Page 416 - From GMS to LTE
P. 416

402  From GSM to LTE-Advanced Pro and 5G












                                                                     Encryption not
                                                                     activated


                                                                     This WLAN
                                                                     network uses
                                                                     an access point



                                                                     Datarates
                                         SSID                        supported by
                                                                     the access point










            Figure 6.7  An extract from a beacon frame.


            frame. To speed up the search, a device can also send probe request frames to trigger an
            AP to send its system information in a probe‐response frame, without waiting for the
            beacon frame interval to expire. Most client devices make use of both methods to scan
            the complete frequency range as quickly as possible.
             Once a client device has found a suitable AP, it has to perform an authentication
            procedure. Two authentication options have been defined in the standard.
             The first authentication option is called open system authentication and is typically
            used in practice today. The name is quite misleading as this option performs no authen-
            tication at all. The device simply sends an authentication frame with an authentication
            request to the AP, asking for open system authentication. No further information is
            given to the AP. If the AP allows this ‘authentication’ method, it returns a positive status
            code and the client device is ‘authenticated’.
             The second authentication option is called shared key authentication and is not typi-
            cally used in practice today. This option uses a shared key to authenticate client devices.
            During the authentication procedure, the AP challenges the client device with a randomly
            generated text. The client device then encrypts this text with the shared key and returns
            the result to the AP. The AP performs the same operation and compares the result with
            the answer from the client device. The results can match only if both devices have used the
            same key to encrypt the message. If the AP is able to validate the client’s response, it
              finishes the procedure as shown in Figure 6.8 and the client is authenticated.
   411   412   413   414   415   416   417   418   419   420   421