Date post: | 01-Jun-2018 |
Category: |
Documents |
Upload: | samirkedis |
View: | 222 times |
Download: | 0 times |
of 58
8/9/2019 UMTS, Wireless Network
1/58
1 | 49
Communication Systems14thlecture
Chair of Communication SystemsDepartment of Applied Sciences
University of Freiburg!!"
8/9/2019 UMTS, Wireless Network
2/58
| 49
Communication SystemsLast lecture UMTS infrastructure
#lease hand in the e$ercise sheet %&' ne$t (ill be handed out inthe ne$t practical e$ercise
Sheet %) is due for the 1*th+uly ,ne$t lecture-
.e$t t(o dates/
"th
' 11th
+uly 0 starting at 1:30pm,to catch up (ith the time ofemitted courses in the beginning of the lecture-
practical e$ercises in the computer center seminar room 114 ,firstday on 2#v& and S2#' second on 3oS-
please grab your older e$ercise sheets there to have a reference fore$am preparation ,(e got uite a pile of papers by no( /--
5ype of e$am still in discussion 0 reuest for a (ritten versionpending 666
8/9/2019 UMTS, Wireless Network
3/58
8/9/2019 UMTS, Wireless Network
4/58
4 | 49
Communication SystemsLast lecture UMTS main network components
8/9/2019 UMTS, Wireless Network
5/58
* | 49
Communication SystemsLast lecture
U5S Core .et(or: ,C.- migrates from ; circuit s(itching topac:et s(itching as introduced (ith ;#=S to mobile net(or:s
5hus many components and interfaces ta:en from ;#=S' li:e thedifferent ;#=S support nodes ,;S.-
8/9/2019 UMTS, Wireless Network
6/58
& | 49
Communication SystemsThis lecture UMTS, Authentication, W-CDMA, encoin!
Start (ith net(or: authentication U5S physical layer/ Freuency Division Duple$ and ?CDA
@$planation of the code duple$ing
5hen s(itch over to other (ireless technologies used for pac:ets(itched net(or:s ,2#-
?ireless 8A.' (idely deployed technology at consumers homes'unversities' companies666
=ather short overvie( on different ?8A. standards
modulation' media access protocol ACA
"!611 a
8/9/2019 UMTS, Wireless Network
7/58
) | *7
Communication SystemsUMTS the physical layer
After introduction of physical layer components ,.ode >- andprinciples ,ra:e receiver and macro diversity-
@$planation of the Code Division ultiple Access
BChips instead of combined 5D' FD
5DD and FDD frame structure
666
8/9/2019 UMTS, Wireless Network
8/58
" | 49
Communication SystemsUMTS - WCDMA
U5S uses t(o methods for 5errestrial =adio Access/ FreuencyDivision Duple$ of t(o paired *E bands
?ideband CDA
Channels are divided via freuency distribution
5ime Division Duple$ A single *E freuency band
Alternating
?CDA und 5DA as multiple$ing method"
8/9/2019 UMTS, Wireless Network
9/58
9 | 49
Communication SystemsUMTS - WCDMA
Code Division ultiple Access ,CDA- has some advantagesover the ;S methods
FDA' 5DA' CDA compared in their principles
8/9/2019 UMTS, Wireless Network
10/58
1! | 49
Communication SystemsUMTS - WCDMA
Code Division ultiple Access ,CDA- has some advantagesover the ;S ,FDA' 5DA- methods
ore efficieny in freuncy band usage
igher data rates ,on demand-
8onger standby and operation for mobile euipment ,less transmitpo(er needs to be generated-
;reater ranges bet(een mobile phones and .ode >s ,for voice-
Fle$ible adustment of radio traffic onto the demands 0 voice gaps ofactive participants could be used for other traffic channels and users
Disruption of signal not neccessarily disrupts a session S(itching from physical to mathematical methods
"
8/9/2019 UMTS, Wireless Network
11/58
11 | 49
Communication SystemsUMTS - WCDMA
?CDA/ Codemultiple$ vs6
Freuency < time multiple$
Multiple signale on justone freuency
