Wireless Networking and Security: History

6/29/2014
1
Prof. Corby Schmitz
Computer Science Department
Loyola University Chicago
Wireless Networking
and Security
Session 1-2
Foundation of the
Wireless LAN
Introductions and Musings
CS-349/449 Wireless Networking and Security SuIII 2014
Prof. Schmitz
History
RF is the basis for how wireless works
Discovered (the waveform) in 1864 by James Clerk
Maxwell
Heinrich Hertz created, sent and received
electromagnetic waves over the air in the 1880s
Built equipment to adjust the frequency and oscillation
Guglielmo Marconi and Samuel Morse designed and
implemented wireless communication methods using
RF spectrum
You can argue who did what first
Prof. Schmitz
Measurements
The measure of Hertz (Hz) was named after him
Hertz (Hz) 1 cycle per second
Kilohertz (KHz) 1000 cycles per second
Megahertz (MHz) 1000000 cycles per second
More frequent the cycle, smaller the waveform
6/29/2014
2
Prof. Schmitz
Key Dates
1923 US government carved up the spectrum for
licensed use
1981 Spread Spectrum designs declassified from
military "use" though they were never implemented
1985 FCC allocated ranges of the RF spectrum for
unlicensed use in the Spread Spectrum realm
Called the ISM Bands
Industrial, Scientific and Medical
First Implementations
of the Wireless LAN
Spread Spectrum Technology
Prof. Schmitz
Spread Spectrum
Originally, spread spectrum was used for
overcoming signal jamming
Developed as part of a military proposal for
torpedoes during WWI (by Hedy Lamarr)
Never implemented, but the design was classified
Spreads the signal over a wide range of frequencies
in order to do several things
Overcome interference
Expand bandwidth
Provide channeling for signal expansion
Prof. Schmitz
Point of Sale
Initially a way to allow POS and inventory in
warehouses
First installations were with licensed RF hardware
attached to POS equipment such as scanners and
registers
Using serial ports and other interfaces
When FCC opened up the 900MHz range,
developers began creating hardware using this range
6/29/2014
3
Prof. Schmitz
POS Example
Prof. Schmitz
ALOHANET
Wireless network sharing volcanic data between
islands in Hawaii
Utilized the CSMA/CD methodology developed as
part of ARPANet which is now the Ethernet Standard
Operated at 9600bps
Think dialup, only slower
Prof. Schmitz
Alohanet Visual
Prof. Schmitz
First Wireless Hardware
1988 First Network Hardware was released
in the Direct Sequence Spread Spectrum
(DSSS)
Used the 900MHz range (902-928)
Part of the original 802.11 specification (pre-
ratification)
The ratification process chose the 2.4GHz range instead
In addition the FHSS spreading technique
Some early adopters implemented the 1-2Mbps in this range
and these are no longer compatible and are not WiFi
6/29/2014
4
Prof. Schmitz
First Wireless Hardware
(cotd)
Designed to deal with interference without having to
have users reconfigure in this shared range
This technology worked fine for a while
With the proliferation of cordless phones, baby monitors and
other devices, this band became saturated
When the 2.4GHz range was allocated, wireless
networking gear chose this new "un-utilized" range
The range was also available in the EU and other
places, so the technology already existed and could be
used as such
Prof. Schmitz
802.11 Standards
802.11
1991 working group began working within the IEEE
Worked toward worldwide interoperability
Standard formed in 1993
Ratified in 1997
1-2Mbps, WEP (Wired Equivalent Privacy), Direct Sequence
and Frequency Hopping Spread Spectrum technology
DSSS, FHSS both supported
900MHz in 1993, finalized in 1997 in the 2.4GHz range
Prof. Schmitz
802.11b
1999 ratified
11Mbps, DSSS
2.4GHz range
200-300' coverage (line of sight)
DSSS spreading with CCK encoding
Prof. Schmitz
802.11a
2001 ratified
54Mbps
50-75 range
5GHz range
DSSS/OFDM encoding/spreading
6/29/2014
5
Prof. Schmitz
802.11g
2003 ratified
54Mbps, OFDM
2.4GHz range
DSSS/CCK encoding/spreading
DSSS/OFDM encoding/spreading
Prof. Schmitz
802.11n
Ratified in late 2007
200+Mbps throughput
MIMO technology (multiple-input, multiple-
output)
2.4 GHz and 5GHz
20 and 40MHz channels
OFDM over multiple channels multiplexed
together
Prof. Schmitz
802.11ac
Expected ratification in late 2014
800+Mbps throughput
Extended channel ranges
80MHz minimum, 160MHz allowed
8x8 spatial stream MIMO
Increases the overall bandwidth available
256-QAM (3/4, 5/6)
More complex modulation, requires clearer signal
Beamforming consistency requirements
Allow for multi-vendor integration
Standards
or Adding Complexity to Simple Technology
6/29/2014
6
Prof. Schmitz
Why Standards?
