IEEE 802.

11i Wireless LAN

Security
Unit 4
 IEEE 802.11

IEEE has defined the specifications for a wireless LAN,

called IEEE 802.11, which covers the physical and data
link layers.

Topics discussed in this section:

Architecture
MAC Sublayer
Physical Layer

14.2
 IEEE 802.11 Architecture

• The IEEE 802.11 standard, commonly known as Wi-

Fi, outlines the architecture and defines the MAC
and physical layer specifications for wireless LANs
(WLANs).
• Wi-Fi uses high-frequency radio waves instead of
cables for connecting the devices in LAN. Given the
mobility of WLAN nodes, they can move
unrestricted within the network coverage zone.
• The term 802.11x is also used to denote the set of
standards. Various specifications and amendments
include 802.11a, 802.11b, 802.11e, 802.11g,
802.11n etc
 Wireless Network Consists of
• Station(STA): Stations (STA) comprise all devices and
equipment that are connected to the wireless LAN. It can
be of two types:
– Wireless Access Point (WAP): WAPs or simply access
points (AP) are wireless routers that bridge
connections for base stations.
– Client: Examples include computers, laptops, printers,
and smartphones.
• Access Point: It is a device that can be classified as a station
because of its functionalities and acts as a connection
between wireless medium and distributed systems.
Note

A BSS without an AP is called an “ad hoc” network;

a BSS with an AP is called an infrastructure network.

14.6
Basic service sets (BSSs)

14.7
Extended service sets (ESSs)

14.8
 Wireless Network Consists of
• SSID (Service Set Identifier): It’s the network
name for a particular WLAN. All-access points
and devices on a specific WLAN must use the
same SSID to communicate.
 IEEE 802.11 Architecture and Services

Basic Service Set(BSS): It’s configuration consists

of a group of stations and relies on an Access
Point (AP), which serves as a logical hub.
Stations from different BSSs interact through the
AP, which functions as a bridge, linking multiple
WLAN cells or channels. It is of two types
– Infrastructure BSS
– Independent BSS
 Infrastructure BSS
• Communication between stations takes place
through access points. The AP and its
associated wireless clients define the coverage
area and form the BSS.
 Independent BSS
• Supports mutual communication between
wireless clients. An ad-hoc network is
spontaneously created and does not support
access to wired networks.
 Extended Service Set

• ESS connects multiple BSSs and consists of

several BSS cells, which can be interlinked
through wired or wireless backbones known
as a distributed system. Multiple cells use the
same channel to boost aggregate throughput
to network.
Other components include:
• Distribution System (DS): Links APs within the
ESS.
• Portal: Serves as a gateway to other networks.
 Roaming between APs
• In an environment with multiple access points
(like a large office building or campus), a
device can move from the range of one AP to
another and still maintain its connection. This
is possible due to the underlying architecture
of the IEEE 802.11 standard which allows for
roaming between APs.
 Authentication & Association
• Before a station can send or receive data
frames on a WLAN, it needs to establish its
identity with an AP. This process is called
authentication. After authentication, the
station then establishes a data link-layer
connection with the AP through a process
called association.
Services provided by the WLAN
IEEE defines 9 services that need to be provided by the WLAN
 IEEE 802.11
• IEEE 802.11, widely recognized as Wi-Fi, revolutionized
wireless communication by establishing protocols for
WLANs. With an intricate architecture supporting both
localized and expansive networks, it ensures seamless
roaming and secure connections. Despite challenges
like potential interference and marginally slower
speeds than wired networks, Wi-Fi’s broad
applications, from home setups to public hotspots,
underscore its transformative impact on modern
connectivity, making it indispensable in today’s digital
age.
 Advantages
• Fault Tolerance: The centralized architecture
minimizes the bottlenecks and introduces
resilience in the WLAN equipment.
• Flexible Architecture: Supports both
temporary smaller networks and larger, more
permanent ones.
• Prolonged Battery Life: Efficient power-saving
protocols extend mobile device battery life
without compromising network connections.
 Disadvantages
• Noisy Channels: Due to reliance on radio
waves, signals may experience interference
from nearby devices.
• Greater Bandwidth and Complexity: Due to
necessary data encryption and susceptibility
to errors, WLANs need more bandwidth than
their wired counterparts.
• Speed: Generally, WLANs offer slower speeds
compared to wired LANs.
 IEEE 802.11i
• IEEE 802.11 is a standard for wireless LANs. Referred as Wi-
Fi
• IEEE 802.11i specifies security standards for IEEE 802.11
LANs, including authentication, data integrity, data
confidentiality, and key management. Also called Wi-Fi
Protected Access (WPA).
• WAP security is primarily provided by the Wireless
Transport Layer Security (WTLS), which provides security
services (especially for mobile users) between the mobile
device and the WAP gateway to the Internet.
• WAP end-to-end security, mobile device implements TLS
over TCP/IP and the wireless network supports transfer of
IP packets
 IEEE 802.11 Security
• WEP : Wired Equivalent Privacy (old one)
• WPA: Wi-Fi Protected Access (NEW)
• 802.11i
• Robust Security Network (RSN)
Wired Equivalent Privacy
1. Wired Equivalent Privacy (WEP) :
Wired Equivalent Privacy (WEP) is a security protocol for
wireless networks which provides data confidentiality
comparable to a traditional wired network. It was
introduced in 1999. It provides wireless security through
the use of an encryption key. It uses an old encryption
method that is Rivest Cipher 4 (RC4). It uses 40 bit key and
24 bit random number.
2. Wi-Fi Protected Access (WPA) :
Wi-Fi Protected Access (WPA) is a security protocol which is
used in securing wireless networks and designed to replace
the WEP protocol. It was developed by the Wi-Fi Alliance in
2003. It was designed to replace the WEP protocol and it
uses Rivest Cipher 4 (RC4) and Temporal Key Integrity
Protocol (TKIP) for encryption. WPA key is 256 bit key.