5: DataLink Layer 5a-1 19: Wireless Last Modified: 8/27/2015 12:56:28 PM

5: DataLink Layer 5a-1

19: Wireless

Last Modified: 04/19/23 09:55 AM


IEEE 802.11 Wireless LAN wireless LANs: untethered/mobile

networking IEEE 802.11 standard:

MAC protocol unlicensed frequency

spectrum governed by pre-defined rules vs. restricted allocation

Basic Service Set (BSS) (a.k.a. “cell”) contains: wireless hosts/stations

(STA) access point (AP): base

station BSS’s combined to form

distribution system (DS) and extended service set (ESS)


IEEE 802.11 Architecture

Distribution system (DS) – backbone network

Access point (AP) – bridge and relay point

Basic service set (BSS) Stations competing for access to shared

wireless medium Isolated or connected to backbone DS

through AP Extended service set (ESS)

Two or more basic service sets interconnected by DS


Interesting aspects to 802.11 protocols relative to what we’ve seen already

Both a polling (contention-free) mode and CSMA/CA mode for dealing with contention

CSMA/CA – collision avoidance rather than CD collision detection

Some reliable data transfer aspects including ACKS (unlike Ethernet)



Distributed vs Centralized

802.11 working group considered 2 proposals for a MAC algorithm – distributed access and centralized access

Distributed access like CSMA in Ethernet Decision to transmit distributed across nodes Makes sense especially for ad hoc network of peer

workstations Centralized access

Decision when to transit controlled by centralized decision maker, like base station/AP

Good when network busy or when some data is higher priority


Distributed Foundation Wireless MAC Compromise was Distributed Foundation

Wireless MAC (DFWMAC) Distributed Access control mechanism

with an optional centralized control layer on top of that Distributed Coordination Function (DCF) on

top of physical layer On top of that is optional Point Coordination

Function (PCF) that provides contention free service

Access Control


Contention Periods/ Contention-Free Periods The DCF and PCF respectively operate

in Contention Periods (CPs) and Contention Free Periods (CFPs)

In CPs, stations compete with each other to win channel access (CSMA(

In CFPs, an Access Point (AP) grants the opportunity of transmission to stations by polling


Superframes

CPs and CFPs alternate in a superframe A superframe is an interval between two

beacon frame transmissions. A beacon frame is broadcasted by APs

in BSSs or random stations in IBSSs. It carries management information to the

stations.


IEEE 802.11 MAC TimingPCF Superframe Construction


Superframe Point coordinator would lock out asynchronous traffic by issuing

polls Superframe interval defined

During first part of superframe interval, point coordinator polls round-robin to all stations configured for polling

Point coordinator then idles for remainder of superframe Allowing contention period for asynchronous access

At beginning of superframe, point coordinator may seize control and issue polls for given period Time varies because of variable frame size issued by responding

stations Rest of superframe available for contention-based access At end of superframe interval, point coordinator contends for

access using PIFS If idle, point coordinator gains immediate access

Full superframe period follows If busy, point coordinator must wait for idle to gain access Results in foreshortened superframe period for next cycle

Medium Access Control Logic

IFS = interframe space

Each time failincrease time towait before send


Interframe Space (IFS) Values

Actually three different IFS values Short IFS (SIFS)

Shortest IFS Used for immediate response actions

Point coordination function IFS (PIFS) Midlength IFS Used by centralized controller in PCF scheme when using

polls Distributed coordination function IFS (DIFS)

Longest IFS Used as minimum delay of asynchronous frames

contending for access


Priority

Stations using SIFS have “priority” over others because they will test for idle faster find and then start transmitting

Others that wait longer will find the channel busy when they listen after PIFS or DIFSs


IFS Usage

SIFS Acknowledgment (ACK) Clear to send (CTS) Poll response( for PCF)

PIFS Used by centralized controller in issuing

polls (for PCF) Takes precedence over normal contention

traffic DIFS

Used for all ordinary asynchronous traffic


Polling

Since PIFS smaller than DIFS, coordinator can seize coordinator and lock all traffic ( at least traffic that obeys the rules) while it polls and receives responses

When polling coordinator sends a poll to a station, it can respond using SIFS ( beating the next PIFS and any DIFS)


Polling

In a CFP, a PC polls the first station in its polling list, and it may also piggyback some data to the polling frame.

