Dr.

Martin Hope CEng MIEE

Wireless
Communications
m.d.hope@salford.ac.uk

Newton 262
0161 2953305
High-Speed WLANs and
WLAN Security
 High Speed WLANs

Three standards for high-speed WLANs that

transmit at speeds over 15 Mbps
 IEEE 802.11a
 IEEE 802.11g
 HiperLAN / 2

All WLANs are concerned with security

 How to prevent unauthorized access

3
 IEEE 802.11a

Approved in 1999, 802.11b transmits at speeds of 5.5

Mbps and 11 Mbps

Great demand for 802.11a WLANS, also called Wi-Fi5,

with maximum speed of 54 Mbps
 Devices use gallium arsenide (GaAs) or silicon germanium
(SiGe) rather than CMOS semiconductors
 Increased speed achieved by higher frequency, more
transmission channels, multiplexing techniques, and more
efficient error-correction

4
 U-NII Frequency Band
802.11b uses unlicensed Industrial, Scientific,
and Medical (ISM) band and specifies 14
frequencies

802.11a uses Unlicensed Information

Infrastructure (U-NII) band
 Table 7-1 compares ISM and U-NII
 U-NII is divided into three bands, shown in
Table 7-2
 U-NII provides more bandwidth, faster transmission,
and increased power
 Efforts underway to unify 5 GHz bands globally
5
ISM vs. U-NII

6
U-NII Spectrum

7
 Channel Allocation

802.11a WLANs have have 11 channels in USA but

requires 25 MHz passband
 See Figure 7.1

Figure 7-2 shows 8 channels in Low and Medium

Bands with 20 MHz channel supporting 52 carrier
signals, each 200 KHz wide
 Supports eight networks per AP, as shown in
Figure 7-3
 IEEE 802.11e Task Group is working on standard that
supports quality of service (QOS)

8
802.11b Channels

9
802.11a Channels

10
802.11b vs. 802.11a
Channel Coverage

11
Orthogonal Frequency Division
Multiplexing
Electromagnetic waves reflect off surfaces and
may be delayed in reaching their destination
 Figure 7-4 illustrates multipath distortion
 Receiving device waits until all reflections are
received before it can transmit
 Increasing speed of WLAN only causes longer delays
waiting for reflections

802.11a uses Orthogonal Frequency Division

Multiplexing (OFDM) to solve
this problem

12
Multipath Distortion

13
Orthogonal Frequency Division
Multiplexing
Dating to 1960s, OFDM’s primary role is to split
high-speed digital signal into several slower
signals running in parallel
 Sending device breaks transmission into pieces and
sends it over channels in parallel
 Receiving device combines signals to re-create the
transmission
 See Figure 7-5

14
Multiple Channels of OFDM

15
OFDM Breaks 802.11B Ceiling
Limit
Slowing down transmissions actually delays
reflections, increases total throughput, and
results in faster WLAN
 See Figure 7-6

802.11a specifies eight overlapping channels,

each divided into 52 subchannels that are 300
KHz wide
 OFDM uses 48 subchannels for data and the
remaining four for error correction

16
OFDM vs. Single Channel

17
 Modulation Techniques Vary
Depending on Speed
6 Mbps—phase shift keying (PSK)
 Encodes 125 Kbps of data on each of 48
subchannels, resulting in 6Mbps data rate
 See Figure 7-7
12 Mbps—quadrature phase shift keying
(QPSK)
 Encodes 250Kbps per channel for 12 Mbps data rate
 See Figure 7-8

18
PSK

19
QPSK

20
Modulation Techniques Vary
Depending on Speed
24 Mbps—16-level quadrature amplitude
modulation (16-QAM)
 16 different signals can encode 500 Kbps per
subchannel
 See Figure 7-9

54 Mbps—64-level quadrature amplitude

modulation (64-QAM)
 Transmits 1,125 Mbps over each of 48 subchannels
 See Figure 7-10

21
16-QAM

22
64-QAM

23
 Higher Speeds

Official top speed of 802.11a is 54 Mbps

Specification allows for higher speeds known as

turbo mode or 2X mode
 Each vendor can develop 2X mode by combining two
frequency channels
 Produces 96 subchannels and speeds up to
108 Mbps
 Other 2X mode techniques include increasing and
reallocating individual carriers and using different
coding rate schemes

24
 Error Correction
802.11a transmissions significantly reduce
errors
 Minimizes radio interference from outside sources

