You are on page 1of 131

Home Network Technologies

Home Network related web


technologies
Home
Networking
Technology

Computer

Home
Network

Internet

Broadband
Access
Technology
ISP

TV

Broadband Access Technologies

Digital Subscriber Line (DSL)


Cable Modem
Broadband Over Power Line (BOPL)
Fiber-to-the-Home (FTTH)
IEEE 802.16 (WiMax)
GPRS; 3.5G

Outlines
Broadband Over Power Line
Digital Subscriber Line (DSL) Technology
Cable Modem

Broadband Over Power Line


(BOPL)
Use existing electrical lines to provide the
medium for a high speed communications
network
Superimposing voice or data signals onto
the line carrier signal using OFDM
Two categories
In-house
access

In-House BPL
connecting machines within a building
HomePlug: an alliance for in-house BPL

Access BPL
Delivers the last mile of broadband to the
home

Access BPL Architecture


Coupler
Internet
VoIP

Backhaul
Backhaul
Point

Wireless
link

Coupler
Bridge

Medium-voltage
lines
Low-voltage
lines

Coupler

Coupler

Bridge
Backhaul
Point

Advantages of BPL
Power lines are our most ubiquitous
infrastructure
Lower cost of deployment
Existing wires

Main Concerns
Radio Frequency Interference (RFI) to
licensed service
power lines are inherently a very noisy
environment
Every time a device turns on or off, it
introduces a pop or click into the line.
Energy-saving devices often introduce noisy
harmonics into the line

Digital Subscriber Line (DSL)


Technology
The key in DSL technology is modulation, a process in
which one signal modifies a properties of another.
Hardware: DSL requires modems and splitters for endusers; carriers use DSLAMs (digital subscriber line
access multiplexers)
Differences between xDSL technologies: speed,
operating distance, applications, ratio between up and
downstream
Different approaches: ATM-based ADSL, ISDN DSL.
The important thing is what is running over xDSL...

xDSL - Digital Subscriber Line Technology

ADSL: Asymmetric Digital


Subscriber Line
twisted pair copper (single loop)
asymmetric: most commonly:
downlink: 256 Kbps - 8 Mbps
uplink : 64 Kbps - 2 Mbps

limited distance (18000 feet over 26gauge copper)

RADSL: Rate-Adaptive Digital


Subscriber Line
varying speeds depending upon line
quality; asymmetric
downlink: 1.5 Mbps - 8 Mbps
uplink : 176 Kbps - 1 Mbps

limited distance (18000 feet over 26gauge copper)

HDSL: High-speed Digital


Subscriber Line
full-duplex, symmetric
1.544 Mbps or 2.048 Mbps in each direction

two twisted pairs (for T1) and 3 pairs (for


E1)
max distance 12,000 feet

VDSL: Very-high-bit-rate Digital


Subscriber Line (known as
BDSL)

asymmetric

downlink: 12.96-51.84 Mbps


uplink : 1.6 - 2.3 Mbps

max 4,500 - 1,000 feet


applications: High definition TV,
multimedia

Cable Modem
primarily used to deliver broadband Internet
access on Hybrid Fibre-Coaxial (HFC)
Internet
Cable Modem

Computer

Cable
TV

Cable

CMTS
Television
Company

Cable Modem Standards


DOCSIS (Data Over Cable Service
Interface Specification)
1.0 (1997): typical 2 Mbps upstream
1.1 (1999): 10 Mbps upstream
2.0 (2002) : 30 Mbps upstream

Hybrid Fibre-Coaxial (HFC)


combines optical fiber and coaxial cable

The Downstream & Upstream Path


The downstream data path of the cable modem uses a SINGLE
6mhz TV channel, which is typically in the higher frequencies range
(550 MHz and above) because higher frequencies can carry
information faster.
The lower end of the radio frequency spectrum (5MHz 42 MHz) is
used for the upstream or the return path.
In terms of data bandwidth, the typical upstream channel usually has
a capacity of around 5 Mbps.
The total downstream bandwidth for a single channel is around 30
Mbps.
Downstream Channel
Multiple TV Channels
Upstream
signaling

5-42
MHz

...
50 MHz - 550 MHz

550 MHz - 750 and up MHz

Cable TV Spectrum

Cable Modem: Modulation &


Demodulation Phase
Demodulation Phase:
tunes to the appropriate 6 MHz downstream channel (42 MHz
850 MHz).
demodulates the signal and extracts the downstream data that is
destined for it
converts the data into an Ethernet or USB signal to be fed into
the users computer.

