Wireless Networks

Dr. Deepak C. Karia, Electronics and Telecommunication Dept., S.P.I.T.

What?

technology that enables two or more entities to communicate without network cabling.

Topologies?

WLAN

LAN: Incomplete/ Infrastructure Wireless Network

Access point.

Repeaters.

WLAN

WLAN: Complete/Ad-hoc Wireless Network

ad-hoc networks.
size of the network. Suited for temporary situations such as meetings and conferences.

What is infrastructure and ad-hoc modes in wireless networking?

bridges a wireless network to a

wired Ethernet network.

wireless devices directly communicates with each other. Does not require APs.

A wireless access point (AP) is

required for infrastructure

mode wireless networking.

Signal propagation ranges

Transmission range communication possible low error rate Detection range detection of the signal possible no communication possible Interference range signal may not be detected signal adds to the background noise

sender

transmission
distance detection interference

(Courtesy: IIT Bombay)

Work?

(Courtesy: loupdargent.com)

Reference Model

Application

Application

Transport
Network Data Link Network Data Link Network Data Link

Transport
Network Data Link

Physical

Physical

Physical
Medium

Physical

Radio

Difference?

(Courtesy: samdiener.com)

uses specialized physical and data link protocols

Physical Layer: e.g.:-Wireless NIC.

Data Link Layer:

Uses Carriers-SenseMultiple-Access with Collision Avoidance (CSMA/CA).
CSMA/CA

Integration With Existing Networks.

Ack

T T T T
data

T T
data

e.g. APs, Token Ring.

T T
Ack data

Ack

T
T
Ack

Roaming

Bad connection in Infrastructure mode? Perform: scanning of environment listen into the medium for beacon signals or send probes into the medium and wait for an answer. send Re-association Request station sends a request to a new AP(s).

receive Re-association Response success: AP has answered, station can now participate failure: continue scanning. AP accepts Re-association Request and signals the new station to the distribution system. the distribution system updates its data base (i.e., location information). typically, the distribution system now informs the old AP so it can release resources.

Performance

802.11a offers speeds with a theoretically maximum rate

of 54Mbps in the 5 GHz band

802.11b offers speeds with a theoretically maximum rate of 11Mbps at in the 2.4 GHz spectrum band

802.11g is a new standard for data rates of up to a

theoretical maximum of 54 Mbps at 2.4 GHz.

Mobile communication?

Wireless vs. mobile

Examples

stationary computer laptop in a hotel (portable) wireless LAN in historic buildings Personal Digital Assistant (PDA)

What is 802.11 (Wi-fi)?

A family of WLAN specifications developed by IEEE.

Defines standard for WLANs using the following four technologies: Frequency Hopping Spread Spectrum (FHSS) Direct Sequence Spread Spectrum (DSSS) Orthogonal Frequency Division Multiplexing (OFDM) Versions: 802.11a, 802.11b, 802.11g, 802.11e, 802.11f, 802.11i.

802.11 - Transmission

Most wireless LAN products operate in unlicensed radio bands

2.4 GHz is most popular

Available in most parts of the world No need for user licensing

Most wireless LANs use spread-spectrum radio

Resistant to interference, secured Two popular methods

Frequency Hopping (FH) Direct Sequence (DS)

Frequency Hopping SS

FH systems uses a radio carrier that hops from frequency to frequency in a pattern known to both transmitter and receiver

Easy to implement Resistance to noise Limited throughput (2-3 Mbps @ 2.4 GHz)

Types:

Direct Sequence SS

DS systems uses a carrier that remains fixed to a specific frequency band. The data signal is spread onto a much larger range of frequencies (at a much lower power level) using a specific encoding scheme. Much higher throughput than FH (11 Mbps) Better range. Less resistant to noise (redundancy it transmits at least 10 fully redundant copies of the original signal at the same time)

802.11a

Employs Orthogonal Frequency Division Multiplexing

(OFDM: method of encoding digital data on multiple carrier frequencies.)
Offers

higher bandwidth than that of 802.11b.

