IEEE#802.11#WiFi#heim.ifi.uio.no/~infpri/Presentasjoner/8022016.pdf · MulWple#access#protocols#...

IEEE 802.11 WiFi

Paal E. Engelstad

•  Overview •  History

– Ethernet -‐> WiFi

•  Physical layer •  MAC layer •  Security

A look at network structure •  network edge:

–  hosts: clients and servers –  servers often in data centers

v  access networks: § Wired (e.g. Ethernet) § Wireless (e.g. LTE and WiFi)

v  network core: §  interconnected routers §  network of networks

mobile network

global ISP

regional ISP

home network

institutional network

Some Wireless Access networks

v  access networks: § Wired (e.g. Ethernet) § Wireless (e.g. LTE and WiFi)

WiFi (and Ethernet) in home networks

to/from headend or central office

cable or DSL modem

router, firewall, NAT

wired Ethernet (100 Mbps)

wireless access point (54 Mbps)

wireless devices

often combined in single box

WiFi (and Ethernet) in Enterprise networks

v  Typically used in companies, universities, etc v  10 Mbps, 100Mbps, 1Gbps, 10Gbps transmission rates v  Today, end systems typically connect into Ethernet switch

Ethernet switch

institutional mail, web servers

institutional router

institutional link to ISP (Internet)

WLAN vs. WWAN •  shared wireless access network connects end system to router

–  via base station aka “access point”

Wireless LANs (WLANs): §  within building (100 ft) §  802.11b/g (WiFi): 11, 54 Mbps

transmission rate

Wireless wide-area netwoks (WWAN) §  provided by telco (cellular)

operator, 10’s km §  between 1 and 10 Mbps §  3G, 4G: LTE

to Internet 1-7

to Internet

WLAN vs. WWAN

to Internet 1-8

WLAN/WiFI (802.11)

WWAN (1G, 2G, 3G,...) Range

(m)

Capacity (BW) Wireless Networking

Wireless sta0on Access point (AP)

Connects mul0ple wireless sta0ons to the wired network

WLAN components

Basic Service Set (BSS) -‐ One access point

Extended Service Set (ESS) -‐  Mul0ple cells, Two or more BSSs

WLAN operating modes: Infrastructure mode

Independent Basic Service Set (IBSS)

WLAN operating modes: Ad hoc mode

IBSS Independent BSS BSS

(Infrastructure BSS)

EBSS (Extended BSS)

DS (Distribution System)

BSS (Infrastructure BSS) BSS

(Infrastructure BSS)

“Portal”

Access Point (AP)

ID: BSSID

ID: SSID

Station (STA)

WLAN operating modes: Summary

•  Overview •  History

– Ethernet -‐> WiFi

•  Physical layer •  MAC layer •  Security

History: Fixed networking

LAN (Ethernet)

Telco-‐network Range (m)

Capacity (BW) Fixed Networking

History: Fixed networking

LAN (Ethernet)

Telco-‐ network Range

(m)


Internet IEEE

IETF

ITU (U.N.) ETSI (industry)

History: Going wireless...

LAN (Ethernet)

Telco-‐ network Range

(m)


WLAN ?

WAN (1G, 2G, 3G,...) Range

(m)


IEEE Internet

History: HyperLAN vs 802.11

•  Ethernet as a starWng point...

LAN (Ethernet)

Teleco-‐network Range (m)


? WAN

(1G, 2G, 3G,...) Range (m)


IEEE

802.11

ETSI

HyperLAN (ETSI) vs 802.11 (IEEE/WiFi)

•  Market race in late 1990ies •  Layering principles well established •  Telecom: Top-‐down approach, include all

–  Telecom wireless guys trying to datacom (Ethernet) •  Datacom: Bo[om up, modular

– Data com (Ethernet) guys trying to do wireless –  RFC 1925 The Twelve Networking Truths, 1 april ! 1996

•  (12) In protocol design, perfecWon has been reached not when there is nothing le` to add, but when there is nothing le` to take away.

