WIXLIB

Unit 11IEEE 802.11 Wireless LANsShyam Parekh

IEEE 802.11 Wireless LANs ReferencesStandardsBasicsPhysical Layer 802.11b802.11aMACFraming DetailsManagementPCFQoS (802.11e)SecurityTake Away PointsTOC – 802.11

References 802.11 Wireless Networks: The Definitive Guide, M.Gast, O’Reilly, 2002*ANSI/IEEE Std 802.11, 1999 EditionANSI/IEEE Std 802.11b-1999ANSI/IEEE Std 802.11a-1999*Most drawings used in the lectures are from this bookTOC – 802.11 – References

IEEE 802 Standards & OSI Model Observe 802.11 MAC is common to all 802.11 Physical Layer (PHY)standards802.11 PHY is split into Physical Layer Convergence Procedure(PLCP) and Physical Medium Dependent (PMD) sublayersTOC – 802.11 – Standards

Related Standards Bluetooth HIPERLAN Originally intended for interconnecting computingand communication devicesEuropean standard for Wireless LANsIEEE 802.16 Broadband Wireless Addresses needs of fixed and mobile broadbandwireless access replacing fibers, cables, etc.TOC – 802.11 – Standards

802.11 Standards and SpectrumKey StandardsMax RateSpectrum (U.S.)Year802.112 Mbps2.4 GHz1997802.11a54 Mbps5 GHz1999802.11b11 Mbps2.4 GHz1999802.11g54 Mbps2.4 GHz2003 2.4 – 2.5 GHz for all above except 802.11a (referred to as C-Band Industrial,Scientific, and Medical (ISM)) Microwave ovens and some cordless phones operate in the same band802.11a uses Unlicensed National Information Infrastructure bands 5.15 – 5.25 GHz5.25 – 5.35 GHz5.725 – 5.825 GHzTOC – 802.11 – Standards

Basic Service Sets (BSSs) Independent BSSs are also referred to as Ad Hoc BSSsObserve that the AP in an Infrastructure BSS is the centralizedcoordinator and could be a bottleneckTOC – 802.11 – Basics

Extended Service Set (ESS) BSSs in an ESS communicate via Distribution SystemA DS has to keep track of stations within an ESSInter Access Point protocol (IAPP) is not yet fully standardizedTOC – 802.11 – Basics

Network Services C Service Data Unit (MSDU) deliveryTOC – 802.11 – Basics

Seamless Transition Seamless transitionbetween two BSSswithin an ESSBetween ESSs,transitions are notsupportedTOC – 802.11 – Basics

802.11b: HR/DSSS* PHY Use Complementary Code Keying (CCK) instead ofDifferential Quadrature Phase Shift Keying (DQPSK)used at lower rates Provides good performance in presence of interference andmultipath fading4-bit (for 5.5 Mbps) or 8-bit (for 11 Mbps)symbols form MAC layer arrive at 1.375 millionsymbols per secondEach symbol is encoded using CCK code word {ej(φ1 φ2 φ3 φ4), ej(φ1 φ3 φ4), ej(φ1 φ2 φ4), ej(φ1 φ4), ej(φ1 φ2 φ3),ej(φ1 φ3), ej(φ1 φ2), ejφ1}φ1, φ2, φ3, and φ4 are decided by symbol bits*High Rate Direct-Sequence Spread SpectrumTOC – 802.11 – Physical Layer – 802.11b

802.11b: HR/DSSS PHY - 2 Uses same channels as by the low rate DSIn US, channels 1-11 (with center frequencies at 2.412 –2.462 GHz and 5 MHz distance) are availableFor 11 Mbps, Channels 1, 6, and 11 give maximum numberof channels with minimum interferenceTOC – 802.11 – Physical Layer – 802.11b

802.11b: HR/DSSS PHY - 3 Long PLCP format Optional Short PLCP format is offered for better efficiencyTOC – 802.11 – Physical Layer – 802.11b

802.11a: 5 GHz OFDM PHY Fundamental Orthogonal Frequency DivisionMultiplexing (OFDM) work was done in 1960s, and apatent was issued in 1970Basic idea is to use number of subchannels inparallel for higher throughputIssues with 802.11a Denser Access Point deployment needed due to higherpath lossHigher power needTOC – 802.11 – Physical Layer – 802.11a

802.11a: 5 GHz OFDM PHY - 2 OFDM is similar to Frequency Division Multiplexing except itdoes not need guard bands But need guard times to minimize inter-symbol and inter-carrierinterferenceRelies on “orthogonality” in frequency domainTOC – 802.11 – Physical Layer – 802.11a

