Table 5.33: 802.11 PEAP encrypted response identityDestination Address Source Address encrypted EAP Type encrypted Identity encrypted Client Address AP Address Response Application Dat
Trang 1Table 5.33: 802.11 PEAP encrypted response identity
Destination
Address
Source Address
(encrypted)
EAP Type
(encrypted)
Identity
(encrypted)
Client Address AP Address Response Application
Data
Response Identity LOCATION\
user
Table 5.34: 802.11 PEAP encrypted MSCHAPv2 challenge
Destination
Address
Source Address
EAP Code
TLS Type
EAP Code
(encrypted)
EAP Type
(encrypted)
CHAP Code
(encrypted)
Challenge
(encrypted)
Client
Address
AP Address Request Application
Data Request MSCHAPv2 Challenge
random
Table 5.35: 802.11 PEAP encrypted MSCHAPv2 response
Destination
Address
Source Address
EAP Code
Code
(encrypted)
CHAP Code
(encrypted)
Peer Challenge
(encrypted)
Response
(encrypted)
AP Address Client
Address Response Application
Data Response Response
random NT response
The first step of MSCHAPv2 is for the server to request the identity of the client
The next step is for the client to respond, in an encrypted form, with the real identity of the user (Table 5.33) If the previous, outer response had been something arbitrary, the server will find out about the real username this way
The server then responds with a challenge (Table 5.34) The challenge is a 16-byte random string, which the client will use to prove its identity
The client responds to the challenge First, it provides a 16-byte random challenge of its own This is used, along with the server challenge, the username, and the password, to provide an NT response (Table 5.35)
Assuming the password matches, the server will respond with an MSCHAPv2 Success message (Table 5.36) The success message includes some text messages which are intended
to be user printable, but really are not
The client now responds with a success message of its own (Table 5.37)
The server sends out an EAP TLV message now, still encrypted, indicating success (Table 5.38) The exchange exists to allow extensions to PEAP to be exchanged in the encrypted
Trang 2tunnel (such as a concept called cryptobinding, but we will not explore the concept further
here)
Table 5.36: 802.11 PEAP encrypted MSCHAPv2 server success
Destination
Address
Source
Address
EAP Code
TLS Type
EAP Code
(encrypted)
CHAP Code
(encrypted)
Authenticator Message
(encrypted)
Success Message
(encrypted)
Client
Address
AP Address Request Application
Data
Request Success
Table 5.37: 802.11 PEAP encrypted MSCHAPv2 client success
Destination
Address
Source Address
(encrypted)
CHAP Code
(encrypted)
AP Address Client Address Response Application
Data
Response Success
Table 5.38: 802.11 PEAP encrypted MSCHAPv2 server TLV
Destination
Address
Source Address
(encrypted)
TLV Result
(encrypted)
Client Address AP Address Request Application
Table 5.39: 802.11 PEAP encrypted MSCHAPv2 server TLV
Destination
Address
Source Address
(encrypted)
TLV Result
(encrypted)
AP Address Client Address Response Application
Data
The client sends out an EAP TLV message of its own, finishing up the operation within the tunnel (Table 5.39)
Now, the server sends the RADIUS Accept message to the authenticator This message
includes the RADIUS master key, derived from the premaster key that the client chose This key is sent to the authenticator, where it becomes the PMK for WPA2 or the input to the PMK-R0 for 802.11r The authenticator then generates an EAP Success message (Table
5.40), which is sent over the air to the client
The sheer number of packets exchanged in this 802.1X step is what leads to the need for key caching for mobile clients in Wi-Fi, described in Section 6.2.4, and also eliminates the need to perform the 802.1X negotiation except on the first login of the client
Trang 3Table 5.41: 802.11 Four-way handshake message one
Destination
Address
Source Address
EAPOL Type
Client
Address
AP Address
(WPA2)
Beacon
Table 5.42: 802.11 Four-way handshake message two
Destination
Address
Source Address
EAPOL Type
AP Address Client
Address
Association
Table 5.43: 802.11 Four-way handshake message three
Destination
Address
Source Address
EAPOL Type
Client
Address
MIC
Table 5.40: 802.11 EAP success
Step 3: Perform the Four-Way Handshake
Both the authenticator and the client have the PMK The four-way handshake derives the PTK The first message (Table 5.41) sends the authenticator’s nonce, and a copy of the access point’s RSN information
The client generates the PTK, and sends the next message (Table 5.42), with its nonce and a copy of the client’s RSN information, along with a MIC signature
The third message, also with a MIC, delivers the GTK that the authenticator is currently using for the BSS, encrypted (Table 5.43)
Finally, the client responds with the fourth message (Table 5.44), which confirms the key installation
Finally, the client is associated to the access point, and both sides are encrypting and
decrypting traffic using the keys that came out of the 802.1X and WPA2 process
Trang 4Appendix to Chapter 5 Wi-Fi
5A.1 Introduction
I have often been asked about the “whys” of Wi-Fi: why the 802.11 standard was designed the way it was, or why certain problems are still unsolved—even the ones people don’t like
to talk about—or how can a certain technique be possible Throughout this book, I have
tried to include as much information as I think would be enlightening to the reader,
including insights that are not so easy to come across Nevertheless, there is a lot of
information that is out there, that may help satisfy your curiosity and help explain some of the deeper whys, but might not be necessary for understanding wireless networking How does MIMO work? Why is one security mode that much better than the other? This book tries to answer those questions, and this appendix includes much of the reasoning for those answers
This appendix is designed for readers who are interested in going beyond, but might not
feel the need to see the exact details Thus, although this discussion will use mathematics and necessary formulas to uncover the point, care was not taken to ensure that one can
calculate with what is presented here, and the discussion will gloss over fundamental points that don’t immediately lead to a better understanding I hope this appendix will provide you
with a clearer picture of the reasons behind the network.
