S 3.58 Introduction to WLAN basics

Initiation responsibility: IT Security Officer, Head of IT

Implementation responsibility: Administrator, Head of IT, IT Security Officer

WLANs can be operated using two different architectures. In the ad-hoc mode, two or more mobile end devices which are equipped with a WLAN card (clients) connect directly with each other.

In most cases, WLANs are operated in the infrastructure mode, which means the clients communicate through a central wireless link, referred to as the access point. Connection to cable-bound LAN segments is then obtained through the access point.

There are several different ways to implement the infrastructure mode:

• Using several access points, overlapping wireless cells can be installed so that the wireless connection is maintained when a client moves to the next wireless cell ("roaming"). In this manner, large areas can be provided with wireless access coverage. The range of a wireless cell is extremely dependent on the environmental conditions and is usually within a range of approximately 10 to 150 metres.
• Two access points can also be used as a link (bridge) between two cable-bound LANs. Likewise, it is also possible to use an access point as a relay station (repeater) to increase the range.
• When the corresponding components (directional antennas) are used on the access points, a WLAN can also be used to network different locations. According to manufacturer specifications, ranges of up to several kilometres can be obtained. The access points can be operated as relay stations or bridges in this case.

In the IEEE 802.11 standard, the term Independent Basic Service Set (IBSS) is used for wireless networks in the ad-hoc mode, and Basic Service Set (BSS) is used for constellations in the infrastructure mode with an access point. A set of BSSs linked together is referred to as an Extended Service Set (ESS), and the linked network is called the Distribution System (DS).

The WLAN systems designed according to IEEE 802.11, 802.11b, and 802.11g permitted for use in Germany and in almost all European states use the ISM (Industrial-Scientific-Medical) frequency band between 2.4 and 2.48 GHz, which can be used free of charge and without any additional licenses. The transmitting power is limited to a maximum of 100 mW EIRP (Effective Isotropic Radiated Power).

Systems based on the IEEE 802.11 standard transmit data at a rate of 1 or 2 Mbit/s using a band spreading method; either the Frequency Hopping Spread Spectrum (FHSS) or the Direct Sequence Spread Spectrum (DSSS) method. For reasons of completeness, it must be mentioned that 802.11 also defines an infrared transmission method, but the use of this method in practical applications has been insignificant to date.

Systems designed according to IEEE 802.11b use only the DSSS method. The data to be transmitted is spread using fixed code to make the transmission less susceptible to interference. Access to the wireless channel is obtained, as in all systems in the 802.11 standard, according to a random procedure referred to as Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA). The maximum gross data transmission rate for IEEE 802.11b is 11 Mbit/s. The transmission rates cannot be guaranteed in any of the systems based on the 802.11 standard since they depend on the number of clients and the quality of the wireless transmission route.

Systems based on the IEEE 802.11g standard use the Orthogonal Frequency Division Multiplexing (OFDM) transmission method based on IEEE 802.11a and therefore permit data rates of up to 54 Mbit/s.

In the 2.4 GHz frequency band in Germany, there are 13 frequency channels available with a distance between frequencies of 5 MHz for wireless transmission based on 802.11b. For a channel bandwidth of approximately 22MHz, though, a maximum of only 3 channels can be used simultaneously without overlapping, for example channels 2, 7, and 12.

Systems based on the IEEE 802.11a and 802.11h standards use the 5 GHz band. In Germany, there are a total of 19 channels in intervals of 20 MHz authorised for use with some restrictions in the frequency range from 5.15 to 5.35 GHz and from 5.47 to 5.725 GHz. For a channel bandwidth of 20 MHz, channels directly next to each other will not interfere with each other. Since military and civil radar and navigation applications also operate in the 5 GHz frequency range, only systems supporting dynamic frequency selection and the ability to change the transmitting power are permitted to be used in this band.

Overview of security mechanisms

The security mechanisms in all 802.11-compatible systems are defined in the IEEE 802.11 standard. The extensions a, b, g, and h to the standard do not offer additional security mechanisms, and only extension i defines new security mechanisms. The mechanisms defined in IEEE 802.11 only serve to secure the transmission route between the clients and access points. Furthermore, the standard also provides enough freedom to allow proprietary extensions.

