Contents

List of Figures and Tables

Abstract

1 Introduction

2 Wireless Local Area Network (WLAN) Standards

2.0
2.1
2.2
2.3
2.4

802.115
802.11a 5
802.11b6

802.11g 7
802.11n....7

3 Network Wireless Devices Configurations

3.0
3.1
3.2
3.3

Ad-Hoc Network..9

Basic Service Set (BSS)..10

Extended Service Set (ESS).11

Wireless Bridging.12

4 Wireless Network Security

13

4.0 Wireless network Security Overview.13

4.1

Wired Equivalent Privacy (WEP)..15

4.2.1 WPA and WPA 2 Personal Mode Authentication16

4.2.2 WPA and WPA 2 Enterprise Mode Authentication....16

4.3

Conclusion

EAP-SIM Authentication...............................................................17

References

19

18

List of Figures and Tables

Table 1

Overview of IEEE 80.11 Standards.8

Figure 1

An Ad-Hoc Network10

Table 2

Figure 2

WPA and WPA 2 in Enterprise and Personal Mode...17

Basic Service Set (BSS).....11

Figure 3

Extended Service Set (ESS)....12

Figure 5

EAP-SIM Architecture..18

Figure 4

Wireless Equivalent Privacy (WEP) Data Format....14

Abstract
WLANs use radio frequencies (RF) instead of cables at the physical layer of the
data link layer. Wireless LANs has the capability of providing users with more
flexibility and freedom of movement within a location.

This report is focused on the critical evaluation of the various Wireless LANs
standards which have continuously improved from 802.11a to 802.11n and

others. Various techniques by which wireless networks devices are connected

and configured was discussed.

And finally the different network security techniques implemented in Wireless

LAN networks was also evaluated.

1.0 Introduction
WLAN is a flexible data communication system, which can be used for
applications in which mobility is necessary or desirable. Using electromagnetic

waves, WLANs transmit and receive data over the air without relying on physical

connection. Current WLAN technology is capable of reaching a data rate of

200+Mbps. Overall, WLAN is a promising technology for the future
communication market.

IEEE 802.11 is a standard that defines how radio frequencies in the unlicensed
industrial, scientific, and medical (ISM) frequency bands are used for the
physical and the MAC sub layer of the wireless link.

2.0 802.11
In June 1997, the IEEE (Institute of Electrical and Electronics Engineers)
finalized the initial standard for Wireless LAN: IEEE 802.11. In this standard a
2.4 GHz band operating with data rates 1 Mbps and 2 Mbps is utilized. With the
initial IEEE 802.11 standard, two classes of spread spectrum modulation is used:

Direct Sequence Spread Spectrum (802.11 DSSS) and Frequency-Hopping Spread

Spectrum (IEEE FHSS).

2.1 802.11a
The IEEE 802.11a standard was finalized in 1999 and it is comparable to
the Fast Ethernet of Ethernet and can reach speeds of 54 Mbps, compared

to 802.11bs 11 Mbps. In place of IEEE 802.11bs Direct Sequence Spread

Spectrum (DSSS), 802.11a uses coded orthogonal frequency division

multiplexing (OFDM). This technology was built by breaking down a 20
MHz high-speed data channel into 52 lower-speed sub channels that are

sent in parallel. 48 of these sub channels are used for data, with the
remaining four are reserved for error correction (Geier, 2002).

The use of a 5 GHz band and an OFDM modulation technique provides

two significant benefits over 802.11b. First, the speed per channel is
4

improved from 11 Mbps to 54 Mbps, which is particularly beneficial

especially when large file transfer and fast Internet access is required.

Second, a 5 GHz bandwidth offered in 802.11a is larger than the 2.4 GHz
range used in 802.11b, which thereby reduces the issue of interference in
2.4 GHz.

This advantage comes with some shortcomings. The higher operating

bandwidth of 802.11a equates to a shorter range. This implies that to
maintain high data rates, a larger number of 802.11a access points are

required to cover the same area. While 802.11b access points has a
typical range of between 100 metres, 802.11a range is limited between

25-50 metres depending on the 802.11a product. In addition, 802.11b

devices are completely incompatible with 802.11a due to the different

characteristics in their physical layers (Rappaport, 2002).