801.11a has enhanced error correction

 Forward Error Correction (FEC) transmits secondary
copy of information that may be used if data is lost
 Uses 48 channels for standard transmissions
and 4 for FEC transmissions

25
 802.11a Physical Layer

802.11a changed only physical layer

PHY layer is divided into two parts

 Physical Medium Dependent (PMD) sublayer defines
method for transmitting and receiving data over
wireless medium
 Physical Layer Convergence Procedure (PLCP)
reformats data received from MAC layer into frame
that PMD sublayer can transmit

26
 PLCP

Based on OFDM, PLCP frame has three parts

 Preamble—allows receiving device to prepare for rest
of frame
 Header—provides information about frame
 Data—information to be transmitted

See Figure 7-11

27
802.11a PLCP Frame

28
 Fields in PLCP Frame

Synchronization Tail
Rate Service
Length Data
Parity Pad

29
802.11a Rate Field Values

30
Advantages and Disadvantages

Advantages
 Good for area that need higher transmission speeds

Disadvantages
 Shorter range of coverage
 Approximately 225 feet as compared with
375 feet for 802.11b WLAN

31
 IEEE 802.11g
In 2001, IEEE proposed 802.11g draft standard
to combine stability of 802.11b with faster data transfer
rates of 802.11a
 Operates in 2.4 GHz ISM frequency
 Has two mandatory modes: Complementary Code Keying
(CCK) mode and Orthogonal Frequency Division
Multiplexing (OFDM)
 Offers two optional modes: Packet Binary Convolutional
Coding (PBCC-22) and
CCK-ODFM
 802.11g products made available in 2003

32
 HiperLAN/2

Similar to 802.11a, HiperLAN/2 was standardized

by European Telecommunications Standards
Institute
 Figure 7-12 shows protocol stack for HiperLAN/2
 Has three basic layers: Physical, Data Link, and
Convergence

33
HiperLAN/2 Protocol Stack

34
 Physical Layer

PHY layers of IEEE 802.11a and HiperLAN/2

are almost identical
 Operate in 5 GHz band
 Use OFDM
 Transmit up to 54 Mbps
 Connect seamlessly to wired Ethernet networks

35
 Data Link Layer

HiperLAN/2 centralizes control of RF medium to

access point (AP)
 AP informs clients, known as mobile terminals (MTs),
when they may send data
 Channel allocation is based on dynamic
time-division multiple access (TDMA) that divides
bandwidth into several time slots
 Quality of Service (QOS) refers to dynamically
allocated time slots based on needs of MT and
condition of network

36
Radio Link Control (RLC) Sublayer
Three primary functions of RLC sublayer
 Connection setup procedure and connection monitoring—
authentication and encryption
 Radio resource handling, channel monitoring,
and channel selection—automatic transmission frequency
allocation (known as Dynamic Frequency Selection (DFS)
 Association procedure and reassociation procedure—
standardized handoff to nearest AP
by roaming MTs

Logical Link Control (LLC) sublayer, also part of Data

Link Layer, performs error checking

37
 Convergence Layer

HiperLAN/2 offers seamless high-speed wireless

connectivity up to 54 Mbps
 Can connect to cellular telephone systems
 Can connect to Asynchronous Transfer Mode (ATMs)
systems using fiber-optic media and transmitting at
622 Mbps
 Can connect to IEEE 1394 (also known as FireWire)
high speed external serial bus transmitting at 400
Mbps

38
WLAN Comparison

39
 802.11 Security

Greatest strength of WLANs is ability to roam

freely

Greatest weakness is risk of unauthorized user

receiving RF signals
 Some flawed IEEE WLAN security provisions

Basic Security involves two areas:

 Authenticating users
 Keeping transmissions private

40
 Authentication
Verifies user has permission to access network

Each WLAN client can be given Service Set

Identifier (SSID) of network
 Only clients that know SSID may connect
 SSID may be entered manually into wireless device,
but anyone with device has access to network
 Access points (APs) may freely advertise SSID to any
mobile device within range

41
 Privacy

IEEE standard provides optional Wired

Equivalent Privacy (WEP) specification for data
encryption
 Two types of keys used for encryption
 Public key cryptography uses matched public and
private keys
 IEEE uses shared key cryptography with same key
used for encryption and decryption
 The longer the key, the more secure it is
 WEP standard uses only a 40-bit shared key
 See Figure 7-13

