Protection against slow neighbors

It is often claimed that 802.11 networks operate at the rate of the slowest device that is connected. Fortunately, that's not true, although the performance anomaly mentioned above kicks in when the slower devices start to transmit. Also, in a mixed mode network, the faster devices do have to slow down to varying degrees to coexist with older devices. This started with 802.11b, which introduced shorter headers compared to the original 1 and 2Mbps 802.11. But those shorter headers can only be used when all the systems are 802.11b systems. More problematic is the coexistence between 802.11b and 802.11g, because 802.11b systems see OFDM signals as meaningless noise.

So if one or more 802.11b systems are present on a channel, OFDM transmissions are "protected" by DSSS RTS/CTS packets (or just CTS packets). The CTS packet announces a duration that encompasses the DSSS CTS packet, the OFDM data packet, and the OFDM acknowledgment for the data packet so DSSS stations remain quiet during that time. Protection kicks in if any DSSS stations are detected—even if they're part of some other network down the street at the edge of wireless range that happens to use the same channel. This protection seriously cramps 802.11g's style; throughput drops by about 50 percent. But without it, DSSS systems may transmit in the middle of an OFDM transmission, to the detriment of both.

Because 802.11a, g, and n all use OFDM modulation, backward compatibility is easier here: part of the MAC header is sent at 802.11a/g speed so older devices know the duration of the transmission. The remaining header fields and the data are then transmitted at 802.11n speeds. Because 802.11a networks are relatively rare, it's usually no problem to run in 802.11n-only mode on the 5GHz band, but doing so on the 2.4GHz band may not be appreciated by your 802.11g neighbors.

Standardization and certification

So far, we've used the terms Wi-Fi ("wireless fidelity", a play on hi-fi) and IEEE 802.11 interchangeably, but there is a difference. The IEEE is the standardization body in charge of the IEEE 802.11 standard, using long and tedious procedures. For instance, work on the IEEE 802.11n amendment started back in 2002. By 2007, most of the technical details were settled, but it took until 2009 before the new version of the 802.11 standard was official. It doesn't help that the companies that work together in the IEEE are competitors in the marketplace, and that it can be a huge windfall for a company to have its patented technology become part of a standard.

The Wi-Fi Alliance, on the other hand, is an industry consortium that certifies that the hardware is compliant with a specification and can interoperate. The Wi-Fi Alliance performs some tests and (after payment of the relevant fees) certifies a product as being compliant with the specification. Certified products carry a logo that identifies them as standards compliant. Specifications obviously follow the 802.11 standard, but may sometimes require the implementation of certain options, or even non-implementation of deprecated ones, such as WEP.

Security

If you connect your computer to your home router using that trusty UTP cable, it's highly unlikely that your nosy neighbor can spy on your browsing habits. For a wireless connection, the situation can be very different. Radio waves do not recognize property limits; anyone can purchase a directional antenna and collect wireless data from a safe distance. Your cheap neighbor may even take advantage of your broadband connection instead of paying for his own cable or ADSL connection.

To avoid these eventualities, the first versions of the Wi-Fi standard came with "wired equivalent privacy" (WEP) to secure the wireless network. Unfortunately, WEP doesn't exactly live up to its name. WEP was developed back in the days when the US government didn't want strong encryption to be exported, so WEP originally used 40-bit key sizes, which is intentionally way too short to offer much more than an illusion of security. (Later versions support 104-bit keys.)

The 40 or 104 key bits are combined with a 24-bit initialization vector for a total of 64 or 128 bits. The encryption algorithm in WEP is the Rivest Cipher RC4. However, over the years many RC4 weaknesses have been found, to the degree that WEP can now be cracked in minutes. This prompted the Wi-Fi alliance to come up with a new security framework called Wireless Protected Access (WPA), while the IEEE started to work in a new security standard called IEEE 802.11i.

The goal of WPA was to prop up Wi-Fi security without having to replace hardware, while the IEEE's goal was to build something fundamentally better. WPA introduces the Temporal Key Integrity Protocol (TKIP) that reuses the RC4 capabilities of existing Wi-Fi cards, but creates a new encryption key for each packet. This avoided most of the then-known RC4 vulnerabilities. WPA2 is the Wi-Fi Alliance's name for IEEE 802.11i, which uses CCMP, the "counter mode with cipher block chaining message authentication code protocol" (say that three times fast). CCMP is based on the widely used AES encryption algorithm.

Both WPA and WPA2 are available in Personal and Enterprise forms. WPA2 Personal uses a 256-bit pre-shared key (PSK), which is used negotiate the actual packet encryption keys. Obviously those who don't know the PSK aren't allowed access to the network. WPA2 Enterprise uses a plethora of additional protocols to let the user provide a username and password, which are checked against a remote authentication server. Always use only WPA2 with CCMP/AES unless you absolutely need compatibility with very old equipment.

Although wireless communication, especially on the frontier-like ISM band, is fraught with hidden dangers, the vendors working together in the IEEE and Wi-Fi Alliance have managed to successfully shepherd wireless LAN technology from humble beginnings to the reasonably reliable high performance we enjoy today. Every time an obstacle presented itself, new technology was introduced to circumvent it, while the quickly growing market kept prices under pressure. What more could we ask for?