•  (Originally from the French writer Antoine de Saint-‐Exupery)

Why IEEE won the market race

•  Faster to market, partly due to datacom design philosophy, e.g.: •  RFC 1958 Architectural Principles of the Internet June 1996

–  ... –  3.4 Performance and cost must be considered as well as funcWonality. –  3.5 Keep it simple. When in doubt during design, choose the simplest

soluWon. –  3.6 Modularity is good. If you can keep things separate, do so –  3.7 In many cases it is be[er to adopt an almost complete soluWon

now, rather than to wait unWl a perfect soluWon can be found. –  3.8 Avoid opWons and parameters whenever possible. Any opWons and

parameters should be configured or negoWated dynamically rather than manually.

–  ... etc ...

•  This also explains the “alphabet soup” of 802.11

Learning from history

•  You should understand the starWng point: – Ethernet

•  They faced 3 main challenges: – New physical layer (PHY)

•  Radio techniques, modulaWon etc

– Changes to MAC-‐layer •  Due to radio features: CDMA/CD -‐> CDMA/CA

– Security •  From wired network to open broadcast

Then keep on improving



•  New PHYs with higher BW (eg 802.11a from HyperLAN)

– Changes to MAC-‐layer •  CDMA/CA + new features (some from HyperLAN)

– Security •  Replacing the original WEP with 802.1X

This is our OUTLINE:



•  New PHYs with higher BW (e.g. 802.11a from HiperLAN)



OUTLINE



•  New PHYs with higher BW (802.11a from HiperLAN)



De-Facto Ethernet today •  LAN Switching and Full Duplex physical layer

– No collision detection in devices

•  Optimized implementation of original Ethernet –  Ethernet specification fits well as a WLAN starting

point ....

Switch

Switch

Same broadcast domain

Ethernet: Multiple-access links

•  broadcast (shared wire or medium) –  Old-fashioned Ethernet

•  With old-fashioned bus (e.g. 10Mb 10Base-2 Coax) •  Ethernet with a Hub-topology

–  802.11 wireless LAN

Shared wire (e.g.,

old-fasioned Ethernet) Shared Radio / Wireless

(e.g., 802.11 WiFi)

humans at a cocktail party

(shared air, acoustical)

HUB

Star-topology with hub or repeater (e.g. Ethernet)

MulWple access protocols •  single shared broadcast channel •  two or more simultaneous transmissions by nodes: interference

– collision if node receives two or more signals at the same time

multiple access protocol •  distributed algorithm that determines how nodes share

channel, i.e., determines when node can transmit •  communication about channel sharing must use channel itself!

–  no out-of-band channel for coordination

3 classes of multiple access protocols

•  channel partitioning –  divide channel into smaller “pieces” (e.g. with time slots/TDMA,

frequency/FDMA, code/CDMA) –  allocate piece to node for exclusive use

•  “taking turns” –  nodes take turns, but nodes with more to send can take longer

turns –  Example1: Polling with a Master/Slave topology (e.g. Bluetooth) –  Example2: Token passing with a Ring topology (e.g. IEEE 802.5)

•  random access –  channel not divided, allow collisions –  Need to detect collisions and “recover” from collisions –  Examples: Aloha, CSMA/CD (Ethernet), CSMA/CA (WLAN)

Ethernet designed for multiple access

•  Designed for bus-topology and broadcast •  Allows also use of star topology with hub •  Each station must examine every frame to determine

whether the frame is destined for it or not •  All stations see all frames placed on the network

–  i.e. Broadcast domain = Collision Domain

Shared wire (e.g., old-fasioned Ethernet)

HUB


Ethernet uses CSMA/CD to control access to the transmission medium

–  CSMA: Listen before sending, and do not send if channel is busy (Human analogy: don’t interrupt others!)

