[email protected] › T-110.300 Telecommunications

WLAN

Antti Siitonen Development manager, MSc (EE) [email protected]

› T-110.300 Telecommunications architectures › Lectures on 20.11.2002 › WLAN overview

Antti Siitonen, 2002 8.11.2002 1 Contents

›WLAN basics »Basics »Protocols »Standards @ 2,4 GHz »Network and Radio properties »Terminals »Security »Development »Roaming »Business models »Future

2 WLAN-basics

› Current WLAN solutions are mainly based on IEEE 802.11 standards and they implement ETHERNET over wireless Media

Application › Focus on OSI layers 1 & 2 Presentation

Session › Bandwidth 1-11 Mbit/s › IEEE 802.11 - 1 or 2 Mbit/s Transport

› IEEE 802.11b - 1, 2, 5.5 and 11 Mbit/s Network

Data Link › Network architecture can be Physical › Ad hoc (spontaneus) › Infrastructure network

3 Wireless LAN Protocols

WebBrowsers Net Management XWindows NetWare Application EMAIL Proprietary MANAGEMENT NFS Presentation FTP SNMP SMB NDS NCP Session Telnet IAPP NetBEUI TCP UDP RIP SPX Transport (Microsoft) Network IP (Internet Protocol) IPX (Novell)

PossiblePossible proprietary proprietary protcols protcols Data Link IEEE 802.11 WLAN MAC

2.4 GHz 2.4 GHz 5 GHz Physical 2 Mbps FHSS 11 Mbps DSSS 54 Mbps OFDM

Antti Siitonen, 2002 WLAN - Plain Wireless Ethernet Extension

Application Level Data Applications Application

Network addressing, routing TCP/IP TCP/IP stack Bridge control IP routing

Other 802.11 802.11 Ethernet Ethernet LAN WLAN WLAN Ethernet interface radio radio

5 Standards @ 2,4 GHz

Frequecy Standard Radio Bit rate Range Encryption Status Note Max/Net 2,4 GHz 802.11DS CSMA/CA, 2/1 Mbit/s 100 m @ N/A Outdated Not DSSS, 2Mbit/s available PSK any more 2,4 GHz 802.11FH CSMA/CA, 2/1 Mbit/s 100 m @ 2 N/A Outdated Not FHSS, Mbit/s available PSK any more 2,4 GHz 802.11b CSMA/CA, 11/5 Mbit/s 60 m @ 11 WEP Most used De Facto DSSS, Mbit/s 40 bit/128 CKK bit 2,4 GHz 802.11g CSMA/CA, 22/11 Mbit/s 60 m @ 11 WEP Ready in Not OFDM tai Mbit/s 40 bit/128 2002? available yet DSSS bit 2,4 GHz HomeRF TDMA/CS 1,6/0,5 Mbit/s 50 m @ 1,6 Blowfish Standard No products MA/CD,FH Mbit/s ready available- SS residential 2,4 GHz HomeRF 2 WBFH 10 / 5 Mbit/s 50m @ 10 Open Open Open Mbit/s

Standard organisations IEEE (802.11 standards) and ETSI (HIPERLAN/2)

Standards around PHY and MAC-layer

WiFi –sertification very important for interoperability

CSMA/CA = Carrier Sense Multiple Access / Collision Avoidance, DSSS=Direct Sequence Spread Spectrum, PSK = Phase Shift Keying, FHSS = Frequency Hopping Spread Spectrum, CKK = Complementary Code Keying, WBFH = Wide Band Frequency Hopping, WEP = Wired Equivalent Privacy

6 Wireless Access: System Performance

Gross bit rate 54 Mbps Wireless Local BRAN Multimedia

Hiperlan/2 Wireless Local 802.11a Area Coverage

11 Mbps 802.11b (11 Mbps) Personal Area Coverage/ Serial 5.5 Mbps 802.11b Cable Replacement (5.5 Mbps mode) 2 Mbps 802.11 Wide Area Coverage 1 Mbps HomeRF

500 kbps Blue- UMTS tooth 10 m 30 m 60 m 100 m 200 m > 400 m Indoors Source: Nokia 500 m 5 km Outdoors

7 Network architecture Roaming Internet

Channel 1 Channel 3 Channel 2

Channel 2 Channel 1

8 Why WLAN is not real “CDMA”

› In theory Direct Sequence Spread Spectrum (DSSS) can handle several simultaneous connections on one frequency

› BUT › In order not to infere other transmissions on the same frequency, the Chip-code used on the system should be at least 15 bit = 2 simultaneous system

› In 802.11 WLAN there is only 11 bits (optimisation of computational efficiency and costs)

=> Two systems on the same channel cause interference to each other => User experiences this interference as bit rate reduction / smaller coverage

9 Channels and interference Power EIRP 100 mW = 20 dBm in Europe 1000 mW = 30 dBm in USA 1 2 13 4 5 6 76 8 9 10 111112 13