Provide a way of guaranteeing interoperability
Need to be put in place early, as soon as the rules are
known
2.4 GHz range is set aside in most countries, so one
implementation has a global appeal
Prof. Schmitz
Issues
Channelization (or how the range is broken up into
non-overlapping signals
Frequency ranges in some places (especially in the
5GHz range)
Power output how much is too much
Prof. Schmitz
Early Adopters
(Not always a bad thing)
802.11 originally was based on the 900MHz range, but due to
overcrowding and the opening of the 2.4GHz range, it was
chosen
Example of what can happen if you assume too much
Many companies, especially small ones, want to get market
share early
Larger companies rely on their existing clients to trust their
solutions
Early adopters seem to move ahead on implementation, relying
on parts of the developing standard, as well as proprietary
solutions to common issues
May be working with the standards body to make proprietary
solutions part of the standard
Prof. Schmitz
What do we need?
Most companies look for several things before
enterprise rollouts
Technology maturity
Don't want the rules to change after purchase
Want all the features, not just some
Want interoperability where possible
Stability of Basic Design
Need to know that the design aspects will not change after
purchase
Need to be able to predict number of and type of equipment to
purchase to solve the current problem
Interoperability
Allow for backwards compatibility with existing infrastructure
6/29/2014
7
Prof. Schmitz
Developing Standards
New technology identified
Sometimes publicly developed and released
Sometimes privately developed and not released
Through R&D this technology is discovered and a role is
identified
Interest in the technology grows
Other groups get wind of the technology, or the first products
are analyzed and other companies see a market share
Users begin to request technology from their core vendors
Based on number of companies developing the technology as
well as the size and type
Prof. Schmitz
(cotd.)
Deployment to early adopters
Small companies and those that really need the technology
purchase and deploy
They begin to report about the performance and the trials of
these early adopters help steer the development of the
technology
Standards defined by developers
Given the early adopter market, vendors begin to develop
proprietary solutions to common problems
New features and capabilities are folded into the products
New products are released based on user needs (USB vs. PCI
vs. PCMCIA etc)
Prof. Schmitz
(cotd.)
Standards developed by standards body Institute of Electrical and
Electronics Engineers (IEEE)
Standards and options are submitted by vendors and the user
community
Standards body identifies the best of breed and writes it into the
standard
The process is sometimes long and painful
Standards ratified
Once the standards body is done with the standard, it is voted on by the
members of the body (or something like that)
This means that all hardware/software that wants to be released as part
of the standard must implement the required portions of the standard
Otherwise they cannot claim to be compliant, but that doesnt mean that
there cannot be more features (optional things and beyond)
Prof. Schmitz
IEEE Process
(Sponsor Selection)
The sponsor is the person or group that will oversee
the development process
Work is done by the group as a whole rather than
just one person
Must determine that no existing group already is
dealing with the subject to be addressed
6/29/2014
8
Prof. Schmitz
IEEE Process
(Produce PAR)
Project Authorization Request
3-4 page digest of what is to be addressed
Detailed
Follows template defined by IEEE
Identifies the group as authorized within the IEEE
Prof. Schmitz
IEEE Process
(PAR Approved)
PAR Approved
Reviewed by the NesCom (New Standards
Committee) quarterly
PAR submitted 40 days prior to review
Feedback is rolled back into the PAR
Prof. Schmitz
IEEE Process
(Working Group Formed)
Working Group Formed
Needs a Chair, Vice-chair, Secretary and Treasurer
Also a technical editor, ballot coordinator and
representatives to different groups dealing with issues
Once formed, work is spread across members