5A.2 What Do Modulations Look Like?
Let’s take a look at the mathematical description of the carrier The carrier is a waveform, a function over time, where the value of the function is the positive or negative
The basic carrier is a sine wave:
f t( )=sin 2π( f tc ) (1)
where fc is the carrier’s center frequency, t is time, and the amplitude of the signal is 1
Sine waves, the basic function from trigonometry, oscillate every 360 degrees—or 2π
radians, being an easier measure of angles than degrees—and are used as carriers
because they are the natural mathematical function that fits into pretty much all of the
Table 5.44: 802.11 Four-way handshake message four
Destination
Address
Source Address
EAPOL Type
Trang 5physical and mathematical equations for oscillations The reason is that the derivative
of a sinusoid—a sine function with some phase offset—is another sinusoid
( d
dtsin( )t =cos( )t =sin(t−π 2 ) This makes sine waves the simplest way most natural ) oscillations occur For example, a weight on a spring that bounces will bounce as a sine wave, and a taught rope that is rippled will ripple as a sine wave In fact, frequencies for waves are defined specifically for a sine wave, and for that reason, sine waves are
considered to be pure tones All other types of oscillations are represented as the sum of
multiple sine waves of different frequencies: a Fourier transform gets the mathematical
function representing the actual oscillation into the frequencies that make it up Pictures of signals plotted as power over frequency, such as envelopes, are showing the frequency, rather than time, representation of the signal (Envelopes, specifically, show the maximum allowable power at each frequency.)
Modulations affect the carrier by adjusting its phase, its frequency, its amplitude (strength),
or a combination of the three:
f t( )=A t( )sin 2π[ (f c+ f t t( )) +φ( )t ] (2)
with amplitude modulation A(t), frequency modulation f(t), and phase modulation φ(t) The
pure tone, or unmodulated sine wave, starts off with a bandwidth of 0, and widens with the modulations A rule of thumb is that the bandwidth widens to twice the frequency that the underlying signal changes at: a 1MHz modulation widens the carrier out to be usually at least 2MHz in bandwidth Clearly, the bandwidth can be even wider, and is usually intentionally
so, because spreading out the signal in its band can make it more impervious to narrow bandwidth noise (spread spectrum) The frequency of the carrier is chosen so that it falls in the right frequency band, and so that its bandwidth also falls in that band, which means that the center frequency will be much higher than the frequency of the modulating signal
AM modulates the amplitude, and ΦM modulates the phase Together (dropping FM, which complicates the equations and is not used in 802.11), the modulated signal becomes
f t( )= A t( )sin 2π[ f t c +φ( )t ] (3)
In this case, the modulation can be plotted on a polar graph, because polar coordinates
measure both angles and lengths, and A(t) becomes the length (the distance from the origin),
and φ(t) becomes the angle
Complex numbers, made of two real numbers a and b as a + bi, where i is the square root
of −1, happen to represent lengths and angles perfectly for the mathematics of waves, as a
is the value along the x axis and b is the length along the y axis In their polar form, a
complex number looks like
Trang 6A(cosφ+isinφ)=Ae iφ (4)
where e n is the exponential of n The advantage of the complex representation is that one
amplitude and phase modulation can be represented together as one complex number, rather
than two real numbers Let’s call the modulation s(t), because that amplitude and phase
modulation will be what we refer to as our signal
Even better, however, is that the sine wave itself can be represented by a complex function that is also an exponent The complex version of a carrier can be represented most simply
by the following equation
meaning that f(t) is the real portion (the a in a + bi) of the exponential function This
function is actually equal to the cosine, which is the sine offset by 90 degrees, but a
constant phase difference does not matter for signals, and so we will ignore it here Also for convenience, we will drop the Re and think of all signals as complex numbers,
remembering that transmitters will only transmit power levels measured by real numbers Because the signal is an exponential, and the modulation is also an exponential, the
mathematics for modulating the signal becomes simple multiplication Multiplying the
carrier in (5) by the modulation in (4) produces
f t( )=s t e( ) 2 πif t c =Ae e iφ 2 πif t c =Ae2 πif t i c+ φ=Ae i( 2 πf t c+ φ ) (6)
where the amplitude modulation A and the phase modulation φ adds to the angle, as needed
(Compare to equation (3) to see that the part in parentheses in the last exponent matches.) All of this basically lets us know that we can think of the modulations applied to a carrier independently of the carrier, and that those modulations can be both amplitude and phase This is why we can think of phase-shift keying and QAM, with the constellations, without
caring about the carrier The modulations are known as the baseband signal, and this is why
the device which converts the data bits into an encoded signal of the appropriate flavor
(such as 802.11b 11Mbps) is called the baseband
Even better, because the carrier is just multiplied onto the modulations, we can disregard the carrier’s presence throughout the entire process of transmitting and receiving So, this is
the last we’ll see of f(t), and will instead turn our intention to the modulating signal s(t).