Operates in the 5 GHz range.

Advantages

Ultra-high spectrum efficiency 5 GHz band is 300 MHz (vs. 83.5 MHz @ 2.4 GHz) More data can travel over a smaller amount of bandwidth
High speed Up to 54 Mbps Less interference Fewer products using the frequency 2.4 GHz band shared by cordless phones, microwave ovens, Bluetooth, and WLANs

Disadvantages

Standards and Interoperability

Standard

not accepted worldwide No interoperability certification available for 802.11a products Not compatible or interoperable with 802.11b

Legal issues
License-free

spectrum in 5 GHz band not available worldwide LAN-LAN bridging, there is limited interest for 5 GHz adoption.

Market
Beyond

Cost 2.4 GHz will still has >40% cost advantage.

Range At equivalent power, 5 GHz range will be ~50% of 2.4 GHz.

Power consumption Higher data rates and increased signal requires more power OFDM is less power-efficient then DSSS.

Applications

Building-to-building connections Video, audio conferencing/streaming video, and audio Large file transfers, such as engineering CAD drawings Faster Web access and browsing High worker density or high throughput scenarios
Numerous

PCs running graphics-intensive applications

802.11a vs. 802.11b

Frequency
802.11b transfers at 2.4 gigahertz 802.11a transfers at 5 gigahertz

Coverage Distance
802.11b goes about 400 feet indoors 802.11a goes about 60 feet indoors

Need more access points to cover a location

Compatible to each other?

Not yet.

802.11g

802.11g is a high-speed extension to 802.11b

Compatible with 802.11b High speed up to 54 Mbps 2.4 GHz (vs. 802.11a, 5 GHz) Using OFDM for backward compatibility.

Pros of 802.11g - fast maximum speed; signal range is good and not easily obstructed Cons of 802.11g - costs more than 802.11b; appliances may interfere on the unregulated signal frequency.

Different Wireless Networks

IrDA (Infrared Data Association)

Uses beams of light in the infrared spectrum Remote controls Fairly reliable and low-cost Drawback: It is a line-of-sight technology less interference Drawback: one-to-one technology You can send data only between two things at once (but increased security)

Bluetooth

The magic number: 2.45 gigahertz

Radio-frequency also used by baby monitors, garage door openers, and cordless phones

How do you avoid interference?

Bluetooth sends weak signals of 1 milliwatt

Powerful cell phones use 3 watts

Bluetooth devices limited to 10 meters

But they can go through walls better than others

HomeRF (SWAP)

Vision

Set up a wireless home network to share voice and data

between PCs, peripherals, PC enhanced cordless phones etc

Access internet from anywhere in and around the home from portable display devices

Share ISP connection between PCs and other new

devices

Member Companies

HRFWG includes leading companies from the personal

computer, consumer electronics, peripherals, communications, software and semiconductor industries

HRFWG has developed a specification for wireless

communication in home called the Shared Wireless

Access Protocol (SWAP)

SWAP

The HomeRF SWAP is designed to carry both voice and data traffic and to interoperate with the PSTN and the Internet

Operates in the 2.4GHz ISM range Uses digital frequency hopping spread spectrum 50 hops / second

Provides 1 Mbps and 2 Mbps data rate

Extensions of DECT (Digital Enhanced Cordless Telephone ) and wireless LAN technology to enable a new class of home cordless services

System Architecture

Network topology

SWAP system operates in either

Ad

hoc network Managed network

Ad hoc Network
Only

data communication is supported All stations are equal Control of network distributed between the stations

Network topology

Managed network
For

time critical applications such as interactive voice, Connection point is required to coordinate the system The Connection point provides the gateway to the PSTN and can be connected to a PC via a standard interface like USB that will enable voice and data services

Node types

The network can accommodate up to 127 nodes There are 4 basic types of nodes
Connection

point supports voice and data

Voice

terminal uses TDMA to communicate with

base station
Data

node uses CSMA/CA to communicate with a

base station and other data nodes

Voice

and data node uses both types of services

Advantages:

Cheap, easy-to-install Allows multiple-networks in the same location Can encrypt data

Drawbacks:

Not very fast (typically limited to 1 Mbps) Limited Range (75 to 125 ft) Physical obstructions (walls, large metal objects) cause huge interference issues Difficult to integrate into existing wired networks

Why Need Security?

