Professional Documents
Culture Documents
Page 1 of 15
For the home user and commercial business 2.4 GHz is the primary band one uses for
WiFi, Bluetooth, cordless phone, printer, keyboard, mouse and gaming controller
applications.
Voice, video and data communications are typically used in 2.4 GHz systems
requiring higher data rates (up to 300 Mbps for 802.11n applications).
2.4 GHz is the most widely used frequency and in some cases may be overcrowded.
When too much overcrowding occurs, your Wi-Fi network signal may be weak or not
work at all.
5 GHz Band
The 5 GHz frequency is often used in commercial WiFi applications.
Many times it is used as a backhaul link connecting two 2.4 GHz systems over some
distance.
5 GHz is also the frequency used for the emerging standard 802.11ac which will
provide up to 1.3 Gbps of wireless data throughput.
Radio Frequency Spectrum
Traditionally, wireless technologies were limited to short distances such as an office building
or building campus, and were usually are implemented as extensions to existing wired local
area networks to enhance user mobility.
Page 2 of 15
4.2 Wireless Network Classification
Wireless networks can be classified into four specific groups according to:
Area of application and
Signal range.
i. Wireless Personal-Area Networks (WPAN)
ii. Wireless Local-Area Networks (WLANs)
iii. Wireless Metropolitan-Area Networks (WMAN)
iv. Wireless Wide-Area Networks (WWANs).
Page 3 of 15
Note: Recall the following wireless interference and transmission integrity techniques
Source of Content Below: Computer Science Department, Stanford University: cs.stanford.edu,
IEEE and Cisco Systems
Frequency Hoping Spread Spectrum (FHSS)
This is frequency hopping technique, where the devices that are communication are
made to change the frequencies of usage, from one to another in a specified time
interval, hence called as frequency hopping. For example, a frequency was allotted to
device 1 for a particular period of time. Now, after a while, device 1 hops to the other
frequency and device 2 uses the first frequency, which was previously used by device
1. This is called as frequency reuse. The frequencies of the data are hopped from one
to another in order to provide a secure transmission. The amount of time spent on
each frequency hop is called as Dwell time.
Practically, in FHSS, a given bandwidth (range of frequencies) is divided into many
different distinct channels. Bluetooth, for example, uses the 2.4 - 2.843 Ghz
bandwidth, with 79 defined channels. In order to send a signal, the transmitter and
receiver must first synchronize on a particular channel and seed value. The
transmitter then starts sending its message, only broadcasting for a few hundred
milliseconds on any given channel. The transmitter jumps between channels based
upon a pseudorandom algorithm; since the receiver knows the starting channel and
has the same seed, it can use the same algorithm to follow the jumps and receive the
signal.
To any device that does not know the jumping sequence, the message is nearly
indecipherable. There can be many different FHSS devices broadcasting at the same
time in the same area, because when each device is using its own sequence the chance
of two of them being on the same channel at the exact same instant is relatively low.
FHSS does not significantly affect any tight band transmissions, because there is only
an occasional spike of interference on any given channel. And 'bad' channels with a
lot of interference only cause a small percentage error in a FHSS transmission, since a
single bad channel means only one bit out of 79 will be disrupted.
The primary disadvantage of FHSS is its relatively low transfer limit, since only so
much information can be sent over any given frequency.
Page 4 of 15
Direct Sequence Spread Spectrum (DSSS)
Whenever a user wants to send data using this DSSS technique, each and every bit of
the user data is multiplied by a secret code, called as chipping code. This chipping
code is nothing but the spreading code which is multiplied with the original message
and transmitted. The receiver uses the same code to retrieve the original message.
DHSS spreads the signal over a larger bandwidth than needed, sacrificing bandwidth
efficiency for transmission speed and redundancy. For example, 802.11b DSSS uses
22 Mhz channels, as opposed to the roughly 1 Mhz channels used by FHSS. DSSS
accomplishes its frequency spreading by transforming each bit into a distinct, longer
sequence. For example, a single '1' bit might become a particular 11-bit sequence
(00010011100). At first glance, it might seem that this would greatly reduce
transmission speed - after all, you are sending 11 times as much data - but, in reality,
the use of many different frequencies makes DSSS much faster than FHSS.
Speed is only one of the advantages of DSSS. The post-processing of a DSSS signal
greatly reduces the effects of impulse interference. DSSS signals, by definition,
contain a great deal of redundancy, allowing for complex error checking on the
received signal. In addition, there is less power required for the transmission on any
given single frequency.
Unfortunately, due to DSSS's liberal use of available bandwidth, there is a sharp limit
on the number of DSSS devices in any given area. For example, with 802.11b's 2.4 -
2.843 Ghz bandwidth, only 3 DSSS users (each using different 22 Mhz ranges) can
share the airwaves before encountering interference.
