802.

11 Authentication
and Association

Mohit P. Tahiliani
Assistant Professor,
Dept. of Computer Science and Engineering,
NITK Surathkal
Overview
Wireless medium has its own share of security
concerns because the radio waves cannot be
confined within the premises, unlike the wired
medium whose access can be controlled.

➔ 802.11 Frame Types

➔ Active vs Passive scanning

➔ 802.11 Frame Structures

➔ 3 states of 802.11 connection

➔ Authentication techniques

➔ Association rules and codes

Association happens only in
infrastructure based networks 2
General format for Management frames

3
Image Credits: CWAP Official Study Guide
Subtype bits for Management frames

4
Image Credits: CWAP Official Study Guide
802.11 connection states

S1: Not
authenticated
or
associated

5
Types of 802.11 authentication

Open system Shared key

authentication authentication

The main goal of 802.11 authentication is to verify that the requesting STA has
6
proper 802.11 capability to join the BSS
Key takeaway
These legacy authentication methods were not
so much an authentication of user identity, but
more of an authentication of device capability.

Think of these authentication techniques as

verification between the two devices that they
are both valid 802.11 devices.
- dot11ap.wordpress.com

7
Open system authentication

8
Image Credits: https://mrncciew.com/
Shared key authentication

9
Image Credits: https://mrncciew.com/
Authentication frame format

● Authentication Algorithm Number: 0 (open system) or 1 (shared key)

● Authentication Transaction Seq. No.: state of progress of authentication
● Status Code: 0 (success) or Non-zero (1 for unspecified failure, 15 for challenge
failure)
● Challenge Text: used in shared key authentication during step 2 and 3

10
Image Credits: CWAP Official Study Guide
 Very Important!
802.11 authentication = techniques used with
Wired Equivalent Privacy (WEP)

WEP uses Stream Cipher (RC4) for confidentiality

WEP uses CRC-32 for integrity

WEP was the only encryption technique used with

802.11a and 802.11b

WEP is deprecated since 2004, but still in use in

legacy systems
11
802.11 connection states

S2: Authenticated
but not
yet
associated

12
Association request frame format

● Capability Info: explained in the next slide with a separate diagram

● Listen interval: how frequently STA listens for beacons (important for buffering)
● SSID: Name of the Wi-Fi network
● Supported Rates: data rates supported by STA

13
Image Credits: CWAP Official Study Guide
Image Credits: https://mrncciew.com/ 14
Association response frame format

● Capability Info: same as discussed for ‘association request frame format’

● Status Code: 0 (success) or Non-zero (1 for unspecified failure, 10 for lack of
support of all capability info)
● Association ID: Unique number assigned to STA
● Supported Rates: data rates supported by the AP

15
Image Credits: CWAP Official Study Guide
802.11 connection states

S3: Authenticated
and
associated

16