Lecture Notes Thursday Sue B. Moon

From Last Class on AODV Waiting time for a response on a RREQ? –If a route is not received within NET_TRAVERSAL_TIME ms, then a node may broadcast another RREQ, up to a maximum of RREQ_RETRIES –Use exponential backoff for next waiting time: 2 * NET_TRAVERSAL_TIME, 4 *..., 8 *... –A node should not originate more than RREQ_RATELIMIT RREQ messages per second –Refer to RFC3561 for further details How scalable is the protocol? –Modifications made for scalability: expanding ring search, query localization, local repair –S-J Lee et al., “ Scalability Study of the Ad Hoc On-Demand Distance Vector Routing Protocol, ” Int ’ l Journal on Network Management, Mar- Apr

MAC Frame Format Types –control frames, management frames, data frames Sequence numbers –important against duplicated frames due to lost ACKs Addresses –receiver, transmitter (physical), BSS identifier, sender (logical) Miscellaneous –sending time, checksum, frame control, data Frame Control Duration/ ID Address 1 Address 2 Address 3 Sequence Control Address 4 DataCRC bytes Protocol version TypeSubtype To DS More Frag Retry Power Mgmt More Data WEP 2241 From DS 1 Order bits111111

MAC Frame Type/Subtype Management (00) –Association/reassociation/probe request/response –Beacon, ATIM –Disassocation, authentication/deauthentication Control (01) –Power Save (PS) –poll –RTS/CTS –ACK, CF-End, CF-End+CF-Ack Data (11) –Data, Data+CF-Ack, Data+CF-Poll, Data+CF-Ack+CF-Poll –CF-Ack, CF-Poll, CF-Ack + CF-Poll

Beacon Frame Body Timestamp Beacon interval Capability information SSID Supported rates FH Parameter set DS Parameter set CF Parameter set: CFPCount/Period/MaxDur... IBSS Parameter set TIM –DTIM count, DTIM period, Bitmap control, Partial virtual bitmap

Power saving with wake-up patterns (infrastructure) TIM interval t medium access point busy D TTD T TIM D DTIM DTIM interval BB B broadcast/multicast station awake p PS poll p d d d data transmission to/from the station

Power-Saving with PCF/DCF Superframe = CFP (PCF) + CP (DCF)

Power saving with wake-up patterns (ad-hoc) awake A transmit ATIM D transmit data t station 1 B1B1 B1B1 B beacon frame station 2 B2B2 B2B2 random delay A a D d ATIM window beacon interval a acknowledge ATIM d acknowledge data

IEEE security War-driving: drive around Bay area, see what networks available? –More than 9000 accessible from public roadways –85% use no encryption/authentication –packet-sniffing and various attacks easy! Securing –encryption, authentication –first attempt at security: Wired Equivalent Privacy (WEP): a failure –current attempt: i

Wired Equivalent Privacy (WEP): authentication as in protocol ap4.0 –host requests authentication from access point –access point sends 128 bit nonce –host encrypts nonce using shared symmetric key –access point decrypts nonce, authenticates host no key distribution mechanism authentication: knowing the shared key is enough

WEP data encryption Host/AP share 40 bit symmetric key (semi-permanent) Host appends 24-bit initialization vector (IV) to create 64-bit key 64 bit key used to generate stream of keys, k i IV k i IV used to encrypt ith byte, d i, in frame: c i = d i XOR k i IV IV and encrypted bytes, c i sent in frame

WEP encryption Sender-side WEP encryption

Breaking WEP encryption Security hole: 24-bit IV, one IV per frame, -> IV ’ s eventually reused IV transmitted in plaintext -> IV reuse detected Attack: –Trudy causes Alice to encrypt known plaintext d 1 d 2 d 3 d 4 … –Trudy sees: c i = d i XOR k i IV –Trudy knows c i d i, so can compute k i IV –Trudy knows encrypting key sequence k 1 IV k 2 IV k 3 IV … –Next time IV is used, Trudy can decrypt!

802.11i: improved security numerous (stronger) forms of encryption possible provides key distribution uses authentication server separate from access point

AP: access point AS: Authentication server wired network STA: client station 1 Discovery of security capabilities 3 STA and AS mutually authenticate, together generate Master Key (MK). AP servers as “pass through” 2 3 STA derives Pairwise Master Key (PMK) AS derives same PMK, sends to AP 4 STA, AP use PMK to derive Temporal Key (TK) used for message encryption, integrity i: four phases of operation

wired network EAP TLS EAP EAP over LAN (EAPoL) IEEE RADIUS UDP/IP EAP: extensible authentication protocol EAP: end-end client (mobile) to authentication server protocol EAP sent over separate “ links ” –mobile-to-AP (EAP over LAN) –AP to authentication server (RADIUS over UDP)

Network Security (summary) Basic techniques …... –cryptography (symmetric and public) –authentication –message integrity –key distribution …. used in many different security scenarios –secure –secure transport (SSL) –IP sec –802.11

Acknolwedgements Slides on WEP and security from: –Kurose and Ross’s book distribution