All security mechanisms in the IEEE 802.11 standard presented in the following can be overcome and do not provide reliable protection for sensitive information.

• The standard offers the ability to assign a name to the network (ESSID or SSID: (Extended) Service Set Identity). There are two modes of operation in this case. If the user specifies the identifier "Any", then the WLAN component accepts any SSID. In the other case, the name entered is checked, and only those clients with the same SSID are permitted to connect to the network. When moving between two neighbouring wireless cells, the SSID is used to find the next access point. Since the SSID is sent in plain text over the network, an attacker can obtain it using only simple tools. Some access points offer the ability to suppress the transmission of the SSID in the broadcast mode. However, the suppression of the SSID in this manner does not conform to the standard.

• Every network card has its own unique hardware address, which is referred to as the MAC address (Media Access Control address). In principle, it is possible to define MAC addresses in a WLAN so that only these addresses are permitted to communicate with an access point. The list of addresses must be administered "by hand" in this case, though, which is very time-consuming. This is impossible in many operational scenarios. The filtering of MAC addresses is not part of the standard. On the other hand, filtering of MAC addresses conforms to the standard as this does not affect the compatibility of the clients.

• Confidentiality, integrity, and authenticity in the WLAN should be ensured using the "Wired Equivalent Privacy" (WEP) protocol. The WEP protocol is based on the RC4 stream cipher and converts the plain data packet-by-packet into encrypted data based on a key and an initialisation vector (IV). The key in this case is a character string containing 40 or 104 bits and which must be provided in advance to the clients in the WLAN as well as to the access point. A shared key is used in this case for the entire WLAN. The initialisation vector is selected by the sender and should be different for each data packet transmitted. The IV is prefixed in unencrypted form to the encrypted data packet and transmitted over the WLAN.
  
  WEP only encrypts the transmitted user data and the integrity checksum. Management and control frames are not encrypted on the wireless interface, though.

During the development of the IEEE 802.11i standard, the Wi-Fi Alliance published the Wi-Fi Protected Access (WPA) method based on Draft 3.0 of IEEE 802.11i. WPA already contains several improvements to the security mechanisms and describes the use of the Temporary Key Integrity Protocol (TKIP), essentially based on the Wired Equivalent Protocol (WEP), in combination with the MICHAEL integrity checksum method for encrypting the data packets. Through the use of MICHAEL, WPA solves the problem of the poor integrity check in WEP. TKIP and MICHAEL are to be understood as temporary solutions since the use of TKIP is only an option; its use is not mandatory according to the WPA specification.

In the IEEE 802.11i standard, which corresponds to WPA2 of the Wi-Fi Alliance except for the fact that it provides more freedom in the selection of the EAP method, the use of a different encryption method, the CTR mode (Counter Mode) with CBC-MAC Protocol (Cipher Block Chaining Message Authentication Code, CCMP) is prescribed. This method uses the Advanced Encryption Standard (AES) to encrypt the authentication and user data, in contrast to RC4 in WEP and WPA. During authentication, the plain text is not encrypted directly with AES, but from a counter constructed from the symmetric key instead. The actual result of the encryption is then obtained by XOR-ing a block of the plain text with the AES-encrypted counter. In addition, the Cipher Block Chaining method (CBC) is used to ensure data integrity. The use of IEEE 802.1X is required for key administration and distribution.

An AES key length of 128 bits is used in IEEE 802.11i. This method is acceptable over the long term, but requires new hardware - in contrast to the TKIP version.

The Extensible Authentication Protocol (EAP) according to the IEEE 802.1X standard can be used for additional protection of the authentication procedure. EAP is described in detail in RFC 3748. In this case, the user logs in to an authentication instance, for example a RADIUS server, and this instance then checks for access authorisation before the session key is exchanged. EAP supports a series of authentication methods, and so certificates and two-factor authentication procedures can also be used.

Review questions:

• Is identification and authentication in security zones with high protection requirements that require WLAN done by means of the MAC address?
• When using WEP, is a different initialisation vector selected for each data packet transmitted?
• Is the WPA2 security standard used for securing the WLAN in the long term?
• Is the Extensible Authentication Protocol (EAP) used for additional protection of the authentication procedure?