Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 MAC Management. 2 Outline Introduction - Authentication, Association - Address filtering, Privacy - Power Management, Synchronization MAC Management.

Published byBruce Roberts Modified over 8 years ago

Similar presentations

Presentation on theme: "1 MAC Management. 2 Outline Introduction - Authentication, Association - Address filtering, Privacy - Power Management, Synchronization MAC Management."— Presentation transcript:

1 1 MAC Management

2 2 Outline Introduction - Authentication, Association - Address filtering, Privacy - Power Management, Synchronization MAC Management frames Components of the Management Frame Body Wired Equivalent Privacy (WEP)

3 3 Why MAC Management? The first LAN standard to include significant management capabilities. The environment of WLAN is more complex than wired LAN. (to be dealt with MAC Management) - Shared media (e.g. 2.4GHz, microwave oven) - Anyone can “connect” to the WLAN - Mobility - Power management (mobile devices are run on batteries)

4 4 Authentication Two authentication schemes: open system and shared key. - Shared key : Requesting station Responding station Authentication frame Authentication ID=“shared key"; sequence#=1 Authentication ID=“shared key"; sequence#=2; challenge text Authentication ID=“shared key"; sequence#=3;encrypted challenge text Authentication ID=“shared key"; sequence#=4; authentication result Authentication frame

5 5 Authentication (cont.) Pre-authenticate - stations may have no immediate need. A station may authenticate with many stations. AP has higher privilege - mobile station always initiates the authentication process (e.g. in 3com, AP has the four default keys) Rogue AP could adopt the SSID of the ESS - the mobile stations may get a denial-of-service attack. Bi-directional authentication ? (802.11 working group)

6 6 Association Association: a station ”connecting” to an AP ; (after a successful authentication) - It starts with an association request (from the station) which includes the “capabilities” of the station. data rates, high rate PHY options, contention-free capabilities, support of WEP and any request for contention-free service. the length of time in a low power operating mode. - AP will decide whether to grant the association. Policies and algorithms are not part of the standard. Ex: long periods in low power operation may need excessive buffer commitments from AP. Load balancing factors and availability of other APs nearby.

7 7 Association (cont.) Wired LAN station Distribution system Portal AP1 Station B Station A BSS 1 AP2 Station C BSS 2

8 8 Re-association For a station is moving from AP1 to another AP2: - lose the contact with AP1 - begins a new association with AP2 the association provides information to the DS about the location of the mobile station. - re-association request (includes address of AP1) - grants re-association - association with AP1 is terminated.

9 9 Address Filtering (MAC function) In 802.11, receiver must examine more than the destination address to make correct receive decisions. At least three addresses in every data and management frame. In making receive decisions, both the destination address and BSSID are used. (to ensure to discard frames from a BSS other than the associated with.) Checking BSSID is very important in dealing with the multicast frame.

10 10 Power Management in IBSS The most complex part of the 802.11 Power management in IBSS (no AP) - Before entering a low power operating state, a data frame handshake must be completed (with the power management bit set in the frame header). - In the power saving state, the station must wake up to receive every Beacon transmission. The station must stay awake for a period of time (after the Beacon frame), called ATIM (announcement traffic indication message) window.

11 11 ATIM If sender determines that the receiver is in power saving state, the sender can’t send its frame until it has received an ACK of an ATIM frame from receiver during the ATIM window. Multicast frames must be announced by the sender during the ATIM window, but no ACK expected. Sender consumes power for sending each ATIM frame.

12 12 ATIM Window A B C ATIM window DATA ACKATIM-ACK ATIM ATIM window Dozing Beacon interval Power saving mechanism for DCF: Node A announces a buffered frame for B using an ATIM frame, Node B replies by sending an ATIM-ACK, and both A and B stay awake during the entire beacon interval. The actual data transmission from A to B is completed during the beacon interval. Since C does not have any frame to send or receive,it dozes after the ATIM window.

13 13

14 14 Power management in Infrastructure BSS (with AP) Centralized in the AP. Can achieve grater power savings. - The AP does all the data frames buffering (including multicast frames). - No need to awaken for every Beacon, nor to stay awake for any length of time after the Beacon. - For the station to receive multicast frames, it must be awake at every DTIM (delivery traffic indication map). - DTIM is in the Beacon frame and determined by the AP.

