Wi-Fi Technology

1
Wi-Fi Technology
2
Agenda

• Introduction
• Wi-Fi Technologies
• Wi-Fi Architecture
• Wi-Fi Network Elements
• How a Wi-Fi Network Works
• Wi-Fi Network Topologies
• Wi-Fi Configurations
• Applications of Wi-Fi
• Wi-Fi Security
• Advantages/ Disadvantages of Wi-Fi

3
Introduction

• Wireless Technology is an alternative to Wired
  Technology, which is commonly used, for
  connecting devices in wireless mode.
• Wi-Fi (Wireless Fidelity) is a generic term that
  refers to the IEEE 802.11 communications standard
  for Wireless Local Area Networks (WLANs).
• Wi-Fi Network connect computers to each other, to
  the internet and to the wired network.

4
The Wi-Fi Technology

• Wi-Fi Networks use Radio Technologies to
  transmit receive data at high speed
• IEEE 802.11b
• IEEE 802.11a
• IEEE 802.11g

5
IEEE 802.11b

• Appear in late 1999
• Operates at 2.4GHz radio spectrum
• 11 Mbps (theoretical speed) - within 30 m Range
• 4-6 Mbps (actual speed)
• 100 -150 feet range
• Most popular, Least Expensive
• Interference from mobile phones and Bluetooth
  devices which can reduce the transmission speed.

6
IEEE 802.11a

• Introduced in 2001
• Operates at 5 GHz (less popular)
• 54 Mbps (theoretical speed)
• 15-20 Mbps (Actual speed)
• 50-75 feet range
• More expensive
• Not compatible with 802.11b

7
IEEE 802.11g

• Introduced in 2003
• Combine the feature of both standards (a,b)
• 100-150 feet range
• 54 Mbps Speed
• 2.4 GHz radio frequencies
• Compatible with b

8
802.11 Physical Layer

• There are three sublayers in physical layer
• Direct Sequence Spread Spectrum (DSSS)
• Frequency Hoping Spread Spectrum (FHSS)
• Diffused Infrared (DFIR) - Wide angle

9
DSSS

• Direct sequence signaling technique divides the
  2.4 GHz band into 11 22-MHz channels. Adjacent
  channels overlap one another partially, with
  three of the 11 being completely non-overlapping.
  Data is sent across one of these 22 MHz channels
  without hopping to other channels.

10
IEEE 802.11 Data Link Layer

• The data link layer consists of two sublayers
• Logical Link Control (LLC)
• Media Access Control (MAC).
• 802.11 uses the same 802.2 LLC and 48-bit
  addressing as other 802 LANs, allowing for very
  simple bridging from wireless to IEEE wired
  networks, but the MAC is unique to WLANs.

11
802.11 Media Access Control

• Carrier Sense Medium Access with collision
  avoidance protocol (CSMA/CA)
• Listen before talking
• Avoid collision by explicit Acknowledgement (ACK)
• Problem additional overhead of ACK packets, so
  slow performance
• Request to Send/Clear to Send (RTS/CTS) protocol
• Solution for hidden node problem
• Problem Adds additional overhead by temporarily
  reserving the medium, so used for large size
  packets only retransmission would be expensive

12
802.11 Media Access Control(cont.)

• Power Management
• MAC supports power conservation to extend the
  battery life of portable devices
• Power utilization modes
• Continuous Aware Mode
• Radio is always on and drawing power
• Power Save Polling Mode
• Radio is dozing with access point queuing any
  data for it
• The client radio will wake up periodically in
  time to receive regular beacon signals from the
  access point.
• The beacon includes information regarding which
  stations have traffic waiting for them
• The client awake on beacon notification and
  receive its data

13
802.11 Media Access Control(cont.)

• Fragmentation
• CRC checksum
• Each pkt has a CRC checksum calculated and
  attached to ensure that the data was not
  corrupted in transit
• Association Roaming

14
Elements of a WI-FI Network

• Access Point (AP) - The AP is a wireless LAN
  transceiver or base station that can connect
  one or many wireless devices simultaneously to
  the Internet.
• Wi-Fi cards - They accept the wireless signal and
  relay information.They can be internal and
  external.(e.g PCMCIA Card for Laptop and PCI Card
  for Desktop PC)
• Safeguards - Firewalls and anti-virus software
  protect networks from uninvited users and keep
  information secure.

15
How a Wi-Fi Network Works

• Basic concept is same as Walkie talkies.
• A Wi-Fi hotspot is created by installing an
  access point to an internet connection.
• An access point acts as a base station.
• When Wi-Fi enabled device encounters a hotspot
  the device can then connect to that network
  wirelessly.
• A single access point can support up to 30 users
  and can function within a range of 100 150 feet
  indoors and up to 300 feet outdoors.
• Many access points can be connected to each other
  via Ethernet cables to create a single large
  network.

16
Wi-Fi Network Topologies

• AP-based topology (Infrastructure Mode)
• Peer-to-peer topology (Ad-hoc Mode)
• Point-to-multipoint bridge topology

17
AP-based topology

• The client communicate through Access Point.
• BSA-RF coverage provided by an AP.
• ESA-It consists of 2 or more BSA.
• ESA cell includes 10-15 overlap to allow roaming.

18
Peer-to-peer topology

• AP is not required.
• Client devices within a cell can communicate
  directly with each other.
• It is useful for setting up of a wireless network
  quickly and easily.

19
Point-to-multipoint bridge topology

• This is used to connect a LAN in one building to
  a LANs in other buildings even if the buildings
  are miles apart.These conditions receive a clear
  line of sight between buildings. The
  line-of-sight range varies based on the type of
  wireless bridge and antenna used as well as the
  environmental conditions.