–  CD: Listen while sending, •  Not easy on wireless: 802.11 WiFi uses frame exchange (e.g. DATA/ACK) instead

–  WiFi uses Collision Avoidance (CA) in addition

–  Back off if collision is detected (Human analogy: the polite conversationalist)

•  Exponential back-off

Shared wire (e.g., old-fasioned Ethernet)

HUB


OUTLINE






1997

31

…..

Standardiza0on of WLAN: IEEE approved 802.11, 2.4 GHz, 1-‐2 Mbps

2003

802.11g: 2.4 GHz, upto 54Mbps; Performance similar to 802.11a; Compa0ble with 802.11b devices

1999

802.11b: 2.4GHz, upto 11 Mbps; 802.11a: 5GHz, upto 54Mbps

2007-‐2009

IEEE approved 802.11n, upto 600 Mbps Op0mizes modula0on; Uses mul0ple antennas

Brief history of the 802.11 PHYs

PHYs •  802.11-‐1997 (802.11 legacy ”Standard”)

–  2.4 GHz, 1 Mbit/s or 2 Mbit/s.

•  802.11b-‐1999 (”Amendment”) –  2.4 GHz, 11 Mbps –  On market: year 2000

•  802.11a-‐1999 (OFDM) –  5 GHz, 1.5 – 54 Mbps –  Very slow market adopWon

•  802.11g-‐2003 –  2.4 GHz, 1.5 – 54 Mbps –  On market: 2003 (hindered growth of 802.11a)

•  802.11-‐2007 (”Standard”) –  Included amendments 802.11a, b, d, e, g, h, i, j

•  802.11n-‐2009 (MIMO) –  Both 2.4 GHz and 5 GHz bands 54 – 600 Mbps –  On market from 2007/2008 (based on dra` version)

•  802.11-‐2012 (”Standard”) –  Included amendments 802.11k, r, y, n, w, p, z, v, u, s

•  802.11ac-‐2013 (MulW-‐user MIMO) –  5 GHz bands 1.3 Gbps –  Products available on the market now

Physical layers: Example: 802.11

TODO: UPDATE

IEEE std Type/modulat. Year Max rate (Mbps)

Band (GHz)

802.11 FHSS (QPSK)

1997 2 2,4

802.11 DSSS (GFSK) 1997 2 2,4

802.11b HS-DSSS (CCK) 1999 11 2,4

802.11a OFDM 1999 54 5.0

802.11g OFDM/DSSS 2003 54 2,4

802.11j OFDM 54 4,9

802.11n OFDM 2009 350 2.4/5.0

802.11ac OFDM 2014? 1690 5.0

802.11ad OFDM 2012 7000 60 (LOS 10m)

Link Layer 5-33


TODO: UPDATE


Band (GHz)

802.11 FHSS (QPSK)

1997 2 2,4

802.11 DSSS (GFSK) 1997 2 2,4

802.11b HS-DSSS (CCK) 1999 11 2,4

802.11a OFDM 1999 54 5.0

802.11g OFDM/DSSS 2003 54 2,4

802.11j OFDM 54 4,9

802.11n OFDM 2009 350 2.4/5.0

802.11ac OFDM 2014? 1690 5.0

802.11ad OFDM 2012 7000 60 (LOS 10m)

Link Layer 5-34

35

FHSS rapidly switches a carrier among many frequency channels

Highly resistant to narrowband interference

u FSK modula0on u 79 channels (2.4GHz-‐2.438 GHz) u 1 MHz Channel spacing

Frequency Hopping Spread Spectrum (FHSS)

36

System performance metrics used commonly used for TPC

FHSS Interference avoidance

FHSS: Concept of spread spectrum


TODO: UPDATE


Band (GHz)

802.11 FHSS (QPSK)

1997 2 2,4

802.11 DSSS (GFSK) 1997 2 2,4

802.11b HS-DSSS (CCK) 1999 11 2,4

802.11a OFDM 1999 54 5.0

802.11g OFDM/DSSS 2003 54 2,4

802.11j OFDM 54 4,9

802.11n OFDM 2009 350 2.4/5.0

802.11ac OFDM 2014? 1690 5.0

802.11ad OFDM 2012 7000 60 (LOS 10m)

Link Layer 5-38

39

DSSS is a modula0on technique that transmits the message signal using a wide(r) bandwidth

DSSS is more robust to interference and noise/jamming

Direct Sequence Spread Spectrum (DSSS)

DSSS: Concept of spread spectrum

Below the noise level! (Analogy from technical museum)

DSSS: Analogy

Sound waves

Speak! Listen!