The polled station responds either with an ACK or a data frame piggybacked to the ACK frame.

An SIFS separates the polling and responding frames.

Once the frame exchange sequence with the first station is done, the PC waits for a PIFS and then polls another station in its polling list.


Reliable Data Delivery

More efficient to deal with errors at the MAC level than higher layer (such as TCP) Transport layer timeouts can take seconds

Two Frame exchange protocol Source station transmits data Destination responds with acknowledgment (ACK) If source doesn’t receive ACK, it retransmits frame

Four frame exchange Source issues request to send (RTS) Destination responds with clear to send (CTS) Source transmits data Destination responds with ACK


Clear To Send (CTS)

Station can make it more likely its frame will get though by first sending a small Request to Sent (RTS frame)

The recipient will then reply CTS Avoids the hidden terminal problem


Hidden Terminal effect

hidden terminals: A, C cannot hear each other obstacles, signal attenuation collisions at B

goal: avoid collisions at B CSMA/CA: CSMA with Collision Avoidance


CSMA/CA

DCF uses Carrier Sense Multiple Access (CSMA) CSMA means listen before you send to make sure

the medium is idle Collision Avoidance (CA) vs Collision Detection (CD)

CD based on listening while you send to make sure you hear only your signal

Wireless HW not made to send and listen at same time Large dynamic range of possible signals – cannot

effectively distinguish incoming weak signals from noise and the effects of its own transmission


Collision Avoidance: RTS-CTS exchange

CSMA/CA: explicit channel reservationsender: send short

RTS: request to sendreceiver: reply with

short CTS: clear to send

CTS reserves channel for sender, notifying (possibly hidden) stations


RTS/CTS optional in a Contention Period RTS/CTS mechanism is activated when

the MAC frame length exceeds an RTS threshold value. The range of the RTS threshold is from 0 to

2347 bytes. However, it is usually set for the higher

values to avoid the RTS/CTS mechanism being used for small frames, owing to the overhead of the RTS and CTS frames.


IEEE 802.11 MAC Protocol

802.11 CSMA Protocol: others

NAV: Network Allocation Vector

802.11 frame has transmission time field

others (hearing data) defer access for NAV time units


IEEE 802.11 MAC Protocol: CSMA/CA802.11 CSMA: sender- if sense channel idle for

DIFS sec. then transmit entire frame

(no collision detection)-if sense channel busy

then binary backoff

802.11 CSMA receiver:if received OK return ACK after SIFS


Acknowledgements

When station received frame addressed directly to it ( not broadcast or multicast) it replies with an ACK after waiting SIFS

ACKs allow for recovery from collision since no collision detection

Use of SIFS allows for efficient delivery of an LLC data unit that requires multiple MAC frames Just get SIFS between ACK and then next frame No one else will gain control of the channel until the

entire LLC if over

802.11 MAC Frame Format

All 802.11 when no security features enabled



MAC Frame Fields (1)

Frame Control ( 2 octets): Type of frame Control, management, or data Provides control information

• Includes whether frame is to or from DS, fragmentation information, and privacy information

Duration/Connection ID (2 octets): If used as duration field, indicates time (in s) channel will

be allocated for successful transmission of MAC frame In some control frames, contains association or connection

identifier


MAC Addresses

Addresses: 48-bit fields Number and meaning of each address field

depend on context Types include source, destination,

transmitting station, and receiving station


MAC Address format

scenario to DS fromDS

address 1 address 2 address 3 address 4

ad-hoc network 0 0 DA SA BSSID -infrastructurenetwork, from AP

0 1 DA BSSID SA -

infrastructurenetwork, to AP

1 0 BSSID SA DA -

infrastructurenetwork, within DS

1 1 RA TA DA SA

DA: Destination Address, ultimate destination of frameSA: Source Address, original source of frameRA: Receiver Address, current receiver for this hop in a Distribution System (DS)TA: Transmitter Address, current transmitter for this hop in a Distribution System (DS)