Modulation Phase: The cable modem receives data on


its Ethernet or USB interface and modulates the data
onto the upstream carrier frequency, negotiates channel
access with the CMTS and sends the data.

Protecting the Downstream Channel


(and the upstream as well)
A component of the DOCSIS 1.1 standard called Baseline
Privacy Initiative+ (BPI+) is bi-directional encryption between
cable modem and the CMTS
Each DOCSIS 1.1 compliant cable modem has a digital
certificate stored in its firmware. This allows for the cable
modem to be authenticated onto the network.
The authentication takes place when the CMTS verifies the
certificate presented by the modem. (The certificate is signed
by the manufacturers private key).
Encryption is based on 56-bit Triple-DES
This scheme effectively renders any sniffing attempts useless,
unless cracking of the Triple-DES scheme is possible

DOCSIS Security Overview


-- BPI+ -Internet

CM Authentication
(X.509 Certificates)
Key Management
(RSA, Tri-DES)

abcdef

TFTP Server

CMTS

Digitally Signed by:


DOCSCSIS Root

CM Certificate
......
Digitally Signed by:
Mfg CA

Data Encryption
(DES) x$a9E!

Secure Software Download


(X.509 Certificate)

Mfg Certificate
......

abcdef

CM

CM Code
File

New CM Code
......
Digitally Signed by:

Manufacturer

PC

The Device
The cable modem bridges Ethernet
frames between a customer LAN and the
coax cable network
It does, however, also support
functionalities at other layers
Ethernet PHY and DOCSIS PHY
IP address
UDP, port-based packet filtering
DHCP, SNMP, TFTP

Fiber-to-the-Home
(FTTH)

//

Copper
Fiber

CO/HE

CO/HE
//

Old networks, optimized for voice

CO/HE

//

Optical networks, optimized for voice,


video and data
Note: network may be aerial
or underground

24 kbps - 1.5 Mbps

19 Mbps - 1 Gbps +

FTTH Characteristics
FTTH is an optical access network in which the
optical network unit is on or within the customers
premise.
Although the first installed capacity of a FTTH
network varies, the upgrade capacity of a FTTH
network exceeds all other transmission media.
Optical Access Network
CO/HE

Optical Line
Termination
Source: www.ftthcouncil.org

//

Optical
Network
Unit

Why FTTH?

Enormous information carrying capacity


Easily upgradeable
Ease of installation
Allows fully symmetric services
Reduced operations and maintenance costs
Benefits of optical fiber:

Very long distances


Strong, flexible, and reliable
Allows small diameter and light weight cables
Secure
Immune to electromagnetic interference (EMI)

Fiber versus Copper


Glass

Copper

Uses light
Transparent
Dielectric materialnonconductive
EMI immune
Low thermal expansion
Brittle, rigid material
Chemically stable

Uses electricity
Opaque
Electrically conductive
material
Susceptible to EMI

High thermal expansion


Ductile material
Subject to corrosion and
galvanic reactions
Fortunately, its
recyclable

Architecture and Transport


Architecture
(Electronics)
PON
Active node
Hybrid

Transport:
ATM or
Ethernet

CO/HE

//

FTTH Architectures
Passive Optical Networks (PONs)
Shares fiber optic strands for a portion of the networks
distribution
Uses optical splitters to separate and aggregate the signal
Power required only at the ends

Active Node
Subscribers have a dedicated fiber optic strand
Many use active (powered) nodes to manage signal
distribution

Hybrid PONs
Literal combination of an Active and a PON architecture

FTTH Technical Considerations


Data

How much per home?


How well can you share the channel?
Security how do you protect the subscribers data?
What kind of QoS parameters do you specify?
Compatible business services?
SLAs
T1

Support for voice?


Support for video?
Broadcast
IPTV

FTTH Technical Considerations


Data
How much per home?
How well can you share the channel?
Security how do you protect the subscribers
data?
What kind of QoS parameters do you specify?