Below noise level


Tradi0onal way of sharing the spectrum would be like this (FDM)


The DSSS way of sharing the spectrum would be like this...

44

The message signal modulates a pseudorandom noise/code (PRN)

source.: Siemens

Direct Sequence Spread Spectrum (DSSS)

45

Graphical representa0on of WiFi Channels in 2.4 GHz band

Non-‐overlapping DSSS Channels in the ISM band

DSSS Channels


TODO: UPDATE


Band (GHz)

802.11 FHSS (QPSK)

1997 2 2,4

802.11 DSSS (GFSK) 1997 2 2,4

802.11b HS-DSSS (CCK) 1999 11 2,4

802.11a OFDM 1999 54 5.0

802.11g OFDM/DSSS 2003 54 2,4

802.11j OFDM 54 4,9

802.11n OFDM 2009 350 2.4/5.0

802.11ac OFDM 2014? 1690 5.0

802.11ad OFDM 2012 7000 60 (LOS 10m)

Link Layer 5-46

47

Each RF carries a small part of the data

The carriers are very close to each other but are orthogonal

The data is divided into a large number of radio frequencies (RFs)

OFDM is highly robust to frequency selec0ve interference and fading, but it requires high processing power

Orthogonal Frequency Division Multiplexing (OFDM)

The Protocol Stack

•  Mostly focusing on the MAC layer here.

•  More management funcWons on the MAC-‐layer, than in other ”Wired” IEEE 802-‐standarder 802.11 Protokol Arkitektur

Note:

- FHSS is historic - IR not implemented (IrDA isteden) - 802.11b, 802.11a and 802.11g PHYs - 802.11n is the upcoming PHY

802.2 !!!

PHY – Below the MAC

•  Three main funcWons: 1.  Wrap in the MAC frames (PLCP) 2.  Transmit and receive over the radio channel (PMD)

•  E.g. the modulaWon presented in previous slides

3.  Indicate to the MAC layer whether the channel is available or not (CCA)

PHY

PLCP Phys. Layer Convergence Proc.

PMD Phys. Medium Dependent

CCA is based on: -  energy level -  decoding over time -  combination

CCA Clear Channel Assessment

PLCP – Allowing different BWs

•  PLCP has its own header:

PHY

PLCP Phys. Layer Convergence Proc.

PMD Phys. Medium Dependent

Signal bits: Indicate the modulation used in the remaining part of the frame [Service bits (reserved in DSSS, but used in 802.11b): 1 bit increases the length, 1bit for symbol clock locked to transmit frequency, and 1 bit for the type of coding (CCK vs PBCC...)]

LLC: Above the MAC

•  802.11 uses 802.2 for logic link control, for encapsulaWon of IP and ARP

•  802.2 header appears between MAC header and e.g. the IP-‐packet:

Ne[verkslaget (IP)

Log. Link Ctrl. (802.2)

MAC-‐laget (802.11 MAC)

Fysisk lag (802.11 PHY)

802.11 MAC hdr

SNAP DSAP

SNAP SSAP Control Vendor

ID Type

(IP/ARP) IP Pakke FCS

24/30 1 1 1 3 2 4 0-2306 bytes

Like for Ethernet II

“SNAP-header“ 802.2 LLC header

3 0 OxAA OxAA

LLC specifies the general interface between the network layer (IP, IPX, etc) and the data link layer (Ethernet, Token Ring, etc).