Page 5 of 15
OFDM is a form of multicarrier modulation. An OFDM signal consists of a number
of closely spaced modulated carriers. When modulation of any form - voice, data, etc.
is applied to a carrier, then sidebands spread out either side. It is necessary for a
receiver to be able to receive the whole signal to be able to successfully demodulate
the data. As a result when signals are transmitted close to one another they must be
spaced so that the receiver can separate them using a filter and there must be a guard
band between them. This is not the case with OFDM. Although the sidebands from
each carrier overlap, they can still be received without the interference that might be
expected because they are orthogonal to each another. This is achieved by having the
carrier spacing equal to the reciprocal of the symbol period.
Accordingly, OFDM, Orthogonal Frequency Division Multiplexing is used for many
of the latest wide bandwidth and high data rate wireless systems including Wi-Fi;
802.11a, 802.11n, 802.11ac, cellular telecommunications and others.
IEEE 802.11
Created in 1997 by Institute of Electrical and Electronics Engineers (IEEE)
First WLAN standard
Provides 1 - or 2-Mbps transfer rates
Transmission in the 2.4-GHz band
Page 6 of 15
Using either frequency-hopping spread spectrum (FHSS)
IEEE 802.11a
This is an extension to 802.11
Higher rates of 54 Mbps
Transmits on the 5-GHz band.
Employs the orthogonal frequency division multiplexing (OFDM) encoding scheme
IEEE 802.11b
IEEE expanded on the original 802.11 standard in July 1999
A WLAN Standard
Has higher rates of 11 Mbps but could fall to 5.5Mbps, 2Mbps, and 1 Mbps
depending on strength of signal)
Transmits in the 2.4-GHz band.
The 802.11b specification uses only DSSS.
Lowest cost; signal range is good and not easily obstructed but slowest maximum
speed; home appliances may interfere on the unregulated frequency band
IEEE 802.11g
Developed in 2002/2003
A WLAN standard
Attempts to combine the best of both 802.11a and 802.11b
Supports bandwidth or data rates of up to 54 Mbps
Uses the 2.4 GHz frequency for greater range.
Backwards compatible with 802.11b - meaning that 802.11g access points will work
with 802.11b wireless network adapters and vice versa
Pros of 802.11g - fast maximum speed; signal range is good and not easily obstructed
Cons of 802.11g - costs more than 802.11b; appliances may interfere on the
unregulated signal frequency
IEEE 802.11n
Page 7 of 15
802.11n (also sometimes known as "Wireless N"), designed to improve on 802.11g in
the amount of bandwidth supported by utilizing multiple wireless signals and
antennas (called MIMO technology) instead of one.
Industry standards groups ratified 802.11n in 2009 with specifications providing for
up to 300 Mbps of network bandwidth.
802.11n also offers somewhat better range over earlier Wi-Fi standards due to its
increased signal intensity, and it is backward-compatible with 802.11b and 802.11b
Pros of 802.11n - fastest maximum speed and best signal range; more resistant to
signal interference from outside sources
Cons of 802.11n - standard is not yet finalized; costs more than 802.11g; the use of
multiple signals may greatly interfere with nearby 802.11b/g based networks
IEEE 802.11ac
The recent generation of Wi-Fi signaling in popular use.
Utilizes dual band wireless technology - supporting simultaneous connections on
both the 2.4 GHz and 5 GHz Wi-Fi bands.
Offers backward compatibility to 802.11b/g/n and bandwidth rated up to 1300 Mbps
on the 5 GHz band plus up to 450 Mbps on 2.4 GHz.
Pros of 802.11ac – offers improved bandwidth and more flexibility through
simultaneous connection support; backwards compatibility allows use of existing
technologies
Cons of 802.11ac –dual bands mean increased cost; still prone to interference on the
2.4GHz frequency
IEEE 802.11ax
Released in 2019
Defined as a High-Efficiency Wireless (HEW)
Can transmit at 2.4 GHz – to achieve higher data rates and increased capacity
At 5 GHz, it handles many connected devices
Page 8 of 15
a) Infrastructure mode.
b) Independent Basic Service Set (IBSS) (also known as ad hoc mode).
c) But with the ubiquity of wireless networks, mesh topologies are now common.
4.5.1 Infrastructure Mode
With infrastructure mode, wireless clients interconnect via an AP. The Figure below
illustrates infrastructure mode terminology.
Here, traditionally the configuration of the APs to share the same SSID allows wireless
clients to roam between BSAs.
Basic service set (BSS): This consists of a single AP interconnecting all associated
wireless clients.
Basic service area (BSA): This is the area that is bound by the reach of the AP’s signal -
BSA is also called a cell.
Basic service set identifier (BSSID): This is the unique, machine-readable identifier for
the AP that is in the format of a MAC address and is usually derived from the AP’s
wireless MAC address.
Service set identifier (SSID): This is a human-readable, non-unique identifier used by the
AP to advertise its wireless service.
Page 9 of 15
Distribution system (DS): APs connect to the network infrastructure using the wired DS,
such as Ethernet. An AP with a wired connection to the DS is responsible for translating
frames between 802.3 Ethernet and 802.11 wireless protocols.
