Description of wireless authentication.
There are two kinds of wireless authentication: open-system and shared-key authentication. Wireless authentication is only one way street. Station has to authenticate to the access point, but the access point has no obligation to authenticate to station. Open-System Authentication - access point accepts every request for authentication. Without encryption, every device that knows SSID, can access the network. With enabled
WEP
, on access point, WEP key becomes an access control. If station does not have correct WEP key, device cannot transfer data, even though authentication was successful. Open-system authentication exchange has two frames:  | First frame (Sequence number - 1) is from the station.
It is authentication request with two elements. | | Direction | Client->AP | | Algorithm Identification | 0 | | Transaction Sequence | 1 | | Authentication Algorithm Identification set to 0 – which means this is an Open-System.
Authentication Transaction Sequence is set to 1 – this means it is the first frame in the sequence. | After that, access point returns its response with 3 elements: | Direction | AP->Client | | Algorithm Identification | 0 | | Transaction Sequence | 2 | | Status code | 0 | | Authentication Algorithm Identification is set to 0 – Open-System.
Sequence number is 2.
Status Code - result of the authentication request. |
Shared-Key Authentication - use WEP. This means that authentication itself does not guarantee you high level of the security.  | Access point need to transfer the shared-key to stations, before authentication. Shared-key authentication exchange four frames: |
Client sends an authentication request to the access point. This frame is almost identical to the first frame in the Open-System. | Direction | Client->AP | | Algorithm Identification | 1 | | Transaction Sequence | 1 | | Algorithm Identification set to 1 – which means this is Shared-Key Authentication. Transaction Sequence is set to 1 – this means it is the fist frame in the sequence. | Access point responds with the frame that serves as the challenge. | Direction | AP->Client | | Algorithm Identification | 1 | | Transaction Sequence | 2 | | Status Code | 0 | | Challenge text | 128 B text | | To proceed, Status Code should be 0 (successful). Access Point may deny the authentication request.
If Status Code is 0, then frame includes Challenge text – 128 bytes generated using WEP key. | Third frame is stations response to challenge. | Direction | Client->AP | | Algorithm Identification | 1 | | Transaction Sequence | 3 | | Status Code | 0 | | Challenge text | 128 B | | Station use WEP key to encrypt the Challenge text. Its response is the subsequent authentication request. Request is again hidden with WEP key as shared-key. | If access point can decrypt the authentication request, then it responds with the authentication response that grants access to the client. | Direction | AP->Client | | Algorithm Identification | 1 | | Transaction Sequence | 4 | | Status code | 0 | | If Status code is 0 (successful), then network can grant access to station. If any problem occurs, AP returns status code 1 - unsuccessful. |
Return from Wireless Authentication to How WLAN works
|