SNAP header added for Ethernet II compaMbility. The protocol Types for IP/ARP etc > 1500, and there is not sufficient space for this within the 1-‐Byte SAP fields.

OUTLINE






Main funcWon of the MAC-‐layer •  Reliable transmission => 2-‐way & 4.way handshake:

–  ACK of each unicast data frame •  2 way / ”Minimal Frame Exchange”

–  RTS/CTS handshake to avoid ”Hidden Node Problem” •  4 way

•  Fair access to the channel –  PCF (/HCF) – Polling-‐based, not treated here –  DCF (Distributed CoordinaWon FuncWon)

•  CSMA/CA •  Timing Intervals

•  ProtecWon of the data sent – WEP – WPA / WPA2 / 801.11i

Hidden Node Problem

Data Data

A B

SoluWon: CTS/RTS

•  Before each data frame is sent, short RTS /CTS frames are exchanged –  RTS = ”Request To Send”, CTS = ”Clear To Send”

•  ”dot11RTSThreshold” set in MIB: –  no CTS/RTS for frames shorter than the Threshold

•  CTS also used for 802.11b/802.11g interoperability –  To clear the channel

Data Data

RTS RTS

A B

CTS (A) CTS (A)

A B

Data ACK

Fair access to the channel – CSMA/CA

•  CSMA = ”Listen before Talk”

•  CA = “Collision Avoidance” –  Less greedy: waiWng a random Wme before retransmission

•  p-‐persistent –  Physical Carrier Sense (Clear Channel Assessment) –  ”Virtual” Carrier Sense

•  Each frame contains ”DuraWon” informaWon •  Each node maintains a NAV

–  Network AllocaWon Vector updated by the ”DuraWon” info –  Says how long the channel will be busy

•  Every node must listen to every frame on the network –  (or in Power Save Mode: must synch with Beacon from the AP)

Binary exponenWal backoff -‐ 1 1.  MAC layer receives packet to be transmi[ed 2.  MAC do a physical and virtual ”carrier sense” 3.  The frame is transmi[ed if the channel is idle 4.  Otherwise (i.e. if channel is busy):

a)  MAC selects a random number of backoff slots (=Backoff Value) within the give ”ContenWon Window” interval

b)  MAC increments the Retry Counter c)  Then the Backoff value is decremented for each idle Wmeslot

MAC observed on the channel. The MAC transmits the frame when the Backoff Value = 0

d)  If no ACK is received, the ContenWon Window is doubled; GOTO 4a)

Binary exponenWal backoff -‐ 1 5.  Abort if ACK received (i.e. success) or if Retry Counter

exceeds the Retry Limit (i.e. give up) a)  Retry Counter reset tp 0 b)  ContenWon Window reset to its start value ”CWmin”

6.  Post-‐Backoff: One backoff (with CWmin) must be carried out, before a new frame can be transmi[ed.

Note: The Post-‐backoff ensures fair access to the channel –  Allows other STAs to enter the channel –  Fairness is thus on a per-‐staWon and per-‐frame basis –  This mechanism is tweaked in 802.11e in order to provide

differenWated QoS (EDCA)

Priority by the Timing Intervals •  Short Inter-‐Frame Space (SIFS)

–  The shortest Inter-‐Frame Space (IFS) interval –  Used for “atomic” handshakes, etc.

•  ACK, CTS, Poll-‐Response (PCF), Data •  Priority IFS (PIFS = SIFS + 1 0meslot)

–  AP uses PIFS to seize the channel under the contenWon-‐free period (CFP), and SIFS (+NAV) to withhold it

•  Distributed IFS (DIFS = SIFS + 2 0meslots) –  Minimum delay for the contenWon period (CP)

DIFS Contention Window

Slot time

Defer Access

Backoff-Window Next Frame

Select Slot and Decrement Backoff as long as medium is idle.

