WiFi Communication

Created:  
Updated:   15Aug2024   03:54:20   UTC 2024-08-15T03:54:20Z
Rating:   (0 reviewsThis article has not been rated yet)

WiFi communication involves transferring information (data, text, audio, images, or video) between two or more wireless devices in a Wireless Local Area Network (WLANWireless Local Area Network is a wireless computer network that links two or more devices using wireless communication to form a Local Area Network (LAN).). This overview covers the main components of a WiFi communication system (IEEEInstitute of Electrical and Electronics Engineers (Industry Standards) 802.11IEEE 802.11 is a set of protocol standards that define communication for a Wireless Local Area Network (WLAN). In order for WiFi to work between different devices, they all need to agree on how they are going to communicate. The current version of the standard is IEEE 802.11-2007, with many amendments such as 802.11a, 802.11b, 802.11g, and 802.11n. standards, protocols, layers, and security) to explain many of the specs and features of IoTInternet Of Things devices, such as WiFi modules, microcontrollers, and Single Board Computers (SBCSingle Board Computers).

IEEE 802.11

In order for WiFi to work between different devices, they all need to agree on how they are going to communicate. WiFi is based on the IEEEInstitute of Electrical and Electronics Engineers (Industry Standards) 802.11IEEE 802.11 is a set of protocol standards that define communication for a Wireless Local Area Network (WLAN). In order for WiFi to work between different devices, they all need to agree on how they are going to communicate. The current version of the standard is IEEE 802.11-2007, with many amendments such as 802.11a, 802.11b, 802.11g, and 802.11n. family of standards, a set of Medium Access Control (MACMedium Access Control, Medium Access Controller, Media Access Control, or Medium Access Controller) and Physical Layer (PHYPhysical Layer, referring to the physical radio used for communication and for modulating/demodulating the data. ) protocol standards that define communication for a WLANWireless Local Area Network is a wireless computer network that links two or more devices using wireless communication to form a Local Area Network (LAN)..

Versions

The original base version of the IEEE 802.11 standard was released in 1997, but is now obsolete and replaced with subsequent amendments. The amendments defined in the table below are ones that are commonly found with WiFi modules, microcontrollers, and SBCSingle Board Computers, but more amendments can be found at Wikipedia.

802.11 Versions
Version Description
802.11-1997
(802.11 Legacy)
The IEEE 802.11a-1999 or 802.11a was an amendment to the IEEE 802.11 wireless local network specifications that uses the same core protocol as the original standard, but operates in 5GHz band and uses a 52-subcarrier Orthogonal Frequency-Division Multiplexing (OFDMOrthogonal Frequency-Division Multiplexing) with a maximum raw data rate of 54Mbit/s.
802.11b The IEEE 802.11b-1999 or 802.11b is an amendment to the IEEE 802.11 wireless networking specification that increases data rates up to 11Mbit/s using the same 2.4GHz band.
802.11d The IEEE 802.11d-2001 or 802.11d amendment includes international (country-to-country) roaming extensions. This support includes the addition of a country information element to beacons, probe requests, and probe responses. The country information elements simplifies the creation of 802.11 wireless access points and client devices that meet the different regulations enforced in various parts of the world.
802.11e The IEEE 802.11e-2005 or 802.11e amendment includes a set of Quality of Service (QoSQuality of service (QoS) is the description or measurement of the overall performance of a service, particularly the performance seen by the users of the network. It refers to any technology that manages data traffic to reduce packet loss, latency, and jitter on a network.) enhancements through modifications to the MACMedium Access Control, Medium Access Controller, Media Access Control, or Medium Access Controller layer. This update was important for delay-sensitive applications, such as voice over wireless LAN and streaming multimedia.
802.11g The IEEE 802.11g-2003 or 802.11g is an amendment to the IEEE 802.11 specification that operates in the 2.4GHz microwave band with an increased data rate up to 54Mbit/s using the same 20MHz bandwidth as 802.11b uses to achieve 11Mbit/s.
802.11h The IEEE 802.11h-2003 or 802.11h amendment includes Spectrum and Transmit Power Management Extensions. It addresses interference problems with satellites and radar using the same 5GHz frequency band by providing Dynamic Frequency Selection (DFSDynamic Frequency Selection (DFS) is a channel allocation scheme for WiFi designed to prevent electromagnetic interference by avoiding co-channel operation with systems that predated WiFi, such as military radar, satellite communication, and weather radar.) and Transmit Power Control (TPCTransmit Power Control (TPC) is a mechanism used in wireless communication systems to manage the transmit power of wireless devices, such as access points (APs), to avoid interference with other devices and maintain optimal performance.) to the 802.11a PHY.
802.11i The IEEE 802.11i-2004 or 802.11i amendment included enhanced security with WPA2Wi-Fi Protected Access 2 (WPA2) is an encryption security protocol for 802.11 wireless networks to protect the information you send and receive over a wireless network. WPA2 was released in 2004 as a replacement of WPA..
802.11j The IEEE 802.11j-2004 or 802.11j amendment included extensions for Japan that allows wireless LAN operation in the 4.9GHz to 5.0GHz band to conform to the Japanese rules for radio operation for indoor, outdoor, and mobile applications.
802.11-2007 The 802.11-2007 is the first rollup version of the 802.11 standard that includes amendments a, b, d, e, g, h, i, and j.
802.11n The IEEE 802.11n-2009 or 802.11n is an amendment to the IEEE 802.11 wireless networking specification that has the capability of using multiple antennas with multiple-input multiple-output (MIMOMultiple-Input Multiple-Output (MIMO) is a wireless technology that uses multiple transmit and receive antennas to increase channel capacity and provide high data rate communications.) support, frame aggregation, security improvements, and can be used in the 2.4GHz or 5GHz frequency bands. Data rates can go up to 72Mbit/s with a single spatial stream in a 20MHz channel and 600Mbit/s with the use of four spatial streams at a channel width of 40MHz.

