Posted on Categories:密码学与网络安全, 计算机代写

# CS代写|密码学与网络安全CRYPTOGRAPHY AND NETWORK SECURITY代考|COMP431 Tunneling

avatest™

## avatest™帮您通过考试

avatest™的各个学科专家已帮了学生顺利通过达上千场考试。我们保证您快速准时完成各时长和类型的考试，包括in class、take home、online、proctor。写手整理各样的资源来或按照您学校的资料教您，创造模拟试题，提供所有的问题例子，以保证您在真实考试中取得的通过率是85%以上。如果您有即将到来的每周、季考、期中或期末考试，我们都能帮助您！

•最快12小时交付

•200+ 英语母语导师

•70分以下全额退款

avatest.™ 为您的留学生涯保驾护航 在计算机Computers代写方面已经树立了自己的口碑, 保证靠谱, 高质且原创的计算机Computers代写服务。我们的专家在计算机网络Computer Networking代写方面经验极为丰富，各种计算机网络Computer Networking相关的作业也就用不着 说。

## CS代写|密码学与网络安全CRYPTOGRAPHY AND NETWORK SECURITY代考|Tunneling

Tunneling, or encapsulation, is a usual technique in packet-switched networks. It consists of wrapping a packet into a new one. That is, a new header is attached to the original packet. The entire original packet becomes the payload of another packet, as shown in Figure 9.4.

In general, tunneling is used to carry traffic of one protocol over a network that does not support that protocol directly. For example, NetBIOS or IPX can be encapsulated into IP to carry it over to TCP/IP WAN link (Tanenbaum, 2003).

In the case of IPsec, IP is tunneled by IP for a slightly different purpose: to allow full protection, including the encapsulated packet header. If the encapsulated packet is encrypted, an attacker cannot determine, for example, the destination address of that packet. The internal structure of a private network can be hidden in this way.

Tunneling requires intermediate processing of the original packet while en-route. The destination specified in the outer header, usually an IPsec firewall or router, receives the tunneled packet, extracts the original packet, and sends it to the ultimate destination. The processing overhead is compensated by the extra security.

A notable advantage of IP tunneling is the possibility to exchange packets with private IP addresses between two intranets over the public Internet, which requires globally unique addresses. Since the encapsulated header is not processed by the Internet routers, only the endpoints of the tunnel, the gateways, need to have globally assigned addresses. The hosts in the intranets can be assigned private addresses (for example, 10.x.x.x).

## CS代写|密码学与网络安全CRYPTOGRAPHY AND NETWORK SECURITY代考|Authentication Header

The authentication header (AH) is used to provide integrity and authentication to IP datagrams. Replay protection is also possible. Although its usage is optional, the replay protection service must be implemented by any IPsec-compliant system.

The services are connectionless, that is, they work on a per-packet basis. $\mathrm{AH}$ is used in two modes: transport mode and tunnel mode. AH authenticates as much of the IP datagram as possible. In transport mode, some fields in the IP header change en route and their value cannot be predicted by the receiver. These fields are called mutable and are not protected by AH.

The varying IPv4 fields are: type of service (TOS), flags, fragment offset, time to live (TTL), header checksum. When protection of these fields is required, tunneling should be used.

The payload of the IP packet is considered immutable and is always protected by $\mathrm{AH}$. $\mathrm{AH}$ is identified by protocol number 51 , assigned by the IANA. AH processing is applied only to non-fragmented IP packets. However, an IP packet with AH applied can be fragmented by intermediate routers. In this case, the destination first reassembles the packet and then applies AH processing to it.

If an IP packet that appears to be a fragment (offset field is non-zero, or the More Fragments bit is set) is input to AH processing, it is discarded. This prevents the so-called overlapping fragment attack, which misuses the fragment reassembly algorithm in order to create forged packets and force them through a firewall.

Packets that fail authentication are discarded and are not delivered to upper layers. This mode of operation reduces the chances of success for denial of service attacks, whose objective is to block the communication of a host or gateway by flooding it with packets.

## CS代写|密码学与网络安全CRYPTOGRAPHY AND NETWORK SECURITY代考|Tunneling

. net SECURITY

IP隧道的一个显著优点是可以通过公共Internet在两个内部网之间交换带有私有IP地址的数据包，这需要全局唯一的地址。由于封装的报头不被Internet路由器处理，因此只有隧道的端点(网关)需要全局分配地址。内网的主机可以配置私网地址(例如:10.x.x.x)

## CS代写|密码学与网络安全CRYPTOGRAPHY AND NETWORK SECURITY代考|认证头

.认证头

IP包的有效载荷被认为是不可变的，并且总是受到$\mathrm{AH}$的保护。$\mathrm{AH}$由IANA分配的51号协议标识。AH处理只适用于非分片的IP报文。但是，使用AH协议的IP报文会被中间路由器分片。在这种情况下，目的地首先对报文进行重组，然后对其进行AH处理

CS代写|计算机网络代写Computer Networking代考 请认准UprivateTA™. UprivateTA™为您的留学生涯保驾护航。

## MATLAB代写

MATLAB 是一种用于技术计算的高性能语言。它将计算、可视化和编程集成在一个易于使用的环境中，其中问题和解决方案以熟悉的数学符号表示。典型用途包括：数学和计算算法开发建模、仿真和原型制作数据分析、探索和可视化科学和工程图形应用程序开发，包括图形用户界面构建MATLAB 是一个交互式系统，其基本数据元素是一个不需要维度的数组。这使您可以解决许多技术计算问题，尤其是那些具有矩阵和向量公式的问题，而只需用 C 或 Fortran 等标量非交互式语言编写程序所需的时间的一小部分。MATLAB 名称代表矩阵实验室。MATLAB 最初的编写目的是提供对由 LINPACK 和 EISPACK 项目开发的矩阵软件的轻松访问，这两个项目共同代表了矩阵计算软件的最新技术。MATLAB 经过多年的发展，得到了许多用户的投入。在大学环境中，它是数学、工程和科学入门和高级课程的标准教学工具。在工业领域，MATLAB 是高效研究、开发和分析的首选工具。MATLAB 具有一系列称为工具箱的特定于应用程序的解决方案。对于大多数 MATLAB 用户来说非常重要，工具箱允许您学习应用专业技术。工具箱是 MATLAB 函数（M 文件）的综合集合，可扩展 MATLAB 环境以解决特定类别的问题。可用工具箱的领域包括信号处理、控制系统、神经网络、模糊逻辑、小波、仿真等。