Whos defenseless?

Everyone in your organization who uses computers or networks in the process of doing their job.

Everyone in your organization who is affected by the information stored in computers.

Everyone in your organization.

Outsiders who rely on your organization your customers, the public.

42

Eavesdropping

Watching the screen Watching the keyboard Login Trojan horses

Different appearance Interrupt command for login

Keyboard sniffers

Good system administration

Network sniffers

Cryptographic protection One-time passwords

802.11b Security Features

Wired Equivalent Privacy (WEP) A protocol to protect link-level data during wireless transmission between clients and access points. Services: Authentication: provides access control to the network by denying access to client stations that fail to authenticate properly.

Confidentiality: intends to prevent information compromise from casual eavesdropping. Integrity: prevents messages from being modified while in transit between the wireless client and the access point.

WEP Authentication
The following events must occur before an 802.11 station can communicate with an Ethernet network through an access point:

Turn on the wireless station. The station listens for messages from any access points that are in range. The station finds a message from an access point that has a matching SSID. The station sends an authentication request to the access point. The access point authenticates the station. The station sends an association request to the access point. The access point associates with the station. The station can now communicate with the Ethernet network through the access point.

Methods of Authentication

1.

Open System authentication.

a wireless computer can join any network and receive any messages that are not encrypted. allows any device to join the network, assuming that the device SSID matches the access point SSID.

2.

Methods of Authentication
1.

Shared System authentication. only those computers that possess the correct authentication key can join the network.

2.

requires that the station and the access point have

the same WEP key to authenticate.

The station sends an authentication request to the access point. The access point sends challenge text to the station. The station uses its configured 64-bit or 128-bit default key to encrypt the challenge text, and it sends the encrypted text to the access point. The access point decrypts the encrypted text using its configured WEP key that corresponds to the stations default key. The access point compares the decrypted text with the original challenge text. If the decrypted text matches the original challenge text, then the access point and the station share the same WEP key, and the access point authenticates the station. The station connects to the network. If the decrypted text does not match the original challenge text (that is, the access point and station do not share the same WEP key), then the access point will refuse to authenticate the station, and the station will be unable to communicate with either the 802.11 network or Ethernet network.

Security Problems

Security features in Wireless products are frequently not

enabled.

Use of static WEP keys (keys are in use for a very long time). WEP does not provide key management.

Cryptographic keys are short. No user authentication occurs only devices are

authenticated. A stolen device can access the network.

-Identity based systems are vulnerable.

Packet integrity is poor.

Possible Solution

For 802.11, WEP encryption is optional. For WPA, encryption using Temporal Key Integrity Protocol (TKIP) is required. TKIP replaces WEP with a new encryption algorithm that is stronger than the WEP algorithm, but that uses the calculation facilities present on existing wireless devices to perform encryption operations. TKIP provides important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. Through these enhancements, TKIP addresses all known WEP vulnerabilities.

Choose the right technology

Usually IEEE 802.11b or 802.11a

802.11b offers interoperability (WECA Wi-Fi Certification Program)

802.11a offers higher data rates (up to 54 mbps) -> higher throughput per user. Limited interoperability.

Data rates

Data rates affect range 802.11b 1 to 11 Mbps in 4 increments 802.11a 6 to 54 Mbps in 7 increments The minimum data rate must be determined at design time Selecting only the highest data rate will require a greater number of APs to cover a specific area Compromise between data rates and overall system cost

Access Point Placement and Power

Typically mounted at ceiling height.

