tcil 10 wifi technology_2

8/7/2019 TCIL 10 WiFi Technology_2

http://slidepdf.com/reader/full/tcil-10-wifi-technology2 1/42

WiWi--Fi TechnologyFi Technology



AgendaAgenda

�� IntroductionIntroduction

�� WiWi--FiFi TechnologiesTechnologies

�� WiWi--FiFi ArchitectureArchitecture

�� WiWi--FiFi NetworkNetwork ElementsElements

�� HowHow aa WiWi--FiFi NetworkNetwork WorksWorks

�� WiWi--FiFi NetworkNetwork TopologiesTopologies

�� WiWi--FiFi ConfigurationsConfigurations

�� ApplicationsApplications of of WiWi--FiFi

�� WiWi--FiFi SecuritySecurity

�� Advantages/Advantages/ DisadvantagesDisadvantages of of WiWi--FiFi



IntroductionIntroduction

�� WirelessWireless TechnologyTechnology isis anan alternativealternative toto WiredWiredTechnology,Technology, whichwhich isis commonlycommonly used,used, for for connectingconnecting devicesdevices inin wirelesswireless modemode..

�� WiWi--FiFi (Wireless(Wireless Fidelity)Fidelity) isis aa genericgeneric termterm thatthatrefersrefers toto thethe IEEEIEEE 802802..1111 communicationscommunicationsstandardstandard for for WirelessWireless LocalLocal AreaArea NetworksNetworks(WLANs)(WLANs)..

�� WiWi--FiFi NetworkNetwork connectconnect computerscomputers toto eacheach other,other,toto thethe internetinternet andand toto thethe wiredwired networknetwork..



The WiThe Wi--Fi TechnologyFi Technology

WiWi--FiFi NetworksNetworks useuse RadioRadio TechnologiesTechnologies tototransmittransmit && receivereceive datadata atat highhigh speedspeed::

�� IEEE 802.11bIEEE 802.11b

�� IEEE 802.11aIEEE 802.11a

�� IEEE 802.11gIEEE 802.11g



IEEE 802.11bIEEE 802.11b

�� Appear in late 1999Appear in late 1999

�� Operates at 2.4GHz radio spectrumOperates at 2.4GHz radio spectrum

�� 11 Mbps (theoretical speed)11 Mbps (theoretical speed) -- within 30 m Rangewithin 30 m Range

�� 44--6 Mbps (actual speed)6 Mbps (actual speed)

�� 100100 --150 feet range150 feet range

�� Most popular, Least ExpensiveMost popular, Least Expensive

�� Interference from mobile phones and BluetoothInterference from mobile phones and Bluetooth

devices which can reduce the transmissiondevices which can reduce the transmission

speed.speed.



IEEE 802.11aIEEE 802.11a

�� Introduced in 2001Introduced in 2001

�� Operates at 5 GHz (less popular)Operates at 5 GHz (less popular)

�� 54 Mbps (theoretical speed)54 Mbps (theoretical speed)�� 1515--20 Mbps (Actual speed)20 Mbps (Actual speed)

�� 5050--75 feet range75 feet range

�� More expensiveMore expensive�� Not compatible with 802.11bNot compatible with 802.11b



IEEE 802.11gIEEE 802.11g

�� IntroducedIntroduced inin 20032003

�� CombineCombine thethe featurefeature of of bothboth standardsstandards

(a,b)(a,b)�� 100100--150150 feetfeet rangerange

�� 5454 MbpsMbps SpeedSpeed

�� 22..44 GHzGHz radioradio frequenciesfrequencies�� CompatibleCompatible withwith µb¶µb¶



802.11 Physical Layer 802.11 Physical Layer

ThereThere areare threethree sublayerssublayers inin physicalphysical layer layer::

�� DirectDirect SequenceSequence SpreadSpread SpectrumSpectrum (DSSS)(DSSS)�� Frequency Hoping Spread Spectrum (FHSS)Frequency Hoping Spread Spectrum (FHSS)

�� DiffusedDiffused InfraredInfrared (DFIR)(DFIR) -- WideWide angleangle



DSSSDSSS�� DirectDirect sequencesequence signalingsignaling techniquetechnique dividesdivides thethe 22..44 GHzGHz bandband intointo

11 2222--MHzMHz channelschannels.. AdjacentAdjacent channelschannels overlapoverlap oneone another another

partially,partially, withwith threethree of of thethe 1111 beingbeing completelycompletely nonnon--overlappingoverlapping..

DataData isis sentsent acrossacross oneone of of thesethese 2222 MHzMHz channelschannels withoutwithout hoppinghopping

toto other other channelschannels..



