Download
wireless networks n.
Skip this Video
Loading SlideShow in 5 Seconds..
Wireless networks PowerPoint Presentation
Download Presentation
Wireless networks

Wireless networks

137 Views Download Presentation
Download Presentation

Wireless networks

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Wireless networks Philippe Jacquet INRIA Ecole Polytechnique France

  2. Mobile phones

  3. GSM network • « 1 km in the air, 1000 km in wires » • BTS: Base station Transceiver System • BSC: Base Station Controller • MSC: Mobile Switching Center • VLR: Visitor Location Register • HLR: Home Location Register VLR HLR MSC BTS BSC mobile Fixed networks

  4. Wireless interface • Uplink frequencies, downlink frequencies • Each frequency divided in eight periodic slots (channels) • One signalisation channel +seven voice channels.

  5. Wireless interface • Frequency organisation Burst=packet Middample: training sequence

  6. Slot organisation

  7. Urban coverage

  8. Security in GSM • Authentification: high level security • Impossibility of account parameter highjacking is contractual • Encryption: low level security • Possibility of eavedropping by government agencies

  9. SIM chip: contains all security • Subscriber Identity Module • Subscriber identifier IMSI • PIN code • Key Ki for authentification • last dialed numbers and areas

  10. Security GSM Algorithms • Algorithme A3 for authentification based on Ki key. • Ki 128 bits deposited in SIM, is known by operator • Algorithm A8 to create an encryption Kc key • Algorithm A5 for voice encryption from Kc.

  11. on mobile terminal • At request the network sends a 128 bits random number RAND. • SRES=A3(RAND,Ki) 32 bits • Ki impossible to get from SRES and RAND • Kc=A8(RAND,Ki) 64 bits • Ki impossible to get from Kc and RAND • code=A5(Kc,info) • Kc easy to get from clear 64 bits on air • breakable in less than 2 minutes on regular PC.

  12. Authentification • Operateur sends a number RAND • Operator and mobile terminal separately computes SRES • Mobile sends SRES to operator • If both SRES are identical, then user is authentified

  13. authentification SIM VLR Ki RAND Ki SRES=A3(RAND,Ki) SRES=A3(RAND,Ki) accepté SRES test =

  14. Encryption • Mobile and operator compute Kc. • Encrypt and decipher infos with same algorithm A5. • Add each data 114 bits block with pseudo-random 114 bits • Pseudo-random bits computed with Kc and info block number (algorithme A5). • Brute force attack costs 240

  15. Data in voice: GPRS • General Packet Radio System • Enable GSM modem for internet connection • Use idle slots on frequencies pour send and receive data • Charged on per volume basis (voice charged per duration) • Require a protocol stack and a security level and « IP ».

  16. GPRS Protocols

  17. Additional elements in GSM for GPRS internet • SGSN (Serving GPRS Support node) • GGSN (Gateway GPRS Support node) • Un tunnel protocol GTP • Specific authentification procedures SGSN VLR GGSN HLR MSC BTS BSC mobile Réseau fixe

  18. Authentification • First: GSM authentification • Second: GPRS authentification • Creation of a network identitier for IP

  19. Encryption • Regular wireless encryption • Unreliable but needs radio vicinity to break • Require IP encryption • SSH (Secure Shell)

  20. GPRS encryption

  21. WAP protocol

  22. Ipsec protocol IPsec Authentification Header transport mode IPsec Encapsulating Security Payload (ESP) IPsec ESP-tunnel mode

  23. UMTS and CDMA • UMTS is the next generation mobile phone • 3G, (GSM=2G) • Based on CDMA/TDMA Frame=10ms Frame=12 slots of 0.666 ms each

  24. UMTS and CDMA • Slots are periodic • Many users can use the same slot • Sharing via code division frequencies codes GSM UMTS

  25. Code Division Multiple Access • Equivalent to digital fourier transform Fast code Separates transmitters Slow symbol Contains info

  26. Code Division Multiple Access • Basic hypothesis • Data extraction

  27. Code Division Multiple Access • Advantages • Many codes can be given to a single user • Flexibility of use • More bandwidth occupation • Drawback: • Sensitive to near-far effect • Must equalize power

  28. CDMA in Wifi • User modulate datas on a code • No Code division • Allow to fight inter-symbol fading

  29. Wave propagation • Signal attenuation with distance • P0 nominal power • Isotropic medium • =2 in vaccum

  30. Wave propagation • Antenna variation • Distance Fading • Non isotropic medium • Rayleigh fading: is gaussian

  31. Wave propagation • Inter-symbol fading • diffraction on obstacles creates delayed echos Emitted Signal echos Received Signal

  32. Wave propagation • Inter-symbol fading • Attenuation is now a convolution • T: most delayed echo • Average fading is distance fading:

  33. Inter-symbol fading • The typical echo delay T increases with distance • Depends on medium • in vaccum • in 1D homogenous medium • in 2D homogenous medium • with ½<h<1in « fractal » medium • Effect of inter-symbol fading • Does not affect significantly Shannon capacity limit • But: complicates the decoding when T is comparable to inter-symbol time (1/W)

  34. Inter-symbol fading • Example of fractal medium : urban area

  35. Complexity of signal processing • Signal processing • First level signal decoding • Mainly digital • Equalization • Reverse the convolution fading • With noise

  36. Complexity of signal processing • Equalization • Emission of a known training sequence x(t), received y(t) • Knowledge of both x(t) and y(t) gives (t) and -1(t) in theory. • Discretized sampling with frequency  =1/ 

  37. Complexity of signal processing • Resolution of a linear system • Of dimension • Resolution takes operations • Must be repeated every time fading changes: • If , then the processing computing power is

  38. Complexity of signal processing • In general a wireless interface is calibrated for • A minimal SNR and a fixed capacity I • A maximal signal processing power • Therefore for a limit range R • There exists a minimal nominal power P0.

  39. Complexity of signal processing • Diagram Capacity-Range Hiperlan1&2 IEEE802.11a-g Capacity in bit/s Wifi B IEEE 802.11 UMTS pico-cell UMTS micro-cell bluetooth GSM UMTS range in m

  40. Error suppression • Error Detection via check sum • Message=binary polynomial • Check sum is the rest of division of message polynomial by a known polynomial of degree 32. • The check sum is then 32 bits • The receiver compare with transmitted check sum (failed error detection probability 2-32) message Check sum

  41. Error suppression • Two kinds of error suppression • Forward Error Correction (FEC) • Automatic Repeat Query (ARQ)

  42. Error suppression • FEQ: forward error correction • Addition of extra bits to message to help correction of corrupted blocks. E.g. sum of all blocks. • Detection of corrupted blocks via local check sums. • Matrix n(n+r) has all n  n sub-matrices reversible • Encoding rate = n/(n+r) 1 (0) (0) Encoded Message = Message 1 

  43. Error suppression • Data interleaving to spread error burts

  44. Error suppression • ARQ: Automatic Repeat Query • The receiver acknowledge correctly received blocks • Emitter repeats non acked blocks 1 2 3 4 5 6 7 8 ACK: 1,2,5,7 3 4 6 8 ACK: 4,8 3 6 ACK: 3,6 3 6 ACK: 3,6