Operates like a company
Prof. Schmitz
IEEE Process
(Standard Draft Written)
The group develops their portions of the document,
which is long and complex
Technical editor is responsible for making sure it is a
cohesive document
While the working group maintains control, vendors
and other people are allowed to and provide their own
input
6/29/2014
9
Prof. Schmitz
IEEE Process
(Vote on draft)
Done within the IEEE, polling different committees within the
organization as well as others (no group gets more than 50%
coverage)
Companies
Government groups
Associations and societies
Consultants
Educational institutions
User community
Standards organizations
Geeks (like yours truly)
30-90 day process
Draft is provided for review
Prof. Schmitz
IEEE Process
(Draft Approved)
RevCom (Review Committee) of the IEEE looks
over the balloting and process, not the contents of the
standard
This is the last step before ratification
Once given the go-ahead, it is ratified
Prof. Schmitz
IEEE Process
(Standard Published)
In order to provide the greatest coverage, the
standard document is published so that it can be seen
by the community at large
Prof. Schmitz
Wi-FiTM Alliance
Wireless Ethernet Compatibility Alliance and Wi-Fi
Got 802.11b, a and g referred to as Wi-Fi (Wireless Fidelity)
Requiring interoperability between any Wi-Fi devices
Providing a common way of marking and identifying devices
6/29/2014
10
Prof. Schmitz
Competing Standards
HomeRF residential 802.11 group (pretty dead, Wikipedia refers to it
in the past tense)
Bluetooth (Personal Area Network, getting huge)
802.16 (WiMAX mobile) broadband wireless technology resurging
Metric HomeRF BlueTooth 802.11b 802.16 (WIMAX)
Physical
Layer
FHSS FHSS FHSS,DSSS OFDM
Hopping 50/sec 1600/sec 2.5/sec 2.5-5/sec
TX Power 100mW 100mW Up to 800mW Licensed to 1W
Data Rate 1-2Mbps 1Mbps 11Mbps 2-4Mbps
Devices 127 26 256 Many
Security Blowfish 64bit 128bit various
Range 150 30 400 LOS
Prof. Schmitz
802.11 MAC
Subset of the Data Link Layer (in the OSI model)
Layer 1 Provides
Interface between MAC and the other surrounding Wireless
Devices
Senses the medium to detect signals
Modulation and demodulation between Wireless Devices
(digital -> analog, analog -> digital)
Rate shifting supported uses frequencies listed on the next
slide
Prof. Schmitz
Standards
Standard Frequency Rate Details
B/G 2.400-2.4835 11Mbps Most common
N/AC
2.400-2.4835 and
5.1-5.3
200+Mbps MIMO
A.1 (UNI1) 5.1-5.2 54Mbps
Indoor only 40mW
TX
A.2 (UNI2) 5.2-5.3 54Mbps
Indoor/outdoor
250mW TX
A.3 (UNI3) 5.7-5.85 54Mbps
Outdoor only
800mW TX
Prof. Schmitz
MAC Components
Functions for 802.11 compliance
Allows migration from one AP to another
Moves data up and down the IP stack
Physical layer signaling
Privacy and security provided at this layer
Takes on characteristics that exist at higher layers in most
stacks
Handles transmission conflicts and errors
Backoff period when collisions occur is at random interval
rather than the exponential backoff scheme used by Ethernet
Backoff is key as they don't want all radio devices to sit and
wait like Ethernet in ever increasing exponential process
6/29/2014
11
Prof. Schmitz
Errors at the MAC Level
If an error is detected at the MAC, one of the
following occurs
The error is corrected
The error is discarded and a higher-level protocol
retransmits
The error is discarded and the data is lost
Prof. Schmitz
DSSS
Direct Sequence Spread Spectrum
1-2Mbps for basic negotiation and discussion
5MHz per channel (11MHz on either side for frequency hopping)
DBPSK differential binary phase shift keying) at 1Mbps
DQPSK - differential quadrine phase shift keying) at 2Mbps
Barker Sequence (chipping) is used to send the signals across the
bandwidth
1 = 00110011011
0 = 11001100100
If the sequence doesn't arrive completely, the original data can still be
determined
Reduces interference by multiplying the transmitted value across a
larger frequency range
Prof. Schmitz
FHSS
We are not as concerned as this is not a
major player in 802.11
Frequency Hoping Spread Spectrum
2Mbps for basic negotiation and discussion
6MHz per channel
GFSK Gaussian frequency shift keying
Prof. Schmitz
802.11b Detail