Demultiple$ingindependent of channelbundling
#er participant a binarychannaliEation code isused
8/9/2019 UMTS, Wireless Network
12/58
1 | 49
Communication SystemsUMTS - WCDMA
ChannaliEation code is used for and decoding and is spread (itha vector of a length of e6g6 1">it
.o bits but so called chips are used
5he Codes have to be orthogonal
Example for a chipping length of 6User code A: (0,1,0,0,1,1)
User code B: (1,1,0,1,0,1) 4
8/9/2019 UMTS, Wireless Network
13/58
17 | 49
Communication SystemsUMTS WCDMA chip computation
User A sends AdG1
ey A:G ,!'1'!'!'1'1-
.on return to Eero
computed of AdH A: Chips sent/
AsG AdI A: =esults in
,1'J1'1'1'J1'J1- "
User > sends >dG1
ey >:G ,!'1'!'!'1'1-
.on return to Eero
computed of >dH >: Chips sent/
>sG >dI >: =esults in
,1'J1'1'1'J1'J1-
8/9/2019 UMTS, Wireless Network
14/58
14 | 49
Communication SystemsUMTS WCDMA, #$S% coe tree
Addition of all chips/As + Bs = (!"+!"!"!"+!"+!# + (!"!"+!"!"+!"!# G ,' !'
!''J' !-
Decoding chec: all received chips (ith A: < >: ,.=K-
Ae = ($" %" %"$"+$" %# & A' G J ! J ! J J J ! G &
Be = ($" %" %"$"+$" %# & B' G J ! J ! 0 J ! G & =esult should be a & or & (hich euals to a L1B set bit or L!B
?CDA uses a fi$ed chiprate of 7'"4 Chips
8/9/2019 UMTS, Wireless Network
15/58
1* | 49
Communication SystemsUMTS WCDMA, #$S% coe tree
a$imum spreading factor of *& used in uplin:
Scrambling for the complete code tree needed "
8/9/2019 UMTS, Wireless Network
16/58
1& | 49
Communication SystemsUMTS WCDMA, #$S% coe tree
2f code on a node in the code tree is assigned' the subseuentcodes could not be assigned to other ,not orthogonal then-
Scrambling of signals is the follo(ing
ultiplication of a code seuence of 1 and 1 ,.=K- into thesignal
Assigned identity via the scrambling code is nearly 1!!Morthogonal
Advantages time shifited sending ,#osition (ithin a cell-
Deliniation to(ard bordering cells
@ual spectral distribution 4
8/9/2019 UMTS, Wireless Network
17/58
1) | 49
Communication SystemsUMTS WCDMA
Chips instead of bits has some advantages and disadvantages
.egative is that you have to send e6g6 1" times more data andreduces the data rate e$tremely
0ositive is to increase the transmission 1ualitt.
Morecodes means more orthogonals thus 1" users on one.ode > ?CDA allo(s a reduced signal
8/9/2019 UMTS, Wireless Network
18/58
1" | *7
Communication SystemsUMTS security an authentication
Security in ;S is (ea: by our todays standards' mostly bro:enand only one (ay ,clienttonet(or: auth-
Authentication in U5S
>ase is a common secret :ey ' (hich is only :no(n by the US2
,User Services 2dentity odule- in the U@ and by the 8=
8/9/2019 UMTS, Wireless Network
19/58
19 | *7
Communication SystemsUMTS security an authentication
8/9/2019 UMTS, Wireless Network
20/58
! | *7
Communication SystemsUMTS security an authentication
=A.D and AU5. are sent to the U@
8/9/2019 UMTS, Wireless Network
21/58
1 | *7
Communication SystemsUMTS security an authentication
Functions for authentication and :ey agreement ,AA-
f1/ computation of AC ,essage Auth6 Code-
f/ computation of AC' probably shortened
f7' f4' f*/ computation of a :ey from a random number OP=' || concatenation
;eneration of AN ,(ithin 8=
8/9/2019 UMTS, Wireless Network
22/58
| *7
Communication SystemsUMTS security an authentication
Computation of the several values ,(ithin 8=
8/9/2019 UMTS, Wireless Network
23/58
7 | *7
Communication SystemsUMTS security an authentication
Computation of the several values ,(ithin US2-
=eception of =A.D and AU5. from N8= or S;S.