802.11a: 5 GHz OFDM PHY - 3 In U.S., there are 12channels, each 20 MHzwide Spectrum layoutTOC – 802.11 – Physical Layer – 802.11a

802.11a: 5 GHz OFDM PHY - 4Each channel is divided into 52 subcarriers: 48are used for dataPLCP Protocol Data Unit (PPDU) format PHY uses rate of 250K symbols per secondEach symbol uses all 48 subcarriersConvolution code is used by all subcarriersTOC – 802.11 – Physical Layer – 802.11a

802.11a: 5 GHz OFDM PHY - 5 Modulation and Coding

MAC: Access Modes MAC Access Modes: Distributed Coordination Function (DCF) Based on Carrier Sense Multiple Access/CollisionAvoidance (CSMA/CA)Point Coordination Function (PCF) Restricted to Infrastructure BSSsNot widely implementedAccess Point polls stations for mediumaccessTOC – 802.11 – MAC

Main Ideas of MAC: CSMA/CA Interframe Spacing (IFS) Short IFS: For atomic exchangesPCF IFS: For prioritized PCF accessDCF IFS: For Normal DCF accessExtended IFS: For access after errorMedium AccessTOC – 802.11 – MAC

Main Ideas of MAC: CSMA/CA - 2 If medium is idle for DIFS interval after a correctly receivedframe and backoff time has expired, transmission can beginimmediatelyIf previous frame contained errors, medium must be free forEIFSIf medium is busy, access is deferred until medium is idlefor DIFS and exponential backoffBackoff counter is decremented by one if a time slot isdetermined to be idleUnicast data must be acknowledged as part of an atomicexchangeTOC – 802.11 – MAC

Interframe Spacing Interframe Spacing values are physical layerdependentSIFS and Slot Time are explicitly specified, and theothers are derived PIFS SIFS Slot TimeDIFS SIFS 2·Slot TimeEIFS SIFS DIFS (Ack Time @ 1 Mbps)For 802.11a and 802.11b SIFS is 16 µs and 10 µs, respectivelySlot Time is 9 µs and 20 µs, respectivelyTOC – 802.11 – MAC

Contention Window Backoff is performed for R slots: R is randomly chosen integer inthe interval [0, CW]CWmin CW CWmax CWmin 31 slots and CWmax 1023 slots (for 802.11b)Up to CWmax, CW (CWmin 1)·2n – 1, where n 0, 1, 2, is(re)transmission numberTOC – 802.11 – MAC

Error Recovery Each frame is associated with a retry counterbased on frame size as compared toRTS/CTS threshold Short retry counterLong retry counterFragments are given a maximum lifetime byMAC before discarding themTOC – 802.11 – MAC

WLAN Problems Hidden Terminal and Exposed Terminal problemsTOC – 802.11 – MAC

RTS/CTS Clearing RTS/CTS ClearingUsed for frames larger than RTS/CTS thresholdTradeoff between overhead and retransmission costsTOC – 802.11 – MAC

Virtual Carrier Sensing Virtual Carrier Sensing using Network AllocationVector (NAV)TOC – 802.11 – MAC

Fragmentation Burst Fragmentation and RTS/CTS thresholds aretypically set to the same valueTOC – 802.11 – MAC

Framing Details: Format Generic 802.11 MACFrame FrameControl Field Sequence Control FieldTOC – 802.11 – Framing Details

Framing Details: Frame Types Type and SubtypeIdentifiers Management FramesControl FramesData FramesTOC – 802.11 – Framing Details

Broadcast/Multicast No Acknowledgements for Broadcast or MulticastframesTOC – 802.11 – Framing Details

NAV for Fragmentation Fragmentation threshold provides tradeoff betweenoverhead and retransmission costsChaining of NAV to maintain control of the mediumTOC – 802.11 – Framing Details

NAV for RTS/CTS and Power Save(PS)-Poll RTS/CTS Lockout CTS Immediate PS-PollResponse Deferred PS-PollResponseTOC – 802.11 – Framing Details

Data Frames and Addresses Generic Data Frames Addressing and DS Bits BSSID is MAC address of AP WLAN interfaceTOC – 802.11 – Framing Details

Illustrations of use of Addresses Frames to DistributionSystem Frames fromDistribution System Wireless DistributionSystemTOC – 802.11 – Framing Details