15 15 Power Management in AP Once the AP has frames buffered for a power saving station, this info will be indicated in the traffic indication map (TIM) sent with each Beacon frame. - Data frame will remain buffered for a time not less than the number of Beacon periods in the association request. - AP can discard the buffered frames older than it is required to preserve. (aging algorithm)

16 16 AID and TIM AID,a special AID, is to indicate the status of buffered Multicast traffic. The AP will send the TIM(optional), updated with latest buffer status, with every Beacon. APStation Bitmap control Partial Virtual bitmap Association(1) Assign AID(2) The bit is set to 1 if there is at least one frame buffered for the corresponding station TIM

17 17 AID and TIM (1)DTIM interval is consisted of multiple TIM intervals (i.e. Beacon Intervals). (2)MH sends a PS-Poll frame to AP to request the AP to transmit a buffered frame via unicast. (3)MH in PS mode can miss some TIM, but not DTIM. (4)After receiving DTIM, MH in PS mode awakes for receiving broadcast data (no polling is needed) (5)After receiving TIM, MH in active mode transmits earlier, so MH in PS mode stay awake. (6)After receiving DTIM, MH in PS mode dozes due to no broadcast data. MH in PS mode MH in active mode Beacon frame (1)TIM Interval (2)polling Active TIM Unicast AP (3) DTIM Interval (4) (5) (6) DTIM Broadcast

18 18

19 19 CF-Poll vs. PS-Poll CF-Poll –used in PCF –initiated by AP to poll station for data PS-Poll –used in power saving mode –initiated by mobile station to poll AP for buffered data

20 20 MAC Management Frames 11 distinct frame types Beacon, Probe Request and Response, Authentication, De-authentication, Association Request and Response, Re-association Request and Response, Dis-association and Announcement Traffic Indication Message(ATIM) The frame body carries information in: –Fixed fields and variable length information elements. Information elements occur in the frame body in order of increasing identifiers. Information Element Element ID Length Information 1 byes 1 length

21 21 Beacon Frame Including: ---fixed fields: –timestamp(64-bit), (i.e. the value of the station’s synchronization timer when the frame was transmitted) –beacon interval(16-bit), (i.e. the period of beacon transmissions) –and capability information(16-bit). --- Information elements: SSID, the supported rates, ore or more PHY parameter sets, an optional contention-free parameter set, and optional IBSS parameter set, and an optional traffic indication map (TIM).

22 22 Probe Request and Response The probe request frame is to locate and WLAN with a particular SSID or to locate any WLAN. It contains two information elements :the SSID and the supported rates. (AP will response to the probe requests ; or a station in BBS) The probe response frame including(similar to Beacon): –fixed fields: timestamp(64-bit), beacon interval(16-bit),and capability information(16-bit). –Information elements: SSID, the supported rates, one or more PHY parameter sets, and optional contention-free parameter set, and optional IBSS parameter set.

23 23 Authentication/De-authentication Frames Authentication frame includes: –fixed fields: the authentication algorithm number the authentication transaction sequence number and the status code –Information elements: Challenge text De-authentication frame includes only a single Fixed field: the reason code.

24 24 Association Request and Response Association request frame includes: - fixed fields: the capability information field and the listen interval - Information elements: the SSID and the supported rates. Association response frame includes three fixed fields: The capability information, the status code, and the association ID and one information element, the supported rates.

25 25 More Management Frames Re-association request frame is same as association request frame, with the addition of a current AP address fixed field. Response frame is same as the one in association. Dis-association frame includes only a single fixed field, the reason code. ATIM does not include any fixed field or information element.

26 26 Components of Management Frames Variable length Information Elements Ten fixed fields: –Association ID(AID) (16bits). 1 to 2007 (14 LSBs). The two MSBs must be one. The AID value is used to identify the bit in a TIM. (AP has buffered frames) –Authentication Algorithm Number(16 bits). “0” for “open system”; “1” for “shared key”. –Authentication Transaction Sequence Number(16bits). The initial value is “1” (may not be “0”) –Beacon Interval(16bits). The unit is Time Unit (TU). One TU is 1024 microsecond.