AGf* ,=A.D-
S3.G,S3. A- A OACGf1 ,S3. || =A.D || AF- ,eOpected AC-
Comparison of OAC and AC ,from AU5.-
2f this procedure fails the authentication of net(or: doesnot succeed and the U@ sees the cell as forbidden
Chec: if seuence number is from the e$pected range
=@SGf ,=A.D-
8/9/2019 UMTS, Wireless Network
24/58
4 | *7
Communication SystemsUMTS security an authentication
Computation of the several values ,(ithin US2' cont6-
Send response to N8= or S;S. (ith =@S
CGf7 ,=A.D
2Gf4 ,=A.D- 2' C used for =8C encryption
Pperation (ithin N8= or S;S.
=eception of =@S from the US2
Comparison of =@S (ith O=@S ,eOpected =@S' from AN sentby 8=
8/9/2019 UMTS, Wireless Network
25/58
* | 49
Communication SystemsUMTS en of mo&ile telephony part
5opic s(itch/ stay in the mobile net(or: domain but s(itch from mobile telephony
part
return to infrastructures mainly developed for 2nternet protocol ut/
Cable may not present every(here
Cabling may be very e$pensive ,crossing streets or rivers- orimpossible ,historical buildings' prohibition of o(ners' 666-
Desire for adhoc 8A.s
?ish for cableless offices Changing number of connections needed in an office ,des:top
pc' laptop' other devices 666-
8/9/2019 UMTS, Wireless Network
27/58
) | 49
Communication Systemswireless technolo!y - introuction
#roblems to be solved
(hich differences e$ist in comparison to (ired 8A.
(hich data rates are achievable
security issues ,(ired net(or: connectors are not easily
misusable if office is loc:ed' but (ireless 8A.s may crossoffice
8/9/2019 UMTS, Wireless Network
28/58
" | 49
Communication Systemswireless technolo!y - introuction
8/9/2019 UMTS, Wireless Network
29/58
9 | 49
Communication Systemswireless LA' - history
199) the 2@@@ approved "!611' (hich specified thecharacteristics of devices (ith a signal rate of 1 and b
8/9/2019 UMTS, Wireless Network
30/58
7! | 49
Communication Systemswireless LA' &asics
oving electrons send out (aves' (hichspread in free space' vacuum
Frequency(f):number of oscillations persecond measured in ertE ,E-
Wavelength,Q- is the distance bet(een t(o
ma$ima Speed of wave spreadingin vacuum
c = 3 108m/s = 30 cm/ns
8/9/2019 UMTS, Wireless Network
31/58
71 | 49
Communication Systemswireless LA' moulation %(SS
different protocols available freuency hopping spread spectrum ,FSS-
)9 channels of 1E band(idth (ithin the 64;E band
a pseudo random generator initiates each hop
the minimum hopping distance is &E the ma$imum of & participants could share the medium
(ithout band(idth restriction ,but ma$6 band(idth is bits-
if collision occurs the data is simply transferred again
lo( po(er consumption R used for >luetooth
8/9/2019 UMTS, Wireless Network
32/58
7 | 49
Communication Systemswireless LA' moulation DSSS
different protocols available direct seuence spread spectrum ,!SSS-
bundles the )9 channels of 1E into broader channels of*E
a minimum distance of * channels should be adhered (ithin modulation the signal is spreaded
the channels may overlap' so the ma$imum of threeindependent services sets are possible
e$tension is high rate DSSS
b standard uses =DSSS
8/9/2019 UMTS, Wireless Network
33/58
77 | 49
Communication Systemswireless LA' moulation #%DM
different protocols available orthogonal freuency ,"F!#-
multi carrier modulation technology
* freuency bands' for of them for synchroniEation
small bands are less susceptible for disturbance and noise avoiding of the use of directly neighbored freuencies