DSSS (Direct Sequence Spread Spectrum), FHSS part of the spec, but
rarely used due to bandwidth limitations
Base bandwidth 1Mbps up to 11Mbps
Longer range at lower rates
Compatible with g equipment
Most commonly used standard
3 channels (1,6,11)
Modulation
CCK (complementary code keying)
QPSK uses cos and sin waves in an orthogonal mode to encode 4 bits
PBCC (packet binary convolution coding)
83.5MHz bandwidth
PLCP Header (physical layer convergence protocol
Signal data rate negotiation
Service oscillator status, modulation type, length state
Length length of the MPDU field
CRC 16 bit error detection
MPDU (maximum packet data unit like MTU)
Data rate
Priority
Scramble state
6/29/2014
12
Prof. Schmitz
802.11g Detail
DSSS and OFDM
Compatible with b equipment
Most common bundles
3 channels
83.5MHz bandwidth
Prof. Schmitz
802.11a Detail
OFDM (Orthogonal Frequency Division Multiplexing)
Mixed deployment within a bg environment is best
No backwards compatibility
Less interference as there are less devices in this range
12 channels (4 indoor, 4 indoor/outdoor, 4 outdoor)
Modulation
BPSK
QPSK
16-QAM
64-QAM
300MHz bandwidth
Prof. Schmitz
802.11n Detail
OFDM
Forward Error Correction (FEC)
QAM
MIMO (multiple-input, multiple-output)
Multiple Antenna Diversity
Spatial Multiplexing
20 and 40 MHz channel bandwidth
2.4 and 5GHz ranges
Prof. Schmitz
802.11ac Detail
OFDM (enhanced)
FEC and other error detection methodologies
Extended QAM (256 state with 3/4 or 5/6 enc)
MIMO with support for 8 spatial streams
80MHz minimum, 160MHz supported channels
2.4 and 5GHz ranges
6/29/2014
13
Prof. Corby Schmitz
Computer Science Department
Loyola University Chicago
RF Theory
What makes it tick
Prof. Schmitz
Electromagnetism and
You
Electromagnetic fields are created by all electrical systems
Action of electrons (particles floating around the nucleus of an
atom) forms the fields
Travel through space as waves
Electric lines move between positive charges (sources) and
negative charges (destination)
Magnetic lines form closed loops
Magnetic fields induce magnetic forces and electrical fields
Magnetic fields generated by moving charges (currents)
Electrical and magnetic fields are symmetric to each other
By changing the electrical field rapidly, the magnetic field will
radiate
Prof. Schmitz
Wave Propagation
1KHz - 700KHz - penetrate the ionosphere
700KHz - 500MHz - reflect off of the ionosphere
allowing for carrier distances well beyond LOS
500MHz - 30GHz - Line of Sight (LOS)
Prof. Schmitz
Electromagnetic
Spectrum
6/29/2014
14
Prof. Schmitz
Electromagnetism in
action
Need the following
Battery (nothing too big here)
Coiled wire from positive to negative terminals
Current flows from positive to negative terminal
Magnetic waves radiate from the coil parallel to the
coil
Rotates clockwise around the coil in the direction of the
current flow
This is how the antenna's work
Prof. Schmitz
Simple Radio
Prof. Schmitz
A Few Electrical Basics
Conventional Flow (attributed to Ben Franklin) - current
moves from + to - terminals
Electron Flow (attributed to particle physics) - current
moves from - to + terminals
Applies to DC circuits only
AC circuits move in both directions
Right hand rule represents the polarization of a circuit
and establishes the rotation of the induction field
Remember, the atoms dont move, they wiggle
The electrons are pushed into an atom, forcing another
out - this is current
Electricity doesnt move at the speed of light ~75% of c
Prof. Schmitz
Changing Magnetic
Fields
Induction Field forms during voltage changes
During these changes, the magnetic field radiates as
waves through space
Radiate at the speed of light (c)
The magnetic and electrical fields are linked to the
propagation of visible light
To take advantage of the properties of magnetism we
must change state to transmit (either amplitude or
frequency) to produce the desired waveform
Amplitude strength of the waveform
Frequency period for a wave to pass a fixed point
Modulation change in the energy states above
6/29/2014
15
Prof. Schmitz
Whats in a Wave
Generally speaking, wireless communication
uses subtle changes in sinusoidal signals to
encode data
The more complex the system, the more data it
can carry