2.2 802.11b
IEEE 802.11b is the most popular standard in the 802.11x family. The

specification was finalized at the same time as 802.11a in 1999. The

802.11b is based on DSSS (Direct Sequence Spread Spectrum) using 2.4

GHz band. 802.11b is capable of reaching a maximum speed of 11 Mbps at

a distance of several hundred feet. Additionally since 802.11b uses 2.4

GHz signals, they are more able to penetrate physical barriers such as
walls and ceiling more effectively than 5 GHz frequency band. The

downside of 2.4 GHz spectrum is congestion, which is due to it been

unlicensed and can tend to be overcrowded. The 802.11b standard is

backward compatible with earlier specifications (802.11), enabling

speeds of 1, 2, 5.5, and 11Mbps on the same transmitters using DSSS for
transmission (Geir, 2002).

One remarkable point about 802.11b is how it works between access

points. The specification requires a method of roaming, but leaves the

implementation up to the access points manufacturer. This allows
5

roaming between various AP vendors access point difficult, as it is

unlikely that manufacturers will deploy the same methods (Held, 2002).

2.3 802.11g
IEEE 802.11g offers high- speed wireless communication to the 2.4 GHz

band, while maintaining backward compatibility with 802.11b. This is

accomplished on two ways:

First, 802.11g works on the same 2.4GHz band as 802.11b, with the same

DSSS modulation. But unlike 802.11b, 802.11g operates at a data rate of

54 Mbps which is as a result of the use of OFDM modulation (Held, 2002).

In practice, 802.11g networks has the capability to work on an 802.11b

access point, and 802.11b cards will also work with an 802.11g access
point. In both of these setups, the 802.11b component is the limiting

factor, since its maximum speed is 11Mbps. To obtain the 54Mbps speeds,
both the network cards and the access point have to be 802.11g

compliant. In all other aspects, such as network capacity and range

802.11b and 802.11g are the same.

Since 802.11g delivers the same speed as 802.11a, comparisons between

them are unavoidable. And because they both use OFDM modulation, the

key differences result from their frequency ranges and corresponding

bandwidth. When we take into consideration the back ward compatibility

the 802.11g has with 802.11b, 802.11g becomes attractive option for
companies that have 802.11b installations (Geir, 2002).

2.4 802.11n
IEEE 802.11n is one of the most important wireless technology

developments to come along in recent years. Development of the IEEE

802.11n amendment to the standard started in late 2003, when IEEE

(Institute of Electrical and Electronics Engineers) put together the TGn

task group to begin the work on this specification (Perahia and Stacey
6

2013). It is a wireless standard that provides remarkable developments in

the area of speed, reliability, range of communication and it delivers a
date rate which is almost 6times that of 802.11a/g. 802.11n also have a
significant improvement in the network coverage and connection quality.

Wireless networks are extensively deployed in industrial and domestic

environments and new applications are evolving to meet the customers

needs. Most of the new applications are bandwidth demanding. Most

multimedia applications need more bandwidth for better performance

and 802.11n solves this challenges by delivering data rates as high as

600Mbps.

Two basic techniques are implemented in 802.11n to increase the data

rates compared to 802.11a/g, they include: MIMO and 40MHz bandwidth

channels. In 2.4GHz and 5GHz frequency band, each channel is

approximately 20MHz wide. In 802.11n, two adjacent channels, each of

20MHz are joined together to get a bandwidth of 40MHz. And this provide
a wider channel for data transmission (OHara and Petrick, 2004).

Another major advantage 802.11n has over other WLAN standards is its
interoperability with 802.11a or 802.11b/g technologies and it can
operate in either 2.4GHz or 5GHz.

Standard

802.11a

802.11b

802.11g

Here is a comparison between the WLAN Standards that was discussed.

