wlan standardization / 2001-09-05 / © siemens ag 2001 information and communication wlan...
TRANSCRIPT
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
WLAN Standardization
Maximilian Riegel<[email protected]>
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Outline
WLAN application architecture IEEE802.11 standards family
Physical layer 5 GHz considerations Configurations MAC layer functions Power Management Roaming Privacy and access control
5 GHz Harmonization WECA Access control for public hot spots A last word about WLAN security...
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
WLAN is more than just cable replacement! It provides hastlefree broadband Internet access everywhere.
Today’s road worriers require access to the Internet everywhere. Only coverage in ‘hot-spots’ needed. IEEE802.11b meets the expectations for easyness, cost and bandwidth.
PublicWLAN
Airport
Railway Station
Campus
Plant
Semi-publicWLAN
OfficeHospital
Congress hall,Hotel
Corporate WLAN
Office
HomeWLAN
Remote Access
WLAN has taken of…
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
httptcpip
pppBluetooth
Netscape
ip802.2802.11
802.2802.11802.3
802.2802.3
802.2802.3
httptcpip
pppBluetooth
apache
ip802.2802.3
ip
IEEE802.11
local distribution network internet
Client Access Point Access Router Server
Wireless LAN IEEE802.11 Basic Architecture
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Wireless IEEE802.11 Standard
Operation in the 2.4GHz ISM band USA: FCC part 15.247-15.249 Europe: ETS 300-328 Japan: RCR-STD-33A
Supports three PHY layer types: DSSS, FHSS, Infrared
MAC layer common to all 3 PHY layers Supports peer-to-peer and
infrastructure configurations High data rate extension IEEE802.11b
with 11 Mbps using existing MAC layer IEEE802.11a for operation in the 5 GHz
band using the same MAC layer with up to 54 Mbit/s
Approved June 1997802.11b approved Sept. 1999
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
IEEE802.11 Protocol Architecture
MAC Entity basic access mechanism fragmentation encryption
MAC Layer Management Entity synchronization power management roaming MAC MIB
Physical Layer Convergence Protocol (PLCP)
PHY-specific, supports common PHY SAP provides Clear Channel Assessment signal (carrier sense)
Physical Medium Dependent Sublayer (PMD) modulation and encoding
PHY Layer Management channel tuning PHY MIB
Station Management interacts with both MAC Management and PHY Management
MAC Sublayer
PLCP Sublayer
PMD Sublayer
MAC LayerManagement
PHY LayerManagement
StationManagement
LLC = 802.2
MAC
PHY
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
IEEE802.11 Architecture Overview
One MAC supporting multiple PHYs currently Frequency Hopping, Direct Sequence and Infrared PHYs
Two configurations “Independent” (ad hoc) and “Infrastructure”
CSMA/CA (collision avoidance) with optional “point coordination” Connectionless Service
Transfer data on a shared medium without reservation data comes in bursts user waits for response, so transmit at highest speed possible is the same service as used by Internet
Isochronous Service reserve the medium for a single connection and provide a continues stream of
bits, even when not used works only when cells (using the same frequencies) are not overlapping.
Robust against noise and interference (ACK) Hidden Node Problem (RTS/CTS) Mobility (Hand-over mechanism) Power savings (Sleep intervals) Security (WEP)
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Frequency
Pow
er
Frequency
Pow
er
spreading
Time
Frequency
Frequency
Pow
er
IEEE 802.11 – 2.4 & 5 GHz Physical Layers
Baseband IR, 1 and 2Mbps, 16-PPM and 4-PPM 2.4 GHz Frequency Hopping Spread Spectrum
2/4 FSK with 1/2 Mbps 79 non overlapping frequencies
of 1 MHz width (US) 2.4 GHz Direct Sequence Spread Spectrum
DBPSK/DQPSK with 1/2 Mbps Spreading with 11 Bit barker Code 11/13 channels in the 2.4 GHz band
2.4 GHz High Rate DSSS Ext. (802.11b) CCK/DQPSK with 5.5/11 Mbps
5 GHz OFDM PHY (802.11a) Basic parameters identical to
HiperLAN2 PHY European regulatory issues unsolved
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
IEEE802.11gFurther Speed Extension for the 2.4GHz Band PBCC proposal for 22 Mbit/s from Texas Instruments CCK-OFDM proposal for up to 54 Mbit/s from Intersil Selection process showed only a 55:45 majority for CCK-OFDM;
>75 % necessary for acceptance as IEEE standard.