27 27 Fixed Fields(cont.) Capability Information(16bits). For an AP: ESS=1; IBSS=0 For a mobile station in an IBSS:ESS=0;IBSS=1. For WEP: privacy=1 Short Preamble and Channel Agility are options used in 802.11b PHY The PBCC (packet binary convolutional coding) is transmitted by an AP when using 802.11b PHY. ESS IBSS CF Pollable CF Poll Request Privacy Short Preamble PBCC Channel Agility Reserved B0 B1 B7 B15

28 28 Subfields of Capability Information In a Mobile Station In an AP CF Pollable CF-Poll Request Meaning 00Station is not CF Pollable 01Station is CF pollable, not requesting to be placed on the CF-Polling list 10Station is CF pollable, requesting to be placed on the CF-Polling list 11Station is CF pollable, not requesting never to be placed CF Pollabl e CF-Poll Request Meaning 00No PC at AP 01PC at AP for delivery only(on polling) 10PC at AP for delivery and on polling 11Reserved

29 29 Fixed Fields (cont.) Current AP Address(6 bytes) - The address of the AP is currently associated with, when the station is attempting to re-association. Listen Interval(16 bits) - For example, a station that wakes only on every tenth Beacon would set this field to 10.(AP will determine the required resource, may say no, for the association.) Reason Code(16 bits) - The reason for an unsolicited notification of disassociation or deauthentication. Status Code(16 bits)

30 30 Examples of Reason Code Reason CodeMeaning 0Reserved 1Unspecified reason 2Previous authentication no longer valid 3Deauthenticated because sending station is leaving (has left) IBSS or ESS 4Disassociated due to inactivity 5Disassociated because AP is unable to handle all currently associated stations

31 31 Examples of Status Code Reason CodeMeaning 0Successful 1Unspecified failure 2-9Reserved 10Cannot support all requested capabilities in the capability information field 11Reassociation denied due to inability to confirm that association exists 13Responding station does not support the specified authentication algorithm. 15Authentication rejected because of challenge failure 16Authentication rejected due to timeout waiting for next frame in sequence 17Association denied because AP is unable to handle additional associated stations.

32 32 Information Elements Element IDInformation ElementNotes 0Service Set IDUp to 32 bytes; a null-terminated string or a multibyte binary value 1Supported rates1-8 bytes of rate information. Each byte shows a rate; unit is 500kbps. 2FH parameter set7 bytes long, used for FHSS PHY or 802.11b. 3DS parameter set3 bytes long, used for FHSS PHY or 802.11b. 4CF parameter set8 bytes long (fixed length), contains CFP count, CFP period, CFP max duration, CFP duration remaining. 5TIM6-256 bytes 6IBSS parameter setFixed length. ATIM window field is 16 bits. (the length of the window in IBSS) 7-15Reserved 16Challenge textUp to 255 bytes long ; the text field<253 17-31Reserved for challenge text extension

33 33 WEP Details WEP Expansion of the Frame Body Encrypted Bytes 4 1-2304 4 Bits 24 6 2 IV MSDU ICV Initialization Vector Pad KeyID ICV: Integrity Check Value

34 34 WEP Details (cont.) WEP operations Frame Body Plain Text Integrity Algorithm + + Frame Body Plain Text +ICV Frame Body Cipher Text Bitwise XOR process Key Sequence Pseudo-random number generator Secret key +IV Integrity Check Value (ICV)

35 35 WEP Details(cont.) Two mechanisms to select a key –A set of four default keys –“key mapping” between only two stations MIB –dot11PrivacyInvoked attribute (true:all frames are sent with encryption). –dot11ExcludeUnecrypted attribute (true:only encrypted frames will be received; unencrypted one will be discarded). –dot11WEPDefaultKeysTable attribute (not null:a key is available); KeyID in the header( Ⅳ ) points to the table. –dot11WEPKeyMappingsTable is used get the “key mapping” key,if the dot11WEPKeyMappingWEPOn is true for the receiver. (the value of the KeyID is set to zero)

36 36 WEP Details (cont.) Two counters associated with WEP –dot11UndecryptableCount Due to the key did not exists or the WEP option is not implemented. If this number is increasing rapidly, an attack to deny service may be in progress. –dot11CVErrorCount After the frame is decrypted, but the calculated ICV value value does not mach the ICV received with the frame. If this number is increasing rapidly, an attack to determine a key may be in progress.

