Wi-Fi Technology - PowerPoint PPT Presentation

About This Presentation
Title:

Wi-Fi Technology

Description:

Title: The Freedom of Wi-Fi Author: Kunle Ogunbufunmi Last modified by: user Created Date: 8/26/2003 12:26:51 AM Document presentation format: On-screen Show (4:3) – PowerPoint PPT presentation

Number of Views:58
Avg rating:3.0/5.0
Slides: 43
Provided by: KunleOgu7
Category:

less

Transcript and Presenter's Notes

Title: Wi-Fi Technology


1
Wi-Fi Technology
2
Agenda
  • Introduction
  • Wi-Fi Technologies
  • Wi-Fi Architecture
  • Wi-Fi Network Elements
  • How a Wi-Fi Network Works
  • Wi-Fi Network Topologies
  • Wi-Fi Configurations
  • Applications of Wi-Fi
  • Wi-Fi Security
  • Advantages/ Disadvantages of Wi-Fi

3
Introduction
  • Wireless Technology is an alternative to Wired
    Technology, which is commonly used, for
    connecting devices in wireless mode.
  • Wi-Fi (Wireless Fidelity) is a generic term that
    refers to the IEEE 802.11 communications standard
    for Wireless Local Area Networks (WLANs).
  • Wi-Fi Network connect computers to each other, to
    the internet and to the wired network.

4
The Wi-Fi Technology
  • Wi-Fi Networks use Radio Technologies to
    transmit receive data at high speed
  • IEEE 802.11b
  • IEEE 802.11a
  • IEEE 802.11g

5
IEEE 802.11b
  • Appear in late 1999
  • Operates at 2.4GHz radio spectrum
  • 11 Mbps (theoretical speed) - within 30 m Range
  • 4-6 Mbps (actual speed)
  • 100 -150 feet range
  • Most popular, Least Expensive
  • Interference from mobile phones and Bluetooth
    devices which can reduce the transmission speed.

6
IEEE 802.11a
  • Introduced in 2001
  • Operates at 5 GHz (less popular)
  • 54 Mbps (theoretical speed)
  • 15-20 Mbps (Actual speed)
  • 50-75 feet range
  • More expensive
  • Not compatible with 802.11b

7
IEEE 802.11g
  • Introduced in 2003
  • Combine the feature of both standards (a,b)
  • 100-150 feet range
  • 54 Mbps Speed
  • 2.4 GHz radio frequencies
  • Compatible with b

8
802.11 Physical Layer
  • There are three sublayers in physical layer
  • Direct Sequence Spread Spectrum (DSSS)
  • Frequency Hoping Spread Spectrum (FHSS)
  • Diffused Infrared (DFIR) - Wide angle

9
DSSS
  • Direct sequence signaling technique divides the
    2.4 GHz band into 11 22-MHz channels. Adjacent
    channels overlap one another partially, with
    three of the 11 being completely non-overlapping.
    Data is sent across one of these 22 MHz channels
    without hopping to other channels.

10
IEEE 802.11 Data Link Layer
  • The data link layer consists of two sublayers
  • Logical Link Control (LLC)
  • Media Access Control (MAC).
  • 802.11 uses the same 802.2 LLC and 48-bit
    addressing as other 802 LANs, allowing for very
    simple bridging from wireless to IEEE wired
    networks, but the MAC is unique to WLANs.

11
802.11 Media Access Control
  • Carrier Sense Medium Access with collision
    avoidance protocol (CSMA/CA)
  • Listen before talking
  • Avoid collision by explicit Acknowledgement (ACK)
  • Problem additional overhead of ACK packets, so
    slow performance
  • Request to Send/Clear to Send (RTS/CTS) protocol
  • Solution for hidden node problem
  • Problem Adds additional overhead by temporarily
    reserving the medium, so used for large size
    packets only retransmission would be expensive

12
802.11 Media Access Control(cont.)
  • Power Management
  • MAC supports power conservation to extend the
    battery life of portable devices
  • Power utilization modes
  • Continuous Aware Mode
  • Radio is always on and drawing power
  • Power Save Polling Mode
  • Radio is dozing with access point queuing any
    data for it
  • The client radio will wake up periodically in
    time to receive regular beacon signals from the
    access point.
  • The beacon includes information regarding which
    stations have traffic waiting for them
  • The client awake on beacon notification and
    receive its data