IEEE 802.11 Data Link Layer IEEE 802.11 Data Link Layer

TheThe datadata linklink layer layer consistsconsists of of twotwo sublayerssublayers ::

�� LogicalLogical LinkLink ControlControl (LLC)(LLC)

�� MediaMedia AccessAccess ControlControl (MAC)(MAC)..

802802..1111 usesuses thethe samesame 802802..22 LLCLLC andand 4848--bitbit addressingaddressing asas other other

802802 LANs,LANs, allowingallowing for for veryvery simplesimple bridgingbridging fromfrom wirelesswireless toto

IEEEIEEE wiredwired networks,networks, butbut thethe MACMAC isis uniqueunique toto WLANsWLANs..



802.11 Media Access Control802.11 Media Access Control

�� Carrier Carrier SenseSense MediumMedium AccessAccess withwith collisioncollisionavoidanceavoidance protocolprotocol (CSMA/CA)(CSMA/CA)�� ListenListen beforebefore talkingtalking

�� AvoidAvoid collisioncollision byby explicitexplicit AcknowledgementAcknowledgement (ACK)(ACK)�� ProblemProblem:: additionaladditional overheadoverhead of of ACKACK packets,packets, soso

slowslow performanceperformance

�� RequestRequest toto Send/Clear Send/Clear toto SendSend

(RTS/CTS)(RTS/CTS) protocolprotocol�� SolutionSolution for for ³hidden³hidden node´node´ problemproblem

�� ProblemProblem:: AddsAdds additionaladditional overheadoverhead byby temporarilytemporarilyreservingreserving thethe medium,medium, soso usedused for for largelarge sizesize packetspacketsonlyonly retransmissionretransmission wouldwould bebe expensiveexpensive



802.11 Media Access802.11 Media Access

Control(cont.)Control(cont.)�� Power Power ManagementManagement

�� MACMAC supportssupports power power conservationconservation toto extendextend thethe batterybattery lifelife of of

portableportable devicesdevices

�� Power Power utilizationutilization modesmodes

�� ContinuousContinuous AwareAware ModeMode

�� RadioRadio isis alwaysalways onon andand drawingdrawing power power

�� Power Power SaveSave PollingPolling ModeMode

�� RadioRadio isis ³dozing´³dozing´ withwith accessaccess pointpoint queuingqueuing anyany datadata for for itit

�� TheThe clientclient radioradio willwill wakewake upup periodicallyperiodically inin timetime toto receivereceiveregular regular beaconbeacon signalssignals fromfrom thethe accessaccess pointpoint..

�� TheThe beaconbeacon includesincludes informationinformation regardingregarding whichwhich stationsstations havehave

traffictraffic waitingwaiting for for themthem

�� TheThe clientclient awakeawake onon beaconbeacon notificationnotification andand receivereceive itsits datadata



802.11 Media Access802.11 Media Access

Control(cont.)Control(cont.)�� FragmentationFragmentation

�� CRCCRC checksumchecksum

�� EachEach pktpkt hashas aa CRCCRC checksumchecksum calculatedcalculatedandand attachedattached toto ensureensure thatthat thethe datadata waswas notnot

corruptedcorrupted inin transittransit

�� AssociationAssociation && RoamingRoaming



Elements of a WIElements of a WI--FI NetworkFI Network

�� AccessAccess PointPoint (AP)(AP) -- TheThe APAP isis aa wirelesswireless LANLAN

transceiver transceiver or or ³base³base station´station´ thatthat cancan connectconnect oneone or or manymany

wirelesswireless devicesdevices simultaneouslysimultaneously toto thethe InternetInternet..

�� WiWi--FiFi cardscards -- TheyThey acceptaccept thethe wirelesswireless signalsignal andand relayrelay

informationinformation..TheyThey cancan bebe internalinternal andand externalexternal..(e(e..gg PCMCIAPCMCIA

CardCard for for LaptopLaptop andand PCIPCI CardCard for for DesktopDesktop PC)PC)

�� SafeguardsSafeguards -- FirewallsFirewalls andand antianti--virusvirus softwaresoftware protectprotect

networksnetworks fromfrom uninviteduninvited usersusers andand keepkeep informationinformation securesecure..



How a WiHow a Wi--Fi Network WorksFi Network Works

�� BasicBasic conceptconcept isis samesame asas WalkieWalkie talkiestalkies..

�� AA WiWi--FiFi hotspothotspot isis createdcreated byby installinginstalling anan accessaccess pointpoint

toto anan internetinternet connectionconnection..

