Page 446 - From GMS to LTE
P. 446
432 From GSM to LTE-Advanced Pro and 5G
datarate available on the application layer. On the physical layer, the overhead consists
of 64 symbols used for the known reference signal after each 448‐user data symbol
block and the use of only 336 of the 355 subcarriers for user data. In addition some of
the overall transmission time is dedicated to beamforming control activities.
Furthermore, the transmission gaps between individual frames for the distributed
scheduler and MAC acknowledgments for frames further reduce the datarates available
on higher layers. In addition, twisted pair Ethernet ports of most devices are limited to
a datarate of 1 Gbit/s. For higher speeds, optical ports at the Wi‐Fi access point and
other devices such as servers and Network Attached Storage (NAS) devices are needed.
6.7 Wireless LAN Security
WLAN security is a widely discussed topic as using a wireless network without encryption
exposes users to many security risks.
In some cases, APs are still sold with encryption deactivated by default. If encryption
is not configured by the owner of the network, any wireless device can access the net-
work without prior authorization. This configuration is used in most public hotspots as
it allows users to easily find and use the network. As the frames are not encrypted,
however, it is easy to eavesdrop on their activities. Without protection on the network
layer, it is left to the users to use virtual private network (VPN) tunnels and take other
measures to protect themselves.
The use of such an open configuration for private home networks that use the wire-
less network to provide access to the Internet is even more critical. If encryption is not
activated, neighbors can use the Internet connection without the knowledge of the
owner of the Internet connection. Furthermore, it is possible to spy on the transmitted
frames, for example to collect passwords, in the same way as it is possible in public
WLAN networks. As open APs also allow an eavesdropper to gain access to any PC that
is connected to the wireless network, it potentially allows them to exploit operating
system weaknesses, which could enable them to read, modify or destroy information.
6.7.1 Wired Equivalent Privacy (WEP)
To protect WLANs from unauthorized use and eavesdropping, WEP encryption is part
of the 802.11b, g and a standards. Similar to GSM and UMTS, this encryption method
is based on a stream‐ciphering algorithm that encrypts a data stream with a ciphering
sequence. The ciphering sequence is calculated for each frame by using a key and an
initial vector (IV) (Figure 6.21). The IV changes for every frame to prevent easy recon-
struction of the secret key by an attacker. In contrast to GSM or UMTS, however, WEP
uses the same key for all users. While a single key is easy to manage, it creates a big
problem especially if a WLAN is used by a company. As the same key has to be manually
configured by all users in their devices, it is not possible to keep the key secret. In GSM
or UMTS, the individual private key of each user is securely stored on the SIM card.
An even more serious problem is the fact that the first bytes of an encrypted frame
always contain the same information for the LLC header. In combination with certain
IVs which are transmitted as clear text it is possible for an attacker to calculate the key.
About 5–6 million frames are necessary to calculate the key with this approach. The