Download ppt "1 MAC Management. 2 Outline Introduction - Authentication, Association - Address filtering, Privacy - Power Management, Synchronization MAC Management."

Similar presentations

Medium Access Control Onno W. Purbo

Medium Access Control Onno W. Purbo
Doc.: IEEE 802.11-08/0846r0 Submission July 2008 Mathilde BenvenisteSlide 1 Power save for wireless mesh Mathilde Benveniste

Doc.: IEEE /0846r0 Submission July 2008 Mathilde BenvenisteSlide 1 Power save for wireless mesh Mathilde Benveniste
© Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS591 – Wireless & Network Security.

© Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS591 – Wireless & Network Security.
1 Power Management in IEEE 802.11 Yu-Chee 1. Possible Access Sequences for a STA in PS Mode 2. PS in Infrastructure Network 3. PS in Ad.

1 Power Management in IEEE Yu-Chee 1. Possible Access Sequences for a STA in PS Mode 2. PS in Infrastructure Network 3. PS in Ad.
1 Power Management in IEEE 802.11 Yu-Chee 1. Possible Access Sequences for a STA in PS Mode 2. PS in Infrastructure Network 3. PS in Ad.

1 Power Management in IEEE Yu-Chee 1. Possible Access Sequences for a STA in PS Mode 2. PS in Infrastructure Network 3. PS in Ad.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
CWNA Guide to Wireless LANs, Second Edition Chapter Five IEEE 802.11 Media Access Control and Network Layer Standards 1.

CWNA Guide to Wireless LANs, Second Edition Chapter Five IEEE Media Access Control and Network Layer Standards 1.
802.11 MAC Architecture Module-7 Jerry Bernardini Community College of Rhode Island 6/18/2015Wireless Networking J. Bernardini1.

MAC Architecture Module-7 Jerry Bernardini Community College of Rhode Island 6/18/2015Wireless Networking J. Bernardini1.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture.
Power Management in 802.11 Presented by Sweta Sarkar June 17 th, 2002.

Power Management in Presented by Sweta Sarkar June 17 th, 2002.
110/15/2003CS211 IEEE 802.11 Standard Why we study this standard: overall architecture physical layer spec. –direct sequence –frequency hopping MAC layer.

110/15/2003CS211 IEEE Standard Why we study this standard: overall architecture physical layer spec. –direct sequence –frequency hopping MAC layer.
Wireless Networking WAN Design Module-06

Wireless Networking WAN Design Module-06
1 IEEE 802.11 Management Frames Gast ’ s Book (Chapter 4) Prof. Yu-Chee Tseng CS, NCTU.

1 IEEE Management Frames Gast ’ s Book (Chapter 4) Prof. Yu-Chee Tseng CS, NCTU.
IEEE 802.11 Wireless LAN Standard Chapter 14. IEEE 802 Protocol Layers.

IEEE Wireless LAN Standard Chapter 14. IEEE 802 Protocol Layers.
WLAN What is WLAN? Physical vs. Wireless LAN

WLAN What is WLAN? Physical vs. Wireless LAN
Network Security Wireless LAN. Network Security About WLAN  IEEE 802.11 standard  Use wireless transmission medium such as radio, microwave, infrared.

Network Security Wireless LAN. Network Security About WLAN  IEEE standard  Use wireless transmission medium such as radio, microwave, infrared.
Wireless Ethernet IEEE 802.11 Standard Overview Dirk Grunwald Assoc. Professor Dept. of Computer Science University of Colorado, Boulder.

Wireless Ethernet IEEE Standard Overview Dirk Grunwald Assoc. Professor Dept. of Computer Science University of Colorado, Boulder.
802.11 protocol continued. DCF The basic idea is non-persistent. Can do an optimization: For a new packet (Q len = 0), the sender needs only wait for.

protocol continued. DCF The basic idea is non-persistent. Can do an optimization: For a new packet (Q len = 0), the sender needs only wait for.
IEEE 802.11 Wireless LANs Presented by Peng Ge September 12, 2001.

IEEE Wireless LANs Presented by Peng Ge September 12, 2001.

Similar presentations

Ads by Google