7

802.11n

Up to 23

OFDM

DSSS/CCK

2.4

2.4

54

11Mbps

54

100

150

150

250

Power

Medium

Medium

Medium

Medium

25

20

25

20 and 40

Access

CSMA/CA

CSMA/CA

CSMA/CA

CSMA/CA

Channels

Modulation

Frequency Band (GHz)

Data rates (Mbps)
Max. Range (m)

Channel spacing (MHz)

3
DSSS/OFDM/CCK MIMO /OFDM

2.4 and 5
Up to 600

Table 1. Overview of IEEE 80.11 Standards (Perahia and Stacey 2013)

3.0

Ad-Hoc Network

The ad-hoc network (also called Peer-to-Peer mode) is simply a set of Wireless

LAN workstations that communicate directly with one another without access
point or any connection to the wired network. For example, this ad-hoc network
can be formed by two laptops with a network interface card. There is no central

controller; mobile terminals can communicate using peer-to-peer connections

with other terminals independently. The network may still include a gateway
node to create an interface with a fixed network. As an example this kind of

setup might be useful in a meeting where employees in a company bring

together laptop computers together to communicate and share information even
when the company does not provide the network. Or an ad-hoc network could be

set up in a hotel room or in the airport or where access to wired network is not
available.

Benefits of Ad-hoc Networks

i.

Building an ad-hoc network from the scratch is easy, since it requires little

setting changes and no additional hardware or software. In situations

where multiple computers are to be connected hurriedly, ad-hoc network is
the perfect solution.

ii.

In Ad-hoc networks, computers can be connected to the internet or files can

be shared between workstations without the need of a wireless router or
access points.

Limitations of Ad-Hoc Networks

i.

Wireless LAN devices offers very low security against undesirable

connections. It will be very easy for attackers to gain entry so far the

network is within range. i.e. SSID broadcast can be disabled in other

ii.
iii.

network configuration modes.

Ad-Hoc network is often slower than other network configuration modes.

Therefore, Wireless devices supporting higher data rates will eventually

drop-down when connected in ad-hoc network modes.

The software or hardware operating system available in other network

configuration methods are not available in ad-Hoc networks, therefore

limited information is disclosed about a network in ad-hoc networks.

Ad- Hoc Network

Figure 1. An Ad-Hoc Network - (Mittal and Anand, 2014)

3.1

Basic Service Set (BSS)

9

Basic Service Set (BSS) is a set of workstations that communicate with one

another. A BSS does not generally refer to a particular location, due to the

uncertainties of electromagnetic propagation. When all of the workstations in

the BSS are mobile stations and there is no connection to a wired Ethernet
network, the BSS is called independent BSS (IBSS). IBSS is typically short-term

network, with a small number of stations, which is created for a particular

purpose. And also when a BSS includes an access point (AP), the BSS is called
Infrastructure BSS (Mittal and Anand, 2014).

When there is an Access Point (AP), If one mobile station in the BSS must

communicate with another mobile station, the communication is sent first to the
AP and then from the AP to the other mobile station. This consume twice the
bandwidth that the same communication. While this appears to be at a great

cost, the benefits provided by the AP is far greater than the cost. The major
advantage of this is that Access Point (AP) buffers the traffic of mobile while that
station is operating in a very low power state.

Independent BSS
(Ad-Hoc network)

Infrastructure BSS
Access Point

Wired
LAN

STA1

STA1

STA2

STA2

STA3
STA4

Figure 2. A Basic Service Set (BSS) - (Mittal and Anand, 2014)

3.2

Extended service Set (ESS)

10

STA3

One of the most desirable benefits of a WLAN is the mobility it provides to its
users. This mobility would not be of much use if it were confined to a single BSS.
IEEE 802.11 extends the range of mobility it provides to any arbitrary range

through the ESS. An ESS is a set of infrastructure BSSs, where the Access Points

communicate among themselves to forward traffic from one BSS to another and
to facilitate the movement of mobile workstation from one BSS to another. The

APs perform this communication via an abstract medium called the Distribution
Systems (DS). The DS is the backbone of the Wireless LAN and may be

constructed of either wired or wireless networks. The DS is a thin layer in each

AP that determines if communication received from the DSS are to be relayed

back to a destination in the BSS, forwarded on the DS to another AP, or sent into
the wired network infrastructure to a destination not in the ESS.

Communications received by an AP from the DS are transmitted to the BSS to be

received by the destinations mobile workstation to the network equipment

outside of the ESS.

