Essential Wi-Fi

802.11's security, or its lack thereof, is one of its most talked-about aspects.  Shortly after 802.11 became popular, several weaknesses in its encryption were discovered by researchers at the University of Maryland.  These weaknesses got a lot of publicity, leading some to conclude that 802.11 was just not secure enough for them to use.  But numerous technologies exist that can secure your 802.11 network.  In this month's newsletter, we will discuss WEP, the original 802.11 security method.

WEP (Wireless Equivalent Privacy) is the form of security that was originally included in the 802.11 standard.  WEP provides a means of encrypting packets and authenticating users.  WEP authentication and encryption is based on a "WEP key," a numerical value that is entered into wireless devices by the administrator.  This numerical value acts as a password when WEP is used for authentication.  When WEP is used for encryption, the WEP key acts as a "seed" for the encryption algorithm.  The effect is that stations that have the same WEP key can encrypt and decrypt each others' packets; a station can't decrypt packets that were encrypted using a WEP key that the station doesn't know.

Although WEP does provide a basic level of security, it is not appropriate for enterprise use for several reasons.  First, WEP keys must be configured and updated by hand.  If a WEP key is compromised, there is no automatic way to update the WEP keys on the clients.  Just as it is a good idea to change your password every so many days, it is a good idea to change WEP keys, but, again, 802.11 does not provide any automatic way to do this.  This means that WEP is sub-optimal for installations involving more than just a few users.  This weakness has resulted in cases where, for example, the WEP key is written on the bulletin board so that everyone can update their own key.  Of course, this partially negates the purpose of having a WEP key in the first place!

Second, the WEP algorithm contains certain cryptographic weaknesses that make it possible for an attacker to decrypt packets even if the attacker doesn't know the WEP key, or even to learn the WEP key itself.  The most powerful of these attacks requires that the attacker capture a certain number of encrypted packets from the network.  By analyzing certain aspects of these packets using mathematical techniques, the attacker can figure out what the WEP key is.  Of course, there are programs out there to implement this attack automatically--the attacker doesn't have to do the math or even understand the nature of the attack!  The attacker just has to get within range of the network and start up his or her laptop.

Although the mere possibility of the WEP key being cracked should give enterprise administrators pause, you should realize that this attack requires the attacker to capture an enormous number of encrypted packets (usually several millions).  On very busy networks, this number might be reached in a few days, but on the typical home or SOHO network, the sheer time it would take to capture that number of packets would be prohibitive.  Therefore, in lieu of any more sophisticated options, such as WPA, we believe that WEP is more than adequate for home and SOHO networks, especially if the WEP key is changed monthly.  It's unlikely that an attacker will be determined enough to capture enough packets from these small networks to crack the WEP key.  Enterprise administrators, on the other hand, should opt for more robust security methods, which we will discuss in upcoming months.

 Technology and Engineering

"Signal to noise ratio," or SNR, is commonly defined by 802.11 administrators as "the ratio of the power of the data signal to the power of the ambient RF energy," where "ambient RF energy" refers essentially to any RF emitter that is not an 802.11 transmitter. Although this definition could be correct under some interpretations of the term, "signal to noise ratio," it's important for an 802.11 administrator to realize that slightly different interpretations of that term are used in other areas, and confusion may arise if it's not clear exactly what kind of “signal to noise” is being discussed.

In general, "signal to noise ratio" refers to the power level of an incoming signal relative to some type of background noise. The definition of "noise" can vary, depending on the field in which "noise" is being measured. For example, audio engineering refers to the SNR of an analog recording medium­that is, the strength of the loudest undistorted signal the medium can carry relative to the background "hiss" that would be heard if a blank medium were played back. Audio amplifiers also have an SNR rating, which essentially measures the level of "hiss" that would be heard if the amplifier were turned up all the way without a signal being fed through it (you can try this at home with your stereo if you want). Although we have used audio examples, since everyone has some experience with them, the same "hiss" exists in any analog circuit, including the RF receiver in your 802.11 card. The point here is that, because the definition of “noise” can vary, so does the definition of SNR. In each case, the "signal" is the power level of the incoming signal, but the “noise” changes depending on your perspective.

From the perspective of an RF chipset engineer or an electrical engineer, "signal to noise" ratio probably refers to the strength of the incoming signal relative to the "noise" within the RF chipset itself. Electronic circuits are subject to a type of noise known as Boltzmann noise, which is caused by thermal effects. Essentially, the heat within the chipset causes a certain amount of electrical distortion that manifests itself as noise. Electrical circuits are also subject to induced noise from outside sources­for example, it's common to find noise in the 60 Hz range (the frequency of AC current in the U.S). Notice that this definition of "noise" and "signal to noise ratio" is completely different from the 802.11 administrator's definition mentioned previously. This definition focuses on the strength of the signal and noise within the electrical circuit itself, as opposed to in the air.  Measurement of SNR, then, depends on the definition of the “noise floor,” which is the level of “noise” in the environment being measured.

In summary, to an RF chipset engineer, the "noise" might be the background noise within the circuit of the chipset, while, to an 802.11 administrator, "noise" might be the ambient, non-802.11, RF energy in the environment. To avoid a double-use of the term "noise" and "signal to noise ratio," we propose the term, "interference" to refer to the ambient, RF energy in the environment, and the term, "signal to interference ratio," or "SIR," to refer to the strength of the signal relative to the ambient, RF energy in the environment. This leaves "noise" and "SNR" to refer exclusively to the thermal noise within the chipset and avoids confusion when 802.11 administrators talk to RF engineers or electrical engineers. Finally, bear in mind that SIR is probably not what the card is measuring when it reports "signal quality," even though it's common to (incorrectly) equate signal quality with SIR.