Architecture

These basic components of the 802.11 architecture are defined below. Many WiFi modules, such as the ESP-01, can be configured to operate in either AP, STA, or AP+STA modes.

Basic Network Architecture
Node:
A node is a device, such as a computer, printer, smartphone, or router that is hooked up to a network and is capable of sending or receiving data. Nodes can be adjacent to one another where they communication directly with each other or there may be an intermediate node, such as a switch or router, between two nodes that data must pass through.
Link:
Links are connections between nodes on a network. Links can be point-to-point where two nodes communicate with each other or multipoint where a node communicates with two or more nodes.
Basic Service Set (BSS):
The fundamental building block of the 802.11 architecture is called a Basic Service Set (BSS) that contains one or more wireless stations (STA) connected to a base station Access Point (AP).
Station (STA):
A Station (STA) is a device that has the capability to connect to an existing WiFi network as a client, such as smartphones or computers that join an established network and communicate with other devices on that network or access the internet.
Access Point (AP):
An Access Point (AP) is a device that creates a Wireless Local Area Network (WLAN) and acts as a central hub that allows other devices, such as smartphones or computers, to connect to it over Wi-Fi.
AP+STA:
A Wi-Fi device in AP+STA mode acts as both an Access Point (AP) as well as a Station (STA), where the device can connect to an existing network as a client (STA) while simultaneously hosting its own network (AP) for other devices to connect to.

Identifiers

Identifiers are used as a label that allows devices and networks to be identified. Identifiers are used as a label that allows devices and networks to be identified. Three common identifiers (MAC, BSSID, and SSID) that are used in WiFi networks are defined below.

Media Access Control (MAC) Address:
The MAC address, sometimes referred to as a hardware or physical address, is a unique 48-bit 12-character alphanumeric label used to identify every device on a network (every member of a Basic Service Set), whether an access point or end station. The MAC address is factory set for each participating device.
Basic Service Set Identifiers (BSSID)::
The BSSID is the MAC physical address of the access point or wireless router used to connect to the WiFi. It is a unique 48-bit hexadecimal number label associated with an individual access point and set of clients affiliated with a specific service set.
Service Set Identifier (SSID):
The SSID is a unique name assigned to a WiFi network. It is composed of letters, numbers, and symbols, and can be as long as 32 characters, according to the 802.11 Wireless Local Area Networks (WLAN) standard.

Channels

The IEEE 802.11 standard provides several distinct radio frequency band ranges for WiFi: 860/900MHz, 2.4GHz, 3.6GHz, 4.9GHz, 5GHz, 5.9GHz, 6GHz, 45GHz, and 60GHz. Each range is divided into a multitude of channels numbered at 5MHz spacing within a band (except in the 45/60GHz band, where they are 0.54/1.08/2.16GHz apart), and the number linearly relates to the center frequency of the channel. However, in practice, transmitters generally occupy at least 20MHz, and standards allow for channels to be bonded together to form wider channels for faster throughput. The channels for each frequency range are listed at Wikipedia.

Duplex

WiFi communication is half-duplex where each device can either transmit or receive, but not at the same time. Full-duplex on the same channel would have an issue with collisions or it would require the use two separate RFRadio Frequency channels. The 802.11 protocol is a time division duplex where WiFi devices that act as clients and Access Points (APs) are either in transmit mode or in receive mode. When a WiFi device has some data to transmit, it first checks to see that no other device is transmitting before it transmits data.