The ESS and all of its mobile station all appear to be a single MAC sub layer

network where all STAs are physically stationary. The ESS hides the mobility of

the mobile STAs from everything outside the ESS. This level of indirection,
provided by the IEEE 802.11 architecture, allows existing network protocols that

have no concept of mobility to operate correctly with a WLAN where there is lots
of mobility (Mittal and Anand, 2014).

ESS

Distribution Systems (DS)

BSS
BSS

BSS

Figure 3. Extended Service Set (ESS) (Mittal and Anand, 2014)

11

3.3

Wireless Bridging

A Wireless bridging is the name commonly given to the relationship that is

formed between Infrastructure Devices such as Access Points and Routers. The
primary function of Wireless Bridge is to expand the capacity of the existing
Wireless LAN (WLAN).

Wireless Bridging is based on the Wireless Distribution System (WDS) which

allows you to make a completely wireless infrastructure. Normally, Access Points

must be hardwired to an Ethernet-based LAN. In this way the Access Points
allow for a wireless connection to be made to the wired network. The WDS

feature allows Infrastructure Devices such as Access Points and Routers to be

wirelessly connected to one another. This feature is normally used in large,

open areas such as warehouses where wiring might be restricted or not cost
effective, and in some larger home environments. Wirelessly bridging multiple
Devices that have all been configured to use the same SSID (Service Set Identifier
or Wireless Network Name) will allow in effect Roaming for your Wireless

Client Adapters. When they are out of range of one device they will automatically

connect to another stronger signal. Wireless Bridges are a very practical, easy,

and in most cases inexpensive way to connect two different Ethernet LANs
together or extend the range of existing Wireless Networks. They are quick to set
up and relatively easy to configure.

4.0 Overview of Wireless Network Security

Depending on the business requirements and desires, it is very important to
address wireless network security more effectively. Through the past decades,

researchers have come up with different wireless network security technologies

such as: Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and

Wi-Fi Protected Access 2 (WPA 2) and amongst others. Wireless Equivalent

Privacy (WEP) was the first security encryption technique introduced in the first
IEEE 802.11 standard and Wi-Fi Protected Access was introduced to solve the
12

security problems with WEP. WPA 2 also known as IEEE 802.11i was an
amendment to the 802.11 standard which specify wireless network security
improvement of WPA. We also have the Extensible Authentication Protocol

(EAP) which is a universal framework used in wireless networks and Point-Point

connections.

4.1 Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP) is a WLAN security technology

introduced as part of the original 802.11 standard approved in September

1999. Its intention was to provide basic level of data encryption and
authentication. WEP depend on a secret key that is shared between a

mobile station and access point (AP). The secret key is used to encrypt
data before they are transmitted and an integrity check is used to confirm
that data are not altered during transmission (Rappaport, 2002).

WEP is designed to encrypt the frames and to compute a checksum before

transmission. It uses Rivet Cipher 4 (RC4) stream Cipher (provided by

RSA security, Inc.) for encryption. It is also makes use of an Integrity
check algorithm and a cyclic redundancy check for checking for errors.
For authentication (Borsc and Shinde, 2005). A client sends a text to a

WEP enabled access point using RC4 encryption to verify its identity, then
the access point decrypts the encrypted text and checks if it matches

before access is granted to the client and for encryption provides a 24-bit
initialization vector.

13

IV

Initiation Vector
24bits

0-18432 bits (max 18k)

Data

Pad

Key ID

6bits

2bits

32bits

ICV

Fig. 4 Wireless Equivalent Privacy (WEP) Data Format (Borsc and Shinde 2005)

The Wireless equivalent privacy (WEP), which is a security protocol used

in WLANs to deliver an equivalent security as Wired Ethernet network

and it is characteristically a weak security algorithm considering the use

of RC4 encryption algorithm, use of weak IVs, and use CRC-32 algorithm.
The weaknesses of Wired Equivalent privacy include:
i.

ii.
iii.
iv.

The key management is WEP is not stated in WEP standard. One

single key is shared by more than one users in a network. And this
makes the keys have poor quality.

In WEP standard, the IV (initialization vector value is very small.