used for the g and a''h standards
C i ti S t
8/9/2019 UMTS, Wireless Network
34/58
74 | 49
(ireless 8A.s need more comple$ media access protocolsthan (ired 8A.s
restricted range of signals ma:es it more difficult to have aglobal signal detection
move from cell to cell should be possible ,roaming-' so amobile station could communicate during transit
PS2 layer is split up once more a special AC sublayering is introduced
Communication Systemswireless LA' meia acess
C i ti S t
8/9/2019 UMTS, Wireless Network
35/58
7* | 49
this layer handles cyclic redundancy chec: ,C=C-
fragmentation ,no to be confused (ith 2# fragmentation-
authentication
?@# encryption auto roaming
(ith the latter a unified net(or: over more than one stationbecomes possible
other layer is physical layer convergence protocol e6g6 defines modulation/ FSS' DSSS' =DSSS'
PFD' 2rDA
Communication Systemswireless LA' meia access
8/9/2019 UMTS, Wireless Network
36/58
7& | 49
(ould thin: of CSA
8/9/2019 UMTS, Wireless Network
37/58
7) | 49
or inefficient use of given band(idth if 1 transfers to ,or vice versa-' 7 could thin: that medium is
bloc:ed and does not transfer to 4
give a(ay of band(idth Be$posed station problem
therefore ne( access protocol/ #$C$,multiple access (ith
collision avoidance- before data is transferred send out a short test seuence/ %&S
,ready to send- 0 sender as:s if medium is available fortransferring data pac:ets
destination stations of data e$changes ans(ers (ith C&S,clear
to send- all stations (hich received =5S have to remain silent for a
given time period
Communication Systemswireless LA' access protocols) MACA
C i ti S t
8/9/2019 UMTS, Wireless Network
38/58
7" | 49
5here is an optimiEation of this protocol/ ACA ,?-' ? for(ireless
Pther protocol ,but rather different- using collision avoidance 05o:en=ing' FDD2
Communication Systemswireless LA' access protocols) MACA
Communication Systems
8/9/2019 UMTS, Wireless Network
39/58
79 | 49
"!611 is a member of the 2@@@ "! family' including several standards
5he standards define transmission protocols and brutto band(idth
Communication Systemswireless LA' stanars *+.. o/er/iew
Communication Systems
8/9/2019 UMTS, Wireless Network
40/58
4! | 49
' (available several years' 11bit
8/9/2019 UMTS, Wireless Network
41/58
41 | 49
a 0 *4bit
8/9/2019 UMTS, Wireless Network
42/58
4 | 49
h 0 *4bit
8/9/2019 UMTS, Wireless Network
43/58
47 | 49
ore standards defining several other aspects of ?8A.s
c 0 (ireless bridging
d 0 (orld mode ,combined definitions for different countries-
e 0 uality of service ,3oS on layer -' pac:et prioriEation forreal time multimedia and Noice over 2#
f 0 general definition of roaming bet(een access points ,ofdifferent vendors-
i 0 authentication and encryption
: 0 better measurement of ?8A. parameters for increase ofsignal uality' dense net(or:s and location based services
,8>S-
m 0 summariEation of e$tensions to the protocol
n 0 e$tension of band(idth up to 1!"7!bit
8/9/2019 UMTS, Wireless Network
44/58
44 | 49
?iFi ,(ireless fidelity- certificate of interoperability of (ireless devices
each device is mar:ed (ith a 4"bit AC address as :no(nfrom the ethernet (orld
allocation of freuency spectrum
"!611a''h/ " !E channels in the freuency band from*'1*;E up to *'7*;E
"!611b and g/ 14 channels in the '4;E band
distribution of channels different in different countries' not all
channels available in every country (ith a tight (oven net(or: of access points a clever setup of
