MASENO UNIVERSITY

DEPARTMENE OF INFORMATION TECHNOLOGY

CIR 209: Wireless Network Design & Implementation
WIRELESS NETWORK STANDARDS
4.1 Brief Background
 Wireless networks are networks that use radio waves to link network devices, enabling
access to computing resources for devices that are not physically connected to a physical
network.
 The Federal Communications Commission (FCC), a standardizing body in the USA together
with IEEE has played a significant role in the governance of the Wireless Network
development and implementation.
 The FCC manages the Radio Frequency spectrum and allocates different frequencies for
different purposes.
 In Kenya the Communication Authority of Kenya is responsible for managing the Radio
Frequency spectrum in Kenya (Activities of CAK are guided by internationally agreed
standards).
 The FCC has set aside 900MHz, 2.4 GHz and 5 GHz frequency bands as unlicensed bands
for Industrial, Scientific and Medical (ISM) applications. The lack of licensing requirements
has significantly contributed to the growth of the wireless industry.
 These bands are used for consumer and commercial WiFi and WLAN applications as well as
for commercial Radio Frequency Identification (RFID). A frequency range is typically called
a band of frequencies. For example, a wireless LAN device with a 2.4-GHz antenna can
actually use any frequency from 2.4000 to 2.4835 GHz. The 5-GHz band lies between 5.150
and 5.825 GHz.
900 MHz Band
 The 900 MHz ISM band is very narrow and this limits the maximum data rates.
 Typically applications such as RFID
 The 900 MHz frequency is better than 2.4 GHz frequency when obstructions such as
trees and leaves are in the Line of Sight (LOS).
 The 2.4 GHz frequency is absorbed by water found in trees and leaves which causes
path loss of the 2.4 GHz transmission.
 900 MHz is often used in Non-Line-Of-Sight (NLOS) applications.
2.4 GHz Band

Page 1 of 15
  For the home user and commercial business 2.4 GHz is the primary band one uses for
WiFi, Bluetooth, cordless phone, printer, keyboard, mouse and gaming controller
applications.
 Voice, video and data communications are typically used in 2.4 GHz systems
requiring higher data rates (up to 300 Mbps for 802.11n applications).
 2.4 GHz is the most widely used frequency and in some cases may be overcrowded.
 When too much overcrowding occurs, your Wi-Fi network signal may be weak or not
work at all.
5 GHz Band
 The 5 GHz frequency is often used in commercial WiFi applications.
 Many times it is used as a backhaul link connecting two 2.4 GHz systems over some
distance.
 5 GHz is also the frequency used for the emerging standard 802.11ac which will
provide up to 1.3 Gbps of wireless data throughput.
Radio Frequency Spectrum

 Traditionally, wireless technologies were limited to short distances such as an office building
or building campus, and were usually are implemented as extensions to existing wired local
area networks to enhance user mobility.

Page 2 of 15
4.2 Wireless Network Classification
 Wireless networks can be classified into four specific groups according to:
 Area of application and
 Signal range.
i. Wireless Personal-Area Networks (WPAN)
ii. Wireless Local-Area Networks (WLANs)
iii. Wireless Metropolitan-Area Networks (WMAN)
iv. Wireless Wide-Area Networks (WWANs).

Figure 1.0: Wireless Network Classification

4.3 Wireless Network Standards: OSI Reference Model
 IEEE 802 LAN MAN Standards Committee of the Institute of Electrical and Electronics
Engineers, Inc. (IEEE) is responsible for implementing the standards that govern
development devices and implementation of WLAN networks.
 IEEE 802.11 (Controlled by LAN MAN Standards Committee of the IEEE) is a set of media
access control (MAC) and physical layer (PHY) specifications for implementing wireless
local area networks in the 2.4 GHz, 5 GHz, and 60 GHz frequency bands.

