Siemens IEEE802.11 manual Shared key authentication, Station

Page 59

Shared key authentication

Station

6WDWLRQVHQGVDXWKHQWLFDWLRQUHTXHVW

$3VHQGVFKDOOHQJHWH[WJHQHUDWHG ZLWKWKH:(3DOJRULWKP

6WDWLRQHQFU\SWVFKDOOHQJHWH[W DQGVHQGVLWWRWKH$3

$3GHFU\SWVWKHHQFU\SWHGFKDOOHQJHWH[W

Secret Key $XWKHQWLFDWLRQVXFFHVVIXOLIWH[WPDWFKHVRULJLQDO

Loaded

Locally

νShared key authentication requires WEP

νKey exchange is not specified by IEEE802.11

νOnly one way authentication

Access

Point

Secret Key

Loaded

Locally

,	© Siemens, 2002

Image 59

Contents Maximilian Riegel Prolog Ubiquitous Wlan Prolog Wlan has taken off Outline Part Wireless Internet system architecture Peer Generic Internet network architectureHtml Layering means encapsulationIEEE802.11 seamless integration into the Internet $*6 IP based network architectureWireless LAN IEEE802.11 basic architecture What is unique about wireless? Part 2 IEEE802.11 Overview With 11 Mbps using existing MAC layer Wireless IEEE802.11 StandardInfrastructure IEEE802.11 ConfigurationsIndependent IEEE802.11 Architecture Overview Isochronous ServiceMAC MIB IEEE802.11 Protocol ArchitectureWIG Wireless LAN StandardizationPart 3 Physical layer GHz Direct Sequence Spread Spectrum IEEE802.11 GHz & 5 GHz Physical LayersFrequency Hopping Spread Spectrum RF Energy is Spread by XOR of Data with PRN Sequence Direct Sequence Spread SpectrumDsss Transmit Spectrum and Channels Key milestones SpecificationsIEEE802.11a 5GHz PHY Layer CCK-OFDM proposal for up to 54 Mbit/s from Intersil IEEE802.11g Further Speed Extension for the 2.4GHz BandSpectrum Designation in the 5 GHz range DFS Dynamic Frequency Selection IEEE802.11h Spectrum Transmit Power ManagementTPC Transmission Power Control Issues of 5 GHz systems … when will 5 GHz WLANs come?PHY Terminology Physical Layer Convergence Protocol Plcp Part 4 Medium Access Control Robust for interference Basic Access Protocol FeaturesBackoff-Window CSMA/CA ExplainedCSMA/CA + ACK protocol Defer access based on Carrier SenseStation Distributed Coordination Function DCFSTA a STA B Hidden Node ProvisionsEdcf Enhanced Distributed Coordination Function IEEE802.11e MAC Enhancements for Quality of Service EdcfPoint Coordination Function PCF HCF Hybrid coordination function IEEE802.11e MAC Enhancements for Quality of Service HCFMAC Header format differs per Type Frame FormatsAddress Field Description Summary MAC Protocol Features Part 5 MAC layer management Infrastructure Beacon Generation Timestamp contains timer value at transmit timeTiming conveyed by periodic Beacon transmissions All stations maintain a local timerTiming Synchronization Function TSF Timing Synchronization Function TSFPassive Scanning ScanningScanning required for many functions MAC uses a common mechanism for all PHYActive Scanning Example Initial connection to an Access PointMobile devices are battery powered Power Management ConsiderationsPower Management Approach Broadcast frames are also buffered in AP Power Management ProcedureIf TIM indicates frame buffered Beacon MAC Management FramesPart 6 Wlan Mobility Independent networking IEEE802.11 Ad Hoc ModeIEEE802.11 Infrastructure Mode If AP accepts Reassociation Request Mobility inside a Wlan ‘hotspot’ By link layer functionsIapp defines procedures for IEEE802.11f Inter-Access Point Protocol IappPart 7 Wlan security Shared key authentication is based on WEP privacy mechanism IEEE802.11 Privacy and Access ControlProvides for an authentication mechanism WEP bit in Frame Control Field indicates WEP used WEP privacy mechanismStation Shared key authenticationShortcomings of plain WEP security Security association management IEEE802.11i Robust Security Network RSNEven IEEE802.11i may not be sufficient for public hot-spots Last word about Wlan securitySummary MAC Functionality Part 8 Public hotspot operation 〈 Rqrwwrxfk Fxvwrphuhtxlsphqw Serving customers in public hot spotsOne solution for every place hotspot Legal aspects in Germany Cost issuesBecoming a Wlan operator is easy How does your favorite storefront look like? Using a web page for initial user interaction Auth How does it work Web based access controlPage Real-time accounting based on service, duration and volume Functions of an integrated access gateway User managementIP router with NAT engine Functions of an integrated access gateway Network servicesDhcp server for assigning IP addresses to Wlan clients Policy enginePart 9 Wlan Umts Interworking GSM/GPRS/UMTS Wlan IEEE802.11 Umts and Wireless LAN are differentWlan Umts Interworking Ancient approach ‘tight coupling’ Wlan as just another radio access technology of UmtsTight coupling Wlan as an extension of a mobile networkOrjdulwkplfvfdoh Wlan is much cheaper than 2G/3GConclusions for Mobile Network Operators Revenues without competing against aggressive Wlan operators Wlan Umts Interworking Now widely accepted ‘loose coupling’Each hotspot is SS7 endpoint Wlan loosely coupled to a Mobile NetworkWeb based authentication and mobile network security Standards for WLAN/UMTS interworking Literature EndThank you for your attention Questions and comments?