FTTH Technical Considerations: Speed


Data requirements
Competition: ADSL, cable modem ~0.5 to ~1.5
Mb/s shared, asymmetrical
FTTH ~10 to 30 Mb/s non-shared or several 100
Mb/s shared, symmetrical
SDTV video takes 2-4 Mb/s today at IP level
HDTV takes maybe 5 times STDV requirement
Pictures can run 1 MB compressed
5.1 channel streaming audio would run ~380
kb/s

FTTH Technical considerations:


Security
Security
Data is shared in the downstream direction in most
systems
Your Gateway filters out all packets not intended for you
But there is fear that someone will snoop on your data
FSAN has a low-complexity, low-security encryption
scheme
802.3ah has formed a committee to study security
Manufacturers have taken their own tacks on security,
from none to robust

FTTH Data Flow and Security:


Downstream
Time division
multiplex (TDM)
each subscribers
data gets its turn.

T
//
//

D
//

//

//

//

Tom

//

Box on side of home separates out


only the data bound for that
subscriber. But the fear is that
someone will fool his box into giving
data intended for another subscriber.
Solution is to encrypt the data.

Harry

Dick

FTTH Data Flow and Security:


Upstream
Time division multiple
access (TDMA) similar to
downstream, with gap for
laser start/stop

T
//
//

D
//

//

//

Tom

//
//

Due to the physics of the


network, Harrys data flows
upstream but does not come
to Toms box, so Tom cannot
see Harrys data

Harry

Dick

FTTH Data Flow and QoS


If Dick has paid for
more bandwidth, he
gets more

T
//
//

D
//

//

//

//

Tom

//

If Toms packets need higher


priority (e.g., telephone), they
go first

Harry

Dick

Video Delivery with FTTH


several different ways
Broadcast (cable TV standards)
Analog or Digital
Benefit from high volume and rich applications of cable boxes

IPTV TV transmitted over Internet Protocol


Feasible, and some people are doing it in place of broadcast
Bandwidth hog, but statistics can work for you

Interesting hybrid model awaits hybrid STTs, but can give


the best of both worlds

IPTV Unicast (VOD)


Router B
Router A
(headend)

Router E

In-home
routing

Router C
(network)

VOD server

Router D
(NID)

Program
stream

Program
request

In-home
routing

In-home
routing
In-home
routing

Set top
terminal

Subscriber's TV

Home Networking Technologies


IEEE 802.3/Ethernet
IEEE 802.11 a/b/g/n (WiFi)
Bluetooth
In-House BPL (HomePlug)

IEEE 802.3 Family


Original IEEE 802.3 (Ethernet)
10 Mbps

Fast Ethernet
1000 Mbps

Gigabit Ethernet
1 Gbps

10 G Ethernet
10 Gbps

Gigabit Ethernet Networks


1000 Mbps transmission rate
IEEE 802.3 CSMA/CD frame format
Medium: Twisted pair (UTP, STP) or Fiber
Hub- or switch-based topology
Do not support priority scheme
Bandwidth utilization is not guaranteed to be fair
Do not support guaranteed delay service
Low bandwidth utilization under heavy loads
Suitable for multimedia communications

Gigabit Ethernet Architecture

Gigabit Ethernet Communication


Structure
Ethernet Upper Layers
Logical Link Control
(LLC)
Media Access Control (MAC)
Gigabit Media Independent Interface (GMII)
1000BASE-T
Codec

8B/10B Coding/Decoding
1000BASE-LX 1000BASE-SX
1270-1355 nm
770-860 nm

SMF

3 km

MMF

1000BASE-CX
STP

MMF
Balance Shielded
MMF
Copper
50 um 62.5 um

550m 550m

300m

25m

1000BASE-T
4-Pair

Cat-5
UTP

100m

Gigabit Ethernet
Physical Layer
1000BASE-T (UTP, IEEE 802.3ab)
1000BASE-CX (Short copper jumpers,
IEEE 802.3z)
1000BASE-SX (Shortwave fiber, IEEE
802.3z)
1000BASE-LX (Longwave fiber, IEEE
802.3z)

Gigabit Ethernet Characteristics


Good fault tolerance
Hub/Repeater architecture

Carrier Extension for short frames.


Frame Bursting to increase performance
(optional).

Half-Duplex vs. Full-Duplex


Gigabit Ethernet can operate in either halfduplex or full-duplex mode.
Half-duplex poses some difficult problems
that can result in restrictions on the
allowable topologies and/or changes to the
Ethernet MAC algorithm.
Full-duplex is simpler to implement than a
half-duplex MAC.

