ilab WLAN Wireless transmission problems Error rate is much higher - - PowerPoint PPT Presentation

ilab
SMART_READER_LITE
LIVE PREVIEW

ilab WLAN Wireless transmission problems Error rate is much higher - - PowerPoint PPT Presentation

Apr 05, 2023 535 likes •823 views

Lehrstuhl fr Netzarchitekturen und Netzdienste Institut fr Informatik Technische Universitt Mnchen ilab WLAN Wireless transmission problems Error rate is much higher Interferences multipath propagation Receiving rate

slide-1
SLIDE 1

Lehrstuhl für Netzarchitekturen und Netzdienste

Institut für Informatik Technische Universität München

ilab

WLAN

slide-2
SLIDE 2

Ilab - WLAN 2

Wireless transmission problems

 Error rate is much higher

  • Interferences
  • multipath propagation
  • Receiving rate decreases quadratically with the distance

 Collision detection is difficult

  • We can‘t distinghuish collisions from other errors
  • Not full duplex
  • No CSMA/CD possible

 Aim: avoid collisions in the first place

  • Highest propability for collisions:
  • Station A is sending data
  • Stations B and C both get data to send out but the medium is busy
  • Once the medium is available, B and C start sending at the same time
slide-3
SLIDE 3

Ilab - WLAN 3

Hidden-Terminals

  • A is sending to B, C cannot hear A
  • C wants to send to B, C assumes the medium is free (CS fails)
  • Collision at B, A cannot detect the collision (CD fails)
  • A is a hidden terminal for C

Exposed-Terminals

  • B is sending to A,

C wants to send data to D

  • C detects a busy medium

and waits

  • C is out of range from A
  • > could send to D right away

Hidden-Terminals and Exposed-Terminals

B A C B A C D

slide-4
SLIDE 4

Ilab - WLAN 4

Infrastructure- vs. Ad-hoc-Network

Infrastructure network Ad-hoc-Netzwork

AP AP AP Wired network AP: Access Point

slide-5
SLIDE 5

Ilab - WLAN 5

802.11 – Architecture of an Infrastructure network

 Station (STA)

  • Terminal that is capable of accessing

the medium

 Basic Service Set (BSS)

  • Group of stations that use the same

frequency Access Point

  • Allows wired devices to connect to a

wireless system  Portal

  • Bridge to other (wired) networks

Distribution System

  • Interconnection-Netzwerk

ESS: group of multiple BSS

Distribution System Portal 802.x LAN Access Point 802.11 LAN BSS2 802.11 LAN BSS1 Access Point STA1 STA2 STA3 ESS

slide-6
SLIDE 6

Ilab - WLAN 6

802.11 – Layers

 PMD - Physical Medium Dependent

  • Modulation, Coding
  • FHSS
  • DSSS

 PLCP - Physical Layer Convergence

Protocol

  • Carrier-Sense
  • PHY Management
  • Channel selection

PMD PLCP MAC LLC MAC Management PHY Management

 MAC

  • Access Control mechanisms,

fragmentation, encryption

 MAC Management

  • Synchronization, Roaming, Power-

Management PHY DLC Station Management Layer 2 Layer 1

slide-7
SLIDE 7

Ilab - WLAN 7

WLAN packets

Layer 1 Header Layer 2 Header

slide-8
SLIDE 8

Ilab - WLAN 8

Example Infrastructure

STA 1 AP 1

LAN 1

STA 2 STA 3 STA 4 AP 2 STA 5 STA 6 STA 7

LAN 2

slide-9
SLIDE 9

Ilab - WLAN 9

Layer 2 addresses

 Frame Control field  Addresses

To DS From DS Address 1 Address 2 Address 3 Address 4

RA = DA TA = SA BSSID N/A 1 RA = DA TA = BSSID SA N/A 1 RA = BSSID TA = SA DA N/A 1 1 RA TA DA SA

DA: Destination Address RA: Receiver Address SA: Source Address TA: Transmitter Address

To/From DS values Meaning To DS = 0, From DS = 0 A data frame direct from one STA to another STA within the same IBSS, as well as all management and control type frames -> Ad Hoc Mode To DS = 0, From DS = 1 Data frame exiting the DS To DS = 1, From DS = 0 Data frame destined for the DS. To DS = 1, From DS = 1 Wireless distribution system (WDS) frame being distributed from one AP to another AP.

