So in last post we learned the basic terminology,channels and frequencies of WLAN.
In this post we'll see about Beacon frames and authentication in WiFi.
There are two terms you should know about WiFi.
- ESSID- Name of connection
- BSSID- MAC of AP
There are three important packets types we need to care about
- Management packets:Used for connection management for ex association request,association response
- Data packets:There is no need to explain data packets .
- Control Packets: This packets are used for effective transmission of data for ex. CTS,RTS
We are here concerned here with Management frames:
- Authentication frame: 802.11 authentication is a process whereby the access point either accepts or rejects the identity of a radio NIC. The NIC begins the process by sending an authentication frame containing its identity to the access point. With open system authentication (the default), the radio NIC sends only one authentication frame, and the access point responds with an authentication frame as a response indicating acceptance (or rejection). With the optional shared key authentication, the radio NIC sends an initial authentication frame, and the access point responds with an authentication frame containing challenge text. The radio NIC must send an encrypted version of the challenge text (using its WEP key) in an authentication frame back to the access point. The access point ensures that the radio NIC has the correct WEP key (which is the basis for authentication) by seeing whether the challenge text recovered after decryption is the same that was sent previously. Based on the results of this comparison, the access point replies to the radio NIC with an authentication frame signifying the result of authentication.
- De-authentication frame: A station sends a de-authentication frame to another station if it wishes to terminate secure communications.
- Association request frame: 802.11 association enables the access point to allocate resources for and synchronize with a radio NIC. A NIC begins the association process by sending an association request to an access point. This frame carries information about the NIC (e.g., supported data rates) and the SSID of the network it wishes to associate with. After receiving the association request, the access point considers associating with the NIC, and (if accepted) reserves memory space and establishes an association ID for the NIC.
- Association response frame: An access point sends an association response frame containing an acceptance or rejection notice to the radio NIC requesting association. If the access point accepts the radio NIC, the frame includes information regarding the association, such as association ID and supported data rates. If the outcome of the association is positive, the radio NIC can utilize the access point to communicate with other NICs on the network and systems on the distribution (i.e., Ethernet) side of the access point.
- Disassociation frame: A station sends a disassociation frame to another station if it wishes to terminate the association. For example, a radio NIC that is shut down gracefully can send a disassociation frame to alert the access point that the NIC is powering off. The access point can then relinquish memory allocations and remove the radio NIC from the association table.
- Beacon frame: The access point periodically sends a beacon frame to announce its presence and relay information, such as time stamp, SSID, and other parameters regarding the access point to radio NICs that are within range. Radio NICs continually scan all 802.11 radio channels and listen to beacons as the basis for choosing which access point is best to associate with.
- Probe request frame: A station sends a probe request frame when it needs to obtain information from another station. For example, a radio NIC would send a probe request to determine which access points are within range.
- Probe response frame: A station will respond with a probe response frame, containing capability information, supported data rates, etc., when after it receives a probe request frame.
OK lets move on to actual process.The time you switch on your WiFi how does the card know if there's any network?
In WALAN environment with multiple AP's there are frames called Beacon frames.The beacon announces the network, not the individual access point. . If the network consists of just one access point, these are one and the same. Somewhat larger wireless networks will have more than one access point with the same SSID. The beacon offers insufficient information to differentiate between multiple AP's with the same SSID
I assume you have just one AP,still AP will use Beacon frames to broadcast presence of networks.
The client sends a null broadcast packet called 'Probe Request' to AP's in vicinity asking 'Send me connection you have'. Ap reply with Probe Response' client then send 'Authentication Request' to AP.AP respond with 'Authentication Success'
There are two types of Authentication
- Open Authentication
- Shared Key Authentication
We'll see about this in more details in separate post.After authentication,association phase start.Clent send 'Association Requested AP reply with 'Association Response'.
One important thing client store the SSID of networks in a list called PML to which it has connected in past.So whenever WiFi is turned on client send Probe Request for these SSID specifically.After these phases actual data communication starts.
feel free to post if any query.....
0 comments:
Post a Comment