IE 419/519 Wireless Networks Lecture Notes #4 IEEE 802.11 Wireless LAN Standard Part #2
Feb 08, 2016
IE 419/519Wireless Networks
Lecture Notes #4IEEE 802.11 Wireless LAN Standard
Part #2
2
IEEE 802.11 MAC Layer Key to the 802.11 specification
It “rides” on every PHY layer and controls the transmission of user data into the air
Provides core framing operations Provides interaction with a wired network
backbone Covers three functional areas
Reliable data delivery Medium access control Security
3
MAC – Reliable Data Delivery WLAN using the IEEE 802.11 PHY and MAC
layers is subject to considerable unreliability
Even with error-correction codes, a number of MAC frames may not be received successfully
More efficient to deal with errors at the MAC level than higher layer (e.g., TCP)
4
MAC – Reliable Data Delivery (cont.) 802.11 incorporates positive acknowledgement Frame exchange protocol
Source station transmits data Destination responds with acknowledgment
(ACK) If source does not receive ACK, it retransmits
frame Four frame exchange
Source issues request-to-send (RTS) Destination responds with clear-to-send (CTS) Source transmits data Destination responds with ACK
5
MAC – Reliable Data Delivery (cont.)
Atomic Operation 802.11 allows stations to lock out contention during
atomic operations so that atomic sequences are not interrupted by other stations attempting to use the transmission medium
MAC – Medium Access Control The 802.11 working group considered two
types of proposals for a MAC algorithm Distributed (like Ethernet), or Centralized
The end result is a MAC algorithm called Distributed Foundation Wireless MAC (DFWMAC)
The DFWMAC architecture provides a distributed access control mechanism with an optional centralized control built on top of that
6
MAC – Medium Access Control (cont.) DFWMAC architecture
7
8
802.11 MAC Frame Format
9
MAC Frame – Address FieldsFunction ToD
SFromDS
Address 1
Address 2
Address 3
Address 4
IBSS
Function ToDS
FromDS
Address 1
Address 2
Address 3
Address 4
To AP (infra.)
APClient Server
802.11 DS
10
MAC Frame – Address Fields (cont.)
Function ToDS
FromDS
Address 1
Address 2
Address 3
Address 4
From AP (infra.)WDS (bridge)
APClient Server
802.11 DS
802.11
Server
AP AP
Client
11
MAC – Security In wireless networks, the word
“broadcast” takes on an entirely new meaning
Original 802.11 standard Privacy
Wired Equivalent Privacy (WEP) algorithm RC4 algorithm using a 40-bit key ( 104-bit key
later) Authentication
Shared-key authentication For more information, go to
http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
12
MAC – Security (cont.)
WEP only addressed protection for the radio link Nothing beyond the AP
Did not include a framework for authentication & authorization
Employed a pre-shared key for encryption Suffered from severe weaknesses Key had to be manually entered/changed on
the APs and all the stations Used CRC for data integrity
13
MAC – Security (cont.)
Types of Attacks Unauthorized association with the AP Man-in-the-middle
Rogue AP
Eavesdropping MAC Spoofing Denial of Service
14
MAC – Security (cont.)
The 802.11i task group developed a set of security mechanisms that eliminates most 802.11 security issues
802.11i addresses several security areas Access Control Authentication Authorization Confidentiality Data Integrity Key management Protection against known attacks
15
MAC – Security (cont.)
Security for WLANs focuses on Access Control (i.e., authentication)
To prevent unauthorized users from communicating with APs
To ensure that legitimate client units associate only with trusted APs (not rogue or unauthorized APs)
Privacy Only intended audience understands transmitted
data Encryption is key
16
MAC – Security (cont.)
Four distinct WLAN security solutions exist Open Access Basic Security Enhanced Security
Requires a Remote Authentication Dial-In User Service (RADIUS) server
Also known as an Authentication, Authorization and Accounting (AAA) server
Remote Access Security Uses a VPN to allow access to corporate network
and access business applications
17
MAC – Security (cont.)
Basic Security SSID
“Sniffing” is a problem Open or Shared-Key Static WEP keys
40 or 128 bits Very time consuming process, especially if they
change Stolen devices are a problem
MAC Authentication Optional APs have access to a list MACs can be forged
18
MAC – Security (cont.)
Basic Security II WPA or WPA2 Pre-Shared Key (PSK) Uses a password or identification code
PassphraseNetwork Type WPA WPA2
Enterprise mode(business, government, education)
Authentication: IEEE 802.1x/EAPEncryption: TKIP/MIC
Authentication: IEEE 802.1x/EAPEncryption: AES-CCMP
Personal mode (SOHO, home/personal)
Authentication: PSKEncryption: TKIP/MIC
Authentication: PSKEncryption: AES-CCMP
19
IEEE 802.11 PHY Layer PHY media defined by original 802.11 standard
Direct-sequence spread spectrum Operating in 2.4 GHz ISM band Data rates of 1 and 2 Mbps 11 channels in the US, 13 in Europe, 1 in
Japan Frequency-hopping spread spectrum
Operating in 2.4 GHz ISM band Data rates of 1 and 2 Mbps 70 channels in the US, 23 in Japan
Infrared 1 and 2 Mbps Wavelength between 850 and 950 nm
20
IEEE 802.11 PHY Layer (cont.)
21
IEEE 802.11 PHY Layer (cont.)
22
IEEE 802.11a Channel structure
Makes use of the U-NII frequency bands Standard specifies a transmit spectrum
mask Purpose is to constrain the spectral properties of
the transmitted signal such that signals in adjacent channels do not interfere with one another
23
IEEE 802.11a (cont.)
Channel structure Available channels
24
IEEE 802.11a (cont.)
Channel structureA
f
f
f
FDM
OFDM
OFDM
25
IEEE 802.11a (cont.)
Coding and Modulation Uses Orthogonal Frequency Division
Multiplexing (OFDM) Also called multicarrier modulation Uses multiple carrier signals at different
frequencies, sending some of the bits in each channel
Subcarrier modulated using BPSK, QPSK, 16-QAM or 64-QAM
26
IEEE 802.11a (cont.)
Coding and Modulation
27
IEEE 802.11b Extension of the 802.11 DSSS scheme Provides data rates of 5.5 and 11 Mbps in
the ISM band Uses chipping rate of 11 MHz thus
occupying the same bandwidth as original DSSS scheme
Higher data rate is achieved by using complementary code keying (CCK) as modulation scheme
28
IEEE 802.11b (cont.)
Channel structure1 2 3 4 5 6 87 9 10 11 12 13 14
1 2 3 4 5 6 87 9 10 11 12 13 14
29
IEEE 802.11g Extension of 802.11b
Achieves data rates above 20 Mbps up to 54 Mbps
Operates in the 2.45 GHz range Compatible with 802.11b
30
Other IEEE 802.11 Standards 802.11f
Multi-vendor AP interoperability (IAPP) 802.11i
Security and authentication mechanisms at the MAC layer
802.11n Range of enhancements to both PHY and
MAC layers to improve throughput Multiple antennas Smart antennas Changes to MAC access protocols
31
References The following references were used to
complement the material presented in this module: Gast, M.S., 802.11 Wireless Networks: The
Definitive Guide, 1st Edition, O’Reilly, 2002 Rivero, J., Porter, J.D., Puthpongsiriporn, T.,
Lemhachheche, R., Layton, W.T., Campus Wireless Environment Deployment Guide, 2005.