20
Wi-Fi Configurations
21
Wi-Fi Configurations
22
Wi-Fi Configurations
23
Wi-Fi Applications

• Home
• Small Businesses or SOHO
• Large Corporations Campuses
• Health Care
• Wireless ISP (WISP)
• Travellers

24
Wi-Fi Security Threats

• Wireless technology doesnt remove any old
  security issues, but introduces new ones
• Eavesdropping
• Man-in-the-middle attacks
• Denial of Service

25
Eavesdropping

• Easy to perform, almost impossible to detect
• By default, everything is transmitted in clear
  text
• Usernames, passwords, content ...
• No security offered by the transmission medium
• Different tools available on the internet
• Network sniffers, protocol analysers . . .
• Password collectors
• With the right equipment, its possible to
  eavesdrop traffic from few kilometers away

26
MITM Attack

1. Attacker spoofes a disassociate message from the
   victim
2. The victim starts to look for a new access point,
   and the attacker advertises his own AP on a
   different channel, using the real APs MAC
   address
3. The attacker connects to the real AP using
   victims MAC address

27
Denial of Service

• Attack on transmission frequecy used
• Frequency jamming
• Not very technical, but works
• Attack on MAC layer
• Spoofed deauthentication / disassociation
  messages
• can target one specific user
• Attacks on higher layer protocol (TCP/IP
  protocol)
• SYN Flooding

28
Wi-Fi Security

• The requirements for Wi-Fi network security can
  be broken down into two primary components
• Authentication
• User Authentication
• Server Authentication
• Privacy

29
Authentication

• Keeping unauthorized users off the network
• User Authentication
• Authentication Server is used
• Username and password
• Risk
• Data (username password) send before secure
  channel established
• Prone to passive eavesdropping by attacker
• Solution
• Establishing a encrypted channel before sending
  username and password

30
Authentication (cont..)

• Server Authentication
• Digital Certificate is used
• Validation of digital certificate occurs
  automatically within client software

31
Wi-Fi Security Techniques

• Service Set Identifier (SSID)
• Wired Equivalent Privacy (WEP)
• 802.1X Access Control
• Wireless Protected Access (WPA)
• IEEE 802.11i

32
Service Set Identifier (SSID)

• SSID is used to identify an 802.11 network
• It can be pre-configured or advertised in beacon
  broadcast
• It is transmitted in clear text
• Provide very little security

33
Wired Equivalent Privacy (WEP)

• Provide same level of security as by wired
  network
• Original security solution offered by the IEEE
  802.11 standard
• Uses RC4 encryption with pre-shared keys and 24
  bit initialization vectors (IV)
• key schedule is generated by concatenating the
  shared secret key with a random generated 24-bit
  IV
• 32 bit ICV (Integrity check value)
• No. of bits in keyschedule is equal to sum of
  length of the plaintext and ICV

34
Wired Equivalent Privacy (WEP) (cont.)

• 64 bit preshared key-WEP
• 128 bit preshared key-WEP2
• Encrypt data only between 802.11 stations.once it
  enters the wired side of the network (between
  access point) WEP is no longer valid
• Security Issue with WEP
• Short IV
• Static key
• Offers very little security at all

35
802.1x Access Control

• Designed as a general purpose network access
  control mechanism
• Not Wi-Fi specific
• Authenticate each client connected to AP (for
  WLAN) or switch port (for Ethernet)
• Authentication is done with the RADIUS server,
  which tells the access point whether access to
  controlled ports should be allowed or not
• AP forces the user into an unauthorized state
• user send an EAP start message
• AP return an EAP message requesting the users
  identity
• Identity send by user is then forwared to the
  authentication server by AP
• Authentication server authenticate user and
  return an accept or reject message back to the AP
• If accept message is return, the AP changes the
  clients state to authorized and normal traffic
  flows

36
802.1x Access Control
37
Wireless Protected Access (WPA)

• WPA is a specification of standard based,
  interoperable security enhancements that strongly
  increase the level of data protection and access
  control for existing and future wireless LAN
  system.
• User Authentication
• 802.1x
• EAP
• TKIP (Temporal Key Integrity Protocol) encryption
• RC4, dynamic encryption keys (session based)
• 48 bit IV
• per packet key mixing function
• Fixes all issues found from WEP
• Uses Message Integrity Code (MIC) Michael
• Ensures data integrity
• Old hardware should be upgradeable to WPA

38
Wireless Protected Access (WPA)(cont.)

• WPA comes in two flavors
• WPA-PSK
• use pre-shared key
• For SOHO environments
• Single master key used for all users
• WPA Enterprise
• For large organisation
• Most secure method
• Unique keys for each user
• Separate username password for each user

39
WPA and Security Threats

• Data is encrypted
• Protection against eavesdropping and
  man-in-the-middle attacks
• Denial of Service
• Attack based on fake massages can not be used.
• As a security precaution, if WPA equipment sees
  two packets with invalid MICs within a second, it
  disassociates all its clients, and stops all
  activity for a minute
• Only two packets a minute enough to completely
  stop a wireless network

40
802.11i

• Provides standard for WLAN security
• Authentication
• 802.1x
• Data encryption
• AES protocol is used
• Secure fast handoff-This allow roaming between
  APs without requiring client to fully
  reauthenticate to every AP.
• Will require new hardware

41
Advantages

• Mobility
• Ease of Installation
• Flexibility
• Cost
• Reliability
• Security
• Use unlicensed part of the radio spectrum
• Roaming
• Speed

42
Limitations

• Interference
• Degradation in performance
• High power consumption
• Limited range