Page 416 - From GMS to LTE
P. 416
402 From GSM to LTE-Advanced Pro and 5G
Encryption not
activated
This WLAN
network uses
an access point
Datarates
SSID supported by
the access point
Figure 6.7 An extract from a beacon frame.
frame. To speed up the search, a device can also send probe request frames to trigger an
AP to send its system information in a probe‐response frame, without waiting for the
beacon frame interval to expire. Most client devices make use of both methods to scan
the complete frequency range as quickly as possible.
Once a client device has found a suitable AP, it has to perform an authentication
procedure. Two authentication options have been defined in the standard.
The first authentication option is called open system authentication and is typically
used in practice today. The name is quite misleading as this option performs no authen-
tication at all. The device simply sends an authentication frame with an authentication
request to the AP, asking for open system authentication. No further information is
given to the AP. If the AP allows this ‘authentication’ method, it returns a positive status
code and the client device is ‘authenticated’.
The second authentication option is called shared key authentication and is not typi-
cally used in practice today. This option uses a shared key to authenticate client devices.
During the authentication procedure, the AP challenges the client device with a randomly
generated text. The client device then encrypts this text with the shared key and returns
the result to the AP. The AP performs the same operation and compares the result with
the answer from the client device. The results can match only if both devices have used the
same key to encrypt the message. If the AP is able to validate the client’s response, it
finishes the procedure as shown in Figure 6.8 and the client is authenticated.