13
802.11 Media Access Control(cont.)
  • Fragmentation
  • CRC checksum
  • Each pkt has a CRC checksum calculated and
    attached to ensure that the data was not
    corrupted in transit
  • Association Roaming

14
Elements of a WI-FI Network
  • Access Point (AP) - The AP is a wireless LAN
    transceiver or base station that can connect
    one or many wireless devices simultaneously to
    the Internet.
  • Wi-Fi cards - They accept the wireless signal and
    relay information.They can be internal and
    external.(e.g PCMCIA Card for Laptop and PCI Card
    for Desktop PC)
  • Safeguards - Firewalls and anti-virus software
    protect networks from uninvited users and keep
    information secure.

15
How a Wi-Fi Network Works
  • Basic concept is same as Walkie talkies.
  • A Wi-Fi hotspot is created by installing an
    access point to an internet connection.
  • An access point acts as a base station.
  • When Wi-Fi enabled device encounters a hotspot
    the device can then connect to that network
    wirelessly.
  • A single access point can support up to 30 users
    and can function within a range of 100 150 feet
    indoors and up to 300 feet outdoors.
  • Many access points can be connected to each other
    via Ethernet cables to create a single large
    network.

16
Wi-Fi Network Topologies
  • AP-based topology (Infrastructure Mode)
  • Peer-to-peer topology (Ad-hoc Mode)
  • Point-to-multipoint bridge topology

17
AP-based topology
  • The client communicate through Access Point.
  • BSA-RF coverage provided by an AP.
  • ESA-It consists of 2 or more BSA.
  • ESA cell includes 10-15 overlap to allow roaming.

18
Peer-to-peer topology
  • AP is not required.
  • Client devices within a cell can communicate
    directly with each other.
  • It is useful for setting up of a wireless network
    quickly and easily.

19
Point-to-multipoint bridge topology
  • This is used to connect a LAN in one building to
    a LANs in other buildings even if the buildings
    are miles apart.These conditions receive a clear
    line of sight between buildings. The
    line-of-sight range varies based on the type of
    wireless bridge and antenna used as well as the
    environmental conditions.

20
Wi-Fi Configurations
21
Wi-Fi Configurations
22
Wi-Fi Configurations
23
Wi-Fi Applications
  • Home
  • Small Businesses or SOHO
  • Large Corporations Campuses
  • Health Care
  • Wireless ISP (WISP)
  • Travellers

24
Wi-Fi Security Threats
  • Wireless technology doesnt remove any old
    security issues, but introduces new ones
  • Eavesdropping
  • Man-in-the-middle attacks
  • Denial of Service

25
Eavesdropping
  • Easy to perform, almost impossible to detect
  • By default, everything is transmitted in clear
    text
  • Usernames, passwords, content ...
  • No security offered by the transmission medium
  • Different tools available on the internet
  • Network sniffers, protocol analysers . . .
  • Password collectors
  • With the right equipment, its possible to
    eavesdrop traffic from few kilometers away

26
MITM Attack
  1. Attacker spoofes a disassociate message from the
    victim
  2. The victim starts to look for a new access point,
    and the attacker advertises his own AP on a
    different channel, using the real APs MAC
    address
  3. The attacker connects to the real AP using
    victims MAC address

27
Denial of Service
  • Attack on transmission frequecy used
  • Frequency jamming
  • Not very technical, but works
  • Attack on MAC layer
  • Spoofed deauthentication / disassociation
    messages
  • can target one specific user
  • Attacks on higher layer protocol (TCP/IP
    protocol)
  • SYN Flooding

28
Wi-Fi Security
  • The requirements for Wi-Fi network security can
    be broken down into two primary components
  • Authentication
  • User Authentication
  • Server Authentication
  • Privacy

29
Authentication
  • Keeping unauthorized users off the network
  • User Authentication
  • Authentication Server is used
  • Username and password
  • Risk
  • Data (username password) send before secure
    channel established
  • Prone to passive eavesdropping by attacker
  • Solution
  • Establishing a encrypted channel before sending
    username and password