Protocols

When a WiFi transmitter sends data it needs to be understandable to the receiver in order to process the data. This is accomplished with a communication protocol, a set or rules that define the syntax, semantics, synchronization, authentication, and error control (detection and correction). There are many properties of a transmission that a protocol can define with a few given below.

  • Identifying the start and end of the message
  • Transmission speed
  • Handshaking and synchronization
  • Message (packet) size
  • Address mapping
  • Acknowledgment processes
  • Error detection and handling

WiFi has has many different kinds of protocols, such as internet protocols (IPInternet Protocol), transport protocols (TCPTransmission Control Protocol, UDPUser Datagram Protocol), application protocols (HTTPHypertext Transfer Protocol, MQTTMQ Telemetry Transport (MQTT) is a lightweight publish-subscribe messaging protocol for small sensors and mobile devices, optimized for high-latency or unreliable networks. Historically, the "MQ" in "MQTT" came from the IBM MQ (then 'MQSeries') product line, where it stands for "Message Queue". However, the protocol provides publish-and-subscribe messaging (no queues, in spite of the name)., WebSocketWebSocket is a communication protocol, providing simultaneous two-way communication channels over a single Transmission Control Protocol (TCP) connection. WebSockets are typically run from a web browser connected to an application server that allows messages to be passed back and forth while keeping the connection open., SSHThe Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution., FTPFile Transfer Protocol, SMTPSimple Mail Transfer Protocol), and security protocols (HTTPSHypertext Transfer Protocol Secure, SSLSecure Sockets Layer, TLSTransport Layer Security). IP makes sure you can send data to another machine, transport protocols make sure this data is received in order and acknowledged, application level protocols make sense of the data you receive, and security protocols protect your data.

IP Addresses

IP addresses serve two main functions: network interface identification and location addressing. The public IP address of a website, server, or router contains information about where it is in order to provide the capability of establishing a route to its location.

Most of the world currently uses the IPv4 version of addressing, with a size of 32-bits that limits the address space to 4,294,967,296 (232) addresses. An IPv4 address is expressed as a set of four numbers called octets, each ranging from 0 to 255, separated by periods. The full IPv4 addressing range goes from 0.0.0.0 to 255.255.255.255. For example, Google's DNSDomain Name System (DNS) translates the human-readable names of internet sites to their underlying IP addresses server IPv4 address is 8.8.8.8.

The exhaustion of IPv4 address gave rise to a newer IPv6, where the address size was increased from 32-bits in IPv4 to 128-bits in IPv6, thus providing up to 2128 (approximately 3.403x1038) addresses that was deemed sufficient for the foreseeable future. An IPv6 address is expressed as a set of eight hexadecimal numbers called segments, each ranging from 0 to FFFF, separated by colons (:). For example, Google's DNSDomain Name System (DNS) translates the human-readable names of internet sites to their underlying IP addresses server IPv6 address is 2001:4860:4860:0:0:0:0:8888.

IP address are generated by an integrated algorithm by the Internet Assigned Numbers Authority (IANA). The IANA allocates IP address blocks to Regional Internet Registries (RIRs), who in turn geographically distribute these blocks to Internet Service Providers (ISPs). An ISP generates individual IP addresses for their customers automatically using the Dynamic Host Configuration Protocol (DHCP).

There are four types of IP address: public, private, static, and dynamic.

Public IP Address:
Assigned by an ISP and can be accessed directly over the internet. It used to communicate outside a network to the internet. It is also used by websites and servers so they can be accessed anywhere around the world.
Private IP Address:
Assigned by a router to devices within a local network or by an ISP. This address is only visible within the local network, so it is unavailable on the Internet. When devices within the local network connect to the internet, the private IP address is mapped to the public IP address by the router.
Static IP Address:
A fixed address that does not change. They are typically used for hosting websites or running servers. Static IP addresses are manually created by the device itself, a network administrator, or provided by the ISP upon request.
Dynamic IP Address:
Assigned by a DHCP server and is subject to change. Dynamic IP addresses are only active for a certain amount of time, after which they expire and the computer will either automatically request a new lease, or the computer may receive a new IP address.

Ports

Ports are 16-bit unsigned integers in the range of 0 to 65535 that specifically determines which program or service on a server is going to be used. Port numbers allow a client application to choose which server application it wants to interact with. Different server applications can be available on a single computer, where each application listens on a specific port for incoming connections. Some well known ports for different server applications are provided in the table below.