WEP initialization vector value is 24bits. Hence this delivers

approximately 16 million RC4 cipher streams for a given keys.

Integrity check Value (ICV) is not suitable. The WEP integrity

check is based on Cyclic redundancy check -32 (CRC-32) which is

not as effective as MD5 or SHA I algorithms.

WEPs use of RC4 makes the encryption and authentication

technique weak compared to other encryption methods.

The advantage of this security technique is that it reduces the ability of an

attacker to create Denial-of-service attacks by sending garbage packets.
14

The WEP standard can be strengthened by implementing the following

solutions:
i.

ii.

iii.

4.2

By increasing the size of the initialization vector.

By changing the secret keys regularly.

Instead of using the CRC checksum, different method can be used

for the integrity check i.e. MD5 or hash function.

WPA and WPA 2 Personal Mode Authentication and

Enterprise mode Authentication.

4.2.

Enterprise Mode Authentication and Personal Mode

There are two types of WPA and WPA 2 wireless network security. They
include: Enterprise mode and Personal Mode.
1. WPA and WPA 2 Enterprise Mode
WPA and WPA 2 Enterprise mode operates in a managed mode to meet
the rigorous requirements of enterprise security. It leverages the IEEE
802.1X

authentication

framework

which

uses

an

Extensible

Authentication Protocol (EAP) type with an authentication server to

provide strong mutual authentication between the client and the

authentication server (Velte and Velte, 2006).

Authentication in enterprise mode relies on the IEEE 802.1X

authentication. The major components are the supplicant (client) joining

the network, the authenticator (AP server) providing access control and

the authentication server (RADIUS) making the authorization decisions.

In this the authenticator and the supplicant communicate using layer 2

EAPoL (EAP over LAN). Authenticator converts EAPoL messages to

RADIUS messages and then forward them to the RADIUS server. It then

receives this messages and processes it, once the supplicant and the
authenticator have the same secret master key, then the authentication
process is complete (Wi-Fi Alliance, 2005).
15

2. WPA and WPA 2 Personal Mode

WPA and WPA 2 is designed for home and small office (SOHO) users who

do not have authentication servers available. It operates in an unmanaged

mode that uses a Pre-shared key (PSK) for authentication instead of IEEE

802.1X. This mode uses applied authentication in which a pass-phrase

(the PSK) is manually entered on access point to generate the encryption

key. Consequently, it does not scale well in enterprise. The PSK is typically
shared among users.

Authentication in WPA and WPA 2 personal mode which does not require
an authentication server is performed between the client and AP

generating a 256-bit PSK from the plain text pass phrase (from 8 to 63

characters) (Wi-Fi Alliance, 2005). Personal mode uses the same

encryption methods as Enterprise mode. It supports per-user, persession, per-packet encryption via TKIP with WPA or AES with WPA2.

The table shown below states the comparison between WPA and WPA2 in
Enterprise and Personal Mode when considering there Authentication
and encryption technique.
Enterprise Mode
(Business& Government)

Personal mode
(SOHO /Personal)

WPA

WPA2

Authentication: IEE 802.11X/EAP

Authentication: IEE 802.11X/EAP

Encryption: TKIP/MIC

Encryption: AES- CCMP

Authentication: PSK

Authentication: PSK

Encryption: TKIP/MIC

Encryption: AES- CCMP

Table 2. Comparison between WPA and WPA 2 in Enterprise and

Personal Mode - (Wi-Fi Alliance, 2005)

4.3 EAP- SIM Authentication

16

EAP stands for Extensible Authentication Protocol, is a widespread

authentication structure which is usually implemented in wireless

networks and Point-to- Point connections. The various EAP methods

which are common in wireless networks include EAP-TLS, EAP-AKA, EAPTTLS, EAP-SIM and amongst others. EAP-SIM was developed by the 3rd

Generation Partnership Project (3GPP) as stated in RFC 4186 of the IETF.

It specifies an alternative methods of securing Subscriber identity using

the same security technique as GSM, which uses pseudonyms or

temporary identifier (Haverinen and Salowey, 2006).