channels is needed
Communication Systemswireless LA' stanars *+.. o/er/iew
Communication Systems
8/9/2019 UMTS, Wireless Network
45/58
4* | 49
more than one access point in a given area possible if channels are atleast by a number three a(ay from each other
?8A. of "!611 offer several operation modes
Adoc ,peertopeer mode' no access point-
anaged ,pointtopoint connection from mobile device to access point-
Access #oint ,flo( control bet(een base station and s(itch or more thanone base station 0 for roaming etc6-
Communication Systemswireless LA' *+.. operation moe
Communication Systems
8/9/2019 UMTS, Wireless Network
46/58
4& | 49
Communication Systemswireless LA' *+.. components an ser/ices
2n managed mode "!611 provides nine Services/ Distribution
2ntegration
Association
=eassociation
Disassociation
Authentication
Deauthentication
Confidentiality
SDU delivery 5ransmit #o(er Control ,5#C-
Dynamic Freuency Selection ,DFS-
Communication Systems
8/9/2019 UMTS, Wireless Network
47/58
4) | 49
Communication Systemswireless LA' *+.. %rame format
#rotocol version/ At present' protocol number !
5ype and subtype/ identify the type of frame 5oDS and FromDS bits/ (hether a frame is destined for distribution system
=etry bit/ any retransmitted frames set this bit to 1
#o(er management bit/ indicates (hether the sender (ill be in a po(ersavingmode after the completion of the current atomic frame e$change6
Communication Systems
8/9/2019 UMTS, Wireless Network
48/58
4" | 49
AAA/ Authentication' AuthoriEation' Accounting "!611 specification defines Ppen and Shared ey authentication6
Ppen authentication is a null authentication algorithm6 5he A#grants any reuest for authentication6
Shared ey authentication reuires that the client station and
the A# have ?@# enabled and have matching ?@# :eys "!611 specification defines ?@# to provide data encryption6
?@# is based on the =C4 symmetric stream cipher6
atching ?@# :eys must be statically configured on bothclient and infrastructure devices6
Tou can define up to four :eys on a device' but you can useonly one at a time for encrypting outbound frames6
Communication Systemswireless LA' *+.. 0in1security
Communication Systems
8/9/2019 UMTS, Wireless Network
49/58
49 | 49
problems ?8A.s are very open
connection secured through ?@# ,wired equivalent security-'(or:s (ith &4 and 1">it :eys
but/ clear te$t initialiEation vector ,4>it-' (hich precedesevery pac:et
for that reason ?@# :ey is only of 4! or 1!4>it
?@# (as crac:ed four years ago
5he "!611 specification does not specify :eymanagement
mechanisms6 ?@# is defined to support only static' preshared:eys6
other solutions 666
Communication Systemswireless LA' *+.. 0in1security
Communication Systems
8/9/2019 UMTS, Wireless Network
50/58
*! | 49
Communication Systems*+.2 - 'etwork 3ort Authentication
#ort>ased .et(or: Access Control #rovides a frame(or: for user authentication and :ey
management over any 8A.s' including (ireless 8A.6
5he port in "!61O on (ireless 8A. is an association bet(een a(ireless device and its access point6
Authenticate users rather than machines6 Authentication is at the lin: layer
2t is an 2@@@ adaptation of the 2@5FVs @$tensible Authentication#rotocol ,@A#-6
Can update :eys dynamically periodically
Communication Systems
8/9/2019 UMTS, Wireless Network
51/58
*1 | 49
Communication Systems*+.2 - Architecture an component