13 channels @ 2 Mbit/s bit rate 2400 MHz 3 channels @ 2483,5 MHz 11 Mbit/s bit rate

• 2,4 GHz is widely in use • (ISM band = Industrial, Scientific, Medical) open for all if power limit is not exceeded • No guarantees of channel availability • Microwaves operate the same band, but their interference is quite small in reality • Most important sources of interference are other WLAN-networks, Bluetooth and Wireless Video transmission systems • Lack of channels is the most important problem => Only one network in one premises • There are different opinion on Bluetooth interference - but it still exisists

10 Access Point average indoor coverage IEEE 802.11b Standard DSSS

2 Mbit/s 90m radius

5.5 Mbit/s 50m radius

11 Mbps 30m radius

Antti Siitonen, 2002 Outdoor Coverage

90 degrees Channel 8 Max distance 1 km

90 degrees Channel 12 90 degrees Max distance 1 km Channel 4 Max distance 1 km

25 degrees 90 degrees • 50 meters / 23 m Channel 1 • 200 meters / 93 m Max distance 1 km • 500 meters / 233 m

12 Link budget

Downlink Expected multpath fading 3 % 99,76 dB TX RF power 15 dBm Pigtail -0,4 dB In meters 948,35 meters LMR400 22,5 m -5,3 dB Lightning protector -0,4 dB Frequency 2,45E+09 Antenna 10 dBi Signal velocity 3E+08 EIRP 18,9 dBm Wavelength 0,122449 RX Antenna 2,45 dBi 250 cm cable -0,5 dB Sensitivity 82 dBm Treshold -84 dBm

More critical - Delay spread treshold 65 ns @ 11 Mbit/s 500 ns @ 1 Mbit/s

13 Limitations

›Best effort resource management (CSMA/CA)

› No QoS

› No guaranteed bit rates › 11 Mbit/s system provides only 5,5 Mbit/s Layer 3 bit rate and is half duplex › Channel limitation - only 3 orthogonal channels › Several networks on the same spot cause interference › Small power - short connections › Practically Line of Sight › Commercial equipment mainly for indoor use

14 Terminals › Laptop PCs »PCMCIA-cards primary » IBM, HP, DELL and Toshiba offer also built in WLAN in some laptop models » Trend: WLAN will be standard property of Laptop › PDA:s » So far PCMCIA-cards + adapter » Examples: Compaq iPAQ ja HP Jornada » Trend: WLAN will integrate with PDA » Challenges in battery life time › Hybrids »WLAN+GPRS, WLAN+UMTS, WLAN+Bluetooth

15 Security: WLAN Physical Layer

›Licence free frequency band › Uncontrolled usage of frequency allows anyone to use the spectrum › DENIAL OF SERVICE ATTACKS » Difficult (impossible) to prevent ›Spread Spectrum technology › Direct Sequence Spread Spectrum (most important) › Frequency Hopping Spread Spectrum (less used) › Basically complex methods, but › EAVESDROPPING IS POSSIBLE »Buy a WLAN-card! » Can be prevented on higher layers

16 WLAN DataLink Layer ›Medium Access Control › CSMA/CA › RTS/CTS possible ›Security › IEEE 802.11 provides two security methods » Authentication » Open System » All stations may request authentication » Authentication can be granted to any request or only those from defined stations » Shared Key » Authentication only for those stations that possess a secret encryption key » Encryption (optional) must be supported » Encryption » Wired Equivalent Privacy (WEP) RC-4

17 WEP Authentication & Encryption › Based on RC4 PRNG algorithm from RSA Data Security Inc. › Key length 40 - 128 bits › Was originally selected to meet following criteria » reasonably strong ..but still easy and light to implement » self-synchronizing ..Packet loss, mobility » computationally efficent ..Price-performance » exportable ..NSA in USA › Provides enough security to most purposes, BUT › Encrypts only data (no headers) › Has been proven to be weak [Walker, J. Unsafe at any key size; An analysis of the WEP encapsulation, IEEE 802.11-00/362, October 2000] › Easy to insert extra packets in to the network › Attacks may be done by passive eavesdropping - software available in Internet › Manual key management » Difficult (Impossible) on public network » WEAK SECURITY - NONE AT PUBLIC NETWORK

18 WLAN Security in general

› Standard security solution is weak and implementation has disadvantages › Must be taken into consideration when planning high security solutions › Can not be used in public networks

› WEP encryption doesn’t solve higher layer security needs › Authentication for users and terminals › Session encryption, integrity and origin › Ipsec and application layer solutions are recommended

19 Unlicenced spectrum standards

Infrared 2,4 GHz Higher bit rates IRdA Bluetooth 1.1 Bluetooth 2 New profiles New radio 128kbit/s-10 Mbit/s 700 kbit/s 3-10 Mbit/s WPANs