Extended service set (ESS): When a single BSS provides insufficient coverage, two or
more BSSs can be joined through a common DS into an ESS. An ESS is the union of two
or more BSSs interconnected by a wired DS. Each ESS is identified by its SSID, and
each BSS is identified by its BSSID.
Each AP in the mesh maintains a BSS on one channel used by wireless clients. Then the
APs bridge between each other using other channels.
The mesh network runs its own dynamic routing protocol to determine the best path to
Having a wired Distributed System connecting all APs is not always practical or
necessary. Instead, APs can be configured to connect in mesh mode.
In this mode, APs bridge client traffic between each other, as shown in below.
Page 10 of 15
4.6 Wireless Security Protocols
Wireless traffic is inherently different from traffic traveling over a wired infrastructure.
Any wireless device operating in the same frequency can hear the frames and potentially
read them.
Therefore, WLANs need to be secured to allow only authorized users and devices and to
prevent eavesdropping and tampering of wireless traffic.
For wireless devices to communicate over a network, they must first associate with the
AP.
An important part of the 802.11 process is discovering a WLAN and subsequently
connecting to it. During this process, transmitted frames can reach any device within
range.
If the wireless connection is not secured, then others can read the traffic, as shown below.
The best way to secure a wireless network is to use authentication and encryption
systems.
Two types of authentication were introduced with the original 802.11 standard:
Page 11 of 15
Open system authentication: Should only be used in situations where security is of no
concern. The wireless client is responsible for providing security such as by use of a
virtual private network (VPN) to connect securely.
Shared key authentication: Provides mechanisms shown in table below to
authenticate and encrypt data between a wireless client and an AP. However, the
password must be pre-shared between the parties to allow connection.
Authentication
Description
Method
The original 802.11 specification designed to secure the data using the Rivest
Wired Equivalent Cipher 4 (RC4) encryption method with a static key. However, the key never
Privacy (WEP) changes when exchanging packets. This makes WEP easy to hack. WEP is no
longer recommended and should never be used.
A Wi-Fi Alliance standard that uses WEP but secures the data with the much
Wi-Fi Protected
stronger Temporal Key Integrity Protocol (TKIP) encryption algorithm. TKIP
Access (WPA)
changes the key for each packet, making it much more difficult to hack.
The current industry standard for securing wireless networks. It uses the Advanced
WPA2 Encryption Standard (AES) for encryption. AES is currently considered the
strongest encryption protocol.
The next generation of Wi-Fi security. All WPA3-enabled devices use the latest
security methods, disallow outdated legacy protocols, and require the use of
WPA3
Protected Management Frames (PMF). However, devices with WPA3 are not yet
readily available.
Home routers typically have two choices for authentication: WPA and WPA2. WPA2 is the
stronger of the two. WPA2 authentication methods included the following:
Personal: Intended for home or small office networks, users authenticate using a pre-
shared key (PSK). Wireless clients authenticate with the wireless router using a pre-
shared password. No special authentication server is required.
Enterprise: Intended for enterprise networks but requires a Remote Authentication Dial-
In User Service (RADIUS) authentication server. Although more complicated to set up, it
provides additional security. The device must be authenticated by the RADIUS server,
and then users must authenticate using the 802.1X standard, which uses Extensible
Authentication Protocol (EAP) for authentication.
Page 12 of 15
802.1X/EAP
With open and WEP authentication, wireless clients are authenticated locally at the AP
without further intervention.
The scenario changes with 802.1X: The client uses open authentication to associate with the
AP, and then the client authentication process occurs at a dedicated authentication server.
The three-party 802.1X arrangement, which consists of the following entities:
WPA3
i. WPA3-Personal:
In WPA2-Personal, threat actors can listen in on the “handshake” between a wireless
client and the AP and use brute-force attacks to try to guess the PSK.
Page 13 of 15
WPA3-Personal thwarts such attacks by using Simultaneous Authentication of Equals
(SAE), a feature specified in the IEEE 802.11-2016.
The PSK is never exposed, making it impossible for the threat actor to guess.
ii. WPA3-Enterprise:
WPA3-Enterprise still uses 802.1 X/EAP authentications. However, it requires the use of
a 192-bit cryptographic suite and eliminates the mixing of security protocols for previous
802.11 standards.
WPA3-Enterprise adheres to the Commercial National Security Algorithm (CNSA) suite,
which is commonly used in high-security Wi-Fi networks.
iii. Open networks:
Open networks in WPA2 send user traffic in unauthenticated plaintext.
In WPA3, open or public Wi-Fi networks still do not use any authentication.
However, they do use Opportunistic Wireless Encryption (OWE) to encrypt all wireless
traffic.
Page 14 of 15
ASSIGNMENT (Due on 22nd October 2023, 5:00pm)
1. Describe how wireless devices use the CSMA/CA to access the network and
exchange data. Describe the frame control headers and the various flags in this header
and for each flag, state its role/function. (10 Marks)
2. Discuss the various encryption methods used to secure data transmission in data
networks. Highlight the Pro and the Cons of each method. (10 Marks)
Page 15 of 15