Sine and Cosine (disjointed 90 degrees, with
sine lagging) waves are often used as carriers
The changes in the carrier wave denote data
Prof. Schmitz
Sine and Cosine
long live sohcahtoa
Prof. Schmitz
Getting Data out of a
Wave
A signal can be recognized either by a function of
time or as a function of its particular frequency
the first requires only a snapshot of the waveform
the second requires seeing a bit more of the wave to
determine the component pieces
The orthogonality of multiple frequencies over time
is what allows us to identify and filter out a specific
wave from the mess of other signals in the same
frequency range
NOTE: two waveforms with differing frequencies will
not remain in phase with respect to each other
At least not for long
Prof. Schmitz
Filtering Frequencies
Because of the orthogonality of multiple
frequencies operating at the same time, we can
isolate a particular frequency
given enough time and complex math, which also takes time
To extract part of the signal, we multiply the signal
by a sine, cosine or exponential at the desired
frequency
done over a period of time equal to some reasonable
number of cycles
The result is the isolated signal if the competing
signal is of a different frequency and we provide
enough cycles for integration
6/29/2014
16
Prof. Schmitz
EMF
Electro-magnetic Fields
Wireless networking uses a small portion of the
range created by the propagation of magnetic
waves
Frequency in a specific range
Electromagnetic fields affect conductors
(specifically antennas)
Prof. Schmitz
Antennas
Electrical conductors given size and shape
Radiating a signal requires the push and pull of
electrons into and out of a conductor
Change and disruption of the induction field
A cycle is the addition and removal of the transmission
power one time
For each transmission at a given RF frequency a
specific number of cycles must take place
Signals passing by affect the antenna material, causing changes in
its electrical properties
Called the skin effect
Due to currents being affected on the surface of the antennas
conductive material
Prof. Schmitz
Receiving a Signal
The induced potential caused by a passing
radio wave creates a local electrical event
This event is not equal to that of the original
potential
Its size is reduced relative to the distance the
radio wave has traveled, and the materials it has
encountered (loss)
If the received signal is harmonic and not too
greatly diminished, it will accurately recreate the
current changes used to create it
Prof. Schmitz
Frequency
Range is broken up into bands
1GHz-10GHz microwave band
10GHz-100GHz millimeter wave spectrums
Certain materials perform better at different
frequencies
1Hz 1 cycle per second
1KHz 1000 cycles per second
1MHz 1000000 cycles per second
1GHz 1000000000 cycles per second
1THz 1000000000000 cycles per second
6/29/2014
17
Prof. Schmitz
Common US Frequencies
Band Frequency Range
UHF ISM 902-928MHz
S-Band 2-4GHz
S-Band ISM 2.4-2.5GHz
C-Band 4-8GHz
C-Band Sat Downlink 3.7-4.2GHz
C-Band Radar (weather) 5.25-5.925GHz
C-Band ISM 5.725-5.875GHz
C-Band Sat Uplink 5.925-6.425GHz
X-Band 8-12GHz
X-Band Radar (police) 8.5-10.55GHz
Ku-Band 12-18GHz
Ku-Band (police) 13.4-14,15.7-17.7GHz
Prof. Schmitz
Frequency Basics
Frequency cycles of the sine wave leaving a
transmitter per second
Commercial wireless range is 1GHz 38GHz
Adjusted by amplitude, frequency and phase
through a process of modulation
Generate the required waves to produce the appropriate
signals
ASICs (Application Specific Integrated Circuits)
are used to implement the ways to adjust the
signal
Prof. Schmitz
Demo
Move to http://www.falstad.com/fourier/
Demo of frequency, amplitude and phase
shifting with multiple entry points
Prof. Schmitz
Multipath
Multipath when signals propagate from
multiple directions through reflection, refraction,
scattering or other means of dispersment
There are ways of nullifying or mitigating this kind of
signal issue
Antenna Diversity multiple antennas used to "weed"
out these signals
6/29/2014
18
Prof. Schmitz
Multi-path Sources
Prof. Schmitz
Power Transmission
Receivers need to be highly sensitive (to receive a signal that
has degraded by a factor of 4 or more.