Figure 1.0: The OSI Model – implementation of Wireless Network Technologies

Page 3 of 15
Note: Recall the following wireless interference and transmission integrity techniques
Source of Content Below: Computer Science Department, Stanford University: cs.stanford.edu,
IEEE and Cisco Systems
 Frequency Hoping Spread Spectrum (FHSS)
 This is frequency hopping technique, where the devices that are communication are
made to change the frequencies of usage, from one to another in a specified time
interval, hence called as frequency hopping. For example, a frequency was allotted to
device 1 for a particular period of time. Now, after a while, device 1 hops to the other
frequency and device 2 uses the first frequency, which was previously used by device
1. This is called as frequency reuse. The frequencies of the data are hopped from one
to another in order to provide a secure transmission. The amount of time spent on
each frequency hop is called as Dwell time.
 Practically, in FHSS, a given bandwidth (range of frequencies) is divided into many
different distinct channels. Bluetooth, for example, uses the 2.4 - 2.843 Ghz
bandwidth, with 79 defined channels. In order to send a signal, the transmitter and
receiver must first synchronize on a particular channel and seed value. The
transmitter then starts sending its message, only broadcasting for a few hundred
milliseconds on any given channel. The transmitter jumps between channels based
upon a pseudorandom algorithm; since the receiver knows the starting channel and
has the same seed, it can use the same algorithm to follow the jumps and receive the
signal.
 To any device that does not know the jumping sequence, the message is nearly
indecipherable. There can be many different FHSS devices broadcasting at the same
time in the same area, because when each device is using its own sequence the chance
of two of them being on the same channel at the exact same instant is relatively low.
FHSS does not significantly affect any tight band transmissions, because there is only
an occasional spike of interference on any given channel. And 'bad' channels with a
lot of interference only cause a small percentage error in a FHSS transmission, since a
single bad channel means only one bit out of 79 will be disrupted.
 The primary disadvantage of FHSS is its relatively low transfer limit, since only so
much information can be sent over any given frequency.

Page 4 of 15
 Direct Sequence Spread Spectrum (DSSS)
 Whenever a user wants to send data using this DSSS technique, each and every bit of
the user data is multiplied by a secret code, called as chipping code. This chipping
code is nothing but the spreading code which is multiplied with the original message
and transmitted. The receiver uses the same code to retrieve the original message.
 DHSS spreads the signal over a larger bandwidth than needed, sacrificing bandwidth
efficiency for transmission speed and redundancy. For example, 802.11b DSSS uses
22 Mhz channels, as opposed to the roughly 1 Mhz channels used by FHSS. DSSS
accomplishes its frequency spreading by transforming each bit into a distinct, longer
sequence. For example, a single '1' bit might become a particular 11-bit sequence
(00010011100). At first glance, it might seem that this would greatly reduce
transmission speed - after all, you are sending 11 times as much data - but, in reality,
the use of many different frequencies makes DSSS much faster than FHSS.
 Speed is only one of the advantages of DSSS. The post-processing of a DSSS signal
greatly reduces the effects of impulse interference. DSSS signals, by definition,
contain a great deal of redundancy, allowing for complex error checking on the
received signal. In addition, there is less power required for the transmission on any
given single frequency.
 Unfortunately, due to DSSS's liberal use of available bandwidth, there is a sharp limit
on the number of DSSS devices in any given area. For example, with 802.11b's 2.4 -
2.843 Ghz bandwidth, only 3 DSSS users (each using different 22 Mhz ranges) can
share the airwaves before encountering interference.

 Orthogonal Frequency Division Multiplexing (OFDM)

 OFDM: Orthogonal Frequency Division Multiplexing is a form of signal modulation
that divides a high data rate modulating stream placing them onto many slowly
modulated narrowband close-spaced subcarriers and in this way is less sensitive to
frequency selective fading. The fact that OFDM uses a large number of carriers, each
carrying low bit rate data, means that it is very resilient to selective fading,
interference, and multipath effects, as well providing a high degree of spectral
efficiency.

