wireless. wireless hosts: end system devices; may or may not be mobile wireless links: a host...

Wireless

Wireless

• Wireless hosts: end system devices; may or may not be mobile

• Wireless links: A host connects to a base station or host through a communication link

• Base station: Responsible for sending and receiving data (access point)

Standards

Letter Speed Range Frequency

No letter 2 Mbps 150 ft 2.4 GHz

A 54 Mbps 150 ft 5 GHz

B 11 Mbps 300 ft 2.4 GHz

G 54 Mbps 300 ft 2.4 GHz

N 108 Mbps 300 ft 2.4 GHz

Range Limiters

• Cordless telephones

• Large electrical appliances such as refrigerators

• Fuse boxes, metal plumbing, metal studing and air conditioning units

• Sun spots

Not wired is…

• Decreasing signal strength

• Interference from other sources

• Multipath propagation (bounce)

BasicServiceSet

MAC Protocol

• CSMA with collision avoidance: sense first, then send

• Collision avoidance (can’t send/receive at same time)

• Link-layer ACKs and retransmissions due to high bit-error rates

802.11 frames

• 3 address fields– Address 2 is MAC address of sending station

(host or AP)– Address 1 is MAC address of destination– Address 3 is MAC address of router interface

• CRC value

We are still working on this questionAnswer is easy if hub is involvedSwitch has “learned” that H1 is in BSS1 and has to be “taught” to use BSS2

Wireless Security

• Configure a unique SSID then block transmission of it– Unique name is cute, but so what?– If you block transmission, network does not show up

and no way to specify name

• Use MAC filtering. This one makes total sense• Change administrator account name and

password• Why go the extra distance to use WPA2 if you

have done the above?

Secure Communication

• Confidentiality: only the sender and intended receiver should be able to understand the contents of transmitted message

• Authentication: Both the sender and receiver shoul be able to confirm the identity of the other party

• Message integrity and nonrepudiation: Make sure message is not altered in transit

• Availability and access control: communication can occur in the first place – only lock out the “bad guys”

Cryptography

• Dates back to Julius Caesar• Allow sender to disguise data so that an intruder

can gain no information from the data intercepted

• Send ciphertext (not cleartext or plaintext)• Symmetric key systems both keys are identical

and are secret • Public key systems use two keys. One is known

(public); the other is known only by Alice or Bob

Symmetric Key

• Caesar cipher: substitute letter that is k letters removed (alphabet wraps)

• Monoalphabetic cipher: substitute random letter for letter (fixed chart)

• Polyalphabetic encryption: two or more mono’s with a random C1,C2,C2,C1 pick pattern

DES

• Data Encryption Standard• Encodes plaintext in 64-bit chunks using a

64-bit key (8 bits are odd parity bits; 56 bits long)

• Two (first and last steps) permutation steps; 16 identical steps in the middle

• How well does it work? No one knows for sure. First crack was 4-months, then 22 hours

3DES

• Encrypt with one key; decrypt with second key; encrypts with third key

• Advanced Encryption Standard (AES): processes data in 128-bit blocks using keys that are 128, 192 and 256 bits long

A core problem

• Both sides have to know secret key

• How is this key communicated? Verified?

• Alternative is the idea of a public key

Public Key Cryptography

• Bob has two keys: one public and one private to him

• Alice gets Bob’s public key; encrypts message

• Bob then decrypts message using private key

• Does this make sense?