The range for our signal is between 5-20 miles, depending on
the originating signal strength in this range
Path loss (free path) signal degradation over space
Loss is generally constant in free space (no impediments in
LOS)
Environmental factors
Rain
Humidity
Fog
snow
Maximum Allowable Path Loss amount of loss that can be
sustained still allowing reception at the "far side"
Prof. Schmitz
Signal to Noise Ratio
overlay of background noise on signal
If the noise level exceeds that of the signal
(signal will be lost in the background)
NetStumbler is an example of a SNR analysis
tool
Example
85dB background noise
62dB signal
SNR is 23dB
Prof. Schmitz
Loss
If loss is too high, you must do one of the
following:
Increase transmission power
Increase the receive sensitivity
Lower the background noise (move or shutdown
interfering equipment)
6/29/2014
19
Prof. Schmitz
dB
dB Loss loss of signal over a period of time (measured logarithmically)
The loss in dB can be calculated as follows 10*log (powerin/powerout)
Usually noted as -XdB
23dB original signal heard at 68dB = 10*log(68/23) = -4.7dB loss (75% reduction in strength)
Loss (signal reaching destination at 1/n
of its transmit power)
dB measurement
2 3
4 6
10 10
100 20
1000 30
Prof. Schmitz
Fields
There are two useful fields involved with
antennas
Electrical field
Magnetic field
Here is how it works:
Electron at rest sets up a static field around the particle
(hence static electricity)
When the electron is in motion it has a magnetic field in all
directions equally
When the electron is accelerated it radiates the field as a
wave in all directions (which affect all other particles in the
area which carry the waves)
Prof. Schmitz
More on Fields
The induction field is the one closest to the antenna
Does not transmit or radiate
Once the wave (created by the fields power increase
and decrease) leaves the originating field, it radiated
into space until it reaches one of the following:
Conductor harness the power of the wave and creates local
copies of the fields that created it (only weaker versions)
Absorber suppresses the energy by capturing it in the same
way as the conductor, but no copies are created (like 2.4GHz
being absorbed by water in the microwave)
Prof. Schmitz
Microwave Oven
Operates at 2.45GHz
Transmits at 700-1200W
Creates waves which are not absorbed by
water, but rather cause the water to spin
Water is, after all, a dipole (positive and negative ends
due to atomic bonding) and it will try and align itself to
the electromagnetic waves passing by
This causes them to spin out of control and slam into
other nearby molecules
If the Laws of Thermodynamics hold true, this
represents heat
6/29/2014
20
Prof. Schmitz
Microwave Oven
Perspective
http://www.youtube.com/watch?v=kp33ZprO0Ck
Prof. Schmitz
The Doppler Effect
If a receiver moves toward or away from a
transmitter, the Doppler effect occurs which
means that the receiver sees them arriving more
slowly or more quickly
Remember the sound an approaching car makes the
tone rises until it passes, it then drops as is goes away
Prof. Schmitz
Signal Propagation
Signal passing through an impure medium
(anything other than empty space)
Takes each particle of the wave the same amount of
time to pass through the medium
Passing through air or materials causes a decrease in
the speed of the wave, but the frequency remains
constant (period between cycles remains the same
though the wavelength shortens)
Each atom of the air or material must transfer the wave
to the next here is the reason for the slowdown and the
loss of signal
Energy loss during the slowdown is given up as heat
Amplitude, wavelength and phase may all change
during this process
Prof. Schmitz
Signal Modulation
Convert from binary to analog signals
Any signal (electrical in nature) can be modulated and
transmitted via RF
Modulation process of encoding bits into RF
Modem short for modulation-demodulation
Carrier frequency (CW continuous wave tone, AKA Pn)
non-intelligent, non-data-carrying background frequency over which
the data is modulated (changes in the carrier frequency denote data
Sometimes called pseudonoise
6/29/2014
21
Prof. Schmitz
More on Modulation
We deal with UHF (Ultra-high Frequency) for
b/g wavelength in the 1m range and SHF
(Super-high Frequency) for a wavelength in
the 100mm range
Choice of modulation is a tradeoff between
bandwidth and range
More complex the modulation -> the more bits can be
encoded