Page 5 of 15
  OFDM is a form of multicarrier modulation. An OFDM signal consists of a number
of closely spaced modulated carriers. When modulation of any form - voice, data, etc.
is applied to a carrier, then sidebands spread out either side. It is necessary for a
receiver to be able to receive the whole signal to be able to successfully demodulate
the data. As a result when signals are transmitted close to one another they must be
spaced so that the receiver can separate them using a filter and there must be a guard
band between them. This is not the case with OFDM. Although the sidebands from
each carrier overlap, they can still be received without the interference that might be
expected because they are orthogonal to each another. This is achieved by having the
carrier spacing equal to the reciprocal of the symbol period.
 Accordingly, OFDM, Orthogonal Frequency Division Multiplexing is used for many
of the latest wide bandwidth and high data rate wireless systems including Wi-Fi;
802.11a, 802.11n, 802.11ac, cellular telecommunications and others.

4.4 Wireless Network Standards: IEEE 802.11x Standards

 The 802.11 standard is defined through several specifications of WLANs. It defines an over-
the-air interface between a wireless client and a base station or between two wireless clients.
 All WiFi networks are contention-based Time Division Duplexing (TDD) systems, where the
access point and the mobile stations all vie for use of the same channel. Because of the
shared media operation, all WiFi networks are half duplex.
 The WiFi standards define a fixed channel bandwidth of 25 MHz for 802.11b and 20 MHz
for either 802.11a or g networks.
 There are three key attributes that define a 802.11x standard:
i. The frequency of transmission
ii. The achievable data rates
iii. The channel utilization (FHSS, DSSS or OFDM)

IEEE 802.11
 Created in 1997 by Institute of Electrical and Electronics Engineers (IEEE)
 First WLAN standard
 Provides 1 - or 2-Mbps transfer rates
 Transmission in the 2.4-GHz band

Page 6 of 15
  Using either frequency-hopping spread spectrum (FHSS)

IEEE 802.11a
 This is an extension to 802.11
 Higher rates of 54 Mbps
 Transmits on the 5-GHz band.
 Employs the orthogonal frequency division multiplexing (OFDM) encoding scheme

IEEE 802.11b
 IEEE expanded on the original 802.11 standard in July 1999
 A WLAN Standard
 Has higher rates of 11 Mbps but could fall to 5.5Mbps, 2Mbps, and 1 Mbps
depending on strength of signal)
 Transmits in the 2.4-GHz band.
 The 802.11b specification uses only DSSS.
 Lowest cost; signal range is good and not easily obstructed but slowest maximum
speed; home appliances may interfere on the unregulated frequency band

IEEE 802.11g
 Developed in 2002/2003
 A WLAN standard
 Attempts to combine the best of both 802.11a and 802.11b
 Supports bandwidth or data rates of up to 54 Mbps
 Uses the 2.4 GHz frequency for greater range.
 Backwards compatible with 802.11b - meaning that 802.11g access points will work
with 802.11b wireless network adapters and vice versa
 Pros of 802.11g - fast maximum speed; signal range is good and not easily obstructed
 Cons of 802.11g - costs more than 802.11b; appliances may interfere on the
unregulated signal frequency

IEEE 802.11n

Page 7 of 15
  802.11n (also sometimes known as "Wireless N"), designed to improve on 802.11g in
the amount of bandwidth supported by utilizing multiple wireless signals and
antennas (called MIMO technology) instead of one.
 Industry standards groups ratified 802.11n in 2009 with specifications providing for
up to 300 Mbps of network bandwidth.
 802.11n also offers somewhat better range over earlier Wi-Fi standards due to its
increased signal intensity, and it is backward-compatible with 802.11b and 802.11b
 Pros of 802.11n - fastest maximum speed and best signal range; more resistant to
signal interference from outside sources
 Cons of 802.11n - standard is not yet finalized; costs more than 802.11g; the use of
multiple signals may greatly interfere with nearby 802.11b/g based networks

IEEE 802.11ac
 The recent generation of Wi-Fi signaling in popular use.
 Utilizes dual band wireless technology - supporting simultaneous connections on
both the 2.4 GHz and 5 GHz Wi-Fi bands.
 Offers backward compatibility to 802.11b/g/n and bandwidth rated up to 1300 Mbps
on the 5 GHz band plus up to 450 Mbps on 2.4 GHz.
 Pros of 802.11ac – offers improved bandwidth and more flexibility through
simultaneous connection support; backwards compatibility allows use of existing
technologies
 Cons of 802.11ac –dual bands mean increased cost; still prone to interference on the
2.4GHz frequency

