1 / 36

MAC Management

MAC Management. Outline. Introduction - Authentication , Association - Address filtering, Privacy - Power Management, Synchronization MAC Management frames Components of the Management Frame Body Wired Equivalent Privacy (WEP). Why MAC Management?.

grace
Download Presentation

MAC Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MAC Management

  2. Outline • Introduction - Authentication , Association - Address filtering, Privacy - Power Management, Synchronization • MAC Management frames • Components of the Management Frame Body • Wired Equivalent Privacy (WEP)

  3. Why MAC Management? • The first LAN standard to include significant management capabilities. • The environment of WLAN is more complex than wired LAN. (to be dealt with MAC Management) - Shared media (e.g. 2.4GHz, microwave oven) - Anyone can “connect” to the WLAN - Mobility - Power management (mobile devices are run on batteries)

  4. Authentication • Two authentication schemes: open system and shared key. - Shared key : Requesting station Authentication frame Responding station Authentication ID=“shared key"; sequence#=1 Authentication frame Authentication ID=“shared key"; sequence#=2; challenge text Authentication frame Authentication ID=“shared key"; sequence#=3;encrypted challenge text Authentication frame Authentication ID=“shared key"; sequence#=4; authentication result

  5. Authentication (cont.) • Pre-authenticate - stations may have no immediate need. • A station may authenticate with many stations. • AP has higher privilege - mobile station always initiates the authentication process (e.g. in 3com, AP has the four default keys) • Rogue AP could adopt the SSID of the ESS - the mobile stations may get a denial-of-service attack. • Bi-directional authentication? (802.11 working group)

  6. Association • Association: a station ”connecting” to an AP ; (after a successful authentication) - It starts with an association request (from the station) which includes the “capabilities” of the station. • data rates, high rate PHY options, contention-free capabilities, support of WEP and any request for contention-free service. • the length of time in a low power operating mode. - AP will decide whether to grant the association. • Policies and algorithms are not part of the standard. • Ex: long periods in low power operation may need excessive buffer commitments from AP. • Load balancing factors and availability of other APs nearby.

  7. Association (cont.) Wired LAN station station Portal Portal Distribution system AP1 AP2 Station B Station A Station C BSS 1 BSS 2

  8. Re-association • For a station is moving from AP1 to another AP2: - lose the contact with AP1 - begins a new association with AP2 • the association provides information to the DS about the location of the mobile station. - re-association request (includes address of AP1) - grants re-association - association with AP1 is terminated.

  9. Address Filtering (MAC function) • In 802.11, receiver must examine more than the destination address to make correct receive decisions. • At least three addresses in every data and management frame. • In making receive decisions, both the destination address and BSSID are used. (to ensure to discard frames from a BSS other than the associated with.) • Checking BSSID is very important in dealing with the multicast frame.

  10. Power Management in IBSS • The most complex part of the 802.11 • Power management in IBSS (no AP) - Before entering a low power operating state, a data frame handshake must be completed (with the power management bit set in the frame header). - In the power saving state, the station must wake up to receive every Beacon transmission. The station must stay awake for a period of time (after the Beacon frame), called ATIM (announcement traffic indication message) window.

  11. ATIM • If sender determines that the receiver is in power saving state, the sender can’t send its frame until it has received an ACK of an ATIM frame from receiver during the ATIM window. • Multicast frames must be announced by the sender during the ATIM window, but no ACK expected. • Sender consumes power for sending each ATIM frame.

  12. ATIM Window ATIM DATA A ATIM window B ATIM window ATIM-ACK ACK C Dozing ATIM window ATIM window Beacon interval Power saving mechanism for DCF: Node A announces a buffered frame for B using an ATIM frame, Node B replies by sending an ATIM-ACK, and both A and B stay awake during the entire beacon interval. The actual data transmission from A to B is completed during the beacon interval. Since C does not have any frame to send or receive ,it dozes after the ATIM window.

  13. Power management in InfrastructureBSS (with AP) • Centralized in the AP. Can achieve grater power savings. - The AP does all the data frames buffering (including multicast frames). - No need to awaken for every Beacon, nor to stay awake for any length of time after the Beacon. - For the station to receive multicast frames, it must be awake at every DTIM (delivery traffic indication map). - DTIM is in the Beacon frame and determined by the AP.

  14. Power Management in AP • Once the AP has frames buffered for a power saving station, this info will be indicated in the traffic indicationmap (TIM) sent with each Beacon frame. - Data frame will remain buffered for a time not less than the number of Beacon periods in the association request. - AP can discard the buffered frames older than it is required to preserve. (aging algorithm)

  15. AID and TIM AID,a special AID, is to indicate the status of buffered Multicast traffic. The AP will send the TIM(optional), updated with latest buffer status, with every Beacon. Association(1) AP Station Assign AID(2) TIM Partial Virtual bitmap The bit is set to 1 if there is at least one frame buffered for the corresponding station Bitmap control

  16. AID and TIM (1)DTIM interval is consisted of multiple TIM intervals (i.e. Beacon Intervals). (2)MH sends a PS-Poll frame to AP to request the AP to transmit a buffered frame via unicast. (3)MH in PS mode can miss some TIM, but not DTIM. (4)After receiving DTIM, MH in PS mode awakes for receiving broadcast data (no polling is needed) (5)After receiving TIM, MH in active mode transmits earlier, so MH in PS mode stay awake. (6)After receiving DTIM, MH in PS mode dozes due to no broadcast data. DTIM Interval (1)TIM Interval Beacon frame (3) AP MH in active mode DTIM Broadcast TIM Unicast Active (4) (5) (6) MH in PS mode (2)polling