For EAP-SIM authentication, certain network components are required,

they include: Client device e.g. User terminal with SIM Card, 802.1X

compatible WLAN access point, AAA RADIUS server used for

authentication, HLR/AuC, Access controller with (DHCP server, QoS and

accounting function), and SS7 Gateway (Signaling System No. 7) which is

used for connecting the AAA RADIUS to the HLR/AuC. When the user,

with the terminal, roams within range of the operators Wireless LAN

Access Point, the Access Point, and RADIUS server and Wireless client

Software set up a communication dialog in order to authenticate the user

and confirm he or she is allowed to access the network.

During this process, the RADIUS Server links to the users HLR (which

contains the Identity of the subscriber and the cryptographic secrets to

authenticate the subscriber) and retrieves the GSM triplets that are used
to authenticate the user. If the users and the SIM card is able to validate

the GSM triplets correctly, the RADIUS server tells the AP to grant access
to the WLAN. Then the access point connects the users terminal to the
WLAN (Garderos Software Innovations GmbH, 2006).

The EAP-SIM authentication standard has been developed with standards

of wireless security in mind. With EAP-SIM, passwords are never
transmitted over the air or in RADIUS requests over the internet. The

major advantage of this standard is that it can change encryption keys

during a user session and that secure algorithms are only known by the
HLR/ AuC and the SIM card.

17

EAP SIM Architecture

Secure Tunnel

Device

Supplicant

Access Point
802.1X hotspot

Authenticator

EAPSIM
RADIUS

GSM/MAP/
SS7
Gateway

HLR/HSS

Authentication
Server

Figure 5. A diagram of EAP SIM Architecture- (Haverinen and Salowey, 2006)

Conclusion
In this critical report, we briefly discussed the various IEEE 802.11 Wireless LAN
standards with their advantages and drawbacks. We also evaluated the various

wireless network configurations such as Basic Service Set (BSS), Extended

Service Set (ESS), and amongst others. And finally the different method of
securing wireless networks was critically analyzed.

WLAN offers user mobility; users can access files, network resources, and the

Internet without having to physically connect to the network with wires. WLANs

are now becoming a sustainable alternative to traditional wired solutions. For

example, hospitals, universities, airports, hotels, and retail shops are already
using wireless technologies to conduct their daily business operations.

18

References
Borsc, M and Shinde, H., (2005) Wireless Security and Privacy. IEEE international
Conference on personal Wireless Communications, pp. 424-428.

Garderos Software Innovations GmbH. (2006) EAP-SIM Authentication in WLAN

Networks. pp. 1-11.

Geier, J. ( 2002) Wireless LANS: Implementing High performance IEEE 802.11

Networks. Second ed. Indianapolis: Sams Publishing.

Haverinen, H. and salowey, J. (2006) Extensible Authentication Protocol Method

for Global system for mobile Communication (GSM) Subscriber Identity Modules
(EAP-SIM). pp. 1-90.

Held, G. (2002) Developing Wireless LANs: Concept, Operation and Utilization.

New York: McGraw- Hill Inc.

Ilyas, M and Syed, A. (2005) Handbook of Wireless Local Area Networks :

Applications, Technology security, and Standards. Florida: Boca Raton.

Jaidev, B. (2002) Wireless LANs Demystified. New York: McGraw-Hill Inc.

Mittal, I and Anand, A. (2014) WLAN Architecture. International Journal of

Computer Trends and Technology (IJCTT), 8(3), pp. 1- 4.

O' Hara, B and Petrick, A. (2004) IEEE 802.11 Handbook. 2nd Edition ed. london:
IEEE Press.

Perahia, E and Stacey, R. (2013) Next Generation Wireless LANs: 802.11n and
802.11ac. Second ed. Cambridge: Cambridge University Press.

Rappaport, T. (2002) Wireless Communication : Principle and Practice. 2nd ed.

New Jersey : Prentice Hall.

Velte, T.J. and Velte, A.T. (2006) Cisco 802.11 Wireless networking Quick
Reference. Indianapolis: Cisco system, Inc.
19

Wi-Fi Alliance. (2005) Deploying Wi-Fi protected Access WPA and WPA 2 in the
enterprise. WPA and WPA 2 Implementation Paper, March.

20