�� AnAn accessaccess pointpoint actsacts asas aa basebase stationstation..�� WhenWhen WiWi--FiFi enabledenabled devicedevice encountersencounters aa hotspothotspot thethe

devicedevice cancan thenthen connectconnect toto thatthat networknetwork wirelesslywirelessly..

�� AA singlesingle accessaccess pointpoint cancan supportsupport upup toto 3030 usersusers andand

cancan functionfunction withinwithin aa rangerange of of 100100 ±± 150150 feetfeet indoorsindoors andandupup toto 300300 feetfeet outdoorsoutdoors..

�� ManyMany accessaccess pointspoints cancan bebe connectedconnected toto eacheach other other viavia

EthernetEthernet cablescables toto createcreate aa singlesingle largelarge networknetwork..



WiWi--Fi Network TopologiesFi Network Topologies

�� APAP--basedbased topologytopology (Infrastructure(Infrastructure Mode)Mode)

�� Peer Peer--toto--peer peer topologytopology (Ad(Ad--hochoc Mode)Mode)

�� PointPoint--toto--multipointmultipoint bridgebridge topologytopology



APAP--based topologybased topology

�� TheThe clientclient communicatecommunicate throughthrough AccessAccess PointPoint..

�� BSABSA--RFRF coveragecoverage providedprovided byby anan APAP..

�� ESAESA--ItIt consistsconsists of of 22 or or moremore BSABSA..

�� ESAESA cellcell includesincludes 1010--1515%% overlapoverlap toto allowallow

roamingroaming..



Peer Peer--toto--peer topologypeer topology

��A

P is not required.A

P is not required.�� ClientClient devicesdevices withinwithin

aa cellcell cancan

communicatecommunicate directlydirectly

withwith eacheach other other..

�� ItIt isis usefuluseful for for settingsetting

upup of of aa wirelesswireless

networknetwork quicklyquickly andandeasilyeasily..



PointPoint--toto--multipoint bridge topologymultipoint bridge topology

ThisThis isis usedused toto connectconnect aa LANLAN inin oneone buildingbuilding toto aa LANsLANsinin other other buildingsbuildings eveneven if if thethe buildingsbuildings areare milesmiles

apartapart..TheseThese conditionsconditions receivereceive aa clear clear lineline of of sightsight

betweenbetween buildingsbuildings.. TheThe lineline--of of--sightsight rangerange variesvaries basedbased

onon thethe typetype of of wirelesswireless bridgebridge andand antennaantenna usedused asas wellwell

asas thethe environmentalenvironmental conditionsconditions..



WiWi--Fi ConfigurationsFi Configurations



WiWi--Fi ApplicationsFi Applications

�� HomeHome

�� Small Businesses or SOHOSmall Businesses or SOHO

�� Large Corporations & CampusesLarge Corporations & Campuses�� Health CareHealth Care

�� Wireless ISP (WISP)Wireless ISP (WISP)

�� TravellersTravellers



WiWi--Fi Security ThreatsFi Security Threats

�� WirelessWireless technologytechnology doesn¶tdoesn¶t removeremove anyany

oldold securitysecurity issues,issues, butbut introducesintroduces newnew

onesones

�� EavesdroppingEavesdropping

�� ManMan--inin--thethe--middle attacksmiddle attacks

�� Denial of ServiceDenial of Service



EavesdroppingEavesdropping

�� Easy to perform, almost impossible to detectEasy to perform, almost impossible to detect

�� By default, everything is transmitted in clear textBy default, everything is transmitted in clear text

�� Usernames, passwords, content ...Usernames, passwords, content ...

�� No security offered by the transmission mediumNo security offered by the transmission medium

�� Different tools available on the internetDifferent tools available on the internet

�� Network sniffers, protocol analysers . . .Network sniffers, protocol analysers . . .

�� Password collectorsPassword collectors�� With the right equipment, it¶s possible toWith the right equipment, it¶s possible to

eavesdrop traffic from few kilometers awayeavesdrop traffic from few kilometers away



MITM AttackMITM Attack

1.1. Attacker spoofes aAttacker spoofes adisassociate messagedisassociate messagefrom the victimfrom the victim

2.2. The victim starts toThe victim starts to

look for a new accesslook for a new accesspoint, and the attacker point, and the attacker advertises his own APadvertises his own APon a different channel,on a different channel,using the real AP¶susing the real AP¶s

MAC addressMAC address3.3. The attacker connectsThe attacker connects

to the real AP usingto the real AP usingvictim¶s MAC addressvictim¶s MAC address



Denial of ServiceDenial of Service

�� Attack on transmission frequecy usedAttack on transmission frequecy used

�� Frequency jammingFrequency jamming

�� Not very technical, but worksNot very technical, but works

��A

ttack on MA

C layer A

ttack on MA

C layer �� Spoofed deauthentication / disassociation messagesSpoofed deauthentication / disassociation messages