SIFS

PIFS DIFS

Free access when medium is free longer than DIFS

Busy Medium

(EIFS is not menWoned…)

Timing and NAV with ”Minimal Frame Exchange”

”Atomic” transmission unit where channel is busy

Timing and NAV with 4-‐way handshake

”Atomic” transmission unit

Timing and NAV with PCF

Frame format

•  Frame Control – Type: –  Data

•  8 types: Data / Null med CF-‐Poll and/or CF-‐ACK –  Control

•  RTS, CTS, ACK, PS-‐Poll (power save), CF-‐End, CF-‐End+ACK – Management

•  Beacon, Probe Request/Response, •  AuthenWcaWon, De-‐AuthenWcaWon •  AssociaWon/Re-‐associaWon Request/Response, DisassociaWon •  Announcement Traffic IndicaWon Map (ATIM)

Frame Control

Duration/ ID

Address 1

Address 2

Address 3

Sequence Control

Address 4 Data CRC

2 2 6 6 6 6 2 4 0-2312 bytes

Protocol version Type Subtype To

DS More Frag Retry Power

Mgmt More Data WEP

2 2 4 1 From DS

1

Order

bits 1 1 1 1 1 1

Some frame formats •  Common frame format, e.g. for data in BSS:

•  Special frame formats

Frame Control Duration Receiver

Address Transmitter

Address CRC

2 2 6 6 4 bytes


Address CRC

2 2 6 4 bytes


Address CRC

2 2 6 4 bytes

ACK

RTS

CTS

Frame Control

Duration/ ID

Address 1

Address 2

Address 3

Sequence Control Data CRC

2 2 6 6 6 2 4 0-2312 bytes

From AP: DA BSSID SA To AP: BSSID SA DA

OUTLINE






1.  Probe_Request(SSID=’/0’, STA_rates) 2.  Probe_Response(Timestamp, beacon_interval, AP_capabiliWes, SSID=”This-‐SSID”,

AP_rates, PHY-‐parameters) 3.  AuthenWcaWon(Algorithm_no=1, sequence_no=0) 4.  AuthenWcaWon(Algorithm_no=1, sequence_no=1, Challenge=”abcdefgh”) 5.  AuthenWcaWon(Algorithm_no=1, sequence_no=2, Challenge=RC4(key, ”abcdefgh”)) 6.  AuthenWcaWon(Algorithm_no=1, sequence_no=3, Status_code=Success) 7.  AssociaWon_Request(STA_capabiliWes, listen_interval, SSID=”This-‐SSID”, STA_rates) 8.  AssociaWon_Response(AP_capabiliWes, Status_code = ”Success”, AssociaWon_ID,

AP_rates) 9.  DATA TRANSMISSIONS ? ? ? ? ? ? ? ?

Typical scenario -‐ I

ID: This-SSID ID: BSSID1 ID: BSSID2

?

i.  Merk utvekslingen av kapabiliteter and supporterte data rater mellom STA and AP ii.  Kun ensidig autenMsering av STA, dvs. STA kan ikke autenMsere AP iii.  Punkt 4. and 5. uXøres ikke ved ”Open AuthenMcaMon” uten WEP. Da kjøres Null-‐algoritmen iv.  Listen_interval = n betyr at STA vil ly_e Ml hvert n’te Beacon (i.e. i Power Save Mode) v.  AssociaMon_ID (AID) brukes for polling

? ? ? ? ? ? ?

1.  DATA TRANSMISSIONS 2.  Beacon(Timestamp, beacon_interval, AP_capabiliWes, SSID=”This-‐SSID”, AP_rates, PHY-‐

parameters, etc...) 3.  AuthenWcaWon(Algorithm_no=1, sequence_no=0) 4.  AuthenWcaWon(Algorithm_no=1, sequence_no=1, Challenge=”abcdefgh”) 5.  AuthenWcaWon(Algorithm_no=1, sequence_no=2, Challenge=RC4(key, ”abcdefgh”)) 6.  AuthenWcaWon(Algorithm_no=1, sequence_no=3, Status_code=Success) 7.  Re-‐AssociaWon_Request(STA_capabiliWes, listen_interval, SSID=”This-‐SSID”, STA_rates,

Current_AP_Address) 8.  ReassociaWon message sent to Current_AP_Address using IAPP or proprietary protocol 9.  Re-‐AssociaWon_Response(AP_capabiliWes, Status_code = ”Success”, AssociaWon_ID,

AP_rates) 10.  DATA TRANSMISSIONS

? ? ?