This topic is discussed in more depth in Connect802's paper, "You Believe You Understand What You Think I Said -- The Truth About 802.11 Signal and Noise Metrics," available from our white papers page.


To Infinity... and Beyond!

RFID? Wait 'Till You See This!

In early 2005 expect to see yet another amazing application of wireless technology. Nokia has launched a new case for its line of cell phones. You might ask, "This is amazing?" The case itself implements a technology called Near Field Communication (NFC), an emerging radio frequency identification (RFID) technology that is, indeed, amazing. The Nokia NFC shell for the cell phone contains embedded, "manufactured-in" circuitry that allows the NFC device (the phone's shell itself) to interact with other NFC services and download information, such as Web URL's, into the handset.

Other applications for NFC technology include swapping electronic business cards between devices or using the NFC interface to authenticate yourself at the checkout counter at a hotel or ticket counter at the airport. Philips and Sony are also pushing NFC technology strongly. Essentially, a NFC device becomes a short-range RFID reader, able to interact in the RFID space. See what Nokia has to say about the NFC shell.

The first mobile phone to work with the new Nokia NFC is the Nokia 3220 (pictured to the right), a tri-band camera phone that is available in two versions: a GSM 900/1800/1900 primarily for the European and Asian markets, and a GSM 850/1800/1900 primarily for the Americas. The Nokia NFC shell is a functional cover developed for the Nokia 3220 phone. The Nokia NFC shell with four tags will be available during the first quarter of 2005 in Europe, and during the second quarter 2005 in the Americas and Asia. By the way, speaking of RFID-related news, Symbol Technologies acquired RFID supplier Matrics for $230-Million dollars and William Nuti, Symbol's president and CEO said, "It is Symbol's goal to lead in the RFID industry." The acquisition will give Symbol access to the only fixed-position, multi-protocol reader in the market today as well as Matric's tag production capability.

Symbol Technologies Has Actively Entered the RFID Market

A recent press release discusses how Symbol Technologies has begun marketing what is essentially a turnkey dock door RFID reader solution. At Connect802 we like "turnkey" since our Connect EZ Solution Suites provide turnkey Wi-Fi networks. Symbol's RFID equipment will be able to communicate back to the in-building Ethernet network across a Wi-Fi wireless link and that's why we're showcasing this press release. As RFID explodes into the supply chain and continues to erode away the use of UPC bar codes the need for Wi-Fi wireless network back-haul will be increasingly significant. If you're concerned about your Wi-Fi wireless network you should be aware, and up to date, on what's happening in the RFID space. Here's the press release in its entirety:

Symbol Battles Over Definition of "Switch"

Symbol made news this month by starting a debate over the definition of the term, "wireless switch." Symbol claims that its wireless switches are the only ones deserving of the title, while its competitors-- Airespace, Aruba, and Trapeze--should call their devices "bridge managers". In addition, Symbol argues that its competitors violate 802.11 standards in various ways.

The debate points to the increasing importance of wireless "switches" as opposed to traditional stand- alone access points. Stand-alone access points don't scale well, if only because they become difficult to administer as their numbers grow. But centrally managed access points can offer more advantages than easy configuration--for example, roaming is handled more smoothly when all APs connect back to a central device and the central device may be able to modify the power output of individual APs to provide the best coverage. Regardless of the specific definition of the term, we predict that, for mid-sized to large wireless networks, centrally-managed access points--wireless "switches"--will increase in popularity. Additional articles are on the web at:

Pre-Standard 802.11n Worries

The professional Wi-Fi design community has expressed mixed reactions to recent releases of wireless access points dubbed "Pre-N". These devices purport anticipate the ratification of the IEEE 802.11n 100 Mbps Wi-Fi standards not expected until late 2005 at the earliest (and, more probably, mid-2007!) Those responsible for business WLAN's are generally being warned to wait for products based on a ratified standard. On the other hand, home users who want to explore the higher speed devices for streaming HDTV or other in-home multimedia applications should find the Pre-N devices interesting additions to their home networks. A web search on "Pre-N" will keep you up to date on who's releasing products and what's been reviewed.

The 802.11n standard will use a bit-encoding technique called "MIMO" (Multiple Input / Multiple Output). This contrasts with the OFDM (Orthogonal Frequency Division Multiplexing) technique used in 802.11g and 802.11a.

Consider the fact that while 802.11a and 802.11g are specified with a 54 Mbps maximum data rate the practical data throughput that can be expected from these technologies is more in the range of 15 Mbps to 25 Mbps (depending on distance from the AP and obstruction characteristics). While Pre-N products are being marketed with fantastic promises of 100 Mbps speeds the practical throughput will still drop to this same range, albeit somewhat further away from the AP. PCMagazine conducted tests on newly released Pre-N products and found that at 60-feet from the AP the Pre-N product yielded roughly 40 Mbps compared to 15 Mbps for 802.11g and at the edge of the 802.11g coverage area the Pre-N equipment was still providing almost 9 Mbps of throughput.

The engineering team at Connect802 has been watching pre-release technology enter the marketplace for over 20 years. When twisted-pair Ethernet made its debut there were numerous pre-standard switches and coaxial-to-twisted-pair adapters. Within a 2-year timeframe (around 1989) companies who had picked the "wrong" pre-standard were left with incompatible equipment and vendors who had discontinued the incorrectly specified standards. Decision makers today are strongly encouraged to stay away from Pre-N equipment and to not fall prey to the marketing hype that's adding to an already confusing wireless-network market.

Some articles that you may find interesting on this subject are available at: