Introduction to IEEE Wireless LAN

Transcription

1 Introduction to IEEE Wireless LAN Li-Hsing Yen Chung Hua University Fall 2006 Difference Between Wired and Wireless LANs The medium impacts the design stations are mobile different MAC 1

2 Medium Impacts shared medium. unprotected from outside signals. significantly less reliable than wired PHYs. dynamic topologies Mobile Vs. Wireless Mobile moved from location to location, but is only used while at a fixed location Wireless access the LAN while in motion 2

3 IEEE 802 Committees SEC High Level Interface (HILI) Logical Link Control (LLC) CSMA/CD Working Group Token Bus Token Ring Metropolitan Area Network (MAN) BroadBand Technical Adv. Group (BBTAG) Fiber Optics Technical Adv. Group (FOTAG) Integrated Services LAN (ISLAN) Standard for Interoperable LAN Security (SILS) Wireless LAN (WLAN) Demand Priority Cable-TV Based Broadband Communication Network Wireless Personal Area Network (WPAN) Broadband Wireless Access (BBWA) RPRSG Resilient Packet Ring Study Group (RPRSG) IEEE IEEE a IEEE b WiFi IEEE g IEEE Bluetooth IEEE e IEEE f IEEE h IEEE i Security 2004 IEEE TG2 IEEE TG3 IEEE TG Specifications One MAC specification CSMA/CA Three Physical specification Radio Frequency hopping spread spectrum (FHSS) Direct sequence spread spectrum (DSSS) Infrared Red 3

4 IEEE Family IEEE b 2.45 GHz / 11 Mbps (300m range) IEEE a 5.8 GHz / 54 Mbps IEEE g 2.4 GHz / 54 Mbps 2.4 GHz Radio Licenses NOT required in these bands 5 GHz Direct Sequence Spread Spectrum IEEE IEEE a IEEE b IEEE g Standard for WLAN operations at data rates up to 2 Mbps in the 2.4 GHz ISM band. DSSS modulation. Standard for WLAN operations at data rates up to 54 Mbps in the 5 GHz band. Proprietary rate doubling" has achieved 108 Mbps. Realistic rating is Mbps. Wi-Fi or high-speed wireless 1, 2, 5.5 and 11 Mbps in the 2.4 GHz band. All b systems are backward compliant. Realistic rating is 2 to 4 Mbps a backward compatible to the b 2.4 GHz band using OFDM. Orthogonal Frequency Division Multiplexing 4

5 Standard a b g Bluetooth Data Rate 2Mbps 2.4GHz 54Mbps 5GHz 11Mbps 2.4GHz 54Mbps 2.4GHz Up to 2Mbps 2.45GHz Modulation Scheme FHSS or DSSS OFDM DSSS with CCK OFDM > 20Mbps DSSS + CCK < 20Mbps FHSS Pros/Cons This specification has been extended into b. "Wi-Fi Certified." 8 available channels. Less potential for RF interference than b and g. Better than b at supporting multimedia voice, video and largeimage applications in densely populated user environments. Relatively shorter range than b. Not interoperable with b. "Wi-Fi Certified." 14 channels available. Not interoperable with a. Requires fewer access points than a for coverage of large areas. High-speed access to data at up to 300 feet from base station. "Wi-Fi Certified." 14 channels available. May replace b. Improved security enhancements over Compatible with b. No native support for IP, so it does not support TCP/IP and wireless LAN applications well. Best suited for connecting PDAs, cell phones and PCs in short intervals. Adaptive 5

6 Spread Spectrum modulation schemes ease address problems, each in their own way. DSSS Direct Sequence Spread Spectrum OFDM Orthogonal Frequency Division Multiplexing FHSS Frequency Hopping Spread Spectrum DSSS Direct Sequence Spread Spectrum The result is a string of chips. In DSSS individual pulses are increased to a much higher frequency by multiplying them with a code that is unique to each WLAN. All the stations know the code. 6

7 DSSS Direct Sequence Spread Spectrum DSSS Direct Sequence Spread Spectrum DSSS has good interference rejection. 7

8 OFDM Orthogonal Frequency Division Multiplexing Direct signal. Original reflected signal. Longer reflected signal. In OFDM, the reverse happens. 10 (say) serial bits are converted into 10 parallel bits, each of which modulates its own radio carrier. Each carrier is now carrying a bit rate that is 1/10 th the bit rate of the original. A reflected signal path needs to be 10 times longer to cause the same interference. Longer paths are more attenuated so the strength of the interference is also less. Wireless NICs 8

9 Access Point (AP) Usually connects wireless and wired networks if not wired acts as an extension point (wireless bridge) consists of a radio, a wired network interface (e.g., 802.3), and bridging software conforming to the 802.1d bridging standard Number of clients supported device dependent AP as a Wireless Bridge mobile terminal server fixed terminal infrastructure network access point application TCP IP LLC MAC PHY LLC MAC MAC PHY PHY Application TCP IP LLC MAC PHY 9

10 Basic Service Set (BSS) Coordinated function BSS Independent Basic Service Set (IBSS) A BSS without Access Point IBSS An ad hoc network 10

11 Extended Service Set (ESS) ESS: one or more BSSs interconnected by a Distribution System (DS) Traffic always flows via Access Point allows clients to seamlessly roam between APs Distributed System (DS) A thin layer in each AP embodied as part of the bridge function keeps track of AP-MN associations delivers frames between APs Three types: Integrated: A single AP in a standalone network Wired: Using cable to interconnect the Access- Points Wireless: Using wireless to interconnect the Access-Points 11

12 ESS: Single BSS (with integrated DS) A cell Access Point to meters BSS ESS: BSS s with Wired Distribution System (DS) 20-30% overlap BSS Distribution System BSS 12

13 ESS: BSS s with Wireless Distribution System (DS) BSS Distribution System BSS SSID (Service Set Identifier) Service set ID used in an ESS or IBSS An IBSS with no APs uses the Basic Service Set Identification (BSSID) The BSSID field is a 48-bit field of the same format as an IEEE 802 MAC address In an infrastructure wireless network that includes an AP, the Extended Service Set Identification (ESSID) is used ESSID is the identifying name of an wireless network 13

14 ESSID in an ESS ESSID differentiates one WLAN from another Client must be configured with the right ESSID to be able to associate itself with a specific AP ESSID is not designed to be part of security mechanism, and it is unfitted to be one AP broadcast the SSID(s) they support Client association requests contain the ESSID Transmitted in the clear Connecting to the Network Client Access Point Probe Request Probe Response Probing Authentication Request Authentication Response Association Request Association Response Authentication Association 14

15 Probing Phase Find an available AP APs may operate at different channels (11 channels in total in case of a) Should scan a channel at least MinChannelTime If an AP is found, should last MaxChannelTime Active Scanning MN AP probe request with SSID probe response If SSID matches Service Set Identifier (SSID) 15

16 Passive Scanning MN beacon with SSID AP Service Set Identifier (SSID) Full Scanning MN AP 1 AP 2 AP 3 Scan channel 1 Scan channel 2 Beacon or Probe Resp MinChannelTime MaxChannelTime Scan channel 3 Scan channel 11 16

17 Association & Re-association Association: The mapping between some AP s port and an MN Association must exist before network services can be used Wireless LAN Association replaces the physical link in a wired LAN MN may later re-associate to another AP with higher signal quality Authentication and Association Unauthenticated and unassociated The node is disconnected from the network and not associated to an access point. Authenticat ion Authenticated and unassociated The node has been authenticated on the network but has not yet associated with the access point. Authenticated and associated The node is connected to the network and able to transmit and receive data through the access point. 17