30
Authentication (cont..)
  • Server Authentication
  • Digital Certificate is used
  • Validation of digital certificate occurs
    automatically within client software

31
Wi-Fi Security Techniques
  • Service Set Identifier (SSID)
  • Wired Equivalent Privacy (WEP)
  • 802.1X Access Control
  • Wireless Protected Access (WPA)
  • IEEE 802.11i

32
Service Set Identifier (SSID)
  • SSID is used to identify an 802.11 network
  • It can be pre-configured or advertised in beacon
    broadcast
  • It is transmitted in clear text
  • Provide very little security

33
Wired Equivalent Privacy (WEP)
  • Provide same level of security as by wired
    network
  • Original security solution offered by the IEEE
    802.11 standard
  • Uses RC4 encryption with pre-shared keys and 24
    bit initialization vectors (IV)
  • key schedule is generated by concatenating the
    shared secret key with a random generated 24-bit
    IV
  • 32 bit ICV (Integrity check value)
  • No. of bits in keyschedule is equal to sum of
    length of the plaintext and ICV

34
Wired Equivalent Privacy (WEP) (cont.)
  • 64 bit preshared key-WEP
  • 128 bit preshared key-WEP2
  • Encrypt data only between 802.11 stations.once it
    enters the wired side of the network (between
    access point) WEP is no longer valid
  • Security Issue with WEP
  • Short IV
  • Static key
  • Offers very little security at all

35
802.1x Access Control
  • Designed as a general purpose network access
    control mechanism
  • Not Wi-Fi specific
  • Authenticate each client connected to AP (for
    WLAN) or switch port (for Ethernet)
  • Authentication is done with the RADIUS server,
    which tells the access point whether access to
    controlled ports should be allowed or not
  • AP forces the user into an unauthorized state
  • user send an EAP start message
  • AP return an EAP message requesting the users
    identity
  • Identity send by user is then forwared to the
    authentication server by AP
  • Authentication server authenticate user and
    return an accept or reject message back to the AP
  • If accept message is return, the AP changes the
    clients state to authorized and normal traffic
    flows

36
802.1x Access Control
37
Wireless Protected Access (WPA)
  • WPA is a specification of standard based,
    interoperable security enhancements that strongly
    increase the level of data protection and access
    control for existing and future wireless LAN
    system.
  • User Authentication
  • 802.1x
  • EAP
  • TKIP (Temporal Key Integrity Protocol) encryption
  • RC4, dynamic encryption keys (session based)
  • 48 bit IV
  • per packet key mixing function
  • Fixes all issues found from WEP
  • Uses Message Integrity Code (MIC) Michael
  • Ensures data integrity
  • Old hardware should be upgradeable to WPA

38
Wireless Protected Access (WPA)(cont.)
  • WPA comes in two flavors
  • WPA-PSK
  • use pre-shared key
  • For SOHO environments
  • Single master key used for all users
  • WPA Enterprise
  • For large organisation
  • Most secure method
  • Unique keys for each user
  • Separate username password for each user

39
WPA and Security Threats
  • Data is encrypted
  • Protection against eavesdropping and
    man-in-the-middle attacks
  • Denial of Service
  • Attack based on fake massages can not be used.
  • As a security precaution, if WPA equipment sees
    two packets with invalid MICs within a second, it
    disassociates all its clients, and stops all
    activity for a minute
  • Only two packets a minute enough to completely
    stop a wireless network

40
802.11i
  • Provides standard for WLAN security
  • Authentication
  • 802.1x
  • Data encryption
  • AES protocol is used
  • Secure fast handoff-This allow roaming between
    APs without requiring client to fully
    reauthenticate to every AP.
  • Will require new hardware

41
Advantages
  • Mobility
  • Ease of Installation
  • Flexibility
  • Cost
  • Reliability
  • Security
  • Use unlicensed part of the radio spectrum
  • Roaming
  • Speed

42
Limitations
  • Interference
  • Degradation in performance
  • High power consumption
  • Limited range
Write a Comment
User Comments (0)
About PowerShow.com