1999 Cabletron Systems

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

utSecurity, FCC Regulations, and

Safety

802.11 inherent securityWired Equivalent Privacy (WEP)FCC guidelines

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

Network Name and Association

• In this scenario, the only station in this cell that will be able to associate with the AccessPoint is station B

AccessPoint

Station ANetwork Name: sales

Station BNetwork Name: admin

Network Name: admin

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

Authentication

• Stations must first authenticate with an AccessPoint before they can associate with it

• IEEE 802.11 defines:

– Open System Authentication

– Shared Key Authentication (based on Wired Equivalent Privacy (WEP))

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

Open System Authentication

• In open system mode, station A makes an open system Authentication request to the associated AccessPoint

Authentication request(Open System Authentication)Station A AccessPoint

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

• AccessPoint responds and authentication is complete

– Note: This mode of operation, although secure for the most part, is not as secure as operating with Wired Equivalent Privacy (WEP) installed

Open System Authentication

Authentication response(Open System Authentication)Station A AccessPoint

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

Encryption

• RoamAbout offers encryption to meet security concerns

– Base 40 bit encryption

– Optional 128 bit encryption

– Encryption based on RC4 (1988 RSA algorithm)

– Used by Netscape, Microsoft, Oracle and Lotus (80 million users)

– The encryption is used in a shared key format which is used to:

• Encrypt a challenge text string by the end station and

• To decrypt the challenge text string response by the AccessPoint

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

• Station makes a shared key authentication request

Shared Key Authentication (WEP)

Authentication Request

Station A AccessPoint

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

Shared Key Authentication (WEP)

• AccessPoint replies with a “challenge” text string

AccessPoint

Challenge Text String

Station A

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

Shared Key Authentication (WEP)

• The station encrypts the challenge text string with the shared key and responds to the AccessPoint with the Encrypted challenge text string

Encrypted challenge text response

Station A AccessPoint

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

• The AccessPoint decrypts the encrypted challenge text and makes a decision to authenticate the station based on the results

– Positive results in association

– negative results in no association

Shared Key Authentication (WEP)

Positive or Negative response

Station A AccessPoint

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

FCC Regulations

• Licensing

– The requirements are such that as long as the manufacturer adheres to the regulations, a site license is NOT required by the end user

• Power requirements

– USA• 1 Watt from any omni-directional radio antenna

• 4 watts from any amplified antennas

– Europe• 100mWats from any source

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

FCC Channel Distribution

12412

2401 2423

22417

2406 2428

32422

2411 2433

42427

2416 2438

52432

2421 2443

62437

2426 2448

72442

2431 2453

82447

2436 2458

92452

2441 2463

102457

2446 2468

112462

2451 2473

2400 MHz 2484 MHzISM Band

Channel number

Top of channelCenter frequency

Bottom of channel

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

ETSI (Europe) Channel Distribution

12412

2401 2423

22417

2406 2428

32422

2411 2433

42427

2416 2438

52432

2421 2443

62437

2426 2448

72442

2431 2453

82447

2436 2458

92452

2441 2463

102457

2446 2468

112462

2451 2473

2400 MHz 2484 MHzISM Band

122467

2456 2478

132472

2461 2483

Channel number

Top of channelCenter frequency

Bottom of channel

1999 Cabletron Systems

Wir

ele

ss

Ne

two

rkin

gR

oa

mA

bo

ut

Channel Distribution Worldwide

Channel ID ETSIFCC France Japan1 24122412 - -2 24172417 - -3 24222422 - -4 24272427 - -5 24322432 - -6 24372437 - -7 24422442 - -8 24472447 - -9 24522452 - -

10 24572457 2457 -

12 2467- 2467 -13 2472- 2472 -14 -- - 2484

11 24622462 2462 -

Cabletron AccessPoint Default channels