Wireless Standards and Technologies

IEEE 802.11 standards

• The Institute for Electrical and Electronic Engineers (IEEE) has created many standards within the computing and Information Technology (IT) industry over the past years. 

• One very popular standard known by professionals within the field of networking and security is the IEEE 802.11 standard which outlines how wireless communication operates on both the 2.4 GHz and 5 GHz frequencies. 

Frequencies and range

• A frequency of 20 MHz is like a small water line, if we increased the size of the water line to 40 MHz, there would be an increased in the capacity of water supported by the line. 

• In the 802.11 standard, an access point can use either a single 20 MHz frequency for transmitting data or can combine multiple 20 MHz frequencies to achieve a higher data rate.

2.4 GHz

•  The IEEE 802.11 has outlined the use of the 20 MHz frequency with the 2.4 GHz range. 

• Within the 2.4 GHz range, there are multiple channels, each operates on a 20 MHz frequency ranging from 2412 MHz to 2482 MHz. 

• There are a total of 11 channels, which are channels 1 – 11. 

• Since each channel is close by, the recommended channels that should use are channels 1, 6 and 11. These three channels does not overlap with each other and therefore does not cause any interference.

5.0 GHz

•  Unlike the 2.4 GHz band which uses a frequency size of 20 MHz, the 5 GHz band uses channel size of 20 MHz, 40 MHz, 80 MHz and 160 MHz by using channel bonding.

• This allows the more recent 802.11 standard to transport a much higher capacity of data over its channels, allowing data rates of up to 7 Gbps when using the 802.11ac standard.

MIMO/MU-MIMO 

• When multiple antennas are used for sending from one device, and multiple antennas are used for receiving the data on a receiving device, this is known as Multiple In Multiple Out (MIMO).

• When using IEEE 802.11n, wireless devices are able to use Single User – Multiple Input Multiple Output (SU-MIMO) with both 20 MHz and 40 MHz width channels to support better throughout of data between one wireless device to another.

• The IEEE 802.11ac standard allows wireless devices to use either SU-MIMO or Multi-User Multiple Input Multiple Out (MU-MIMO) with larger channel widths such as 80 MHz, 80 MHz + 80 MHz and 160 MHz on the 5 GHz to support greater throughput of data as compared to the its predecessor.

Carrier Sense Multiple Access / Collision Avoidance (CSMA/CA)

• CSMA/CA defines how a network will respond when two or more devices are attempting to communicating simultaneously on a wireless network, IEEE 802.11. 

• Before a device sends a message to the Access Point (AP) or wireless router, it sends a request to the AP asking if the channel is free to use. 

• If the channel is free, the AP will reply and the client will be able to send the message across the wireless network.

• With IEEE 802.11AX (Wi-Fi 6), newer Access Points (APs) has overcome this challenge.

 Service Set Identifier (SSID)

• Whenever you buy a new access point (AP) or wireless router, the default Service Set Identifier (SSID) is usually that of the manufacturer. 

• For example, the default SSID (wireless network name) for a new Linksys access point would contain the name “Linksys” as its SSID. 

• Many manufacturers does this to help the user to quickly identify their wireless network when setting up a new access point. 

• However, many persons and organizations sometimes uses the default SSID. 

• Leaving the default SSID can be a security concern. 

• Let’s say, you brought a new Linksys access point for your home or organization, during the setup process you decide to leave the default configurations for the device SSID. 

Basic service set (BSS)

• In a BSS, a wireless router or Access Point (AP) is used as a network intermediary device to allow clients to exchange messages.

• Usually a single wireless router or AP is used within a BSS.

Extended service set (ESS)

• In a ESS, there are multiple wireless routers or Access Points (APs) connected to the same local area network.

• This type of wireless setup allows a user to roam between different wireless routers / APs while working within a local area network.

Independent basic service set (Ad-hoc)

• In an Ad-Hoc network, there are no wireless routers or Access Points (APs) being used.

• An end device such as a laptop can create a wireless hotspot which allows other wireless devices to connect and share resources.

Antenna types

Omni

• An omni directional antenna does not focus the signal in a specific direction.

Directional

• A directional antenna is designed to focus it's signal in a specific direction.

• Provides greater distance on signal reach-ability.

Encryption standards

Wired Equivalent Privacy (WEP)

• Weak encryption.

• Uses small Initialization Vector (IV) which is static and does not change.

• Uses 64-bit and 128-bit keys sizes.

• Uses the RC4 stream cipher for data encryption.

• Provides a 24-bit Cyclic Redundancy Checksum (CRC) for integrity checking.

Wi-Fi Protected Access (WPA)

• WPA is the replacement for the vulnerable WEP wireless security standard.

• WPA uses the RC4 cipher with the Temporal Key Integrity Protocol (TKIP) for data encryption.

• WPA also uses a 128-bit key for data encryption.

Temporal Key Integrity Protocol (TKIP)

• Uses a secret key with the Initialization Vector (IV).

• Encrypts each packet with a unique key.

• Provides a 48-bit Checksum.

• A benefit of using TKIP is the protocol inserts a sequence counter on each message to prevent a hacker from performing a replay attack on the wireless network.

Wi-Fi Protected Access 2 (WPA2)

• Currently used on most wireless networks today.

• Uses the Advanced Encryption Standard (AES) algorithm for data encryption.

• WPA2 also uses the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP).

CCMP

• Implemented in AES for data encryption.

• Uses a 128-bit key for encryption of 128-bit blocks of data.

Wi-Fi Protected Access 3 (WPA3)

• Provides strong data security on wireless networks.

• Uses Simultaneous Authentication of Equals (SAE).

• SAE-Personal - Uses 128-bit key.

• SAE-Enterprise - Uses 192-bit key.

Authentication Methods

Pre-Shared Key (PSK)

• Allows you to configure a password or passphrase to access the wireless network

• With PSK, all authorized users will know and share the same key for the network.

Enterprise

• This options allows the wireless router or Access Point to act as an Authenticator to an Authentication Server.

• Each user credentials are stored on the Authentication Server.

• The Authentication Server can be either RADIUS or TACACS+.

Open Authentication

• No authentication

• No encryption

• Anyone can connect to the network

Wi-Fi Protected Setup (WPS)

• Eliminates the need for a passphrase on network.

• Provides an easy way to authenticate to a wireless network.

• Uses an 8 digit pin to access the network.

• Contains a known security vulnerability which allows an attack to retrieve the WPS Pin.

Captive portals

• This is a web portal which prompts the user to provide user credentials

• Commonly found at hotels, coffee shops, etc.

Cellular technologies

• Allows you to connect to a mobile service provider.

• The service provider can track the location of your mobile device.

• Your traffic on the cellular network may be monitored by the provider.

2G

• Introduced voice and text.

• Global System for Mobile Communications (GSM)

• Used both Enhanced Data rates for GSM Evolution (EDGE) and General Packet Radio Service (GPRS) for data services.

• Used both Code-division multiple access (CDMA) and Time-division multiple access (TDMA) as access methods.

3G

• Used High Speed Packet Access (HSPA) and HSPA+.

• Also used CDMA2000 technologies.

4G

• Used both Worldwide Interoperability for Microwave Access (WiMAX) and Long-Term Evolution (LTE).

5G

• Uses existing 4G technologies.

• Provider greater speeds.

• Has very low latency.