RTS/CTS Control Frames RTS Frame CTS FrameTOC – 802.11 – Framing Details

Ack and PS-Poll Control Frames Acknowledgement Frame Power-Save Poll (PS-Poll) FrameTOC – 802.11 – Framing Details

Management Frames Generic Management FramesTOC – 802.11 – Framing Details

Fixed-Length Management Fields Beacon Interval Field In 1024 µs Time Units (TUs)Typically 100 TUs or about 0.1 SecondsCapability Information Used in Beacon, Probe request and Probe ResponseFramesTOC – 802.11 – Framing Details

Fixed-Length Management Fields - 2 Listen Interval Number of Beacon Intervals a station waits before listening toBeacon framesTimestamp Allows synchronizationNumber of microseconds timekeeper has been activeTOC – 802.11 – Framing Details

Management Information Elements Generic Management Frame Information Element Service Set Identity (ASCII Identifier) DS Parameter SetContention Free Parameter Set TOC – 802.11 – Framing Details

Main Management Frames Beacon Frame Probe Request Frame Probe Response FrameTOC – 802.11 – Framing Details

Main Management Frames - 2 Authentication Frames Association Request (Re)Association ResponseTOC – 802.11 – Framing Details

Management Operations:Scanning Passive Scanning Active ScanningTOC – 802.11 – Management

Management Operations:Authentication and Association Shared key Authentication Exchange Makes use of WEPAssociation ProcedureTOC – 802.11 – Management

Management Operations:Buffered Frame Retrieval Unicast Buffered Frames Broadcast and Multicast Buffered FramesTOC – 802.11 – Management

PCF: MechanismAP polls stations on its list, and maintains control of the medium Announces CFPMaxDuration in BeaconTransmissions are separated by PIFSEach CF-Poll is a license for one frame Basic PCF exchanges andtiming Foreshortening of ContentionFree PeriodTOC – 802.11 – PCF

PCF Frames Data, Ack, and Poll can be combined in one frame Data and Poll must be for the same station Usage of Data CF-Ack CF-Poll CF-Poll UsageTOC – 802.11 – PCF

PCF Frames - 2 CF-Ack CF-Poll Usage CF End CF Parameter Set Count/Period in DTIM intervals, Duration in TUsTOC – 802.11 – PCF

QoS: Shortcomings of PCF PCF falls short of guaranteeing desired QoSdue to Beacon frame delays beyond Target BeaconTransition Time (TBTT)Unpredictable demand from the polled station802.11e proposes an enhanced MACprotocolTOC – 802.11 – QoS (802.11e)

Enhanced DCF of 802.11e Introduces Traffic Categories (TCs)Following attributes are functions of TC AIFS (arbitration IFS)CWmin and CWmaxPF (Persistence Factor)TXOP (Transmission Opportunity) – Start Time & DurationTOC – 802.11 – QoS (802.11e)

Intra-station Virtual Backoff(802.11e) Intra-Station backoff to differentiate QoS acrossTCsTOC – 802.11 – QoS (802.11e)

Hybrid Coordination Function of802.11e Hybrid Coordination (HC) can initiate polling during contentionperiod using PIFSHC can learn desired TXOPs by mobile stationsHC uses own scheduling algorithmsTOC – 802.11 – QoS (802.11e)

Security Goals Security solution should provide ConfidentialityAuthenticationIntegrityMaintain processing required to “reasonable”levelsTOC – 802.11 – Security

Security: States of Mobile Stations Authentication andAssociation States Class 1 Frames Class 2 Frames Class 3 FramesAllowed frames depend onthe stateTOC – 802.11 – Security

Wired Equivalent Privacy (WEP) Based on Symmetric Secret KeyA Keystream is created using the Secret KeyGeneric Stream Cipher OperationTOC – 802.11 – Security

WEP Encipherment WEP uses 40 bit RC4 secret key and 24 bit InitializationVector (IV)Crucial aspect is how to create Keystream usingPseudorandom Number GeneratorWEP Frame ExtensionsFrame body and ICV are encryptedTOC – 802.11 – Security

WEP Decipherment WEP Decipherment using Symmetric Secret KeyTOC – 802.11 – Security

WEP based Authentication WEP based authentication using Secret KeyTOC – 802.11 – Security

WEP Flaws Secret key distributionCipher Stream creation needs to be basedtrue random generatorICV collision allows attacker to decipherA weak class of keys and known first byte ofpayloadTOC – 802.11 – Security

802.1x Authentication 802.1x provides strong authenticationBased on IETF’s Extensible AuthenticationProtocol (EAP) EAP Packet Format TOC – 802.11 – Security