Between 15 and 25 feet (4.5m to 8m) The greater the height, the greater the difficulty to get power to the unit. Solution: consider devices that can be powered using CAT5 Ethernet cable (CISCO Aironet

1200 Series).

Access points have internal or external antennas

Antenna Selection and Placement

Permanently attached.
Remote antennas connected using an antenna cable. Coax cable used for RF has a high signal loss, should not be mounted more than a 1 or 2 meters away from the device. Placement: consider building construction, ceiling height, obstacles, and aesthetics. Different materials (cement, steel) have different radio propagation characteristics.

The Site Survey

Helps define the coverage areas, data rates, the precise placement of access point. Gather information: diagramming the coverage area and measuring the signal strength, SNR (signal to noise ratio), RF interference levels

Cryptography

Contents
1.Introduction 2. Cryptography(encryption/decryption algorithm) 3. Cryptography Machine 4. Algorithms 5. Conclusions 6.References

INTRODUCTION

The science and art of manipulating messages to make them secure is called as cryptography.
SENDER

plaintext

encryption

cipher text

RECIEVER

cipher text

decryption

plaintext

Example:

Insecure communication
Alice channel
data, control messages

Bob

data

secure sender

secure receiver

data

Devil

Cryptographic communication
Alices KA encryption key Bobs KB decryption key ciphertext decryption algorithm

plaintext

encryption algorithm

plaintext

Devil

Cryptography(encryption/decryption algorithm) 1 2
Symmetric(Private) Asymmetric(Public)

1.1

1.2

2.1

2.2

Substitution

Transposition
1.2.1

RSA

DiffieHellman

1.1.1

1.1.2

1.1.3

Rail-Fence

Simple

MonoAlphabetic

PolyAlphabetic

1.2.2

Vernam cipher

ENIGMA MACHINE (encryption/decryption )

A.) B.)

C.)

D.)

ROTORS

PLUGBOARD

1.1.1 Simple
A 1 N 14 B 2 O 15 C 3 P 16 D 4 Q 17 E 5 R 18 F 6 S 19 G 7 T 20 H 8 U 21 I 9 V 22 J 10 W 23 K 11 X 24 L 12 Y 25 M 13 Z 26

ENTER THE MESSAGE : - HOSPITALITY ENTER THE KEY : - TREAT

H 8

O 15

S 19

P 16

I 9

T 20

A 1

L 12

I 9

T 20

Y 25

T 20

R 18

E 5

A 1

T 20

ENCRYPTION
MESSAGE:KEY :CODE:SUBTRACT: CODE : ENCRYPTED: 8 20 28 26 2 B 15 18 33 26 7 G 24 X 17 Q 19 5 24 16 1 17 9 20 29 26 3 C 20 20 40 26 14 N 19 S 17 Q 10 J 1 18 19 12 5 17 9 1 10 20 20 40 26 14 N 25 20 45 26 19 S

ENCRYPTED MESSAGE IS : - BGXQCNSQJNS

B
2

G
7

X
24

Q
17

C
3

N
14

S
19

Q
17

J
10

N
14

S
19

DECRYPTION
MESSAGE:ADD :(a) CODE:(b) KEY: SUB:CODE: 8 DECRYPTION:DECRYPTED MESSAGE IS : - HOSPITALITY H 15 O 2 26 28 20 7 26 33 18 15 24 26 50 5 45 26 19 S 17 26 43 1 42 26 16 P 9 I 20 T 3 26 29 20 9 14 26 40 20 20 19 26 45 18 27 26 1 A 17 26 43 5 38 26 12 L 10 26 36 1 35 26 9 I 20 T 25 Y 14 26 40 20 20 19 26 45 20 25

(a) (b) : - 8

1.1.2 Mono-alphabetic
A 1 N 14 B 2 O 15 C 3 P 16 D 4 Q 17 E 5 R 18 F 6 S 19 G 7 T 20 H 8 U 21 I 9 V 22 J 10 W 23 K 11 X 24 L 12 Y 25 M 13 Z 26