�� can target one specific user can target one specific user

�� Attacks on higher layer protocol (TCP/IP protocol)Attacks on higher layer protocol (TCP/IP protocol)

�� SYN FloodingSYN Flooding



WiWi--Fi SecurityFi Security

TheThe requirementsrequirements for for WiWi--FiFi networknetwork

securitysecurity cancan bebe brokenbroken downdown intointo twotwo

primaryprimary componentscomponents::

�� AuthenticationAuthentication

User User AuthenticationAuthentication

Server Server AuthenticationAuthentication

�� PrivacyPrivacy



AuthenticationAuthentication

�� Keeping unauthorized users off the networkKeeping unauthorized users off the network

�� User AuthenticationUser Authentication

�� Authentication Server is usedAuthentication Server is used

�� Username and passwordUsername and password

�� Risk:Risk:

�� Data (username & password) send before secure channelData (username & password) send before secure channel

establishedestablished

�� Prone to passive eavesdropping by attacker Prone to passive eavesdropping by attacker �� SolutionSolution

�� Establishing a encrypted channel before sending usernameEstablishing a encrypted channel before sending username

and passwordand password



Authentication (cont..)Authentication (cont..)

�� Server AuthenticationServer Authentication

�� Digital Certificate is usedDigital Certificate is used

��

Validation of digital certificate occursValidation of digital certificate occursautomatically within client softwareautomatically within client software



WiWi--Fi Security TechniquesFi Security Techniques

�� Service Set Identifier (SSID)Service Set Identifier (SSID)

�� Wired Equivalent Privacy (WEP)Wired Equivalent Privacy (WEP)

�� 802.1X Access Control802.1X Access Control

��

Wireless ProtectedA

ccess (WPA

)Wireless ProtectedA

ccess (WPA

)

�� IEEE 802.11iIEEE 802.11i



Service Set Identifier (SSID)Service Set Identifier (SSID)

�� SSID is used to identify an 802.11 networkSSID is used to identify an 802.11 network

�� It can be preIt can be pre--configured or advertised inconfigured or advertised in

beacon broadcastbeacon broadcast�� It is transmitted in clear textIt is transmitted in clear text

�� Provide very little securityProvide very little security



Wired Equivalent Privacy (WEP)Wired Equivalent Privacy (WEP)

�� ProvideProvide samesame levellevel of of securitysecurity asas byby wiredwired networknetwork

�� OriginalOriginal securitysecurity solutionsolution offeredoffered byby thethe IEEEIEEE 802802..1111

standardstandard

�� UsesUses RCRC44 encryptionencryption withwith prepre--sharedshared keyskeys andand 2424 bitbitinitializationinitialization vectorsvectors (IV)(IV)

�� keykey scheduleschedule isis generatedgenerated byby concatenatingconcatenating thethe sharedshared

secretsecret keykey withwith aa randomrandom generatedgenerated 2424--bitbit IVIV

�� 3232 bitbit ICVICV (Integrity(Integrity checkcheck value)value)�� NoNo.. of of bitsbits inin keyschedulekeyschedule isis equalequal toto sumsum of of lengthlength of of

thethe plaintextplaintext andand ICVICV



Wired Equivalent Privacy (WEP)Wired Equivalent Privacy (WEP)

(cont.)(cont.)�� 6464 bitbit presharedpreshared keykey--WEPWEP

�� 128128 bitbit presharedpreshared keykey--WEPWEP22

�� EncryptEncrypt datadata onlyonly betweenbetween 802802..1111 stationsstations..onceonce itit entersenters

thethe wiredwired sideside of of thethe networknetwork (between(between accessaccess point)point)WEPWEP isis nono longer longer validvalid

�� SecuritySecurity IssueIssue withwith WEPWEP

�� ShortShort IVIV

�� StaticStatic keykey�� OffersOffers veryvery littlelittle securitysecurity atat allall



802.1x Access Control802.1x Access Control

�� DesignedDesigned asas aa generalgeneral purposepurpose networknetwork accessaccess controlcontrol mechanismmechanism

�� NotNot WiWi--FiFi specificspecific

�� AuthenticateAuthenticate eacheach clientclient connectedconnected toto APAP (for (for WLAN)WLAN) or or switchswitch portport(for (for Ethernet)Ethernet)