Typical scenario -‐ II

ID: This-SSID

i.  På forrige slide brukte STA akMv scanning, Her viser vi eksempelet med passiv scanning.

ii.  STA kan pre-‐autenMsere seg i god Md med mange APer for sikkerhets skyld uten å må_e (re-‐)assosiere seg

iii.  Noen implementasjoner vil ikke kreve ny authenMserMng, når STA allerede har authenMsert med et annet AP

? ? 1.  DisassociaWon (Reason_code = 4 (i.e. ”Disassociated due to inacWvity”))

2.  DeauthenWcaWon(Reason_code = 3 (i.e. ”DeauthenWcated because STA is leaving”))

Typical scenario -‐ III

ID: This-SSID

Power Saving -‐ Principle

•  STA synchronizes using the Beacon from the AP •  AP buffers incoming packets for the STA •  AP sends a Traffic IndicaWon Map (TIM) in Beacon •  STA ”wakes up” for every n’th Beacon

–  Checks TIM for buffered packets waiWng at the AP –  Might send a PS-‐Poll to receive buffered packets

•  If the AP sends the buffered frame with a ”more data”-‐bit = 1, then the STA conWnues polling the AP for more buffered packets

•  For mulW-‐/broad-‐cast frames the AP uses a Delivery TIM (DTIM)

All this requires synchronizaWon between the AP and the

STA...

SynchronizaWon: TSF

•  The Timing SynchronizaWon FuncWon (TSF) •  AP is responsible for maintaining the TSF •  AP announces its Wme (TSF) periodically in Beacons •  STAs adapt its locale Wme (TSF) to the TSF of the AP •  Beacon also contains the Beacon interval

–  STA can predict when the next Beacon will arrive •  This point in Wme is referred to as the “Target Beacon Transmission Time” (TBTT)

–  STA can therefore maintain the synchronizaWon, even if it misses some Beacons

•  AP announces its Wme (TSF) also in Probe Responses –  Scanning STAs can also synchronize

Other MAC-‐funcWons

•  FragmentaWon •  Scanning •  …

Not dealt w

ith in this l

ecture

OUTLINE






73

BSS: Shared key is used between all sta0ons and the APs

ESS: All APs have the same shared key

No key management Shared key is manually entered into sta0ons and APs

Scalability issues are cri0cal

WEP is the original security model (1999), but has dis0nct weaknesses and is outdated

WLAN Security: Wired Equivalent Privacy (WEP) Model

74

WPA (2003) employs Temporary Key Integrity Protocol (TKIP) to enhance security of the keys used with WEP

WPA also uses RC4 stream cipher

WPA changes the way keys are derived and rotates keys more ogen for improved security

WPA has an addi0onal func0on called message integrity check func0on to prevent packet forgeries

WLAN Security Enhancement: Wi-‐Fi Protected Access (WPA)

75

The WLAN security model currently in use is WPA2 (802.11i)

WPA2 uses Advanced Encryp0on Standard (AES) block cipher

WPA2 uses an encryp0on device that encrypts the network with a 256-‐bit key

WLAN Security Enhancement: WPA2

OUTLINE






Date post:	19-Apr-2020
Category:	Documents
Upload:	others
View:	1 times
Download:	0 times

IEEE#802.11#WiFi#heim.ifi.uio.no/~infpri/Presentasjoner/8022016.pdf · MulWple#access#protocols#...

Documents