QUESTION 1

(i) Explain the differences between Secure Socket Layer (SSL) and Transport Layer
Security (TLS).

ANSWER:

SSL stands for Secure Socket Layer while TLS stands for Transport Layer Security.

Both Secure Socket Layer and Transport Layer Security are the protocols used to
provide the security between web browser and web server.

Their differences include:

 In SSL (Secure Socket Layer), Message digest is used to create master secret and
it provides the basic security services which
are Authentication and confidentiality. While In TLS (Transport Layer
Security), Pseudo-random function is used to create master secret.
 SSL (Secure Socket Layer) supports Fortezza algorithm. Fortezza is a security
technology designed to enforce data integrity, originator authentication, non-
repudiation, and confidentiality. Fortezza personalizes security through and
individualized cryptographic device, a PC Card called the Fortezza Crypto Card
(the Card). The Card contains the user's unique cryptographic key material and
related information, and executes the cryptologic algorithms. While TLS
(Transport Layer Security) does not support Fortezza algorithm.
 In SSL (Secure Socket Layer), Message Authentication Code protocol is used.
While In TLS (Transport Layer Security), Hashed Message Authentication
Code protocol is used.
 TLS (Transport Layer Security) provides high security. While SSL (Secure
Socket Layer) is less secured as compared to TLS (Transport Layer Security).
 TLS (Transport Layer Security) is a little slower due to the two-step
communication process i.e., handshaking and actual data transfer. While SSL
 (Secure Socket Layer) is faster than TLS as authentications are not carried out
intensively.

(ii) Compare and contrast TCP and UDP protocols.

ANSWER

Transmission Control Protocol (TCP) – a connection-oriented communications

protocol that facilitates the exchange of messages between computing devices in a
network. User Datagram Protocol (UDP) – a connectionless communications
protocol that facilitates the exchange of messages between computing devices in a
network.

In comparison:

 Both TCP and UDP have common Header fields which are Source port,
Destination port and Check Sum.
 Also, they both are communication protocols which transfer packets

Their differences are categorized according to their basis which includes:

Type of Service.

 TCP is a connection-oriented protocol. Connection-orientation means that the

communicating devices should establish a connection before transmitting data and
should close the connection after transmitting the data. While UDP is the
Datagram-oriented protocol. This is because there is no overhead for opening a
connection, maintaining a connection, and terminating a connection. UDP is
efficient for broadcast and multicast types of network transmission.
 Reliability.

 TCP is reliable as it guarantees the delivery of data to the destination router.

While the delivery of data to the destination cannot be guaranteed in UDP.

Stream Type

 The TCP connection is a byte stream. While UDP connection is message stream.

Protocols

 TCP is used by HTTP, HTTPs, FTP, SMTP and Telnet. While UDP is used by
DNS, DHCP, TFTP, SNMP, RIP, and VoIP.

Broadcasting

 TCP doesn’t support Broadcasting. While UDP supports Broadcasting.

(iii) What services use TCP, and what services use UDP?

ANSWER

TCP is used by HTTP, HTTPs, FTP, SMTP and Telnet. While UDP is used by DNS,
DHCP, TFTP, SNMP, RIP, and VoIP.

(iv) Why does ftp use more than one port numbers for communication?

ANSWER

FTP (File Transfer Protocol) is a network protocol for transmitting files between
computers over Transmission Control Protocol/Internet Protocol (TCP/IP)
connections.
 FTP uses two TCP connections for communication. One to establish the connection
and the other for data transfer to send the data files between the client and the server.
The connection has to be established before the files can actually be sent across. Port
numbers 21 and 20 are used for FTP. Port 21 is used to establish the connection
between the 2 computers (or hosts) and port 20 to transfer data (via the Data
channel).

Consider an example:

Alice wants two files from Bob. Alice connects to Bob port 21 and asks for the files.
Bob open connections to Alice port 20 when it's ready and send the files there.
Meanwhile, Charles needs a file on Alice's server. Charles connects to 21 on Alice
and asks for the file. Alice connects to port 20 on Charles when ready, and sends the
files.

(v) Write a socket (java) programming that implements both TCP and UDP client-
server file transfer protocol (that’s four different programs all told). The client
should save the file in the "client" subdirectory of the home directory. Be sure it
works when both programs are on the same machine as well as when they are
separated over the network. Test your program with text files.

QUESTION 2

i. Explain what do you understand by POP, SMTP and IMAP protocols?

ANSWER

 POP stands for Point of Presence (also known as Post Office

Protocol). Refers to a point where many devices share a connection and can
communicate with each other. We can say that it is a man-made demarcation
point (a point where the public network of a company ends and the private
network of the customer begins for eg. the point at which your broadband
 cable enters the house) between communicating entities. It basically consists
of high-speed telecommunications equipment and technologies helps in
bringing together people from all over the internet. 

