Wireless Flashcards
Describe the Hidden Host Problem.
In WLANs, the hidden host problem is a transmission problem that arises when two or more hosts are out of range of each other and transmit simultaneously to a common recipient.
This occurs when a host is visible from a wireless access point but is hidden from other hosts that communicate with the access point.
How can we solve the Hidden Host Problem?
It is solved by the MAC sublayer’s RTS/CTS, with the condition that the hosts are synchronised, and frame sizes and data speeds are the same. RTS/CTS is Request to Send and Clear to Send.
The sender sends an RTS frame to the receiving host. The receiving host replies by sending a CTS frame. On receipt of the CTS frame, the sender begins transmission.
Any host hearing the RTS is close to the sender and remains silent until it hears a CTS.
Any host hearing the CTS is close to the receiving host and remains silent during the data transmission.
Describe the allocated frequency band in Wi-Fi.
The allocated frequency band is 2.4GHz to 2.5GHz. This is split into 14 overlapping 22MHz channels, and each centred on a specified frequency. These channels are 5MHz apart, so neighbouring channels overlap (as they are 22MHz wide) and interfere.
Using separate channels by at least 2 will reduce interference and increase aggregate bandwidth.
Why is the Wi-Fi Frame a good argument for further dividing the Physical Layer?
The frame layout for Wi-Fi is the same as Ethernet. In particular, it has the same format as a MAC address. This allows the transparent mixing of Wi-Fi and Ethernet in a single network.
This means an AP can pass on a Wi-Fi frame unchanged to an Ethernet; and vice versa.
IEEE subdivides the physical layer into three sublayers:
1. Physical Medium Attachment (PMA) for things like frames
2. Physical Coding Sublayer (PCS) for things like 4B/5B
3. Physical Medium Dependent (PMD) for the hardware
List and describe the types of wireless networks.
There are three types of wireless networks:
- Ad-Hoc Networks/IBSS
802.11 can be arranged into point-to-point networks called Ad-Hoc or Independent Basic Service Set (IBSS). Each host communicates directly with the other without an access point. - Infrastructure Networks/BSS
The usual Wi-Fi network is an Infrastructure or Basic Service Set (BSS) where a central hub (access point) relays traffic between hosts. The access point connects to the rest of the world. This is slightly more expensive but easier to set up than Ad-Hoc. This is because BSS covers a larger area, is easier to manage by non-technical users, and you don’t have to figure out the network pair-wise. - Extended Networks/ESS
Extended Service Set connects several APs by a wired network. This allows hosts to roam, and things can be configured to handoff automatically between APs if the required authentication is set up in the APs. An ESS can cover an area as large as you like but is difficult to set up.
Describe WEP.
Wired Equivalent Privacy (WEP) was the original encryption scheme of 802.11. In WEP, both ends of a communication share a secret key that is used to encrypt the traffic between them.
WEP is now easily breakable – after collecting a modest amount of traffic, the system can be broken.
What is the replacement for WEP’s shortness of the initialisation vector?
Temporal Key Integrity Protocol (TKIP) is the replacement for WEP’s short initialisation vector.
TKIP pre-processes the secret key, adding in the IV and the address of the sender, and outputs the key to be used.
TKIP also changes the secret key every 10000 packets to combat the IV Birthday Paradox problem (50% chance of repetition only 2^12 = 4096 IVs).
Describe WPA2 (IEEE 802.11i-2004).
There are two major ways to set up authentication in WPA2:
- WPA-Personal (WPA-PSK)
WPA-PSK offers an access point which holds a secret key derived from a password. A host authenticated directly with the AP using the secret key. Typically, a BSS will use WPA-PSK. - WPA-Enterprise
WPA-Enterprise requires a separate authentication server (typically a RADIUS server) that the AP will contact. Remote Authentication Dial In User Service (RADIUS) is an authentication protocol. WPA-Enterprise is more painful to manage but allows roaming across an ESS. The user can roam across multiple networks using hierarchical RADIUS servers.
Describe WPS and why it should not be used.
An attacker within radio range can brute-force the Wireless Protected Setup (WPS) for a vulnerable access point. The attached can obtain WEP or WPA passwords and likely gain access to the Wi-Fi network. Once on the network, the attack can monitor traffic and mount further attacks.
Why does Wi-Fi use collision avoidance rather than collision detection?
Wi-Fi uses collision avoidance over collision detection because collisions are very hard to detect over radio waves. Detecting another host’s radio signal can be very difficult as it can be a fraction of the power of yours, and your signal will drown out the colliding signal and make it undetectable.
It also might transmit powerfully, but the signal can become very small if you are far away.
Describe carrier sense and collision detection in Wireless (802.11).
802.11 uses carrier sense, multiple access, and collision avoidance (CSMA/CA). CSMA/CA tries to avoid a collision in advance rather than detect one after the fact.
Collision avoidance does not guarantee no collisions, particularly with hidden hosts, so an acknowledgement packet is required.
On successful receipt of a packet, a host will broadcast an acknowledgement packet (ACK). If the sender never gets the ACK, it will resend, starting from the CS again. The ACK also indicates to other hosts that a transmission has finished.
The ACK in CSMA/CA is important, as measurements have found loss rates of about 30%.
Describe RTS/CTS Handshaking in 802.11.
Before sending a packet, source A can send a Request to Send (RTS) packet to B. If the destination is free (and not receiving from another host), it responds with a Clear to Send (CTS) packet. Every other host within the range will see the CTS and know not to send anything.
The RTS and CTS contain the length of the desired transmission, so other hosts know how long they will have to wait. Similarly, the final ACK is visible to everyone. Then C can start with its own RTS.
Using RTS/CTS means there is, even more, latency overhead before data starts to be transmitted, so RTS/CTA can be switched off/on as required.
When should an 802.11 network employ RTS/CTS Handshaking?
RTS/CTS “always on” is good for large or busy networks.
RTS/CTS “never on” is good for small or lightly loaded networks where every host can see all other hosts.
RTS/CTS “for large packets only” is a compromise that reduces the relatively large overhead for small packets.
Is it possible to put an IP packet on a Bluetooth network?
It is possible to put an IP packet on a Bluetooth network. This is done by layering a suitable protocol, such as PPP, over Bluetooth.
