WiFi connection process
In connection process when a station wants to connect to AP to access the internet many frames were exchanged between AP and station like
- Management frames
- Pre shared Key (Personal)
- EAP messages(802.1x Authentication)
- 4 way hand shake
- DHCP
After every successful frame transmission AP will assign IP to station to run the Traffic.
In AP – STA connection process or wifi connection process
- Firstly AP will Broadcast the Beacon.
- Station will start active scanning and sends the probe request.
- AP will respond to the probe request and sends probe response.
- Then the client will send authentication request.
- AP will send authentication response to Station
- Then station will send Association request to Ap.
- Then AP will respond with association response to station.
- The station got connected to AP in open system authentication but still it does not get any IP.
Note : After DHCP process only IP is assigned
There are two types of mode
- Personal(Pre-shared key)
- Enterprise mode(802.1x Authentication)
If it is personal mode station and AP use Pre-shared key and generate a PMK (Pairwise Master Key)
Then 4 way handshake will be done.
Enterprise version(802.1x) :
- If the AP supports enterprise version like radius server the EAP Authentication starts after Association process.
- A virtual port is opened for the wireless LAN client on the access point.
- Apart of 802.1X traffic, access point blocks all data frames .These 802.1X frames carry EAP authentication messages.
- Here Station is termed as Supplicant AP is termed as authenticator and radius server/authentication server.
- After association response the station will send EAPOL Start message to AP.
- Then AP will send EAP Identity Request message to station.
- Then station will send EAP Identity Response message to AP.
- Identity response message consists of credentials of AP like username.(It does not contains any password in this message)
- Ap will send the Radius Access request to the Authenticator server.
- Authenticator server will respond with Access challenge to AP.
- AP will send EAP Challenge request message to station.
- Station will respond to AP with EAP Challenge response message to AP.
- AP will send Access request message to Authenticator server.
- Authenticator checks weather the credentials matches and responds with EAP Success/Failure message to AP.
- EAP success—The authenticator sends authentication success message upon successful authentication to suplicant.
- EAP failure—The authenticator sends authentication failure message upon unsuccessful authentication to supplicant.
- AP will send EAPOL Success message to Station.
- AP will open a port for all the traffic after EAP success then 4-way Handshake process starts.
4-way handshake :
Terms to remember in 4-way handshake process:
- Master Session Key (MSK)
- Pairwise Master Key (PMK)
- Group Master Key (GMK)
- Pairwise Transient Key (PTK)
- Group Transient Key (GTK)
- Message Integrity Check (MIC)
- Anonce – Random number generated by AP
- Snonce – Random number generated by Station
4-way handshake is a process of exchanging four messages between AP and station which is used to generate encryption keys.These encrypted keys are used to encrypt the data sent over a wireless medium.
The 4 messages are -
- Anonce
- Snonce + MIC
- GTK + MIC
- ACK
- After successful 802.1x authentication AP will send its Anonce to station.Now station has everything to generate PTK.
- PTK is generated by adding PMK, Anonce, Snonce, AP mac and Station mac with pseudo random function
” PTK = PRF ( PMK + Anonce + Snonce + AP Mac + Station Mac ) “
- Station will send its Snonce to AP with message integrity check(MIC).
- Now AP also have everything to generate PTK(Pairwise transient key).
- Now AP will send GTK(Group Transient key) with MIC (Message integrity check) to station.
- GTK is generated by AP from Group master key (GMK).
- AP shares the GTK to every client which is connected AP.
- PTK is used to encrypt the Unicast traffic and GTK is used to encrypt Broadcast and Multicast Traffic.
- Then station will send Acknowledgment to the AP.
- After the Ack the 4-way handshake was successful then DHCP process begins.
DHCP – Dynamic Host Configuration Protocol
- Dynamic Host Configuration Protocol(DHCP) is a protocol used by DHCP servers in wired/wireless network for exchanging 4 messages between client and DHCP server.
- It dynamically allocate network configuration data, such as a user IP address, sub net mask, default gateway IP address, DNS server IP address, lease time and so on to DHCP clients without any manual setup process
- DHCP server makes network management much easier. It adopts the concept of a “ lease ” for the allocation of IP Address.
- DHCP server will not allocate a particular IP address to a client permanently. It will lease the IP for certain duration of time.
- If the client wants to use the IP address for longer than lease duration then client need to request the DHCP server for renewal of the lease.
- If client does not send the renewal request the AP performs an IP address release procedure.
DHCP – Discover Message
When a client (PC) is booted up, it starts broadcasting a DHCP Discover message over the network to locate all available DHCP servers on the network.
By setting the destination MAC address in the Ethernet header as Broadcast MAC=FF:FF:FF:FF:FF:FF It reaches all the DHCP servers on the network.
DHCP – Offer Message
When a DHCP server receives the DHCP Discover message from the client, it also broadcasts a DHCP Offer message over the network informing the client that it is available.This message contains the network information
DHCP – Request
After receiving DHCP offer message the client will broadcasts a DHCP Request message to the server over the network, requesting network configuration data including an IP address for itself.
The client will broadcast the DHCP Request message to all the DHCP servers available within the network, so that the DHCP servers which are not selected can also receive this message so that the other DHCP servers delete the stored network configuration data from their memory
DHCP – Acknowledgement
The DHCP server which received the DHCP Request message from the client checks if the IP address shown in the DHCP Server Identifier field matches its own then it broadcasts the DHCP Acknowledgement message.
I’ve been browsing on-line more than three hours today, yet I by no means discovered any interesting article like yours. It’s lovely price sufficient for me. In my view, if all site owners and bloggers made excellent content material as you probably did, the net shall be a lot more helpful than ever before.
Hello my family member! I want to say that this post is awesome, nice written and include approximately all significant infos. I’d like to see more posts like this.
obviously like your website but you have to check the spelling on several of your posts. Several of them are rife with spelling problems and I find it very troublesome to tell the reality then again I’ll surely come again again.