IEEE 802.11ax
 Released in 2019
 Defined as a High-Efficiency Wireless (HEW)
 Can transmit at 2.4 GHz – to achieve higher data rates and increased capacity
 At 5 GHz, it handles many connected devices

4.5 Wireless Topologies

 The 802.11 standard identifies two main wireless topology modes:

Page 8 of 15
 a) Infrastructure mode.
b) Independent Basic Service Set (IBSS) (also known as ad hoc mode).
c) But with the ubiquity of wireless networks, mesh topologies are now common.
4.5.1 Infrastructure Mode
 With infrastructure mode, wireless clients interconnect via an AP. The Figure below
illustrates infrastructure mode terminology.
 Here, traditionally the configuration of the APs to share the same SSID allows wireless
clients to roam between BSAs.

Infrastructure mode terminology includes the following:

 Basic service set (BSS): This consists of a single AP interconnecting all associated
wireless clients.
 Basic service area (BSA): This is the area that is bound by the reach of the AP’s signal -
BSA is also called a cell.
 Basic service set identifier (BSSID): This is the unique, machine-readable identifier for
the AP that is in the format of a MAC address and is usually derived from the AP’s
wireless MAC address.
 Service set identifier (SSID): This is a human-readable, non-unique identifier used by the
AP to advertise its wireless service.

Page 9 of 15
  Distribution system (DS): APs connect to the network infrastructure using the wired DS,
such as Ethernet. An AP with a wired connection to the DS is responsible for translating
frames between 802.3 Ethernet and 802.11 wireless protocols.
 Extended service set (ESS): When a single BSS provides insufficient coverage, two or
more BSSs can be joined through a common DS into an ESS. An ESS is the union of two
or more BSSs interconnected by a wired DS. Each ESS is identified by its SSID, and
each BSS is identified by its BSSID.

4.5.2 Independent Basic Service Set (IBSS), or Ad Hoc Mode

 In the 802.11 standard, Independent Basic Service Set (IBSS) is defined as two devices
connected wirelessly in a peer-to-peer (P2P) manner without the use of an AP.
 One device takes the role of advertising the wireless network to clients.
 The IBSS allows two devices to communicate directly without the need for any other
wireless devices, as shown below.
 IBSSs do not scale well beyond 8 to 10 devices.

4.5.3 Mesh WLAN topology

 Each AP in the mesh maintains a BSS on one channel used by wireless clients. Then the
APs bridge between each other using other channels.
 The mesh network runs its own dynamic routing protocol to determine the best path to
 Having a wired Distributed System connecting all APs is not always practical or
necessary. Instead, APs can be configured to connect in mesh mode.
 In this mode, APs bridge client traffic between each other, as shown in below.

Figure: Mesh Topology

Page 10 of 15
4.6 Wireless Security Protocols
 Wireless traffic is inherently different from traffic traveling over a wired infrastructure.
 Any wireless device operating in the same frequency can hear the frames and potentially
read them.
 Therefore, WLANs need to be secured to allow only authorized users and devices and to
prevent eavesdropping and tampering of wireless traffic.

4.6.1 Wireless Authentication Methods

 For wireless devices to communicate over a network, they must first associate with the
AP.
 An important part of the 802.11 process is discovering a WLAN and subsequently
connecting to it. During this process, transmitted frames can reach any device within
range.
 If the wireless connection is not secured, then others can read the traffic, as shown below.

 The best way to secure a wireless network is to use authentication and encryption
systems.
 Two types of authentication were introduced with the original 802.11 standard:

Page 11 of 15
  Open system authentication: Should only be used in situations where security is of no
concern. The wireless client is responsible for providing security such as by use of a
virtual private network (VPN) to connect securely.
 Shared key authentication: Provides mechanisms shown in table below to
authenticate and encrypt data between a wireless client and an AP. However, the
password must be pre-shared between the parties to allow connection.