More bits encoded -> the more sensitive the receiver is
to errors
Prof. Schmitz
Modulation Schemes
Basic sine wave shows the carrier frequency
Change the phase, amplitude or frequency and you get
encoding
AM amplitude modulation change the power output,
keeping everything else constant
This is why you can "hear" lightning when listening to an AM
radio station changes in the power
FM frequency modulation change the period of the wave,
PM phase modulation change the phase of the wave,
BFSK binary frequency shift keying send a 1 with one
frequency and a 0 with another
Prof. Schmitz
More Modulation
Schemes
QAM quadrature amplitude modulation phase and
amplitude adjusted to encode two bits (sine and cosine
adjustments) doubles your bandwidth, but you must have a
cleaner signal at the receiving end
If you cannot distinguish a 1 or 0, you have experienced an
error
Rate of errors is the BER bit error rate
If the data is sensitive to latency the BER must be low
Wireless implementations will automatically back off from a
more complex modulation type to a less complex one if the
BER is too high
16QAM and 64QAM are used for the highest bit rates
More states
Prof. Schmitz
Spreading Techniques
Spreading Techniques transmitting data over
medium
Direct Sequence Spread Spectrum (DSSS) and
Frequency Hopping Spread Spectrum (FHSS)
In order to use the 2.4GHz range you must implement one of these
methods
DSSS better performance sequential transmission over the
allocated frequency range each bit of the original sequence is
encoded in multiple bits of the signal
6/29/2014
22
Prof. Schmitz
DSSS Graphic
Prof. Schmitz
P
n
Pseudo-noise
Spreading code where each bit of the signal is encoded in
multiple bits which are then modulated using the encoding
scheme chosen
Must be agreed upon by both parties (TX and RX)
Before TX begins, both sides synch up using a pre-
determined message/preamble
This ensures that the PN is timed properly for
demodulation
Prof. Schmitz
FHSS Frequency hopping
spread spectrum
better resistance to interference
non-sequential transmission over the allocated
frequency range
if interference is discovered the frequency is abandoned
until it is gone
Dead after the 802.11 maturation
Prof. Schmitz
FHSS vs. DSSS
DSSS
bit 1 on frequency a
bit 2 on frequency a+1
FHSS
bit 1 on frequency a
bit 2 on frequency b
b<>a+1 in all cases (can be by chance)
6/29/2014
23
Prof. Schmitz
CCK
Complementary Code Keying
allows for backwards compatibility with b users on a b/g
mixed network
Single carrier over a narrow range of frequency
Uses BPSK or QPSK
Basic bandwidth for initial communication in g, and all
communication in b
Must use more complex methods of encoding for higher
bandwidth
Used for preambles and headers
Preamble set of 1s and 0s which announces the
impending transmission of data by a radio
Header contains information about the signal to come
duration, etc data follows directly
Once received, no other radio will talk till the data is sent at
the fastest rate possible
Prof. Schmitz
PBCC
Packet Binary Convolutional Coding
another coding method used for higher speeds
Single carrier but uses more complex 8PSK encoding method
Used for transmission of payload in g systems, CCK is still used for
both the preamble and header
So that all radios have a chance to hear the important messages
about the impending signal despite their signal strength
Supports up to 33Mbps at best, which is lower than the 54Mbps
provided by OFDM using CCK
Prof. Schmitz
OFDM
Orthogonal frequency Division Multiplexing
A frequency guard band is "wrapped around" the
subcarrier frequencies in FDM but OFDM only "wraps"
around a set of tones
This lowers the overall bandwidth that can be carried
Sometimes up to 50% loss of bandwidth, but not that
much with OFDM
802.11g and a use COFDM coded form of OFDM
which allows the handling of the stronger of two received
signals, or the combination of the two to provide a
compsite signal
Prof. Schmitz
OFDM (cotd)
The orthogonal classifier here states that the adjacent frequencies are
independent and distinguishable from each other using complex mathematical
properties
Transmission does not happen over all channels at the same time in OFDM as it
does in DSSS and FHSS
subcarriers are chosen such that they do not add to the overall waveform
at the peak of any subcarriers, all others have an amplitude of 0
OFDM uses many narrowband tones (with wraps around them) whereby only
narrowband interference is damaging