BSSID: Basic Service Set Identifierfor IBSS this is random number generated when LAN is formed


MAC Frame Fields (2)

Sequence Control ( 2 octets): 4-bit fragment number subfield

• For fragmentation and reassembly 12-bit sequence number Number frames between given transmitter

and receiver Frame Body (0-2312 octets):

MSDU (or a fragment of)• LLC PDU or MAC control information

Frame Check Sequence ( 4 octets): 32-bit cyclic redundancy check

MAC Frame Format



Frame Control Fields

Protocol version – 802.11 version Type – control, management, or data Subtype – identifies function of frame To DS – 1 if destined for DS From DS – 1 if leaving DS More fragments – 1 if fragments follow Retry – 1 if retransmission of previous

frame


Frame Control Fields

Power management – 1 if transmitting station is in sleep mode APs know the power management state for

connected clients, save frames for them and then periodically announce that have frames waiting

More data – Indicates that station has more data to send

WEP – 1 if wired equivalent protocol is implemented

Order – 1 if any data frame is sent using the Strictly Ordered service



Management Frames

Used to manage communications between stations and APs

E.g. management of associations Association requests, association response Reassociation request and response Disassociation, authentication,

deauthentication Probe request/probe response Beacon frame

• Timestamp, beacon interval, SSID, TIM… Announcement traffic indication


Association

Association Request sent by a station to an AP to request an

association with this BSS Includes information on capability

information such as whether encryption is to be used and whether this station is pollable

Association Response Returned by the AP to the station to indicate

whether it is accepting this association request

Disassociation Used by station to terminate an association


Reassociation

Reassociation Request Sent by a station when it moves from one

BSS to another and needs to make an association with the AP in the new BSS

Uses reassociation rather than association so that the new AP knows to negotiate with the old AP for the forwarding of data frames

Reassociation Response Returned by the AP to the station to indicate

whether it is accepting this reassociation request


Authentication Authentication

Used to authenticate one station to another in order to set up secure communications

In wired, physical connection implies authority to connect

Various authentication schemes in 802.11 Deauthentication

Sent by station to another station or AP to indicate that it is terminating secure communications

Invoked when existing authentication is terminated

Privacy Prevents message contents from being read by

unintended recipient


Other

Probe request /response Used by station to obtain information from

another station or AP Beacon

Transmitted periodically to allow mobile stations to locate and identify a BSS

Announcement Traffic Indication Message Sent by mobile station to alert other stations

that may have been in low power mode that this station has frames buffered and waiting to be delivered to the station addressed in the frame


Control Frames Sub Types

Assist in reliable data delivery Power Save-Poll (PS-Poll)

Sent by any station to station that includes AP Request AP transmit frame buffered for this station while station in power-

saving mode Request to Send (RTS)

First frame in four-way frame exchange Clear to Send (CTS)

Second frame in four-way exchange Acknowledgment (ACK) Contention-free (CF)-end

Announce the end of a contention free period CF-end + CF-ack

This frame ends the CFP and releases stations associated with that period


Data Frame Subtypes

Data-carrying frames Data – can be sent during Contention Free Period (CFP) or

Contention Period (CP) Only in CFP

• Data + CF-Ack ( data plus ack of previously received data)• Data + CF-Poll ( sent by point coordinator deliver data plus request

buffered data from station)• Data + CF-Ack + CF-Poll (BOTH)

Other subtypes (don’t carry user data even though they are data type) Null Function, CF-Ack, CF-Poll, CF-Ack + CF-Poll Null used only to carry the power management bit in the frame

control field to the AP to indicate station is changing to lower power mode


802.11 Physical Layer Standards

Op. Freq. Data RateTypical/Max(Mbit/sec)

