Home
Home WLAN Blog
Wireless Internet
WISP
What is WiFi
WiFi Hotspots
Wireless Security
Setting up WiFi
Wireless Router
Wireless card
WiFi Antennas
WiFi phone
Range extension
WiFi Software
Contact
Free Newsletter
Your Wireless

[?] Subscribe To This Site

XML RSS
Add to Google
Add to My Yahoo!
Add to My MSN
Subscribe with Bloglines

 

Wireless Authentication And WEP

There are two kinds of wireless authentication open-system and shared-key authentication. Find out here more about this here.

Wireless authentication is only one way street. Station has to authenticate to the access point, but the access point has no obligation to authenticate to the station.


Open-System Authentication - access point accepts every request for authentication. Without encryption, every device that knows SSID, can access the network. With enabled WEP, on access point, WEP key becomes an access control. If station does not have the correct WEP key, the device cannot transfer data, even though authentication was successful.

Open-system authentication exchange has two frames:

First frame (Sequence number - 1) is from the station. It is authentication request with two elements.

Direction
Client->AP
Algorithm Identification
0
Transaction Sequence
1

Authentication Algorithm Identification set to 0 – which means this is an Open-System. Authentication Transaction Sequence is set to 1 – this means it is the first frame in the sequence.

After that, access point returns its response with 3 elements:

Direction
AP->Client
Algorithm Identification
0
Transaction Sequence
2
Status code
0

Authentication Algorithm Identification is set to 0 – Open-System. The sequence number is 2. Status Code - result of the authentication request.



Shared-Key Authentication - use WEP. This means that authentication itself does not guarantee you high level of the security.

The access point needs to transfer the shared-key to stations, before authentication. The Shared-key authentication exchanges four frames:



A client sends an authentication request to the access point. This frame is almost identical to the first frame in the Open-System.

Direction
Client->AP
Algorithm Identification
1
Transaction Sequence
1
Algorithm Identification set to 1 – which means this is Shared-Key Authentication. Transaction Sequence is set to 1 – this means it is the first frame in the sequence.

Access point responds with the frame that serves as the challenge.

Direction
AP->Client
Algorithm Identification
1
Transaction Sequence
2
Status Code
0
Challenge text
128 B text
To proceed, Status Code should be 0 (successful). Access Point may deny the authentication request. If Status Code is 0, then frame includes Challenge text – 128 bytes generated using WEP key.

The third frame is stations response to challenge.

Direction
Client->AP
Algorithm Identification
1
Transaction Sequence
3
Status Code
0
Challenge text
128 B
Station uses WEP key to encrypt the Challenge text. Its response is the subsequent authentication request. Request is again hidden with WEP key as shared-key.

If access point can decrypt the authentication request, then it responds with the authentication response that grants access to the client.

Direction
AP->Client
Algorithm Identification
1
Transaction Sequence
4
Status code
0
If the status code is 0 (success), then the network can grant access to the station. If any problem occurs, AP returns status code 1 - unsuccessful.


Return from Wireless Authentication to Wireless Internet Security


New! Comments


Subscribe to Free monthly Home-WLAN Newsletter, be in touch with wireless technology.

Enter your E-mail Address
Enter your Name (optional)
Then

Don't worry -- your e-mail address is totally secure.
I promise to use it only to send you Home-WLAN Newsletter.


SBI! Proof