18 Authentication Methods Open Authentication (standard) Shared key authentication (standard) MAC Address authentication (commonly used) Open Authentication The authentication request contain a NULL authentication protocol. It must have the AP SSID. The access point will grant any request for authentication Client Access Point Authentication Request Authentication response 18

19 Shared Key Authentication Requires that the client configures a static WEP key Client Access Point Authentication Request Authentication response (challenge) Authentication Request(encrypted challenge) Authentication response(success/failure) MAC Address Authentication Not specified in the standard, but supported by many vendors (e.g. Cisco) Can be added to open and shared key authentication Client Access Point RADIUS Server Auth. Request Auth. Response (Success/Reject) Access-Request (MAC sent as RADIUS req.) Access-Success/Reject 19

20 WEP Encapsulation 1. P = M checksum(m) {p=plaintext} 2. KeyStream = RC4 (IV k) {k=shared-key} 3. C = XOR (P, KeyStream) {c=ciphertext} 4. Transmit (IV, C) {IV=init-vector} Initialization Vector (IV) WEP Key Plaintext seed CRC-32 RC4 PRNG Key Stream P Integrity Check Value (ICV) C IV Ciphertext Message WEP Decapsulation 1. KeyStream = RC4 (IV k) 2. P = XOR (C, KeyStream) = M checksum(m) 3. If checksum(m ) = (checksum(m)) Then P is accepted WEP Key IV Ciphertext Seed RC4 PRNG Key stream P Plaintext CRC 32 ICV M ICV ICV' = ICV? Message 20

21 WEP frame The IV sent with the ciphertext contains two fields: = IV & KeyID Unencrypted header IV KEY ID Payload ICV (FCS) Encrypted ICV is a CRC-32 checksum over the Payload (802 Header and the Data) WEP Key Management What is KeyID? Each entity in the wireless LAN (AP, clients) is configured with four static WEP keys KeyIDs 0,1,2,3 The keys are shared by an AP and all the wireless stations accessing it The ID of the key used for encryption/decryption appears in the packet WEP header 21

22 RC4 key IV (3 octets) Secret Key (5 or 13 octets) Standard: = 64 bit RC4 key Vendors: = 128 bit RC4 key We ll see that key-size doesn t prevent the attacks Details - Checksum CRC-32 - detecting single random bit errors If CRC is correct, WEP assumes Packet has not been modified Packet is from authorized user Linear Property: CRC (XOR(A,B)) = XOR(CRC (A), CRC(B)) 22

23 RC4 Developed by Rivest in 1987 Kept as a trade secret (but leaked in 1994) Key can be between 1 and 256 bytes Used as a simple and fast generator of pseudorandom sequences of bytes (to be used as onetime-pad ) Should discard first 256 bytes of generated pad Passes all usual randomness tests Vulnerabilities RC 4 stream ciper not suited for data with lots of packet loss Loss of data requires re-synch, new key every time Poor key management WEP uses same key for authentication/encryption Provides no mechanism for session key refreshing one-way authentication: has no provision for MNs to authenticate/verify the integrality of AP 23

24 Weaknesses of WEP: Overall Key Space is Too Small IV change per packet is OPTIONAL If the IV key for RC4 is changed for every packet, repeated patterns can occur more frequently at the rate of 11 Mbps of 1,500 bytes/packet, all key space will be exhausted in about 5 hours X based on EAP (extensible authentication protocol, RFC 2284) still one-way authentication initially, MN is in an unauthorized port an authentication server exists after authorized, the MH enters an authorized port 802.1X ties it to the physical medium, be it Ethernet, Token Ring or wireless LAN. 24

25 Three Main Components supplicant: usually the client software authenticator: usually the access point authentication server: usually a Remote Authentication Dial-In User Service (RADIUS) server 802.1X How it works Client Let me in! (EAP Start) What s your ID? (EAP-request identity message) ID = [email protected] (EAP Response) AP Is [email protected] OK? Auth Server RADIUS The answer is 47 Prove to me that you are [email protected] EAP Challenge/ Authentication Come in. Here is the session key. Let him in. Here is the session key. network Encrypted session 25

26 Step 1 Initially, MN is in an unauthorized port only 802.1X traffic from MN is forwarded. Traffics such as Dynamic Host Configuration Protocol (DHCP), HTTP, FTP, SMTP and Post Office Protocol 3 (POP3) are all blocked. The client then sends an EAP-start message. Step 2 The AP will then reply with an EAP-request identity message to obtain the client's identity. The client's EAP-response packet containing the client's identity is forwarded to the authentication server. The authentication server is configured to authenticate clients with a specific authentication algorithm. The result is an accept or reject packet from the authentication server to the access point. 26

27 Steps 3 and 4 Upon receiving the accept packet, the AP will transit the client's port to an authorized state, then all traffic will be forwarded. Notes: 802.1X for wireless LANs makes NO mention of key distribution or management. This is left for vendor implementation. At logoff, the client will send an EAP-logoff message to force the AP to transit the client port to an unauthorized state Key Management Key Management: BKR (broadcast key rotation) AP periodically broadcasts WEP shared key The initial WEP key only used for registration at the first time. So the WEP key is used less frequently. TKIP (temporal key integrity protocol) hashing the key before using it for encrypting a packet 27

28 MAC Management Layer Synchronization Time Synchronization Function (TSF) Power Management Sleeping without missing any messages Power management functions Periodic sleeping, frame buffering, traffic indication map Association and reassociation Joining a network Roaming, moving from one AP to another Synchronization in All stations maintain a local timer Time Synchronization Function Keeps timers from all stations in sync Timing conveyed by periodic Beacon transmissions Beacon contains Timestamp for the entire BSS Timestamp from Beacons used to calibrate local clocks 28

29 Time Synchronization Function (TSF) Beacon 的 產 生 週 期 稱 為 Beacon Period 可 以 傳 送 Beacon 訊 息 的 時 間 點 稱 為 Target Beacon Transmission Times (TBTTs) 每 個 TBTT 間 隔 一 個 Beacon Period 的 時 間 Beacon transmission may be delayed by CSMA deferral Timestamp contains timer value at transmit time TSF in Ad Hoc Mode: Which One Generates the Beacon? 當 TBTT 時 間 點 到 時, 每 個 節 點 並 不 立 即 送 出 Beacon 訊 息, 而 是 等 待 t 時 槽 的 時 間 t 的 值 由 節 點 個 別 從 [0, w] 之 間 的 整 數 中 隨 機 選 出, 其 中 w 是 一 個 固 定 的 系 統 參 數, 稱 為 Beacon Contention Window Size 節 點 等 待 時 同 時 監 聽 網 路 上 的 訊 息 若 節 點 在 t 時 槽 時 間 內 未 聽 到 其 他 節 點 送 出 的 Beacon 訊 息, 則 在 t 時 槽 時 間 過 後 可 送 出 自 己 的 Beacon 訊 息 若 節 點 在 t 時 槽 時 間 內 聽 到 別 的 節 點 送 出 的 Beacon 訊 息, 則 取 消 傳 送, 改 為 接 收 此 訊 息 每 個 接 收 到 Beacon 訊 息 的 節 點 檢 視 其 中 的 時 間 戳 記 若 發 現 Beacon 訊 息 的 時 間 戳 記 晚 於 自 己 本 身 時 鐘 的 時 間, 則 將 自 己 的 時 鐘 調 整 成 時 間 戳 記 所 示 的 時 間 29

30 Power Management Power management is important to mobile devices that are battery powered. Current LAN protocol assumes stations are always ready to receive Idle receive state dominates LAN adaptor power consumption over time Power Management Protocol allows transceiver to be off as much as possible is transparent to existing protocols Power Management in Infrastructure Mode Allow idle stations to go to sleep Station s power save mode stored in AP APs buffer packets for sleeping stations AP announces which stations have frames buffered Traffic Indication Map (TIM) sent with every Beacon 30