The complex modulation function s(t) can be thought of as a discrete series of individual modulations, known as symbols, where each symbol maps to some number of bits of digital
data The complex value of the symbol at a given time is read off of the constellation chart,
Trang 7based on the values of the bits to be encoded Each symbol is applied to the carrier (by multiplication), and then held for a specified amount of time, much longer than the
oscillations of the carrier, to allow the receiver to have a chance to determine what the change of the carrier was After that time, the next modulation symbol is used to modulate the underlying carrier, and so on, until the entire stream of symbols are sent Because it is
convenient to view each symbol one at a time as a sequence, we’ll use s(0), s(1), s(2), …
s (n), and so on, to represent symbols as a sequence, where n is a natural number referring to
the correct symbol in the sequence
5A.3 What Does the Channel Look Like?
When the transmitter transmits the modulated signal from equation (6), the signal
bounces around through the environment and gets modified When it reaches the
receiver, a completely different signal (represented by a different function) is received The hope is that the received signal can be used to recover the original stream of
modulations s(t).
Let’s look at the effects of the channel more closely The transmitted signal is a radio wave, and that wave bounces around and through all sorts of different objects on its way to the receiver Every time the signal hits an object, three things can happen to it It will be
attenuated—its function can be multiplied by a number A less than 1 Its phase will be changed—its function can be multiplied by eiφ with φ being the angle of phase change, which happens on reflections And, after all of the bouncing, the signal will be delayed Every different reflection of the signal takes a different path, and all of these paths come together on the receiver as a sum
We can recognize the phase and attenuation of a signal as the Aeiφ from equation (4), because a modulation is a modulation, whether the channel does it or transmitter Thus, we will look at the effects of modulating, the channel, and demodulating together as one action,
which we will still call the channel Every reflection of the signal has its own set of A and
φ Now let’s look at time delay To capture the time delay of each reflection precisely, we
can create a new complex-valued function h(t), where we record, at each t, the sum of the
As and φs for each reflection that is delayed t seconds by the time it hits the receiver If
there is no reflection that is delayed at t, then h(t) = 0 at that point The function h(t) is known as the impulse response of the channel, and is generally thought of to contain every
important aspect of the channel’s effect on the signal Let’s give one trivial example of an
h(t), by building one up from scratch Picture a transmitter and a receiver, with nothing else
in the entire universe The transmitter is 100 meters from the receiver Because the speed of light is 299,792,458 meters per second, the delay the signal will take as it goes from the transmitter to the receiver is 100/299,792,458 = approximately 333 nanoseconds Our h(t)
starts off as all zero, but at h(t = 333ns), we do have a signal The phase is not changed, so
Trang 8the value of h at that point will just be the attenuation A, which, for the distance, assuming
a 2.4GHz signal and other reasonable properties, is −80dBm It’s easy to see how other
reflections of the signal can be added The received signal, y(t), is equal to the value of
h(τ) multiplied by (modulating) the original signal s(t), summed across all τ (as the
different reflections add, just as water waves do) This sum is an integral, and so we can
express this as
y t( )=∫h( )τ s t( −τ τ)d =h( )∗τ s t( ) (7)
where * is the convolution operator, which is just a fancy term for doing the integral before
it
Radio designers need to know about what properties the channel can be assumed to have in order to make the math work out simply—and, as is the nature of engineering—these
simplifying assumptions are not entirely correct, but are correct enough to make devices
that work, and are a field of study into itself A basic book in signal theory will go over
those details However, we can simply this entire discussion down to two simple necessary points:
1 A delay of a slowly modulated but quickly oscillating sine wave looks like a phase offset of the original signal
2 Noise happens, and we can assume a lot about that noise
Phase offsets are simple multiplications, rather than complex integrals, so that will let us replace equation (7) with
where h is now a constant (not a function of time) equal to the sums of all of the
attenuations and phase changes of the different paths the signal takes, and n is the thermal
noise in the environment (Assumption 1 is fairly severe, as it turns out, but it is good
enough for this discussion, and we needed to get rid of the integral By forcing all of the
important parts of h(t) to happen at h(t = 0), then the convolution becomes just the
multiplication For the interested, the assumption is known as assuming flat fading, because removing the ability for h to vary with time removes the ability for it to vary with
frequency as well Flat, therefore, refers to the look of h on a frequency plot.)