Shared Key Authentication Methods

Authentication
Description
Method
The original 802.11 specification designed to secure the data using the Rivest
Wired Equivalent Cipher 4 (RC4) encryption method with a static key. However, the key never
Privacy (WEP) changes when exchanging packets. This makes WEP easy to hack. WEP is no
longer recommended and should never be used.
A Wi-Fi Alliance standard that uses WEP but secures the data with the much
Wi-Fi Protected
stronger Temporal Key Integrity Protocol (TKIP) encryption algorithm. TKIP
Access (WPA)
changes the key for each packet, making it much more difficult to hack.
The current industry standard for securing wireless networks. It uses the Advanced
WPA2 Encryption Standard (AES) for encryption. AES is currently considered the
strongest encryption protocol.
The next generation of Wi-Fi security. All WPA3-enabled devices use the latest
security methods, disallow outdated legacy protocols, and require the use of
WPA3
Protected Management Frames (PMF). However, devices with WPA3 are not yet
readily available.

WPA and WPA2

Home routers typically have two choices for authentication: WPA and WPA2. WPA2 is the
stronger of the two. WPA2 authentication methods included the following:

 Personal: Intended for home or small office networks, users authenticate using a pre-
shared key (PSK). Wireless clients authenticate with the wireless router using a pre-
shared password. No special authentication server is required.
 Enterprise: Intended for enterprise networks but requires a Remote Authentication Dial-
In User Service (RADIUS) authentication server. Although more complicated to set up, it
provides additional security. The device must be authenticated by the RADIUS server,
and then users must authenticate using the 802.1X standard, which uses Extensible
Authentication Protocol (EAP) for authentication.

Page 12 of 15
802.1X/EAP

 With open and WEP authentication, wireless clients are authenticated locally at the AP
without further intervention.
 The scenario changes with 802.1X: The client uses open authentication to associate with the
AP, and then the client authentication process occurs at a dedicated authentication server.
 The three-party 802.1X arrangement, which consists of the following entities:

i. Supplicant: The client device that is requesting access.

ii. Authenticator: The network device that provides access to the network; the AP
forwards the supplicant’s message to the WLC.
iii. Authentication server (AS): The device that permits or denies network access based
on a user database and policies (usually a RADIUS server).

WPA3

WPA3 includes three features:

i. WPA3-Personal:
 In WPA2-Personal, threat actors can listen in on the “handshake” between a wireless
client and the AP and use brute-force attacks to try to guess the PSK.

Page 13 of 15
  WPA3-Personal thwarts such attacks by using Simultaneous Authentication of Equals
(SAE), a feature specified in the IEEE 802.11-2016.
 The PSK is never exposed, making it impossible for the threat actor to guess.
ii. WPA3-Enterprise:
 WPA3-Enterprise still uses 802.1 X/EAP authentications. However, it requires the use of
a 192-bit cryptographic suite and eliminates the mixing of security protocols for previous
802.11 standards.
 WPA3-Enterprise adheres to the Commercial National Security Algorithm (CNSA) suite,
which is commonly used in high-security Wi-Fi networks.
iii. Open networks:
 Open networks in WPA2 send user traffic in unauthenticated plaintext.
 In WPA3, open or public Wi-Fi networks still do not use any authentication.
 However, they do use Opportunistic Wireless Encryption (OWE) to encrypt all wireless
traffic.

Comparison of Wireless Security Protocols

Source: https://ipcisco.com/lesson/wireless-security-protocols/

Page 14 of 15
ASSIGNMENT (Due on 22nd October 2023, 5:00pm)

1. Describe how wireless devices use the CSMA/CA to access the network and
exchange data. Describe the frame control headers and the various flags in this header
and for each flag, state its role/function. (10 Marks)
2. Discuss the various encryption methods used to secure data transmission in data
networks. Highlight the Pro and the Cons of each method. (10 Marks)

Page 15 of 15