Limitations of Half-duplex
Operation
CSMA/CD implies an intimate relationship between the
minimum length of a frame (L, measured in bit-times, not
absolute time) and the maximum round-trip propagation
delay (2a) of the network: L > 2a
transmission time

frame _ size
transmission _ rate

time

A
maximum
hub
distance
B
space

round trip
propagation delay

10 Mbps Ethernet
For the original 10 Mbps Ethernet, a compromise was struck.
Minimum frame = 512 bits (64 bytes), not including the preamble
and Physical Layer overhead.
Minimum data field = 46 bytes rarely imposes a significant
padding overhead (IP header + TCP header = 40 bytes).
At 10 Mbps, 512 bit-times is 51.2us. Depends on the type of
cable used and the network configuration, the extent of a 10
Mbps Ethernet can be on the order of from 2-3 Km.
7
Preamble

1
SFD

6
DA

6
SA

2
LEN

46
Data

Minimum Frame Length (512 bits)

4
FCS

Network Extent
For a given minimum-length frame, the extent of
a network scales inversely with data rate.
10,000 m
~ 2800m
1,000 m
~ 205m
100 m
~ 20m
10m

10Mbps

100 Mbps

1000 Mbps

100 Mbps Fast Ethernet


For 100 Mbps Fast Ethernet, a conscious choice
had to be made to do one or more of the
following:
Increase the minimum frame length so that large
networks (with multiple repeaters) could be supported.
Change the CSMA/CD algorithm to avoid the conflict.

Leave the minimum frame as is, and decrease the


extent of the network accordingly.

Limitations of Half-duplex
Operation
For Hub-based configuration (1995 ~), the only truly
important distance was from the user to the wiring closet
(<100m, 200m diameter).
A change to the minimum frame length would have required
changes to higher-layer software, including device driver
and protocol suite implementation. Also difficult to
seamlessly bridge between 10 Mbps and 100 Mbps
network with different minimum frame lengths.
A change to the CSMA/CD algorithm would have
significantly delayed the release of the Fast Ethernet
standard.

Limitations of Half-duplex
Operation
Fast Ethernet uses
The same 512-bit minimum frame.
Decrease the network extent to the order of
200m, using twisted-pair cabling.
No change to the CSMA/CD algorithm.

For Gigabit Ethernet, network extent is


only about 20m!!, if the same approach
is used.

Carrier Extension
For Ethernet/Fast Ethernet, the minimum frame
length = slotTime = 512 bits.
Gigabit Ethernet keeps the 512-bit minimum
frame length but sets slotTime to 512 bytes
In Gigabit Ethernet, frames that shorter than
slotTime are extended by appending a carrierextension field so that they are exactly one
slotTime long.
Frames longer than slotTime are untouched

Carrier Extended Frame Format


512-byte Short Frame
8

Preamble/SFD

DA

6
SA

2
LEN

46 - 493
Data

FCS

Exten

Minimum Nonextended
Frame Length (64 bytes)

Carrier-Extended Frame (64-511 Bytes)


8
Preamble/SFD

6
DA

6
SA

2
LEN

Non-Carrier-Extended Frame ( 512 Bytes)

494 - 1500
Data

Channel Efficiency
The use of carrier extension for short frames
imposes a significant performance degradation.
In the worst-case (a stream of minimum length
frames of 512 bits with a 64-bit preamble/SFD
and a 96-bit interframe gap), the channel
efficiency is
512
length of
= 12%
slot time

4096 + 64 + 96

512

= 76%
For Ethernet (Fast Ethernet),
512 + 64 + 96

Frame Bursting
The solution is to allow a station to send multiple frames,
while extending only the first one with carrier extension
(Frame Bursting).
No additional frames are sent if a collision occurs before the
slotTime expires.
After that time, the station can begin sending additional
frames without contending again.
The interframe gap is filled with non-data symbols.
The bursting station may continue to start new frames for up
to one burstLength, which limits the maximum time that a
station is allowed to dominate the channel.

Frame Bursting
Maximum Time to start of Last frame
in Burst (8192 Bytes)

SlotTime
(512 Bytes)
Carrier
detection

Carrier extension Inter-Frame Spacing (96 bit time)

frame 1

Preamble
FCS

frame 2

SFD DA SA

frame 3

LEN LLC PAD

frame 4

Frame Bursting
Transmitters are not required to implement frame
bursting.
A trade-off between complexity and performance.
Receiver must be prepared to receive bursted frames.
Even if the first frame in a burst is longer than a slotTime
(no carrier-extension), a station may still continue to burst
frames up to the burstLength time.
Normally, no collision should occur after the first slotTime
during a burst of frames.