�� A

uthenticationA

uthentication isis donedone withwith thethe RA

DIUSRA

DIUS server,server, whichwhich ´tells´´tells´ thetheaccessaccess pointpoint whether whether accessaccess toto controlledcontrolled portsports shouldshould bebe allowedallowedor or notnot

�� APAP forcesforces thethe user user intointo anan unauthorizedunauthorized statestate

�� user user sendsend anan EAPEAP startstart messagemessage

�� APAP returnreturn anan EAPEAP messagemessage requestingrequesting thethe user¶suser¶s identityidentity

�� IdentityIdentity sendsend byby user user isis thenthen forwaredforwared toto thethe authenticationauthentication server server byby APAP�� AuthenticationAuthentication server server authenticateauthenticate user user andand returnreturn anan acceptaccept or or rejectreject

messagemessage backback toto thethe APAP

�� If If acceptaccept messagemessage isis return,return, thethe APAP changeschanges thethe client¶sclient¶s statestate totoauthorizedauthorized andand normalnormal traffictraffic flowsflows



802.1x Access Control802.1x Access Control



Wireless Protected Access (WPA)Wireless Protected Access (WPA)

�� WPAWPA isis aa specificationspecification of of standardstandard based,based, interoperableinteroperable securitysecurityenhancementsenhancements thatthat stronglystrongly increaseincrease thethe levellevel of of datadata protectionprotection andandaccessaccess controlcontrol for for existingexisting andand futurefuture wirelesswireless LANLAN systemsystem..

�� User User AuthenticationAuthentication

�� 802802..11xx�� EAPEAP

�� TKIPTKIP (Temporal(Temporal KeyKey IntegrityIntegrity Protocol)Protocol) encryptionencryption�� RCRC44,, dynamicdynamic encryptionencryption keyskeys (session(session based)based)

�� 4848 bitbit IVIV

�� per per packetpacket keykey mixingmixing functionfunction�� FixesFixes allall issuesissues foundfound fromfrom WEPWEP

�� UsesUses MessageMessage IntegrityIntegrity CodeCode (MIC)(MIC) MichaelMichael�� EnsuresEnsures datadata integrityintegrity

�� OldOld hardwarehardware shouldshould bebe upgradeableupgradeable toto WPAWPA



Wireless Protected AccessWireless Protected Access

(WPA)(cont.)(WPA)(cont.)

�� WPA comes in two flavorsWPA comes in two flavors

�� WPAWPA--PSKPSK�� use preuse pre--shared keyshared key

�� For SOHO environmentsFor SOHO environments�� Single master key used for all usersSingle master key used for all users

�� WPA EnterpriseWPA Enterprise�� For large organisationFor large organisation

�� Most secure methodMost secure method�� Unique keys for each user Unique keys for each user

�� Separate username & password for each user Separate username & password for each user



WPA and Security ThreatsWPA and Security Threats

�� DataData isis encryptedencrypted�� ProtectionProtection againstagainst eavesdroppingeavesdropping andand manman--inin--thethe--

middlemiddle attacksattacks

�� DenialDenial of of ServiceService�� AttackAttack basedbased onon fakefake massagesmassages cancan notnot bebe usedused..

�� AsAs aa securitysecurity precaution,precaution, if if WPAWPA equipmentequipment seesseestwotwo packetspackets withwith invalidinvalid MICsMICs withinwithin aa second,second, itit

disassociatesdisassociates allall itsits clients,clients, andand stopsstops allall activityactivity for for aa minuteminute

�� OnlyOnly twotwo packetspackets aa minuteminute enoughenough toto completelycompletelystopstop aa wirelesswireless networknetwork



802.11i802.11i

�� ProvidesProvides standardstandard for for WLANWLAN securitysecurity

�� AuthenticationAuthentication

�� 802802..11xx

�� DataData encryptionencryption

�� AESAES protocolprotocol isis usedused

�� SecureSecure fastfast handoff handoff--ThisThis allowallow roamingroaming

betweenbetween APsAPs withoutwithout requiringrequiring clientclient totofullyfully reauthenticatereauthenticate toto everyevery APAP..

�� WillWill requirerequire newnew hardwarehardware



AdvantagesAdvantages

�� MobilityMobility

�� Ease of InstallationEase of Installation

�� FlexibilityFlexibility

�� CostCost�� ReliabilityReliability

�� SecuritySecurity

�� Use unlicensed part of the radio spectrumUse unlicensed part of the radio spectrum

�� RoamingRoaming

�� SpeedSpeed



LimitationsLimitations

�� InterferenceInterference

�� Degradation in performanceDegradation in performance

�� High power consumptionHigh power consumption�� Limited rangeLimited range

tcil 10 wifi technology_2

Documents