Common Ports
Ports Protocol Function
23 Telnet Remote login to hosts
22 SSHThe Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. Secure remote login to hosts
80 HTTPHypertext Transfer Protocol Web page hypertext documents
443 HTTPHypertext Transfer Protocol Secure web page hypertext documents
25 SMTPSimple Mail Transfer Protocol Sending email
143/220/993 IMAPInternet Message Access Protocol Access and manage email
109/110 POPPost Office Protocol Access to email inbox
21 FTPFile Transfer Protocol File transfer
53 DNSDomain Name System (DNS) translates the human-readable names of internet sites to their underlying IP addresses Domain Name Resolution

The port number is appended to the IP address separated by a colon. For example, 8.8.8.8:80 gives you Google's DNSDomain Name System (DNS) translates the human-readable names of internet sites to their underlying IP addresses server HTTP web page that has an IPv4 address of 8.8.8.8 on port 80.

Security

WiFi Security

WiFi security protocols protect against unauthorized access and eavesdropping on wireless networks by encrypting data on the radio signals that pass between your device and the Access Point (APA WiFi Access Point (AP) is a device that creates a wireless local area network, or WLAN, and acts as a central hub that allows other devices, such as smartphones or computers, to connect to it over WiFi.) such as a router. There are four main network security protocols: WEP, WPA, WPA2, and WPA3.

WEP

Wired Equivalent Privacy (WEPWired Equivalent Privacy (WEP) is an encryption security protocol for 802.11 wireless networks to protect the information you send and receive over a wireless network. WEP was ratified as a Wi-Fi security standard in September of 1999.) was the first security protocol introduced in 1997 to protect wireless data by encrypting it using a 64-bit or 128-bit keys in hexadecimal. WEP uses static keys where one key is used for all packets for all devices on a network. WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity. Due to the vulnerabilities of WEP, the WiFi Alliance officially retired it in 2004 and it is now considered obsolete although still sometimes in use by older devices that cannot support newer encryption methods like WPA.

WPA

WiFi Protected Access (WPAWi-Fi Protected Access (WPA) is an encryption security protocol for 802.11 wireless networks to protect the information you send and receive over a wireless network. WPA was released in 2003 as a replacement to the increasingly apparent vulnerabilities of the WEP standard.) was introduced in 2003 as a replacement of WEP. WPA uses a 128-bit dynamic key called Temporary Key Integrity Protocol (TKIPTemporal Key Integrity Protocol (TKIP) is a security protocol used in the IEEE 802.11 wireless networking standard. It was designed as an interim solution to replace WEP without requiring the replacement of legacy hardware. TKIP employs a per-packet key system that was more secure than the fixed key system used by WEP. However, TKIP itself is no longer considered secure and was deprecated in the 2012 revision of the 802.11 standard. It was superseded by Advanced Encryption Standard (AES).), which dynamically changes the key for each packet transmitted over the network, making it unique and hard to break. WPA also replaced the CRC-32 checksum with a Message Integrity Check to better determine if an attacker had captured or altered data packets.

WPA2

WiFi Protected Access 2 (WPA2Wi-Fi Protected Access 2 (WPA2) is an encryption security protocol for 802.11 wireless networks to protect the information you send and receive over a wireless network. WPA2 was released in 2004 as a replacement of WPA.) was introduced in 2004 as an upgrade to WPA and is one of the most used security encryption types. The Temporary Key Integrity Protocol (TKIPTemporal Key Integrity Protocol (TKIP) is a security protocol used in the IEEE 802.11 wireless networking standard. It was designed as an interim solution to replace WEP without requiring the replacement of legacy hardware. TKIP employs a per-packet key system that was more secure than the fixed key system used by WEP. However, TKIP itself is no longer considered secure and was deprecated in the 2012 revision of the 802.11 standard. It was superseded by Advanced Encryption Standard (AES).) was replaced by the stronger and more reliable Counter Mode Cipher Block Chaining Message (CCMPCounter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP)). The CCMP protocol is based on the Advanced Encryption Standard (AESAdvanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. It was developed an alternative to the Data Encryption Standard (DES), which was starting to become vulnerable to brute-force attacks.) algorithm with a 128-bit key, which provides message authenticity and integrity verification.

