This document discusses IEEE 802.11i wireless LAN security and wireless transport layer security (WTLS). It describes the authentication, access control, and privacy services provided by IEEE 802.11i. It also explains the five phases of operation: discovery, authentication, key generation and distribution, protected data transfer, and connection termination. Additionally, it outlines the features of WTLS, including data integrity, privacy, authentication, and denial-of-service protection. WTLS uses sessions and connections to securely transmit data between wireless devices and gateways.

1. Network Security
CIT 602
Lec 6
Dr. Ahmed Alwakeel
Assistant Professor
College of Computers and Information Technology
University of Tabuk
aalwakeel@ut.edu.sa

2. IEEE 802.11i WIRELESS LAN
SECURITY
In order to transmit over a wired LAN, a station must be
physically connected to the LAN.
On the other hand, with a wireless LAN, any station within radio
range of the other devices on the LAN can transmit.
In order to receive a transmission from a station that is part of a
wired LAN, the receiving station also must be attached to the
wired LAN.
On the other hand, with a wireless LAN, any station within radio
range can receive.
Dr. Anas Bushnag 2

3. IEEE 802.11i Services
Authentication: A protocol is used to define an exchange
between a user and an AS that provides mutual authentication
and generates temporary keys to be used between the client
and the AP over the wireless link.
Access control: This function enforces the use of the
authentication function, routes the messages properly, and
facilitates key exchange. It can work with a variety of
authentication protocols.
Dr. Anas Bushnag 3

4. IEEE 802.11i Services
Privacy with message integrity: MAC-level data (e.g., an
LLC) are encrypted along with a message integrity code that
ensures that the data have not been altered.
Dr. Anas Bushnag 4

5. IEEE 802.11i Phases of Operation
Dr. Anas Bushnag 5

6. IEEE 802.11i Phases of Operation
1. Two wireless stations in the same BSS communicating via the
access point (AP) for that BSS.
2. Two wireless stations (STAs) in the same ad hoc IBSS
communicating directly with each other.
3. Two wireless stations in different BSSs communicating via
their respective APs across a distribution system.
4. A wireless station communicating with an end station on a
wired network via its AP and the distribution system.
Dr. Anas Bushnag 6

7. IEEE 802.11i Phases of Operation
1. Discovery
2. Authentication
3. Key generation and distribution
4. Protected data transfer
5. Connection termination
Dr. Anas Bushnag 7

8. IEEE 802.11i Phases of Operation
Discovery: An AP uses messages called Beacons and Probe
Responses to advertise its IEEE 802.11i security policy. The
STA uses these to identify an AP for a WLAN with which it
wishes to communicate. The STA associates with the AP, which
it uses to select the cipher suite and authentication mechanism
when the Beacons and Probe Responses present a choice.
Dr. Anas Bushnag 8

9. IEEE 802.11i Phases of Operation
Authentication: During this phase, the STA and AS prove their
identities to each other. The AP blocks non-authentication traffic
between the STA and AS until the authentication transaction is
successful. The AP does not participate in the authentication
transaction other than forwarding traffic between the STA and
AS.
Key generation and distribution: The AP and the STA
perform several operations that cause cryptographic keys to be
generated and placed on the AP and the STA. Frames are
exchanged between the AP and STA only.
Dr. Anas Bushnag 9

10. IEEE 802.11i Phases of Operation
Protected data transfer: Frames are exchanged between the
STA and the end station through the AP. As denoted by the
shading and the encryption module icon, secure data transfer
occurs between the STA and the AP only; security is not
provided end-to-end.
Connection termination: The AP and STA exchange frames.
During this phase, the secure connection is torn down and the
connection is restored to the original state.
Dr. Anas Bushnag 10

11. IEEE 802.11i Phases of Operation
Dr. Anas Bushnag 11

12. WIRELESS TRANSPORT LAYER
SECURITY
WTLS provides security services between the mobile device (client)
and the WAP gateway. WTLS is based on the industry-standard
Transport Layer Security (TLS).
TLS is the standard security protocol used between Web browsers
and Web servers.
WTLS is used between the client and the gateway, and TLS is used
between the gateway and the target server.
WAP systems translate between WTLS and TLS within the WAP
gateway.
Thus, the gateway is a point of vulnerability and must be given a
high level of security from external attacks.
Dr. Anas Bushnag 12

13. WIRELESS TRANSPORT LAYER
SECURITY
Dr. Anas Bushnag 13

14. WIRELESS TRANSPORT LAYER
SECURITY
WTLS provides the following features:
1. Data integrity: Uses message authentication to ensure that
data sent between the client and the gateway are not
modified.
2. Privacy: Uses encryption to ensure that the data cannot be
read by a third party.
3. Authentication: Uses digital certificates to authenticate the
two parties.
4. Denial-of-service protection: Detects and rejects messages
that are replayed or not successfully verified.
Dr. Anas Bushnag 14

15. WTLS Sessions and Connections
Two important WTLS concepts are the secure session and the
secure connection, which are defined in the specification as:
Secure connection: A connection is a transport (in the OSI
layering model definition) that provides a suitable type of
service. For SSL, such connections are peer-to-peer
relationships. The connections are transient. Every connection
is associated with one session.
Dr. Anas Bushnag 15

16. WTLS Sessions and Connections
Secure session: An SSL session is an association between a
client and a server. Sessions are created by the Handshake
Protocol. Sessions define a set of cryptographic security
parameters, which can be shared among multiple connections.
Sessions are used to avoid the expensive negotiation of new
security parameters for each connection.
Dr. Anas Bushnag 16