slide-10
SLIDE 10

Ilab - WLAN 10

Example

STA 1 AP 1

LAN 1

STA 2 STA 3 STA 4 AP 2 STA 5 STA 6 STA 7

LAN 2

STA3 to STA4 to DS: 1 from DS: 0 Addr1: AP1 Addr2: STA3 Addr3: STA4 STA3 to STA4 to DS: 0 from DS: 1 Addr1: STA4 Addr2: AP1 Addr3: STA3 STA1 to STA6 to DS: 1 from DS: 1 Addr1: AP2 Addr2: AP1 Addr3: STA6 Addr4: STA1 STA1 to STA6 Addr1: STA1 Addr2: STA6 STA1 to STA6 Addr1: STA1 Addr2: STA6

slide-11
SLIDE 11

Ilab - WLAN 11

802.11 – Physical Layer

 3 variants: 2x radio (2.4 GHz Band), 1x IR

  • data rate 1 or 2 Mbit/s

 Infrarot – standardized but not implemented  FHSS (Frequency Hopping Spread Spectrum) – outdated

  • 1 Mbit/s
  • Channel hopping

 DSSS (Direct Sequence Spread Spectrum)

  • Signal is spread using a random code
  • Various modulation techniques
  • max. transmission power 1 W (USA), 100 mW (EU), min. 1mW
  • Preamble and PHY-Header always: 1 Mbit/s, otherwise 1 or 2 Mbit/s
  • 802.11b: Short Preamble and data up to 11 Mbit/s
slide-12
SLIDE 12

Ilab - WLAN 12

802.11 – Physical Layer

 New: OFDM (Orthogonal Frequency-Division Multiplexing)

  • A large number of closely-spaced sub-carriers are used to carry data
  • Very robust and efficient
  • 802.11a and 802.11g: up to 54 MBit/s

 Very new: OFDM + MIMO

  • Multiple Antennas: Multiple input, multiple output
  • 802.11n: 100 MBit/s netto

 Frequency range

  • 2,4 GHz ISM-Band
  • Not only WLAN but also : microwaves, bluetooth, ZigBee, wireless headphones…
  • 5GHz Band  „more quiet“
slide-13
SLIDE 13

Ilab - WLAN 13

802.11 – MAC-Layer - DFWMAC

 Access control mechanisms

  • DFWMAC-DCF CSMA/CA (mandatory)
  • Distributed Foundation Wireless Medium Access Control – Distributed Coordination

Function

  • Collision-Avoidance per random „Back-off“-mechanism
  • Minimal gap between two consecutive packets
  • Special ACK packet
  • DFWMAC-DCF w/ RTS/CTS (optional) – usually implemented
  • Distributed Foundation Wireless MAC with Request-to-Send / Clear-to-Send
  • RTS/CTS helps with the hidden terminal problem
  • DFWMAC- PCF (optional) – usually not implemented
  • Point Coordination Function
  • Access-Point polls the terminals

 New: 802.11e

  • Quality of Service packet prioritization
  • New energy saving mechanisms
slide-14
SLIDE 14

Ilab - WLAN 14

802.11 – MAC-Layer

 Priorities

  • By different inter frame spaces
  • SIFS (Short Inter Frame Spacing)
  • Highest priority for ACK, CTS, Polling-answer
  • PIFS (PCF, Point Coordination Function IFS)
  • Medium priority for time-bounded services with PCF
  • PIFS = SIFS + 1 Slot Times
  • DIFS (DCF, Distributed Coordination Function IFS)
  • Lowest priority for asynchronous data transmission
  • DIFS = SIFS + 2 Slot Times

t medium busy SIFS PIFS DIFS DIFS next frame contention direct access if medium is free ≥ DIFS 802.11b DSSS: SIFS: 10 µs Slot Time: 20 µs

slide-15
SLIDE 15

Ilab - WLAN 15

t medium busy DIFS DIFS next frame contention window (randomized back-off mechanism)

802.11 – Access via CSMA/CA I

  • Once a station is ready to send out data, it checks the medium if it

is free (carrier sense)

  • If the medium is available for the length of a DIFS, the station

begins to send

  • (*) If the medium is busy, the station has to wait until the medium

has been free for a whole DIFS. Then the station waits an additional random back-off-time (collision avoidance)

  • If another station uses the medium during the back-off time, the

timer is stopped and we continue at (*)

slot time direct access if medium is free ≥ DIFS

slide-16
SLIDE 16

Ilab - WLAN 16

802.11 – Access via CSMA/CA II

 Transmission of unicast packets

  • Receiver sends ACK (after SIFS) right after the packet has been received

successfully (CRC check passed)