  17. CF-Poll vs. PS-Poll • CF-Poll • used in PCF • initiated by AP to poll station for data • PS-Poll • used in power saving mode • initiated by mobile station to poll AP for buffered data

  18. MAC Management Frames • 11 distinct frame types Beacon, Probe Request and Response, Authentication, De-authentication, Association Request and Response, Re-association Request and Response, Dis-association and Announcement Traffic Indication Message(ATIM) • The frame body carries information in: • Fixed fields and variable length information elements. Information elements occur in the frame body in order of increasing identifiers. Information Element 1 byes 1 length Element ID Length Information

  19. Beacon Frame • Including: ---fixed fields: • timestamp(64-bit), (i.e. the value of the station’s synchronization timer when the frame was transmitted) • beacon interval(16-bit), (i.e. the period of beacon transmissions) • and capability information(16-bit). --- Information elements: SSID, the supported rates, ore or more PHY parameter sets, an optional contention-free parameter set, and optional IBSS parameter set, and an optional traffic indication map (TIM).

  20. Probe Request and Response • The probe request frame is to locate and WLAN with a particular SSID or to locate any WLAN. It contains two information elements :the SSID and the supported rates. (AP will response to the probe requests ; or a station in BBS) • The probe response frame including(similar to Beacon): • fixed fields: timestamp(64-bit), beacon interval(16-bit),and capability information(16-bit). • Information elements: SSID, the supported rates, one or more PHY parameter sets, and optional contention-free parameter set, and optional IBSS parameter set.

  21. Authentication/De-authentication Frames • Authentication frame includes: • fixed fields: • the authentication algorithm number • the authentication transaction sequence number • and the status code • Information elements: Challenge text • De-authentication frame includes only a single Fixed field: the reason code.

  22. Association Request and Response • Association request frame includes: - fixed fields: the capability information field and the listen interval - Information elements: the SSID and the supported rates. • Association response frame includes three fixed fields: The capability information, the status code, and the association ID and one information element, the supported rates.

  23. More Management Frames • Re-association request frame is same as association request frame, with the addition of a current AP address fixed field. Response frame is same as the one in association. • Dis-association frame includes only a single fixed field, the reason code. • ATIM does not include any fixed field or information element.

  24. Components of Management Frames • Variable length Information Elements • Ten fixed fields: • Association ID(AID) (16bits). 1 to 2007 (14 LSBs). The two MSBs must be one. The AID value is used to identify the bit in a TIM. (AP has buffered frames) • Authentication Algorithm Number(16 bits). “0” for “open system”; “1” for “shared key”. • Authentication Transaction Sequence Number(16bits). The initial value is “1” (may not be “0”) • Beacon Interval(16bits). The unit is Time Unit (TU). One TU is 1024 microsecond.

  25. Fixed Fields(cont.) • Capability Information(16bits). • For an AP: ESS=1; IBSS=0 • For a mobile station in an IBSS:ESS=0;IBSS=1. • For WEP: privacy=1 • Short Preamble and Channel Agility are options used in 802.11b PHY • The PBCC (packet binary convolutional coding) is transmitted by an AP when using 802.11b PHY. B0 B1 B7 B15 ESS IBSS CF Pollable CF Poll Request Privacy Short Preamble PBCC Channel Agility Reserved

  26. Subfields of Capability Information • In a Mobile Station • In an AP

  27. Fixed Fields (cont.) • Current AP Address(6 bytes) - The address of the AP is currently associated with, when the station is attempting to re-association. • Listen Interval(16 bits) - For example, a station that wakes only on every tenth Beacon would set this field to 10.(AP will determine the required resource, may say no, for the association.) • Reason Code(16 bits) - The reason for an unsolicited notification of disassociation or deauthentication. • Status Code(16 bits)

  28. Examples of Reason Code

  29. Examples of Status Code

  30. Information Elements

  31. WEP Details • WEP Expansion of the Frame Body Encrypted IV MSDU ICV Bytes 4 1-2304 4 Initialization Vector Pad KeyID Bits 24 6 2 ICV: Integrity Check Value

  32. WEP Details (cont.) • WEP operations Frame Body Plain Text Frame Body Plain Text +ICV + Integrity Check Value (ICV) Integrity Algorithm Frame Body Cipher Text + Key Sequence Pseudo-random number generator Secret key +IV Bitwise XOR process

  33. WEP Details(cont.) • Two mechanisms to select a key • A set of four default keys • “key mapping” between only two stations • MIB • dot11PrivacyInvoked attribute (true:all frames are sent with encryption). • dot11ExcludeUnecrypted attribute (true:only encrypted frames will be received; unencrypted one will be discarded). • dot11WEPDefaultKeysTable attribute (not null:a key is available); KeyID in the header(Ⅳ) points to the table. • dot11WEPKeyMappingsTable is used get the “key mapping” key,if the dot11WEPKeyMappingWEPOn is true for the receiver. (the value of the KeyID is set to zero)

  34. WEP Details (cont.) • Two counters associated with WEP • dot11UndecryptableCount • Due to the key did not exists or the WEP option is not implemented. • If this number is increasing rapidly, an attack to deny service may be in progress. • dot11CVErrorCount • After the frame is decrypted, but the calculated ICV value value does not mach the ICV received with the frame. • If this number is increasing rapidly, an attack to determine a key may be in progress.

More Related