Half-Duplex Operational
Parameters
Parameters
SlotTime
(Bit times)
interFrameGap
(us)
attempLimit
backoffLimit
jamSize
maxFrameSize
minFrameSize
extendSize
burstLength
(bits)

Ethernet Type
10Mbps

1 Mbps

512

512

9.6

100 Mbps

1000 Mbps

512

4096

96

0.96

0.096

16
10
32
1518
64
0

16
10
32
1518
64
0

16
10
32
1518
64
0

16
10
32
1518
64
448

65,536

Full-Duplex MAC
When an Ethernet operates in full-duplex mode,
all of the complexity of carrier sense, collision
detection, carrier extension, frame bursting,
backoff algorithm, and so on, has no bearing !!
Only shared medium needs these.
The full-duplex MAC is not really a MAC at all.
With a dedicated channel, a station may transmit
at will.

Limitations of Full-duplex
Operation
The underlying physical channel must be capable of
supporting simultaneous, bi-directional communications
without interference (1000BASE-X and 1000BASE-T
families).
Exactly two devices on the LAN segment.
The interfaces in both devices must be capable of and
configured to use full-duplex mode.
If all of these conditions are met, then full-duplex mode not
only can be used, it should be used.

Operation of Full-Duplex MAC


A station can send a frame any time there is a frame in its
transmit queue and it is not currently sending a frame.
Stations should similarly receive frames at any time, subject
to interframe spacing.
Do not defer transmissions to received traffic.
No need for carrier-extension in full-duplex mode !!
No explicit need for frame bursting !!
Full-duplex MAC can burst at any time (not just after an
extended carrier) and for any length of time (not just for a
burstLength period) !!

Gigabit Ethernet Protocol Stack

CS: Convergence Sublayer


MDI: Medium Dependent Interface
MII: Medium Independent Interface
GMII: Gigabit Medium Independent Interface
LLC
M AC
H igher Layers
&
N etrotk

PLS
M II
AUI

D ata link
Physical

CS

AUI
PM D

M DI

CS
M II

PLS

M edium
1 M bps, 10 M bps

G M II
PC S
PM A
PM D

PM A
M DI

M DI
M edium
10 M bps

CS

PC S
PM A
PM D
M DI

M edium

M edium

100 M bps

1000 M bps

PH Y

10 Gigabit Ethernet Protocol Stack


Proposed IEEE 802.3ae Layers

O SI R ef.

LLC
M AC
H igher Layers
&
N etrotk

R econciliation Sublayer (R S)
X G M II

X G M II

X G M II

64B /66B PC S
D ata link
Physical

64B /66B PC S

W IS

8B /10B PC S

PM A

PM A

PM A

PM D

PM D

PM D

M edium

M edium

M edium

10G B ase-R

10G B ase-W

10G B ase-X

IEEE 802.11 Family


Differs in Physical Layer
IEEE 802.11b
2.45 GHz / 11 Mbps (100 m)

IEEE 802.11a
5.8 GHz / 54 Mbps (70 m)

IEEE 802.11g
2.4 GHz / 54 Mbps (100 m)

IEEE 802.11n
2.4/5 GHz / 100+ (max. 600) Mbps (100+ m)

2.4 GHz Radio Licenses NOT required in these bands 5 GHz

Direct Sequence Spread Spectrum

IEEE 802.11
IEEE 802.11a

IEEE 802.11b
IEEE 802.11g

Standard for WLAN operations at data rates up to 2 Mbps


in the 2.4 GHz ISM band. DSSS modulation.
Standard for WLAN operations at data rates up to 54 Mbps
in the 5 GHz band. Proprietary rate doubling" has achieved
108 Mbps. Realistic rating is 20-26 Mbps.
Wi-Fi or high-speed wireless 1, 2, 5.5 and 11 Mbps in
the 2.4 GHz band. All 802.11b systems are backward
compliant. Realistic rating is 2 to 4 Mbps.
802.11a backward compatible to the 802.11b 2.4 GHz band
using OFDM.

Orthogonal Frequency Division Multiplexing

Adaptive Rate Selection


Performance of the
network will also be
affected by signal strength
and degradation in signal
quality due to distance or
interference.
As the signal becomes
weaker, Adaptive Rate
Selection (ARS) may be
invoked.

