Computer network protocols

Pairing-friendly curves and elliptic curves with a trapdoor for the discrete
logarithm problem are versatile tools in the design of cryptographic protocols. We
show that curves having both properties enable a deterministic identity-based signing
with “short” signatures in the random oracle model. At PKC 2003, Choon and Cheon
proposed an identity-based signature scheme along with a provable security reduction.
We propose a modification of their scheme with several performance benefits. In
addition to faster signing, for batch signing the signature size can be reduced, and if
multiple signatures for the same identity need to be verified, the verification can be
accelerated. Neither the signing nor the verification algorithm rely on the availability
of a (pseudo)random generator, and we give a provable security reduction in the
random oracle model to the (`-)Strong Diffie-Hellman problem. Implementing the group arithmetic is a cost-critical task when designing quantum circuits for Shor’s algorithm to solve the discrete logarithm problem. We introduce a tool for the automatic generation of addition circuits for ordinary binary elliptic curves, a prominent platform group for digital signatures. Our Python software generates circuit descriptions that, without increasing the number of qubits or T-depth, involve less than 39% of the number of T-gates in the best previous construction. The software also optimizes the (CNOT) depth for F2-linear operations by means of suitable graph colorings.

Network architectures are described by the International Standard for
Organization (ISO), which contains seven layers. The internet uses four of these layers,
of which three are of interest to us. These layers are Internet Protocol (IP) or Network
Layer, Transport Layer and Application Layer. We need to protect against attacks that
may come through any of these layers. In the world of network security, systems are plagued by various attacks, internal and external, and could result in Denial of Service (DoS) and/or other damaging effects. Such attacks and loss of service can be devastating for the users of the system. The implementation of security devices such as Firewalls and Intrusion Detection Systems
(IDS), the protection of network traffic with Virtual Private Networks (VPNs), and the
use of secure protocols for the layers are important to enhance the security at each of
these layers.We have done a survey of the existing network security patterns and we have written the missing patterns. We have developed security patterns for abstract IDS, Behavior–based IDS and Rule-based IDS and as well as for Internet Protocol Security (IPSec) and Transport Layer Security (TLS) protocols. We have also identified the need for a VPN pattern and have developed security patterns for abstract VPN, an IPSec VPN and a TLS VPN. We also evaluated these patterns with respect to some aspects to simplify their application by system designers. We have tried to unify the security of the network layers using security patterns by tying in security patterns for network transmission, network protocols and network boundary devices.

The use of cache memories in multiprocessor systems increases the overall systems performance. Caches reduce the amount of network traffic and provide a solution to the memory contention problem. However, caches introduce memory consistency problems. The existence of multiple cache copies of a memory block will result in an inconsistent view of memory if one processor changes a value in its associated cache. Cache coherence protocols are algorithms designed in software or hardware to maintain memory consistency. With the increased complexity of some of the more recent protocols, testing for the correctness of these protocols becomes an issue that requires more elaborate work. In this thesis, correctness analysis of a selected group of representative cache coherence protocols was performed using Petri nets as a modeling and analysis tool. First, the Petri net graphs for these protocols were designed. These graphs were built by following the logical and coherence actions performed by the protocols in response to the different processors' requests that threatens memory consistency. Correctness analysis was then performed on these graphs.

Capture effect has shown considerable improvement on performance of slotted ALOHA systems. Further, improvement is expected by increasing the number of base stations. The performance of such slotted ALOHA systems is analyzed with the aid of Equilibrium point analysis. Packet dropping due to finite number of retransmissions is taken into account. The numerical results indicate that the finite number of retransmission trials mainly contribute to the improvement of the packet dropping probability in the range of light input traffic. The use of multiple base stations improves the overall throughput and the average transmission delay in the range of heavy input traffic.