The receiver gets this y(t), and needs to do two things: subtract out the noise, and undo the effects of the channel by figuring out what h is n is fairly obvious, because it is noise,
which tends to look statistically the same everywhere except for its intensity Now, let’s get
h If the receiver knows what the first part of s(t) is supposed to look like—the preamble,
Trang 9say—then, as long as h doesn’t change across the entire transmission, then the receiver can divide off h and recover all of s(t), which we will call r(t) here for the received signal:
h
hs t
That’s reception, in a nutshell
(Those readers with an understanding of signal theory may find that I left out almost the entire foundation for this to work, including a fair amount of absolutely necessary math to get the equations to figure through [the list is almost too long to present] However,
hopefully all readers will appreciate that some of the mystery behind wireless radios has been lifted.)
5A.4 How Can MIMO Work?
If radios originally seemed mysterious, then MIMO could truly seem magical But
understanding MIMO is nowhere out of reach In reality, MIMO is just a clever use of linear algebra to solve equations, such as equation (8), for multiple radios simultaneously
In a MIMO system, there are N antennas, so equation (7) has to be done for each antenna:
y t i( )=h s t i i( )+ , with on for each antenna n i i (9) written as vectors and matrices
with one dimension for each antenna H now is a matrix, whose diagonal serves the original
purpose of h for each antenna as if it were alone But one antenna can hear from all of the
other antennas, not just one, and that makes H into a matrix, with off-diagonal elements that
mix the signals from different antennas For the sake of it, let’s write out the two-antenna case:
y t
y t
h h
h h
s t
s t
n n
1 2
1 2
1 2
( ) ( )
( )=
( )
( )
or, multiplied out,
( )= ( )+ ( )+
Trang 10Each receive antenna gets a different (linear!) combination of the signals for each of the
transmitting antennas, plus its own noise
The receiver’s trick is to undo this mixing and solve for s1 and s2 H, being a matrix, cannot
be divided, as could be done with the scalar h in (8) However, the intermixing of the
antennas can be undone, if they can be determined, and if the intermixing is independent from antenna to antenna That’s because equations (10–12) are a system of linear equations,
and if we start off with a known s(t), we can recover the hs If we start the sequence off
with a few symbols, such as s1(0) and s2(0), that are known—say, a preamble—then the
receiver, knowing y, n, and s(0), can try to find the values H = (h11 h12, h22, h22) that make
the equations work Once H is known, the data symbols s(t) can come in, and those are now
two unknowns across two equations We can’t divide by H, but in the world of matrices, we invert it, which will get us the same effect H is an invertible matrix if each of the rows is
linearly independent of the others (Not having linearly independent rows produces the
matrix version of dividing by zero: more sense can be made of such a thing with matrices just because they have more information, but still, there remains an infinite number of
solutions, and that won’t be useful for retrieving a signal.)
So, the analog of equation (8) is
r H y n= − 1( − )=H Hs− 1( )=s (13)
That’s the intuition behind MIMO Of course, no one builds receivers this way, because
they turn out to be overly simplistic and not to be very good (It sort of reminds me of the old crystal no-power AM radio kits They showed the concept well, but no one would sell one on the basis of their quality.)
The process of determining H is the important part of MIMO.
One other point You may have noticed that, in reality, any measured H is going to be
linearly independent, just because the probability of measuring one row to be an exact
linear combination of any of the others is practically small (The determinant of H would
have to exactly equal 0 for it to not be invertible.) However, this observation doesn’t help,
because H has to be more than just invertible Its rows have to be “independent” enough to
allow the numbers to separate out leaving strong signals behind There is a way of defining that
The key is that HHH, the channel matrix multiplied by its conjugate transpose (this product originates from information theory, as shown in the next section), reveals information about how much information can be packed into the channel—basically, how good the SNR will
be for each of the spatial streams The reason is that the spatial streams do, in fact, interfere with each other When the channel conditions are just right, mathematically, then the