RangeIndoor/Outdoor(meters)

Legacy802.11-1997

2.4 GHz 1 / 2 ?

802.11a (1999)

5 GHz 25/54 15-30

802.11b (1999)

2.4 GHz 5.5/11 45-90

802.11g(2003)

2.4 GHz 25/54 45-90

802.11n(2009)

5 and 2.4 GHz 144/600 91/182


802.11b was the first, followed by 802.11a ( higher BW, less popular)

802.11g higher BW, directly compatible with b

802.11n – even higher BW, backwards compatible with b and g

Others 802.11ad (Using 2.4 GHz, 5 GHz and 60 GHz,

theoretical max throughput of up to 7Gbit/s; 2014?)

802.11ac (high throughput in the 5 GHz band, 2014?)


Outtakes


Original Wired Equivalent Privacy

Included in the security and privacy features of the original 802.11 specification

Unfortunately quite weak in several ways Does not provide protection from other

legitimate users ( equivalent of a wired hub) Easy to break the encryption even if not a

legitimate user


Progression

Original WEP in 1999 Longer key WEP Superseded by WiFi Protected Access

(WPA) in 2003 Then by the full 802.11i security

standard (also known as WPA2) in 2004


WEP keys

Original 64 bit WEP used a 40 bit encryption key

Later revision, 128 bit WEP enabled use of a 104 bit key (once US govt regulations relaxed on export of crytoanalysis based on key size)

Some 256 bit WEP products WEP keys entered as a string of hex

digits Each digit represents 4 bits of the key Thus 26 hex digits for 104 bit key is 128 bit

WEP


Avoid Repetition of Keys

WEP uses RC4 a stream cipher Stream ciphers are vulnerable to attack if the same key is used twice

(depth of two) or more. The purpose of the IV (which is sent in plain text) is to prevent

repetition of the traffic key WEP key concatenated with an 24 bit initialization vector to form

an RC4 traffic key

http://en.wikipedia.org/wiki/Image:Wep-crypt.png


Problems

However 24 bits will wrap quickly on a busy network

If you capture enough packets you will get repeated IVs (passive attack)

Can also stimulate traffic (active attack) Esp helpful for longer keys since cracking

them takes more traffic


802.11i

Addresses 3 main security areas Authentication Key management Data Transfer Privacy


802.11 architecture

Already have stations and access point (AP); Add a new entity, the authentication server (AS)

Exchange between station and AS provides for secure authentication

AS also responsible for key distribution to the access point, which in turn manages and distributes keys to stations


Features

Access control Authentication Privacy with message integrity


Access Control

Uses the IEEE 802.1X Port-Based Network Access Control Standard

In that language Station = supplicant Access point = authenticator Authentication server = authentication

server


Access Control Process

Before a supplicant is authenticated by the AS using an authentication protocol, the authenticator or AP just passes control or authentication messages between the supplicant and AS Ie data channel is blocked

Once supplicant is authenticated and keys provided, then they can use the data channel


Authentication

Open system authentication Exchange of identities, no security benefits

Shared Key authentication Shared Key assures authentication

Actual choice of protocols used for authentication not defined in 802.11 (just ability to exchange capabilities and agree on one of the choices) Popular choices include: Remote Authentication Dial-

In User Service (RADIUS) and Extensible Authentication Protocol (EAP)


Privacy with message integrity Stronger encryption also used to protect

data transfer between the station and the AP

Three schemes Best long-term uses Advanced Encryption

Standard (AES) with 128 bit keys Alternative schemes based on 104-bit RC4

because use of AES requires expensive hardware upgrade to existing equipment

• Temporal Key Integrity Protocol (TKIP)


WPA

To prevent related-key attacks, a replacement for WEP, Wi-Fi Protected Access (WPA)

Uses three levels of keys: master key, working key and RC4 key.

The working keys are then combined with a longer, 48-bit IV to form the RC4 key for each packet.