Broadband-ISDN Network Architecture and Signaling concepts are described with particular emphasis on Asynchronous Transfer Mode (ATM) technology. A consolidated view of various aspects of B-ISDN/ATM Access and Network Signaling functions, architecture and protocols is presented. Additionally, a suggested evolutionary growth path for the B-ISDN signaling protocols is summarized. This is followed by a high-level comparison of two protocols under consideration for network signaling. The result of this evaluation indicates that the requirements of network signaling are best met by a protocol stack based on SS7 concepts. Finally, a set of future B-ISDN and Multimedia services is presented in context of the requirements they would impose on the signaling protocols. Enhancements to the access signaling protocol are proposed for the support of multiconnection and/or multiparty calls. These extensions/enhancements consist of a set of simplified messages, information elements and procedures based on message flows. Evolution and backward compatibility to existing protocols are taken into account while developing the extensions.

In this thesis we have proposed and analyzed a new architecture for high speed fiber optic LANs/MANs, called the Dual Bus R-Net. The scheme is based on a slotted unidirectional dual bus structure. It uses a reservation mechanism to generate slotted frames on each bus. Frames consist of a reservation slot and one or many information slots. Stations reserve slots by transmitting reservation requests on the bus carrying information in the opposite direction. The scheme has the advantage of superior channel utilization, bounded delay, fair access to all stations, dynamic bandwidth allocation to network users, and implementation simplicity. Extensive simulations have been carried out to verify the characteristics of the network. Simulation results reinforce the initial claims of the advantages offered by Dual Bus R-Net. Performance analysis is presented in terms of network delay and channel utilization. Simulation results are compared with similar results of X-Net, R-Net, DQDB, and Expressnet.

The purpose of this thesis is to examine the issues involved in centralizing network control of two dissimilar network management systems, through the use of a protocol translator. In particular, we consider communication between a Programmable Communications Processor (PCP) and an Access Communications Processor (ACP) for the purposes of control, configuration, software updating and backup. The integration should maintain backwards compatibility to both systems, as well as providing value-added functionality. Issues to be examined include protocol translator design criteria, an implementation strategy for a state/event driven handler and performance testing.

Compared to the traditional wireless network, the multi-hop ad hoc wireless network (simply called ad hoc networks) is self-configurable, dynamic, and distributed. During the past few years, many routing protocols have been proposed for this particular network environment. While in wired and optical networks, multi-protocol label switching (MPLS) has clearly shown its advantages in routing and switching such as flexibility, high efficiency, scalability, and low cost, however MPLS is complex and does not consider the mobility issue for wireless networks, especially for ad hoc networks. This thesis migrates the label concept into the ad hoc network and provides a framework for the efficient Label Routing Protocol (LRP) in such a network. The MAC layer is also optimized with LRP for shorter delay, power saving, and higher efficiency. The simulation results show that the delay is improved significantly with this cross-layer routing protocol.

Wireless sensor networks are one of the first real world examples of pervasive computing, the notion that small, smart, and cheap sensing and computing devices will eventually permeate the environment. Sensor networks consist of very large number of energy constrained nodes and to properly evaluate these networks a scalable ad-hoc wireless network simulator with an energy model is needed. Since most of the existing simulators have been designed for ad-hoc network with low scalability they can not be used to accurately simulate sensor networks. The JiST/SWANS simulator is one of the newer simulators that has been developed by Cornell University for simulating ad-hoc networks and is highly scalable which makes it appropriate for use in evaluating sensor networks. Since this simulator lack energy model our objective is to design and implement an energy model for JiST/SWANS so that it can adequately and accurately calculate the amount of energy consumption in the simulation of sensor networks.

In a beacon-enabled network, nodes send beacons when they are ready to transmit or receive messages from the other sensors in their communication range. If the beacons are not synchronized in time, a sensor might receive more than one beacon and hence will not be able to demodulate the beacon, thereby, being isolated from the network. As a result coverage nulls are introduced in the system. To address the above mentioned issues, Motorola Labs have proposed an algorithm for synchronizing the beacons in a wireless personal area network. In this thesis, extensive study of the proposed beacon time synchronization algorithm is done using OPNET as a simulation tool. Simulation is carried out by designing a detailed model of the algorithm using IEEE 802.15.4 as a reference. In depth analysis of the simulation results has been carried out. The results obtained are compared with those of existing time synchronization methods.