every symbol has a level transition in the middle. But the level at the beginning of the symbol is determined by the symbol value. One symbol causes a level change the other does not

In Manchester and differential Manchester encoding, the transition
at the middle of the bit is used for synchronization

The minimum bandwidth of Manchester and differential Manchester is 2 times that of NRZ. The is no DC component and no baseline wandering. None of these codes has error detection.

Bipolar - AMI and Pseudoternary

Code uses 3 voltage levels: - +, 0, -, to represent the symbols (note not transitions to zero as in RZ).
Voltage level for one symbol is at “0” and the other alternates between + & -.
Bipolar Alternate Mark Inversion (AMI) - the “0” symbol is represented by zero voltage and the “1” symbol alternates between +V and -V.
Pseudoternary is the reverse of AMI.

Bipolar C/Cs

It is a better alternative to NRZ.
Has no DC component or baseline wandering.
Has no self synchronization because long runs of “0”s results in no signal transitions.
No error detection.

Multilevel Schemes

In these schemes we increase the number of data bits per symbol thereby increasing the bit rate.
Since we are dealing with binary data we only have 2 types of data element a 1 or a 0.
We can combine the 2 data elements into a pattern of “m” elements to create “2m” symbols.
If we have L signal levels, we can use “n” signal elements to create Ln signal elements.

Multilevel: 2B1Q scheme

In the 2B1Q scheme we have no redundancy and we see that a DC component is present.
If we use a code with redundancy we can decide to use only “0” or “+” weighted codes (more +’s than -’s in the signal element) and invert any code that would create a DC component. E.g. ‘+00++-’ -> ‘-00--+’
Receiver will know when it receives a “-” weighted code that it should invert it as it doesn’t represent any valid symbol.

Multilevel using multiple channels

In some cases, we split the signal transmission up and distribute it over several links.
The separate segments are transmitted simultaneously. This reduces the signalling rate per link -> lower bandwidth.
This requires all bits for a code to be stored.
xD: means that we use ‘x’ links
YYYz: We use ‘z’ levels of modulation where YYY represents the type of modulation (e.g. pulse ampl. mod. PAM).
Codes are represented as: xD-YYYz

Multitransition Coding

Because of synchronization requirements we force transitions. This can result in very high bandwidth requirements -> more transitions than are bits (e.g. mid bit transition with inversion).
Codes can be created that are differential at the bit level forcing transitions at bit boundaries. This results in a bandwidth requirement that is equivalent to the bit rate.
In some instances, the bandwidth requirement may even be lower, due to repetitive patterns resulting in a periodic signal.


Signal rate is same as NRZ-I
But because of the resulting bit pattern, we have a periodic signal for worst case bit pattern: 1111
This can be approximated as an analog signal a frequency 1/4 the bit rate!

Block Coding

For a code to be capable of error detection, we need to add redundancy, i.e., extra bits to the data bits.
Synchronization also requires redundancy - transitions are important in the signal flow and must occur frequently.
Block coding is done in three steps: division, substitution and combination.
It is distinguished from multilevel coding by use of the slash - xB/yB.
The resulting bit stream prevents certain bit combinations that when used with line encoding would result in DC components or poor sync. quality.


A 4 bit data word can have 24 combinations.
A 5 bit word can have 25=32 combinations.
We therefore have 32 - 26 = 16 extra words.
Some of the extra words are used for control/signalling purposes.

More bits - better error detection

The 8B10B block code adds more redundant bits and can thereby choose code words that would prevent a long run of a voltage level that would cause DC components.


The best code is one that does not increase the bandwidth for synchronization and has no DC components.
Scrambling is a technique used to create a sequence of bits that has the required c/c’s for transmission - self clocking, no low frequencies, no wide bandwidth.
It is implemented at the same time as encoding, the bit stream is created on the fly.
It replaces ‘unfriendly’ runs of bits with a violation code that is easy to recognize and removes the unfriendly c/c.



Signals travel through transmission media, which are not perfect.
The imperfection causes signal impairment.
This means that the signal at the beginning of the medium is not the same as the signal at the end of the medium.
What is sent is not what is received.
Three causes of impairment are attenuation, distortion, and noise.


Suppose a signal travels through a transmission medium and its power is reduced to one-half.
This means that P2 is (1/2)P1.
In this case, the attenuation (loss of power) can be calculated as

A loss of 3 dB (–3 dB) is equivalent to losing one-half the power.



A very important consideration in data communications is how fast we can send data, in bits per second, over a channel.
Data rate depends on three factors:
1. The bandwidth available
2. The level of the signals we use
3. The quality of the channel (the level of noise)
Increasing the levels of a signal may reduce the reliability of the system.

Nyquist Theorem

In baseband transmission, we said the bit rate is 2 times the bandwidth if we use only the first harmonic in the worst case.
However, the Nyquist formula is more general than what we derived intuitively; it can be applied to baseband transmission and modulation.
Also, it can be applied when we have two or more levels of signals.

Shannon Capacity

In reality, we can not have a noisless channel

For noisy channel,
Capacity = Bandwith x log2(1+SNR)
The Shannon capacity gives us the upper limit;
the Nyquist formula tells us how many signal levels we need


Consider an extremely noisy channel in which the value of the signal-to-noise ratio is almost zero.
In other words, the noise is so strong that the signal is faint. What is the channel capacity?

This means that the capacity of this channel is zero regardless of the bandwidth.
In other words, we cannot receive any data through this channel.


One important issue in networking is the performance of the network—how good is it?

In networking, we use the term bandwidth in two contexts
The first, bandwidth in hertz,
refers to the range of frequencies in a composite signal or the range of frequencies that a channel can pass.
The second, bandwidth in bits per second,
refers to the speed of bit transmission in a channel or link.

The bandwidth of a subscriber line is 4 kHz for voice or data.
The bandwidth of this line for data transmission
can be up to 56,000 bps using a sophisticated modem to change the digital signal to analog.
If the telephone company improves the quality of the line and increases the bandwidth to 8 kHz,
we can send 112,000 bps.

Concept of bandwidth-delay product

We can think about the link between two points as a pipe.
The cross section of the pipe represents the bandwidth, and the length of the pipe represents the delay.
We can say the volume of the pipe defines the bandwidth-delay product.