Multipath is less of an issue because bits are spread across the spectrum
Bursts of data, rather than constant dribble
Precursor is a "cyclic prefix" absorbs or hides late arriving signals caused by
multipath
Therefore the prefix must be greater than the delay spread of the multipath signals
The use of spatial diversity (multiple antennas) can increase tolerance to noise, interference and
multipath
Next the data (in the form of symbols)
Example
Signal over 6MHz is made up of 512 individual carriers each carrying a single QAM symbol per burst
6/29/2014
24
Prof. Schmitz
OFDM Subcarriers
Subcarrier overlap is allowed because they are
easily distinguishable from each other as defined
by a complex mathematical relationship
subcarriers are chosen such that they dont add
to the overall waveform
at the peak of each subcarrier, all other
subcarriers are at amplitude 0
coded signal for each subchannel is inversed fast
Fourier transformed (IFT) to create a composite
other side applies FFT to signal to extract data
Prof. Schmitz
OFDM Diagram
available bandwidth is spread across multiple
carrier signals
Prof. Schmitz
More OFDM
Coded signal for each subchannel is Inversed
Fast Fourier Transformed (IFFT) to create a
composite signal that can be transmitted
The receiver applies FFT to the signal to extract
the original coded version
This provides for better interference resistance
Prof. Schmitz
OFDM Latent Signals
OFDM depends on having some integer
number of wavelengths between each carrier
the quiet guard is a problem as signal spread
creates interference during this time
IFTF covers this space with a guarded tone
which continues the previous signal for the
duration of the signal spread (cyclic prefix)
6/29/2014
25
Prof. Schmitz
Spatial Diversity
Multiple antennas for receiving, one for sending
Improves performance because the receiver receives multiple
signals depending on reflection, scattering, absorption and
refraction
Multipath signal propagation under the conditions of an
impure medium
Reflection off of surfaces
Absorption by materials
Refraction as signals pass through materials including air
Delay spread - time between receiving the initial signal and
the time for the multipath remnants to arrive
Causes interference because the frequency matches the
currently arriving initial signals from the next transmission
Causes corruption of the data stream
Prof. Schmitz
Error Control
Error detection identifying problems in the received message
Using parity bits or CRC checksums can identify when
something has changed during transmission
Retransmission is requested
Error correction fixing the problem
Beyond the simple retransmission, we can correct for signal
issues
OFDM uses training tones which are of a fixed frequency,
phase and amplitude the receiver identifies the problems with
the received control and adjusts accordingly for changes that
occur during transmission
Each OFDM burst contains data and tones which allow for the receiver
to sync up and adjust for amplitude and phase shifting (also fixes
frequency offsets)
Prof. Schmitz
Curvature of the Earth
For LOS systems which are intended to bridge distances out
of doors, the most common antenna is the parabolic dish or
yagi
In these cases, we must take into account the curvature of the
earth in our LOS calculations
125' for every 25miles
Must keep the Fresnel (fernnel) zone elipse between the
two points clear between the two ends
Defined as follows:
FZ1 0-90 degrees out of phase

Prof. Schmitz
More Curvature of the Earth
Must keep 60% of FZ1 clear
The ellipse formed between the two end points with a given r at each d1 and d2 where d1+d2=distance between A and B
6/29/2014
26
Prof. Schmitz
Final Calculations
Antenna Height is as follows:
R from the calculation above + earth bulge
Earth bulge = Distance^2 / 6
Depending on the frequency, the spread is
different
Avoid even FZs as they carry frequency
canceling properties
Size is based on the distance and the spreading
rate of the signal over the distance
Prof. Schmitz
Example
6 miles @ 5.7GHz
.6 * 72.1 * SQRT(6/22.8) = 22.19 - Fresnel Zone 1
6^2/6 = 6 - curvature of the earth
Total 28.21 + obstructions + growth factor

Wireless Networking and Security: History

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Wireless Networking and Security: History

Загружено:

Авторское право:

Доступные форматы

6/29/2014

CS-349/449 Wireless Networking and Security SuIII 2014

Вам также может понравиться