Upcoming
Upcoming
Range vs. throughput rate comparison of CCK (802.11b), PBCC, OFDM(802.11a), CCK-OFDM(Batra, Shoemake; Texas Instruments; Doc: 11-01-286r2)
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Freq./GHz5.200 5.300 5.400 5.500 5.600 5.700 5.800 5.9005.100
Europe
USA
Japan5.150 5.250
5.150 5.350 5.725 5.825
Indoor 200 mW / Outdoor 1 W EIRP Outdoor 4 W EIRP
Max peak Tx power
5.3505.150 5.470 5.725
Outdoor 1W EIRP Indoor 200 mW EIRP
Max mean Tx power
DFS & TPC DFS & TPC
DFS: Dynamic Frequency Selection
TPC: Transmit Power Control
Spectrum Designation in the 5 GHz range
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
IEEE802.11hSpectrum and Transmit Power Management
TPC (Transmission power control) supports interference minimisation, power consumption
reduction, range control and link robustness. TPC procedures include:
— AP‘s define and communicate regulatory and local transmit power constraints
— Stations select transmit powers for each frame according to local and regulatory constraints
DFS (Dynamic Frequency Selection) AP‘s make the decision STA‘s provide detailed reports
about spectrum usage at theirlocations.
Upcoming
Upcoming
AP 1AP 2
AP 3
STA
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
When will 5 GHz WLANs come...
IEEE802.11b (2.4 GHz) is now taking over the market. There are developments to enhance IEEE802.11b for
more bandwidth (up to 54 Mbit/s) QoS (despite many applications do not need QoS at all) network issues (access control and handover).
5 GHz systems will be used when the 2.4 GHz ISM band will become too overcrowded to provide sufficient service. TCP/IP based applications are usually very resilient
against ‘error proune’ networks. Issues of 5 GHz systems:
Cost: 5 GHz is more expensive than 2.4 GHz Power: 7dB more transmission power for same distance Compatibility to IEEE802.11b/g necessary
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Peer-to-Peer Network
IEEE802.11 Ad Hoc Mode
Independent networking Use Distributed Coordination Function (DCF) Forms a Basic Service Set (BSS) Direct communication between stations Coverage area limited by the range of individual stations
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
BSS-A
Wired Network
BSS-B
Server
IEEE802.11 Infrastructure Mode
Access Points (AP) and stations (STA) BSS (Basic Service Set): a set of stations controlled by a single
coordination function Distribution system interconnects multiple cells via access points
to form a single network Extends wireless coverage area and enables roaming
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
IEEE802.11fInter-Access Point Protocol (IAPP) across Distribution Systems
IAPP defines procedures for automatic configuration of additional access points context transfer between APs when stations move
Upcoming
Upcoming
Wired NetworkServer
IAPP-MOVEIAPP-ADD
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
DIFSContention Window
Slot time
Defer Access
Backoff-Window Next Frame
Select Slot and Decrement Backoff as long as medium is idle.
SIFS
PIFSDIFS
Free access when mediumis free longer than DIFS
Busy Medium
CSMA/CA Explained
Reduce collision probability where mostly needed. Stations are waiting for medium to become free. Select Random Backoff after a Defer, resolving contention to avoid
collisions. Efficient Backoff algorithm stable at high loads.
Exponential Backoff window increases for retransmissions. Backoff timer elapses only when medium is idle.
Implement different fixed priority levels
IFS: Inter Frame Space
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Tx Data to STA 2
ACK to STA1Rx data from STA 1
Detects channel busy
Detects channel busy Tx Data
Station 1
Station 2
Station 3
Station 4
Short deferral
Distributed inter-frame deferral
Distributed inter-frame deferral
Distributed inter-frame deferral
Distributed inter-frame deferral
Random back-off
Random back-off
Short interval ensures ACK is sent while other stations wait
longer
STA 3’s back-off is shorter thanSTA 4’s therefore it begins
transmission first
Detects channel busy
Detects channel busy
Detects channel busy
IEEE802.11 Distributed Coordination Function (DCF)
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Beacon
Contention Free Period Contention Period
CFP repetition interval
D1+Poll
U1+ACK
D2+Poll
Stations
AccessPoint
U2+ACK
CF end
IEEE802.11 Point Coordination Function (PCF)
Optional PCF mode provides alternating contention free and contention operation under the control of the access point
The access point polls stations for data during contentionfree period
Network Allocation Vector (NAV) defers the contention traffic until reset by the last PCF transfer
PCF and DCF networks will defer to each other PCF improves the quality of service for time bounded data
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Ack
Data
Next MPDU
Src
Dest
Other
Contention Window
Defer Access Backoff after Defer
DIFS
SIFS
DIFS
CSMA/CA + ACK protocol
Defer access based on Carrier Sense. CCA from PHY and Virtual Carrier Sense state.