Access Point (AP)


Usually connects wireless and
wired networks
if not wired
acts as an extension point
(wireless bridge)

consists of a radio, a wired network interface (e.g.,


802.3), and bridging software conforming to the 802.1d
bridging standard
Number of clients supported
device dependent

AP as a Wireless Bridge
fixed terminal

mobile terminal
server

infrastructure network
access point
application

Application

TCP

TCP

IP

IP

LLC

LLC

LLC

802.11 MAC

802.11 MAC 802.3 MAC

802.3 MAC

802.11 PHY

802.11 PHY 802.3 PHY

802.3 PHY

Basic Service Set (BSS)

Coordinated
function

BSS

Independent Basic Service


Set (IBSS)
A BSS without
Access Point

IBSS

Ad hoc mode

Extended Service Set (ESS)


ESS: one or more BSSs
interconnected by a Distribution
System (DS)
Traffic always flows via Access Point
allows clients to seamlessly roam
between APs

Distributed System (DS)


A thin layer in each AP
embodied as part of the bridge function
keeps track of AP-MN associations
delivers frames between APs
Three types:
Integrated: A single AP in a standalone network
Wired: Using cable to interconnect APs
Wireless: Using wireless to interconnect APs

ESS:
Single BSS (with integrated DS)
A cell
Access
Point
91.44 to 152.4 meters

BSS

ESS: BSSs with Wired


Distribution System (DS)
20-30% overlap

BSS

Di
st
r
Sy ibu
st t io
em n

BSS

ESS: BSSs with Wireless


Distribution System (DS)

BSS

Di
st
Sy ribu
st tio
em n

BSS

ESSID in an ESS
ESSID differentiates one WLAN from another
Client must be configured with the right ESSID
to be able to associate itself with a specific AP
ESSID is not designed to be part of security
mechanism, and it is unfitted to be one
AP broadcast the SSID(s) they support
Client association requests contain the ESSID
Transmitted in the clear

ESSID

Connecting to the Network


Access Point

Client
Probe Request
Probe Response

Authentication Request
Authentication Response
Association Request
Association Response

Probing
802.11
Authentication
Association

Probing Phase
Find an available AP
APs may operate at different channels (11
channels in total in case of 802.11a)
Should scan a channel at least
MinChannelTime
If an AP is found, should last
MaxChannelTime

Active Scanning
AP

MN
probe request with SSID
probe response

If SSID matches

Service Set Identifier (SSID)

Passive Scanning
AP

MN
beacon with SSID

Service Set Identifier (SSID)

Full Scanning
MN

AP 1

AP 2

Scan channel 1

AP 3
MinChannelTime

Scan channel 2
Beacon or Probe Resp

Scan channel 3

Scan channel 11

MaxChannelTime

Authentication and Association Types


WLAN authentication occurs at Layer 2.
It is the process of authenticating the
device not the user.

Authentication request
Authentication response
(Accept or Reject)

802.11 Authentication Methods


Open Authentication (standard)
Shared key authentication (standard)
MAC Address authentication (commonly
used)

Open Authentication
The authentication request contain a NULL
authentication protocol. It must have the AP
SSID.
The access point will grant any request for
authentication
Access Point

Client
Authentication Request

Authentication response

Shared Key Authentication


Requires that the client configures a static WEP key
Access Point

Client
Authentication Request

Authentication response (challenge)

Authentication Request(encrypted challenge)

Authentication response(Success/Failure)

MAC Address Authentication


Not specified in the 802.11 standard, but
supported by many vendors (e.g. Cisco)
Can be added to open and shared key
authentication
Client

Access Point
Auth. Request

Auth. Response (Success/Reject)

RADIUS
Server

Access-Request
(MAC sent as RADIUS req.)
Access-Success/Reject

Open
Authentication

WEP Encapsulation
1.
2.
3.
4.
Initialization
Vector (IV)
WEP Key

P = M || checksum(M)
KeyStream = RC4 (IV || k(
C = XOR (P, KeyStream)
Transmit (IV, C)

{p=plaintext}
{k=shared-key}
{c=ciphertext}
{IV=init-vector}
IV

seed

Plaintext
CRC-32

RC4
PRNG

Key Stream

Ciphertext

Integrity Check Value (ICV)

Message

WEP Decapsulation
1.
2.
3.

WEP Key
IV

Ciphertext

Message

KeyStream = RC4 (IV || k(


P = XOR (C, KeyStream) = M || checksum(M)
If checksum(M) = (checksum(M))
Then P is accepted

Seed

M
RC4
PRNG

Key stream

Plaintext

CRC 32
ICV

ICV
ICV' = ICV?

802.1X
based on EAP (extensible
authentication protocol, RFC 2284)
still one-way authentication
initially, MN is in an unauthorized port
an authentication server exists
after authorized, the MH enters an
authorized port
802.1X ties it to the physical medium, be it
Ethernet, Token Ring or wireless LAN.

Three Main Components


supplicant: usually the client
software
authenticator: usually the access
point
authentication server: usually a
Remote Authentication Dial-In User
Service (RADIUS) server

Extensible Authentication
Protocol (EAP)
the AP does not provide authentication to the client,
but passes the duties to a more sophisticated device,
possibly a dedicated server, designed for that
purpose.
Authentication
server
Authentication
request

Authentication
request

Authentication
response

Authentication
response

802.1X How it works


Client

AP
Auth Server
RADIUS

Let me in! (EAP Start)


Whats your ID? (EAP-request identity message)
ID = xxx@yyy.local (EAP Response)

The answer is 47

Is xxx@yyy.local OK?
Prove to me that you are
xxx@yyy.local

EAP Challenge/
Authentication

Let him in. Here is the session key.


Come in. Here is the session key.
http://yyy.local\index.htm

network
Encrypted
session

Distributed Coordination
Function: CSMA/CA
CSMA: Carrier Sense Multiple Access
physical carrier sense: physical layer
virtual carrier sense: MAC layer
network allocation vector (NAV)

CA: Collision Avoidance


random backoff procedure

shall be implemented in all stations


and APs

Contention Window
random 1

data frame
The winner

contention
window

busy
DIFS

random 2
All stations must wait DIFS
after medium is free
random 3
time

SIFS: Giving Priority to


RTS/CTS/ACK
data frame

Source

busy
Destination

contention
window
ACK

DIFS

DIFS

Others

SIFS

SIFS

Defer access

SIFS: Transmitting
Fragments
Source

DIFS
SIFS

Fragment 1

SIFS

Fragment 2

Destination
SIFS

ACK

Others
Defer access

SIFS

ACK

Contention
Window

EIFS: Low Priority


Retransmission
data frame

Source

busy
Destination

contention
window

DIFS

SIFS

can
resend
EIFS
DIFS
No
ACK
SIFS

Others
Defer access

contension

CSMA/CA with RTS/CTS


SIFS

SIFS

data frame

Source
RTS

busy
Destination

ACK

contention
window

CTS
DIFS
SIFS

SIFS
Others

NAV (RTS)
NAV (CTS)

RTS/CTS is Optional
system parameter RTSThread
RTS/CTS is used only when frame size
RTSThread

Throughput Issues
When a source node sends a frame, the
receiving node returns a positive
acknowledgment (ACK).
This can consume 50% of the available bandwidth.

This overhead, combined with the collision


avoidance protocol (CSMA/CA) reduces the
actual data throughput to a maximum of 5.0 to
5.5 Mbps on an 802.11b wireless LAN rated at
11 Mbps.

What is Bluetooth?
Major joint computing and telecomm
industry initiative
Plan to deliver a revolutionary radio-based
solution
Cable replacement, no line of sight restrictions
Prefect for mobile devices - small, low power, low cost
Open specification (license free)

Bluetooth Characteristics

Data/voice access
Cable replacement technology
1 Mbps symbol rate
Range 10+ meters
Low cost
Low power

Ultimate Headset
(Voice Access)

Cordless Computer
(Cable Replacement)

Automatic Synchronization
In the Office

At Home

Bluetooth World

Application of Bluetooth
Integrated in

mobile phones
PDA/handhelds
Computers
Wireless peripherals
Handsets
cameras

Network access devices


universal bridge to other networks or internet

Masters and Slaves


Each Bluetooth device may be either a Master or
Slave at any one time, thought not
simultaneously.
s
m
Master the device which initiates an
exchange of data.
Slave the device which responds to the
master.

Piconet
Two or more units sharing the same
hopping sequence form a piconet (similar
to a LAN).
Each piconet can have
only one master.
up to seven slaves.
Each piconet has max
capacity (1 Mbps).