WPA2-Personal and WPA2-Enterprise are two different versions of WPA2 that both use AES-CCMP encryption, but differ in their authentication stage. WPA2-Personal (WPA2-PSK) was designed primarily for home use and is secured with a Pre-Shared Key that all devices use to access the network (access requires SSIDService Set Identifier (SSID) is a unique sequence of characters that uniquely names a Wi-Fi network. A SSID is sometimes referred to as a network name. and password). WPA2-Enterprise (WPA2-EAP) is more suited for organizational or businesses that gives every user their own private session key (access requires SSIDService Set Identifier (SSID) is a unique sequence of characters that uniquely names a Wi-Fi network. A SSID is sometimes referred to as a network name., username, and password).

WPA2 is vulnerable to Key Reinstalltion AttaCKs (KRACK), which allows attackers within the proximity of the network to pose as a clone network and force the victim to connect to a malicious network instead, allowing the hacker to decrypt a small piece of data that may be aggregated to crack the encryption key.

WPA3

WiFi Protected Access 3 (WPA3Wi-Fi Protected Access 3 (WPA3) is an encryption security protocol for 802.11 wireless networks to protect the information you send and receive over a wireless network. WPA3 was released in 2018 as a replacement of WPA2.) was introduced in 2018 as a replacement of WPA2. It is the most secure option that is gaining popularity, but is still not supported by many devices. It uses an equivalent 192-bit cryptographic strength in WPA3-Enterprise mode (AES-256AES-256 is a variant of the Advanced Encryption Standard (AES) block cipher, specified with a key size of 256 bits, a fixed block size of 128 bits, and 14 transformation rounds that convert the input (plaintext) into the final output (ciphertext). in GCM mode with SHA-384 as HMAC) and CCMP-128 (AES-128AES-128 is a variant of the Advanced Encryption Standard (AES) block cipher, specified with a key size of 128 bits, a fixed block size of 128 bits, and 10 transformation rounds that convert the input (plaintext) into the final output (ciphertext). in CCM mode) as the minimum encryption algorithm in WPA3-Personal mode.

The WPA3 standard replaces the pre-shared key (PSK) exchange with Simultaneous Authentication of Equals (SAE) exchange, a method originally introduced with IEEE 802.11s, resulting in a more secure initial key exchange in personal mode and forward secrecy (protects data traffic even if a password is compromised after the data was transmitted).

WPA offers a transition mode for backwards compatibility that enables the use of WPA2 for devices without WPA3 support.

HTTPS & TLS

The WEP/WPA/WPA2/WPA3 WiFi security protocols provide network protection against unauthorized access and eavesdropping on the radio signals that pass between your device and the Access Point (AP) such as a router. However, they do not provide protection from someone else on the same network and any communication that goes outside the local network to the internet such as websites.

Securing individual connections made to specific destinations, such as between client and server, are commonly done using the HTTPSHypertext Transfer Protocol Secure protocol with TLSTransport Layer Security encryption. HTTPS uses port 443 by default to differentiate it from HTTP, which uses port 80. HTTPS is a secure version of the HTTP protocol that adds privacy, integrity, and authentication.

Privacy:
The data that passes back and forth between client and server is encrypted to protect against eavesdropping.
Integrity:
Ensures the data that passes back and forth between client and server is not corrupted or tampered with by man-in-the-middle attacks.
Authentication:
The identity of the server is vouched for with an SSLSecure Sockets Layer Certificate issued from a Certificate Authority (CA) to ensure the website is not a fake one ran by criminals trying to collect credit card or password information.

Related Content


WiFi TCP/IP Model

Created:   06Jul2024   03:01:09   UTC 2024-07-06T03:01:09Z
Updated:   15Aug2024   05:54:25   UTC 2024-08-15T05:54:25Z
Rating:  (0 reviewsThis article has not been rated yet)

Overview of TCP/IP Model layers that define how data is transmitted over networks to ensure reliable communication between IoT devices.


WiFi Module

Created:   18Jan2024   03:43:35   UTC 2024-01-18T03:43:35Z
Updated:   15Aug2024   23:21:16   UTC 2024-08-15T23:21:16Z
Rating:  (0 reviewsThis article has not been rated yet)

Overview of the different kinds of WiFi modules.

  • ESP8266 Modules
  • ESP32 Modules
  • ATWINC1500 Modules

WiFi Microcontroller Development Board

Created:   29Jan2024   04:07:40   UTC 2024-01-29T04:07:40Z
Updated:   16Aug2024   03:12:14   UTC 2024-08-16T03:12:14Z
Rating:  (0 reviewsThis article has not been rated yet)

Overview of the different kinds of WiFi Microcontroller Development Boards.

  • ESP8266
  • ESP32, ESP32-C, and ESP32-S
  • CYW43439
  • ATWINC1500

Products







Article Rating

Sign in to rate this article

Sign In


(0) Comments

Sign in to leave a comment

Sign In