Direct access when medium is sensed free longer then DIFS, otherwise defer and backoff.
Receiver of directed frames to return an ACK immediately when CRC correct. When no ACK received then retransmit frame after a random
backoff (up to maximum limit).
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
STA “B” cannot receive data from STA “A”
Problem – Stations contending for the medium do not Hear each other
STA “B” STA“A”
RTS
CTS Ack
Data
Next MPDU
STA A
AP
STA BTime period to defer accessis based on duration in CTS Back off after defer
DIFS
RTS-Range
Access Point
STA “B” cannot detect carrier from STA “A”
CTS-Range
Solution – Optional use of the Duration field in RTS and CTS frames with AP
“Hidden Node” Provisions
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Upcoming
UpcomingIEEE802.11eMedium Access Control Enhancements for Quality of Service
EDCF (Enhanced Distributed Coordination Function) differentiated DCF access to the wireless medium for
prioritized traffic categories (8 different traffic categories) output queue competes for TxOPs using EDCF wherein
— the minimum specified idle duration time is a distinct value— the contention window is a variable window — lower priority queues defer to higher priority queues
AIFS[j]
AIFS[i]
DIFS/AIFSContention Window
Slot time
Busy Medium
Defer Access
Next Frame
Select Slot and Decrement Backoff as long
SIFS
PIFSDIFS/AIFS
Immediate access when
Medium is free >= DIFS/AIFS[i]
as medium is idle
Backoff-Window
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
IEEE802.11eMedium Access Control Enhancements for Quality of Service
HCF (Hybrid coordination function) only usable in infrastructure QoS network configurations (QBSS). allow a uniform set of frame exchange sequences to be used during
both the contention period (CP) and contention free period (CFP) uses a QoS-aware point coordinator, called a hybrid coordinator (HC)
— by default collocated with the enhanced access point (EAP)— uses the point coordinator's higher priority to allocate transmission
opportunities (TxOPs) to stations provides limited-duration contention free bursts (CFBs) to transfer
QoS data. meets predefined service rate, delay and/or jitter requirements of
particular traffic flows. QoS traffic from the EAP/HC can be based on the HC's QBSS-wide
knowledge of the traffic ... „Quite complex method still under definition“
Upcoming
Upcoming
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Power Management Approach
Allow idle stations to go to sleep station’s power save mode stored in AP
APs buffer packets for sleeping stations. AP announces which stations have frames buffered Traffic Indication Map (TIM) sent with every Beacon
Power Saving stations wake up periodically listen for Beacons
TSF assures AP and Power Save stations are synchronized stations will wake up to hear a Beacon TSF timer keeps running when stations are sleeping synchronization allows extreme low power operation
Independent BSS also have Power Management similar in concept, distributed approach
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
TIM
TIM-Interval
Time-axis
Busy Medium
Tx operation
AP activity
TIM TIM TIM DTIMDTIM
DTIM interval
PS Station
Broadcast
PS-Poll
Broadcast
Infrastructure Power Management
Broadcast frames are also buffered in AP. all broadcasts/multicasts are buffered broadcasts/multicasts are only sent after
Delivery Traffic Indication Message (DTIM) DTIM interval is a multiple of TIM interval
Stations wake up prior to an expected DTIM. If TIM indicates frame buffered
station sends PS-Poll and stays awake to receive data else station sleeps again
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Roaming Approach
Station decides that link to its current AP is poor
Station uses scanning function to find another AP or uses information from
previous scans Station sends Reassociation
Request to new AP If Reassociation Response is successful
then station has roamed to the new AP else station scans for another AP
If AP accepts Reassociation Request AP indicates Reassociation to the Distribution System Distribution System information is updated normally old AP is notified through Distribution
System
Access Point A
Access Point B
Station 4
Access Point C
Station 1
Station 2
Station 3
Station 5 Station 6
Station 7
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
IEEE802.11 privacy and access control
Goal of 802.11 is to provide “Wired Equivalent Privacy” (WEP) Usable worldwide
802.11 provides for an authentication mechanism To aid in access control. Has provisions for “OPEN”, “Shared Key” or proprietary
authentication extensions. Shared key authentication is based on WEP privacy
mechanism Limited for station-to-station traffic, so not “end to end”. Uses RC4 algorithm based on:
— a 40 bit secret key— and a 24 bit IV that is send with the data.— includes an ICV to allow integrity check.