42
WEP

43
 WEP Privacy Concerns

In late 2000, researchers revealed “initialization

vector” used to encrypt transmissions with WEP
were reused about once every five hours
 Makes it easy for anyone to collect data to break
WEP encryption
 Researches recovered 128-bit WEP key in less than 2
hours

Many think IEEE WLANs should be treated as

insecure

44
 Enhanced Security

Administrators must use enhanced security

measures to prevent WLAN attacks

Four kinds of WLAN attacks

 Hardware theft
 Access point impersonation
 Passive monitoring
 Denial of service

45
Additional Security Procedures

IEEE task group working on draft known

as IEEE 802.1x to allow centralized
authentication of wireless clients
 Uses Extensible Authentication Protocol (EAP)—
client negotiates authentication protocols with
separate authentication server
 Uses Remote Authentication Dial-In User Service
(RADIUS)—server on wired network sends security
keys to wireless client
 See Figure 7-14

46
802.1x Security

47
 Other Security Steps

Use an access control list with MAC addresses of

approved clients, as seen in Figure 7-15

Use digital certificates issued by trusted third party

for secure, encrypted online communication

Use digital wrapper or gatekeeper that secures data

by wrapping around another program or file

Use a Virtual Private Network (VPN), a secure,

encrypted connection between two points

48
Access Control List

49
 Higher Levels of Security

Reduce transmission power used in WLANs

 Decreases distance radio waves travel, thus limiting
range where hackers can pick up signals

Change default WLAN security settings

Keep WLAN traffic separate from that of wired

network

Use 128-bit WEP keys rather than default

40-bit keys
50
 WLAN Summary

Released in 1990, 802.11 standard with slow

bandwidth of 1 or 2 Mbps was not sufficient for
most networks

IEEE approved two new standards in 1999

 802.11b has maximum data rate of 11 Mbps but uses
crowded ISM band and offers no QoS
 802.11a has maximum speed of 54 Mbps and
uses U-NII band, has 8 overlapping frequency
channels, each supporting 52 carrier signals
300 KHz wide

51
 Chapter Summary

802.11b WLANs have ceiling limit because of

problems with multipath distortion
 RF signals bounce off objects and are delayed
reaching the receiver

802.11a solves multipath distortion through

Orthogonal Frequency Division Multiplexing
(OFDM) and parallel channels

52
 Chapter Summary

802.11a uses 8 overlapping 20 MHz frequency

channels, each divided into 52 subchannels that
are 300 KHz wide
 OFDM uses 48 subchannels for data and 4 for error
correction

802.11a reduces errors by using parallel

subchannels and Forward Error Correction
(FEC)
 FEC transmits a secondary copy of data that can be
used to replace lost or corrupted data

53
 Chapter Summary

802.11a changes only the physical layer (PHY

layer) of original 802.11 standard by dividing it
into two parts
 Physical Medium Dependent (PMD) sublayer defines
method for transmitting and receiving data
 Physical Layer Convergence Procedure (PLCP) layer
reformats data from MAC layer into frame to be
transmitted by PMC sublayer

54
 Chapter Summary
The new IEEE 802.11g draft combines stability
of 802.11b and higher transfer rates of 802.11a
 Uses 2.4 GHz ISM frequency

HiperLAN/2, standardized by European

Telecommunications Standards Institute (ETSI),
uses three layer protocol stack
 Physical Layer
 Data Link Layer
 Convergence Layer

55
 Chapter Summary
HiperLAN/2 connects cellular telephones, ATMs,
and wide-area networks
 HiperLAN/2 can use IEEE 1394 (FireWire) high-speed
external serial bus, transmitting at 400 Mbps

Various WAN technologies are complementary

rather than competitive

56
 Chapter Summary
WLAN’s greatest strength—allowing users to roam freely
without being connected by wires—is also its greatest
weakness

Security measures for WLANs include authentication and

encryption to prevent unauthorized users
 Questions have been raised about effectiveness of IEEE
authentication through Service Set Identifiers (SSIDs) and
Wired Equivalent Privacy (WEP) data encryption

A WLAN can suffer a variety of attacks

57
 Chapter Summary
Because of limitations of IEEE WLAN security,
enhanced security measures should be used for
wireless transmissions that require protection

IEEE task groups is currently working on draft

known as IEEE 802.1x that will allow WLANs to
centralise authentication of wireless clients

Other security measures should be taken as

necessary

58