  • Highest priority for ACKs

t SIFS DIFS data ACK waiting time

  • ther

stations receiver sender data DIFS contention

slide-17
SLIDE 17

Ilab - WLAN 17

802.11 – multiple stations - simplyfied

t busy boe station1 station2 station3 station4 station5 packet arrival at MAC DIFS boe boe boe busy elapsed backoff time bor residual backoff time busy medium not idle (frame, ack etc.) bor bor DIFS boe boe boe bor DIFS busy busy DIFS boe busy boe boe bor bor

slide-18
SLIDE 18

Ilab - WLAN 18

Extension: RTS and CTS

 Ready to Send (RTS) and Clear to Send (CTS) frames  RTS is sent before every transmission

  • contains the expected duration of the transmission

 Receiver has to confirm via a CTS

  • Everyone who received the CTS known that the medium will be busy for

the specified duration

 Solves the hidden terminal problem

  • B‘s CTS is also received by C

B A C

slide-19
SLIDE 19

Ilab - WLAN 19

Synchronization via beacon (Infrastructure)

beacon interval t medium access point busy B busy busy busy B B B value of the timestamp B beacon frame

 Synchronization needed for

  • Power Management
  • Quality of Service
  • FHSS

 Beacon also contains BSS-ID

  • Helps new stations to join the network
slide-20
SLIDE 20

Ilab - WLAN 20

Synchronization via Beacon (Ad-hoc)

t medium station1 busy B1 beacon interval busy busy busy B1 value of the timestamp B beacon frame station2 B2 B2 random delay

slide-21
SLIDE 21

Ilab - WLAN 21

WLAN-Security WEP & WPA

slide-22
SLIDE 22

Ilab - WLAN 22

WEP – Wired Equivalent Privacy

Encryption of the IEEE 802.11-Standards Authentication

Open System (= no authentication)

Shared Key

  • No key management, not suitable for large networks

Confidentiality

Stream chipher RC4 Integrity

CRC32

slide-23
SLIDE 23

Ilab - WLAN 23

Drawbacks of WEP

Integrity

 RC4 and CRC32 are linear, manipulation possible

  • CRC32(A XOR B) = CRC32(A) XOR CRC32(B)

Confidentiality

 Key length only 40 Bit (political reasons, export restrictions)

  • Too short
  • Extended to 128bit (WEP2)

 Key stream is often reused

  • C1 ⊕ C2 = (P1 ⊕ K) ⊕ (P2 ⊕ K) = P1 ⊕ P2

 In 2001, Scott Fluhrer, Itsik Mantin und Adi Shamir showed how to

break WEP in a short period of time

 Today: WEP keys can be broken within a few minutes

slide-24
SLIDE 24

Ilab - WLAN 24

WPA

 IEEE 802.11i to become the new security standard  WPA was released as a subset of 802.11i  WPA uses RC4

  • BUT: different keys for each packet

 Security of WPA depends (as always) on the key (password)

Brute force attacks are always possible

 Recommended: use of WPA2

  • WPA2: AES instead of RC4
slide-25
SLIDE 25

Ilab - WLAN 25

Wi-Fi Protected Access (WPA)

 WPA-Authentication:

  • WPA can be used in home and small offices that do not have a RADIUS

(special protocol for AAA = Authorization, Authentication, and Accounting) servers through the use of pre-shared keys. This mode is called WPA-PSK.

  • WPA incorporates also the 802.1X standard with stations, access points and

authentication servers.

 Confidentiality (Encryption):

  • WPA uses the Temporal Key Integrity Protocol (TKIP) for encryption.
  • TKIP provides a key management system with a per-packet key for

encryption.

 Integrity:

  • TKIP includes also message integrity code called MIC at the end of each

plaintext message to ensure messages are not being spoofed or altered.

  • Note: the IEEE uses the acronym MIC instead of MAC (Message

Authentication Code) for the simple reason that MAC is reserved for „Medium Access Control“.

slide-26
SLIDE 26

Ilab - WLAN 26

WEP vs. WPA

WEP WPA Encryption

Flawed, cracked by scientists and hackers Fixes WEP flaws Key Length 40-bit keys 128-bit keys Key Management

  • Static - same key

used by everyone in the network.

  • Manual

distribution of keys - hand typed into each device

  • Dynamic session

keys, Per user, per session, per packet keys

  • Automatic

distribution of keys

Authentication

Flawed, used WEP key itself for authentication User authentication using 802.1X and EAP

slide-27
SLIDE 27

Ilab - WLAN 27

Protection of a WLAN

 WPA instead of WEP

  • Better: WPA2

 Corporate networks should always be seperated by a firewall  Only trust authenticated hosts  If no WLAN encryption is available, encryption on higher layer should

be used (e.h. IPSec, TLS…)