ENTER THE MESSAGE : - HELLO ENTER THE KEY : - 4

ENCRYPTION

MESSAGE ENCRYPTION

H K

E H

L O

L O

O R

DECRYPTION
MESSAGE K H O O R

DECRYPTION

1.1.3 Poly-alphabetic
A 1 N 14 B 2 O 15 C 3 P 16 D 4 Q 17 E 5 R 18 F 6 S 19 G 7 T 20 H 8 U 21 I 9 V 22 J 10 W 23 K 11 X 24 L 12 Y 25 M 13 Z 26

ENTER THE MESSAGE : - HELLO ENTER THE KEY : - 12

ENCRYPTION
MESSAGE CODE H 8 E 5 L 12 L 12 O 15

ADD: - 12 (key) 8
CODE ENCRYPTED 20 T 13 M

5
17 Q

12
24 X

12
27 (27-26) A

ENCRYPTED MESSAGE : - TMQXA

DECRYPTION
MESSAGE CODE T 20 M 13 Q 17 5 X 24 12 A 1 12

SUB: - 12 (key) 8

CODE ADD FOR -ve CODE DECRYPTED

8 8 H

5 5 E

12 12 L

12 12 L

-11 26 15 O

DECRYPTED MESSAGE : - HELLO

1.2.1 Rail Fence

A 27 N 40 B 28 O 41 C 29 P 42 D 30 Q 43 E 31 R 44 F 32 S 45 G 33 T 46 H 34 U 47 I 35 V 48 J 36 W 49 K 37 X 50 L 38 Y 51 M 39 Z 52

ENTER THE MESSAGE : - ELECTRONICS ENTER THE LENGTH : - 11

ENCRYPTION
MESSAGE CODE E 31 L 38 E 31 C 29 T 46 R 44 O 41 N 40 I 35 C 29 S 45

E L

E C

T R

O N

I C

ENCRYPTED msg

E 31

E 31

T 46

O 41

I 35

S 45

L 38

C 29

R 44

N 40

C 29

CODE

ENCRYPTED MESSAGE : - EETOISLCRNC

DECRYPTION
ENCRYPTED msg CODE E 31 E E 31 E T 46 O 41 T I 35 S 45 O L 38 C 29 I R 44 N 40 S C 29

L MESSAGE CODE E 31 L 38

C E 31 C 29

R T 46 R 44 O

N N 40 I 35

C C 29 S 45

41

DECRYPTED MESSAGE : - ELECTRONICS

1.2.2 Vernam cipher

ENTER THE MESSAGE : - HELLO WORLD ENTER THE SEQUENCE : - 3,2,4,5,1 ENTER THE COLUMN LENGTH :- 2

ENCRYPTION
COL 1 H COL 2 E COL 3 L COL 4 L COL 5 O

ENCRYPTED MESSAGE : - LREOLLODHW

ENTER THE SEQUENCE : - 3,2,4,5,1 ENTER THE COLUMN LENGTH :- 2

DECRYPTION
ENCRYPTED MESSAGE : - LREOLLODHW COL 1 H W COL 2 E O COL 3 L R COL 4 L L COL 5 O D

DECRYPTED MESSAGE : - HELLOWORLD

2.2 Diffie Hellman

Example Alice and Bob want to share some data Step 1:- Choose two prime number n and g Let n = 11 and g = 7 Step 2:- Alice selects a number x and Cal A A = (g^x) Mod n let x = 3 A=2 Alice sends 2 to Bob Step 3:- Bob independently selects a number y and Cal B B = (g^y) Mod n let y = 6 B=4 Bob sends 4 to Alice

Step 4:- Calculate the Keys K1 and K2 K1 = (B^x)Mod n K2 = (A^y)Mod n K1 = 9, K2 = 9

Hence K1 = K2

CONCLUSION

Cryptography is considered as the secure means for communication of confidential data over a communication channel.
Symmetric key algorithm are suitable for same numeric key as well as alphabetic key. whereas Asymmetric key algorithm is suitable for same and different keys .

References

http://www.howstuffworks.com/wirelessnetwork.htm http://www.80211planet.com/columns/article/0,4000,1781_9611 81,00.html http://www.80211planet.com/columns/article/0,4000,1781_9476 61,00.html http://www.pcausa.com

The End!

Thoughts or questions?