1 / 24

IEEE 802.11 Family

IEEE 802.11 Family. Dr. Muid Mufti ID Technologies Islamabad. 802.11 Variants. IEEE 802.11d Additional regulatory domains IEEE 802.11e for improved quality of service IEEE 802.11f to regulate inter-access point hand offs IEEE 802.11i to improve WLAN security IEEE 802.11n

rob
Télécharger la présentation

IEEE 802.11 Family

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IEEE 802.11 Family Dr. Muid Mufti ID Technologies Islamabad

  2. 802.11 Variants • IEEE 802.11d • Additional regulatory domains • IEEE 802.11e • for improved quality of service • IEEE 802.11f • to regulate inter-access point hand offs • IEEE 802.11i • to improve WLAN security • IEEE 802.11n • Enhanced Speed and Robustness

  3. IEEE 802.11i Wireless Security

  4. Basic 802.11 Security • WEP • Wire Equivalent Privacy • Stream Cipher: RC4 • 40-bit key+24-bit Initialization Vector (IV)=64-bit RC4 key

  5. Basic 802.11 Vulnerabilities • No AP Authentication (i.e. two way auth.) • Key distribution problem • Shared key (i.e. key is the same for everyone) • No privilege and permission scheme can be defined • One can decrypt others information • The secret which is known by everyone is not secret! • Pair wise keys defined but rarely used

  6. WEP Weaknesses • Small IV space (IV Collision Problem) • Replay attacks once WEP key is revealed • Predictable IV due to poor implementation • CRC as integrity checking algorithm • RC4 vulnerability to known plain text attack • Static keys – in contrast to session / temporal keys

  7. 802.11i • Open Authentication • Pair wise keys • Session keys • 128 bit keys • Enhanced Encryption • TKIP • DES • CCMP – AES • IEEE 802.1X

  8. Four Way Authentication

  9. TKIP • Based on RC4 • 128-bit Key (per packet) • One key pair for each direction • Per packet key –temporal part • Per session key –Pair-wise Master Key (PMK) • Key encryption key • Pair-wise transient key (PTK) • MAC address of the station (TA) –i.e. unique for every client • 48-bit packet serial number

  10. TKIP

  11. CCMP • Counter Mode with Cipher Block Chaining Message Authentication Code Protocol • AES based

  12. Authentication 802.1X • Port-based network access control • Controlled port • Authorized • Unauthorized • Uncontrolled port

  13. EAP • Extensible Authentication Protocol (EAP) (RFC 2284) • EAP-MD5 • EAP-TLS (Certificates) • EAP-TTLS (Certificates and Passwords) • EAP-SIM • PEAP (Cisco) • LEAP (Cisco) • EAP over LAN (EAPOL)

  14. Authentication Authenticator Authentication Server Supplicant

  15. Wi-Fi Alliance • WPA • Wireless Protected Access • WPA-2

  16. IEEE 802.11e Qualitiy of Service

  17. 802.11e • EDCF - Enhanced DCF • HCF - Hybrid Coordination Function • QBSS • HC – Hybrid Controller • TC – Traffic Categories • TXOP – Transmission Opportunity • – granted by EDCF-TXOP or HC- poll TXOP • AIFS – Arbitration Interframe Space

  18. Arbitration IFS

  19. Traffic Categories

  20. IEEE 802.11n High Speed

  21. 802.11n • Expected to be finalized by Nov 2009 • High Data rates – 300 Mbps or above • Improved OFDM • Greater Stability • Shorter Cyclic Prefix • Block Ack • Frame Aggrgation

  22. MIMO Technology Multiple Antenna

  23. WiFi Alliance • Wi-Fi Alliance is certifying 802.11n products based on Draft 7 – Nov 2008

More Related