An example of this would be the local access point that connects customers
via their internet service provider (ISP) to the rest of the world. The size of an
ISP can be calculated by seeing the number of POPs that the service provider
has. The normal houses routers, modems, servers, switches, and other such
devices that have to share data over networks all use POPs. Internet Service
Providers have multiple POPs. 

 Simple Mail Transfer Protocol (SMTP). Most internet systems use SMTP as a
method to transfer mail from one user to another. SMTP is a push protocol
and is used to send the mail whereas POP (post office protocol) or IMAP
(internet message access protocol) are used to retrieve those emails at the
receiver’s side. The client who wants to send the mail opens a TCP
 connection to the SMTP server and then sends the mail across the connection.
The SMTP server is an always-on listening mode. As soon as it listens for a
TCP connection from any client, the SMTP process initiates a connection
through port 25. After successfully establishing a TCP connection the client
process sends the mail instantly. 

SMTP Protocol
The SMTP model is of two types:
 End-to-end method
 Store-and- forward method
The end-to-end model is used to communicate between different
organizations whereas the store and forward method is used within an
organization. An SMTP client who wants to send the mail will contact the
destination’s host SMTP directly, in order to send the mail to the destination.
The SMTP server will keep the mail to itself until it is successfully copied to
the receiver’s SMTP.
The client SMTP is the one that initiates the session so let us call it client-
SMTP and the server SMTP is the one that responds to the session request so
let us call it receiver-SMTP. The client- SMTP will start the session and the
receiver-SMTP will respond to the request.

 Internet Message Access Protocol (IMAP) is an application layer protocol

that operates as a contract for receiving emails from the mail server. It was
designed by Mark Crispin in 1986 as a remote access mailbox protocol, the
current version of IMAP is IMAP4. It is used as the most commonly used
protocol for retrieving emails. This term is also known as Internet mail access
protocol, Interactive mail access protocol, and Interim mail access protocol.
Working of IMAP: IMAP follows Client-server Architecture and is the most
commonly used email protocol. It is a combination of client and server
process running on other computers that are connected through a network.
 This protocol resides over the TCP/IP protocol for communication. Once the
communication is set up the server listens on port 143 by default which is
non-encrypted. For the secure encrypted communication port, 993 is used.

Architecture of IMAP

ii. Explain How Does SMTP Work, its basic functions and drawbacks, if any.

ANSWER

In the SMTP model user deals with the user agent (UA), for example,
Microsoft Outlook, Netscape, Mozilla, etc. In order to exchange the mail
using TCP, MTA is used. The user sending the mail doesn’t have to deal with
MTA as it is the responsibility of the system admin to set up a local MTA.
The MTA maintains a small queue of mails so that it can schedule repeat
delivery of mails in case the receiver is not available. The MTA delivers the
mail to the mailboxes and the information can later be downloaded by the
user agents.
Functions of SMTP

 SMTP is used to transmit e-mail between e-mail servers, such as from e-mail
clients to e-mail server.

Drawbacks of SMTP

 work in both directions; they can only deliver outgoing mail, not receive
incoming messages. The counterpart for receiving emails would be POP3 or
IMAP.
iii. Why is IMAP preferred over POP3?

ANSWER

IMAP is more preferred because IMAP is more secured than P0P3.And POP
downloads emails from the server for permanent local storage, while IMAP
leaves them on the server while caching (temporarily storing) emails locally
 iv. Explain the importance of IMAP server in mailing system?

ANSWER
IMAP enables users to organize messages into folders, flag messages for
urgency or follow-up, and save draft messages on the server. Users can also
have multiple email client applications that sync with the email server to
consistently show which messages have been read or are still unread.

v. Compare and contrast between HTTP, HTTPS and SMTP.

ANSWER
HTTP stands for Hyper Text Transfer Protocol is the backbone of the World
Wide Web (WWW). Hypertext Transfer Protocol Secure (HTTPS) is an
extension of the Hypertext Transfer Protocol (HTTP), It is used for secure
communication. In HTTPS, the communication protocol is encrypted using
Transport Layer Security. SMTP (Simple Mail Transfer Protocol) is a push
protocol and is used to send the mail.

Their differences are categorized according to their basis which includes:

Port Number: HTTP uses port number 80 for communication, HTTPS uses
443 port number for communication, also SMTP uses 25 port number for
communication.
Security: HTTP is considered to be unsecure, HTTPs is considered as secure,
SMTP is considered to be secure.
Type of Transfer: in HTTP and HTTPS transfer files between the web
server and web client while SMTP transfer mails via Mail Servers.
Network Layers: HTTP and SMTP works at Application Layer while
HTTPS works at Transport Layer.
vi. Write a client server programming that implement a SMTP client and a
SMTP server that sends and receives mail respectively. Program the SMTP
server that interacts with your SMTP client.
ANSWER