31 Power Management in Infrastructure Mode (cont.) Power saving stations wake up periodically listen for Beacons If it has packets buffered, it then sends a power-save poll request frame to the AP AP will send the buffered frame to the station The station can sleep again Power Management in Ad Hoc Mode Similar to the infrastructure mode However, the buffering scheme is achieved by the sending station (as no AP here) Sleeping station also wakes up periodically to listen Beacon and ATIM If it has data buffered, sends an Ack and wakes up Sending station sends the data to the sleeping station 31

32 Distributed Coordination Function: CSMA/CA CSMA: Carrier Sense Multiple Access physical carrier sense: physical layer virtual carrier sense: MAC layer network allocation vector (NAV) CA: Collision Avoidance random backoff procedure shall be implemented in all stations and APs Carrier Sense: Carrier Presence B wants to send to C at this time A B C B senses carrier so it starts sending Data time 32

33 Carrier Sense: No Carrier Data B wants to send to C at this time A B C B senses no carrier so it defers sending Data B starts sending only after the medium is free time Hidden Terminal Problem B Data B s signal range A C wants to send to A at this time Data C B s a hidden terminal to C and vise versa collision C senses carrier so it starts sending time 33

34 ACK: Collision Detection B A Data 1 C Data 7 ACK 1 Data 2 Data 1 OK No ACK 7 Data 2 No ACK 2 CTS/RTS: Virtual Carrier d B B knows A is to receive C s data in d CTS(d) B won t send A any data in d RTS A C wants to send to A RTS(k) CTS(d) Data ACK C C knows A is ready to receive time 34

35 Problem With Persistent CSMA B B wants to send to A at this time B senses signal so it waits too A busy C wants to send to A at this time C senses A s signal so it waits C B starts sending as soon as it senses carrier collide C starts sending as soon as it senses carrier time Collision Avoidance: Random Backoff B A C When B senses carrier it starts a timer busy When C senses carrier it starts a timer Timer value is determined by random B senses signal at this time time 35

36 Contention Window random 1 data frame The winner busy contention window DIFS random 2 All stations must wait DIFS after medium is free random 3 time SIFS: Giving Priority to RTS/CTS/ACK Source data frame busy Destination DIFS contention window ACK Others SIFS SIFS Defer access DIFS 36

37 SIFS: Transmitting Fragments Source Fragment 1 SIFS Fragment 2 DIFS SIFS Destination SIFS ACK SIFS ACK Contention Window Others Defer access EIFS: Low Priority Retransmission Source data frame can resend busy Destination DIFS contention window EIFS DIFS No ACK Others SIFS SIFS Defer access contension 37

38 CSMA/CA with RTS/CTS Source RTS SIFS SIFS data frame busy Destination CTS ACK contention window Others SIFS NAV (RTS) SIFS DIFS NAV (CTS) RTS/CTS is Optional system parameter RTSThread RTS/CTS is used only when frame size RTSThread 38

39 Point Coordination Function An alternative access method Shall be implemented on top of the DCF A point coordinator (polling master) is used to determine which station currently has the right to transmit. Shall be built up from the DCF through the use of an access priority mechanism. Different accesses of traffic can be defined through the use of different values of IFS. Contention Free Period SIFS B D1+poll U1+ack Contention free Period (CFP) SIFS D2+ack +poll U2+ack SIFS D3+ack +poll PIFS D4+poll U4+ack SIFS CF+End PIFS SIFS SIFS SIFS SIFS<PIFS<DIFS NAV 39

40 Summary IEEE Wireless LAN Architecture IEEE Physical Layer DSSS Authentication: WEP, 802.1x IEEE MAC CSMA/CA PCF 40