"!61O defines 7 components/ Supplicant/ =esides on the ?8A. client' e6g6' end user machine
that see:s access to net(or: resources6 Authenticator/ =esides on the A#' controlling net(or: access6 2t
terminates only the lin:layer authentication e$change and doesnot maintain user information6
Authentication server/ =esides on the =AD2US server'implementing actual authentication mechanism6
Communication Systems
8/9/2019 UMTS, Wireless Network
52/58
* | 49
y*+.2 - Architecture an component
>oth the supplicant and the authenticator are referred to as #ortAuthentication @ntities ,#A@s-6
5he authentication e$change is logically carried out bet(een thesupplicant and the authentication server' (ith the authenticator actingonly as a bridge6
From the supplicant to the authenticator ,the front end-' the protocol
is @A# over 8A.s ,@A#P8-' as defined by "!61O6 Pn the bac: end' @A# is carried in =AD2US pac:ets6 Some
documentation may refer to it as @A# over =AD2US6
Communication Systems*+ .2 4A3#L 4 l ti
8/9/2019 UMTS, Wireless Network
53/58
*7 | 49
*+.2 - 4A3#L 4ncapsulation
@A#P8 messages can be encapsulated in both (ired @thernet and"!6116
@thernet 5ype/ t(obyte type code assigned to @A#P8/ """e6 Nersion/ Nersion 1 (as standardiEed in the !!1 version of "!61OW
version (as specified in "!61O!!46 #ac:et 5ype/ @A# messages' @A#P8 messages to adapt @A# to
the portbased 8A. environment6
Communication Systems
8/9/2019 UMTS, Wireless Network
54/58
*4 | 49
y*+.2 - Typical *+.2 e5chan!e on *+..
Communication Systems
8/9/2019 UMTS, Wireless Network
55/58
** | 49
*+.2 - Typical *+.2 e5chan!e on *+..
16 5he supplicant associates (ith the "!611 net(or:66 5he supplicant starts the "!61O e$change (ith an @A#P8Startmessage ,step is optional-
76 5he authenticator ,access point- issues an @A#=euest
8/9/2019 UMTS, Wireless Network
56/58
*& | 49
*+.2 - Typical *+.2 e5chan!e on *+..
16 5he supplicant gathers the reply from the user and sends an @A#=esponse in return6 5he response is translated by the authenticatorinto a =adiusAccess=euest (ith the response to the challenge asa data field6 Steps * and & repeat as many times as is necessary tocomplete the authentication
6 5he =AD2US server grants access (ith a =adiusAccessAccept
pac:et' so the authenticator issues an @A#Success frame andauthoriEes the port
76 2mmediately follo(ing receipt of the AccessAccept pac:et' theaccess point distributes :eys to the supplicant using @A#P8eymessages
46 Pnce :eys are installed in the supplicant' it can begin sending data
frames to access the net(or:*6 ?hen the supplicant is done accessing the net(or:' it sends an
@A#P88ogoff message to put the port bac: into an unauthoriEedstate
Communication Systems
8/9/2019 UMTS, Wireless Network
57/58
*) | 49
y*+.i Link layer encryption, T673 an CCM3
"!61O provides a frame(or: for authentication and :eymanagement
5he maor remaining fla( is the lac: of confidentiality provided by?@# encryption6
"!611i ta:es a t(otrac: approach to addressing the (ea:nessesin lin:layer encryption6
2ts maor components are t(o ne( lin:layer encryption protocols6 5emporal ey 2ntegrity #rotocol ,52#-/ designed to bolster
security to the greatest e$tent possible on pre"!611i hard(are6,initially called B?@#-
Counter ode (ith C>CAC #rotocol ,CC#-/ a ne(encryption protocol designed from the ground up to offer thehighest level of security possible6
Communication Systems4 8Lit t
8/9/2019 UMTS, Wireless Network
58/58
*" | 49
U5S Seminar paper/ http/