This design mimics the WEP approach enough to allow WPA to be used with first-generation Wi-Fi network cards, some of which implemented portions of WEP in hardware.

However, not all first-generation access points can run WPA. Upgrade firmware on wireless access points


Michael

In addition to authentication and encryption, WPA also provides vastly improved payload integrity.

The cyclic redundancy check (CRC) used in WEP is inherently insecure; it is possible to alter the payload and update the message CRC without knowing the WEP key.

A more secure message authentication code (usually known as a MAC, but here termed a MIC for "Message Integrity Code") is used in WPA, an algorithm named "Michael".

The Michael algorithm was the strongest that WPA designers could come up with that would still work with most older network cards. Due to inevitable weaknesses of Michael, WPA includes a special countermeasure mechanism that detects an attempt to break TKIP and temporarily blocks communications with the attacker.

The MIC used in WPA includes a frame counter, which prevents replay attacks being executed.


WPA2

More conservative approach is to employ a cipher designed to prevent related-key attacks altogether, usually by incorporating a strong key schedule.

WPA2, uses the AES block cipher instead of RC4, in part for this reason.

Some older network cards, however, cannot run WPA2.


WPA Personal vs Enterprise

For Enterprise, you need to run an authentication server like a RADIUS server Standalone, built into access point, even third part

services Every new session gets its own fresh random key,

used for a relatively short time.

For Personal/Home, WPA-PSK (WPA with Pre-Shared Key) Uses a passphrase entered on all legitimate clients Shared key used to generate a transient key


Pairwise Transient Keys

The AP and each station need an individual Pairwise Transient Key (PTK) to protect unicast communication between them. To derive a different PTK for each AP/station

combo, a Pairwise Master Key (PMK) is fed into an algorithm, along with MAC address (define) and two values, ANonce and SNonce.

AP and station derive the same PTK without ever sending it over the air.


Group Transient Key

The AP also generates a Group Transient Key (GTK) to protect all broadcast and multicast communication. Every station on the WLAN needs that same

GTK to decrypt broadcast/multicast frames, the AP sends the current GTK to each station encrypted with the PTK.


Message Integrity Code

To stop these handshake messages from being forged, messages carry a Message Integrity Code (MIC).

Each MIC is generated by hashing a specified part of the message, then encrypting that hash with the PTK.


Ways to crack

Dictionary attack on shared passphrase or exhaustive search on short 8 character ones When configuring a passphrase, the IEEE

802.11i standard strongly recommends using at least 20 characters.

Existence of precomputed WPA PSK lookup tables for common SSIDs Give your WLAN a unique SSID.


802.11 Physical Layer Standards

Op. Freq. Data RateTypical/Max(Mbit/sec)

RangeIndoor/Outdoor(meters)

Legacy802.11-1997

2.4 GHz ½ ?

802.11a (1999)

5 GHz 25/54 15-30

802.11b (1999)

2.4 GHz 5.5/11 45-90

802.11g(2003)

2.4 GHz 25/54 45-90

802.11n(2009)

5 and 2.4 GHz 144/600 91/182


802.11b was the first, followed by 802.11a ( higher BW, less popular)

802.11g higher BW, directly compatible with b

802.11n – even higher BW, backwards compatible with b and g


RC4 WEP uses RC4 a stream cipher

Stream ciphers are vulnerable to attack if the same key is used twice (depth of two) or more.

Say we send messages A and B of the same length, both encrypted using same key, K. The stream cipher produces a string of bits C(K) the same length as the messages. The encrypted versions of the messages then are: E(A) = A xor C E(B) = B xor C where xor is performed bit by bit.

Say an adversary has intercepted E(A) and E(B). He can easily compute:

E(A) xor E(B) However xor is commutative and has the property that X

xor X = 0 (self-inverse) so: E(A) xor E(B) = (A xor C) xor (B xor C) = A xor B xor C xor C

= A xor B

Documents

5: DataLink Layer 5a-1 19: Wireless Last Modified: 8/27/2015 12:56:28 PM