HomeRF HomeRF No support Wideband 1,6 Mbit/s 8 Mbit/s

2,4 GHz Higher bit rate, security, IEEE 802.11b 802.11g,I,e QoS 5 GHz (Dynamic Frequency Selection, 11 Mbit/s 36 Mbit/s Transmit Power Control) WLANs Most probable IEEE 802.11a IEEE 802.11h evolution 5 GHz Harmonized Hiperlan 1 Hiperlan 2 5GHz ? 23 Mbit/s 54 Mbit/s 1998 2000 2001 2002 2003

20 WLAN-standards

20 01 20 02 20 03 20 04 1Q 2Q 3Q 4Q 1Q 2Q 3Q 4Q 1Q 2Q 3Q 4Q 1Q 2Q

IEEE 802.11B

Techology IEEE 802.11G IEEE 802.11I,E Hiperlan 2 Europe USA IEEE 802.11A Europe USA Integrated WLAN/GPRS?? Integrated WLAN/UMTS??

Evaluation Building Pilot use <1% Commercial use

21 802.11 vs. HiperLAN/2

Property 802.11 802.11b 802.11a HiperLAN/2 Frequency 2.4 GHz 2.4 GHz 5 GHz 5 GHz ~Max Layer 1 2 Mbit/s 11 Mbit/s 54 Mbit/s 54 Mbit/s bit rate ~Max Layer 3 1.2 Mbit/s 5 Mbit/s 32 Mbit/s 32 Mbit/s bit rate Resource Best effort– Best effort – Best effort – Centralized management CSMA/CA CSMA/CA CSMA/CA management / TDMA/TDD Connection Connectionless Connectionless Connectionless Connectionless QoS Poor Poor Poor Adequate Encryption Poor RC4 Poor RC4 So far poor RC4 Good DES, 3DES Radio Link Poor Poor So far poor Good Quality control Wired Ethernet Ethernet Ethernet Ethernet, IP, connection ATM, UMTS, FireWire, PPP

22 WLAN & UMTS

› For GSM/GPRS/ÙMTS-operator WLAN is an opportunity to offer local high bit rate wireless data connections as an extention to basic mobile services › Interesting issues are roaming between technologies, user authentiaction and customer relationship management and billing

› If hybrid terminals enter the market this scenario seems even more interesting

› Mobile IP, IPsec and IPv6 seem to be very interesting solutions for this kind of usage scenarios

23 Roaming - current situation

› WLAN networks mainly corporate private networks › No roaming agreements › For security reasons corporates will not open their networks › By itself WLAN offers only local mobility › In public netoworks there is always the “network name” challenge › Often there is also separate access control for billing purposes › Technology interoperability has improven a lot

24 ISP roaming

› There are some RADIUS-based roaming implementations for traditional Dialup-ISP-operators › Clearing-houses iPASS and GRIC-communications › Value: Local access services › Could be utilized also in WLAN-implementations › Primary option for ISP › Challenge: Popularity › Only partial solution

25 GSM-based roaming

› In GSM there are several roaming agreements made and the system has proved to be working

› Using GSM technology for authentication, roaming and billing does’t solve all challenges and actually introduces some new

› If GSM technology is in use there is a need for external gateway solution between WLAN and GSM › Solutions are available on the market, but they still need some integration work before commercial launches

26 MobileIP

Mobile Node › Macro mobility

Soft Hand-off

BTS

BTS

BTS

SD E N T ER P RI S E Su n 40 00

W

UL TRASPARC DRIVEN

W BSC Hard Hand-off FA

W

BTS

BTS

SD EN T ER P RI S E Su n 40 0 0

W

UL TRASPARC DRIVEN BTS W

W

SD E N TE R P RI S E Sun 40 00

W

UL TRASPARC DRIVEN Parent FA W

W BSC FA

27 WLAN Business Models

› Corporate Market › Equipment and solutions sales › Solution as service (Operations and maintenance) › Operated access network for public use › Flat rate › Time based or volume based billing › Prepaid - voucher type › WLAN as home network extension › WLAN access as mobile extension

28 Future Network? Operator services: Signalling gateway, HLR, CAMEL, Mobile IP Home Agent WAP, SIP Proxy, DNS, WWW, E-mail, etc.. PSTN N*64 kbps

GSM

Media Gateway

Operator IPv6 Internet IP backbone - Real time QoS - Multicast - Accounting GPRS - Security - Mobility Digital TV

UMTS Local mobility domain One Terminal - several interfaces HIPERLAN/2

WLAN

29 A Future Usage Scenario

Download Check and MP3 music download files e-mail UMTS messages

WLAN UMTS

Send a picture message WLAN

UMTS Place a WLAN phone call GSM/GPRS

Start

30 Summary

› For corporate use WLAN offers already high bit rate IP connections with local mobility › Security issues must be taken into consideration - IP-VPN is recommended › WLAN fits best in controlled environment › Interference and capacity issues can be handled if the environment is restricted › For mobile operator WLAN could offer complementary service to exisisting mobile services if mobile WLAN terminals emerge › Billing › Authentication & Customer Relationship Management › Roaming

31