Piconet Structure
Master
Active Slave
Parked Slave
Standby

Scatternet
Multiple piconets form a scatternet.
Same device can be shard by two different
piconets

m
s

Max 256 piconets

m
s

Frequency Hop SpreadSpectrum


Bluetooth channel is
represented by a pseudo
random hopping
sequence through the
entire 79 RF frequencies
Nominal hop rate of
1600 hops per second
Channel Spacing is 1
MHz

Time Division Duplex (TDD)


Bluetooth is a Time Division Multiplexed system
625 s/slot
Slot k
master

slave
625s

Slot k+1

Slot k+2

Multi-Slot Packets
Bluetooth defines data packets which are 1, 3, or
5 slots long

1-slot
packet
3-slot
packet
5-slot
packet

f(k)

f(k+1)

f(k+2)

f(k+3)

f(k+4)

f(k+5)

f(k+6)

Time Division Multiplexing


Slaves must listen to the master
A slave can send only after receiving a poll
1

Master

TX

RX

Slave 1

RX

TX

Slave 2

TX

RX

2
RX

TX

TX

RX

1
RX

TX

TX

RX

RX

TX

Putting It Altogether
channel
78
77
76
75

Master

Slave 1
5
4
3
2
1
0

Slave 2

time

Asynchronous ConnectionLess (ACL) Links


One ACL link can exist between any two
devices.
No slots are reserved.
Every even-slot is Master transmission
& every old-slot is Slave response
Broadcast packets are ACL packets not
addressed to any specific slaves.

Synchronous Connection
Oriented (SCO) Links
a symmetric link between Master and Slave with
reserved channel bandwidth and slots.
Typically used for voice connection
A Master can support up to three SCO links.
A slave can support
up to 3 SCO links from the same master
two SCO links if the links are originated from different
masters.

SCO packets are never retransmitted.

SCO Traffics
Master reserves slots for SCO links
Slot no
master

SCO
TX

SCO
RX

Slave 1

Slave 2

SCO
RX

SCO
TX

TX

RX

RX

TX

4
TX

RX

RX

SCO
TX

SCO
RX

TX

SCO
RX

SCO
TX

Mixed Link Packets


SCO

MASTER

SLAVE 1

SLAVE 2

SLAVE 3

ACL

SCO

ACL

ACL

SCO

SCO

ACL

RFID
What is RFID?
RFID is an ADC (Automatic Data Capture)
technology that uses radio-frequency waves
to transfer data between a reader and a
movable item to identify, categorize, track
RFID is fast, reliable, and does not require
physical sight or contact between
reader/scanner and the tagged item

An RFID System
Antenna
RF Module
Tag
Reader
Host Computer

Interrogation Unit
Micro
Computer

Computer Network

Tx/Rx

Antenna

One or more RF tags


Two or more antennas
One or more interrogators
One or more host computers
Appropriate software

RF Tag
Chip

Tag
CPU

I/O

RAM ROM
Radio Tx/Rx
Pwr Supply

Antenna

CPU

I/O

RAM

ROM

Radio Tx/Rx
Pwr Supply

Chip + Antennae + Packaging = Tag

Variations of RF Tags
Basic types: active vs. passive
Memory
Size (16 bits - 512 kBytes +)
Read-Only, Read/Write or WORM

Arbitration (Anti-collision)
Ability to read/write one or more tags at a time
Frequency : 125KHz - 5.8 GHz
Physical Dimensions
Thumbnail to Brick sizes
Incorporated within packaging or the item

Price ($0.50 to $150)

RFID Frequencies
Regulating Authority : ITU and Geo Organizations
Frequency
125-150 kHz
13.56 MHz

433 MHz

860-960 MHz

2450 MHz

Regulation
Basically
unregulated
ISM band, differing
power levels and
duty cycle
Non-specific Short
Range Devices
(SRD), Location
Systems
ISM band
(Increasing use in
other regions,
differing power
levels and duty
cycle
ISM band, differing
power levels and
duty cycle

Range

Data Speed

Comments
Animal identification
and factory data
collection systems
Popular frequency for
I.C. Cards (Smart
Cards)

? 10 cm

Low

<1m

Low to
moderate

1 100 m

Moderate

DoD Active

Moderate to
high

EAN.UCC GTAG,
MH10.8.4 (RTI),
AIAG B-11 (Tires),
EPC (18000-6)

High

IEEE 802.11b,
Bluetooth, CT,
AIAG B-11

25m

12m