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Preamble PLCP Header MAC Header CRCPayloadEncrypted
IV (4) ICV (4)CyphertextK-ID
Integrity Algorithm
WEPPRNG
IVIV
Secret Key+ Ciphertext
ICV
Plaintext
ICV'=ICV?Plaintext
TX
IV
Ciphertext
ICV
+
Secret Key
WEPPRNG
Integrity Algorithm
WEP privacy mechanism
WEP bit in Frame Control Field indicates WEP used. Each frame can have a new IV, or IV can be reused for a
limited time.
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Access Point
Secret Key Loaded Locally
Station
Secret Key Loaded Locally
Station sends authentication request
AP sends challenge text generatedwith the WEP algorithm
Station encrypts challenge textand sends it to the AP
AP decrypts the encrypted challenge text.Authentication successful if text matches original
Shared key authentication
Shared key authentication requires WEP Key exchange is not specified by IEEE802.11 Only one way authentication
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Shortcomings of plain WEP security
WEP unsecure at any key length IV space too small, lack of IV replay protection known plaintext attacks
No user authentication Only NICs are authenticated
No mutual authentication Only station is authenticated against access point
Missing key management protocol No standardized way to change keys on the fly Difficult to manage per-user keys for larger groups
WEP is no mean to provide security for WLAN access, … but might be sufficient for casual cases.
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Associate
EAP Identity Request
EAP Identity Response
EAP Request
EAP Response
EAP Success
Access Request
Access Challenge
Access Request
Access Accept
AuthenticationServer
IEEE802.11i Enhanced security Enhanced encryption
WEP2 w/ increase IV space to 128bit, key length 128bit optional: Advanced Encryption Standard (AES)
Authentication and key management by adoption of IEEE802.1X Standard for Port Based Network Access Control
Upcoming
Upcoming
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
802.11f: Inter Access Point Protocol
Wireless LAN Standardization
HiperLAN/2
DFS & TPC
5 GHz54 Mbit/s
MAC
PHY
ETSI BRAN IEEE 802.11
IEEE 802.11
2,4 GHz2 Mbit/s
802.11b2,4 GHz11Mbit/s
802.11g2,4 GHz
>20Mbit/s
802.11a5 GHz
54Mbit/s
802.11hDFS & TPC
802.11e: QoS Enhancements
Current standardization topics
UMTS Integration
802.11i: Security Enhancements
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
5GWING-MAC-PHY
5GSG „coexistance
issues“
Harmonization of 5 GHz WLAN Standards
IEEE802.11a-MAC-PHY
MMAC-MAC-PHY
HiperLAN/2-MAC-PHY
Upcoming
Upcoming
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
WECA
Mission- Certify interoperability of IEEE 802.11 products- Promote Wi-FiTM as the global Wireless LAN standard for
home, enterprise and public applications Wi-Fi certification started in March 2000. More than 80 certified products within 1 year. Founding organizations:
Lucent, Aironet (Cisco), 3Com, Intersil, Nokia, Symbol 78 member companies today.
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Congress hall,Hotel
Airport
Railway Station
Campus
OfficeHospital
Do not touch customer equipment
Address all customers Make access procedure
self explaining
Serving customers in public hot spots...
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
To much security might hinder your business!
Probably to consider …
How does your favorite storefront look like?
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
Authentication for Internet accessSelection of billing method
Free local content
services
Using a web page for initial user interaction
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
internet
Password: **********
auth
html
RADIUSclient
N
auth
DHCPServer
AAAServer
AccessGateway
MobileClient
Web based authentication
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
A last word about WLAN security:
WEP/WEP2 is probably not sufficient in public hot-spots:
Only VPN technologies (IPSEC, TLS, SSL) will fulfil end-to-end security requirements.
VPN technologies might even be used in corporate networks.
http
ipppp
Netscape
ip802.2 802.2
802.3802.2802.3
802.2802.3
http
ipppp
Bluetooth
apache
ip802.2802.3
ip
802.11 802.11 WEP802.11 802.11
IPSEC, TLS, SSL
802.11 802.11
tcp tcp
WLA
N S
tand
ardi
zatio
n /
2001
-09-
05 /
© S
iem
ens
AG
200
1
Information and Communication
The end
Thank you for your attention.
Questions and comments?
Maximilian Riegel<[email protected]>
http://www.max.franken.de