Saturday, 30 June 2018

WPA3 - Improved security in WiFi for Enterprises & Personal/Public

WiFi is taking its stride much needed for next generation networks, as technology is evolving with much advance features in 802.11 ax, the much spotted arena of security is also taking its new avatar with improved features in WPA3.

WPA3™ is the next generation of Wi-Fi security and provides cutting-edge security protocols to the market. Building on the widespread success and adoption of Wi-Fi CERTIFIED WPA2™, WPA3 adds new features to simplify Wi-Fi security, enable more robust authentication, deliver increased cryptographic strength for highly sensitive data markets, and maintain resiliency of mission critical networks. All WPA3 networks:

  • Use the latest security methods
  • Disallow outdated legacy protocols
  • Require use of Protected Management Frames (PMF)
  • Users of WPA3-Personal receive increased protections from password guessing attempts, 
  • While WPA3-Enterprise users can now take advantage of higher grade security protocols for sensitive data networks.


WPA3-Personal brings better protections to individual users by providing more robust password-based authentication, even when users choose passwords that fall short of typical complexity recommendations. This capability is enabled through Simultaneous Authentication of Equals (SAE), which replaces Pre-shared Key (PSK) in WPA2-Personal. The technology is resistant to offline dictionary attacks where an adversary attempts to determine a network password by trying possible passwords without further network interaction. 

  • Natural password selection: Allows users to choose passwords that are easier to remember
  • Ease of use: Delivers enhanced protections with no change to the way users connect to a network
  • Forward secrecy: Protects data traffic even if a password is compromised after the data was transmitted


Enterprise, governments, and financial institutions have greater security with WPA3-Enterprise. WPA3-Enterprise builds upon WPA2 and ensures the consistent application of security protocols across the network.

WPA3-Enterprise also offers an optional mode using 192-bit minimum-strength security protocols and cryptographic tools to better protect sensitive data:

  • Authenticated encryption: 256-bit Galois/Counter Mode Protocol (GCMP-256)
  • Key derivation and confirmation: 384-bit Hashed Message Authentication Mode (HMAC) with Secure Hash Algorithm (HMAC-SHA384)
  • Key establishment and authentication: Elliptic Curve Diffie-Hellman (ECDH) exchange and Elliptic Curve Digital Signature Algorithm (ECDSA) using a 384-bit elliptic curve
  • Robust management frame protection: 256-bit Broadcast/Multicast Integrity Protocol Galois Message Authentication Code (BIP-GMAC-256)

The 192-bit security mode offered by WPA3-Enterprise ensures the right combination of cryptographic tools are used and sets a consistent baseline of security within a WPA3 network.

WPA3, which retains interoperability with WPA2™ devices, is currently an optional certification for Wi-Fi CERTIFIED devices. It will become required over time as market adoption grows. 

WPA2 will continue to evolve to meet standards for interoperability and security in all Wi-Fi CERTIFIED devices. WPA2 will be available in Wi-Fi CERTIFIED devices for the foreseeable future, and all devices supporting WPA3 will continue to work with WPA2 devices.

WPA2 continues to provide security and privacy for Wi-Fi networks and devices throughout the Wi-Fi ecosystem. WPA2 devices will continue to interoperate and provide recognized security that has been its hallmark for more than a decade.

In 2018, Wi-Fi Alliance augmented existing security protections for networks through these configuration, authentication, and encryption enhancements:

  • Mandatory use of Protected Management Frames, available in all current generation Wi-Fi CERTIFIED devices, maintains the resiliency of mission-critical networks
  • Enhanced validation of vendor security implementations reduce the potential for vulnerabilities due to network misconfiguration and further safeguard managed networks with centralized authentication services
Open WiFi Security Improvements 

WiFi Alliance is continuously focusing on WiFi security and for open WiFi where most of public WiFi is accessed the security improvements are also provided under WiFi Alliance Wi‑Fi CERTIFIED Enhanced Open Certification.   Wi‑Fi CERTIFIED Enhanced Open  is a Wi-Fi Alliance certification that preserves the convenience open networks offer while reducing some of the risks associated with accessing an unsecured network. Wi-Fi Enhanced Open networks provide unauthenticated data encryption to users, an improvement over traditional open networks with no protections at all. These protections are transparent to the user. Based on Opportunistic Wireless Encryption (OWE) defined in the Internet Engineering Task Force (IETF) RFC8110 specification and the Wi‑Fi Alliance Opportunistic Wireless Encryption Specification, Wi-Fi Enhanced Open benefits users by providing data encryption that maintains the ease of use of open networks, and benefits network providers because there are no public passphrases to maintain, share, or manage.

Because Wi-Fi Enhanced Open is a Wi-Fi CERTIFIED program, the technology is interoperable with legacy networks, even those using a captive portal. Network operators wishing to deploy a fully-featured authentication and device-provisioning solution should consider approaches such as Wi‑Fi CERTIFIED Passpoint®.

Tuesday, 19 June 2018

NSA mode 5G will move towards 5G convergence with incorporation of WiFi.

In next generation telecom networks era, LTE is the first technology to step in, and in its advance form recognized with 4G tag. 4G, being the complete data centric networks and has started an era of data dependent information and communication systems. DATA has become now days a utility for the end users to run its day to day business. LTE started with 10X faster than its early days technologies, to now a days 100X faster in form of Gigabit LTE.

Despite of continuous improvement in data services with high data rates and more spectrum utilization the networks are not escapable from the congestion. The tremendous growth of video traffic and smart devices has resulted in heavy pressure on data networks resources. As a result of this continuous thrust for data capacity 3GPP has come up in its recent releases with idea of incorporating more spectrum bands including unlicensed and shared spectrum.

WiFi has been of interest since the early days and being there in the radar of 3GPP since release 8 but has been incorporated in the propensity of RAN in release 13 onwards. LTE-U, LAA and LWA are some of the 3GPP networking features focusing on unlicensed spectrum.

WiFi is a mature technology in itself has been in continuous growth and pace with the next generation networks. IEEE 802.11 standards has been evolving and have improved much from the days of 802.11n to 802.11ac & 802.11ad (in 60GHz) and recent one, taken to be efficient for highly dense environment, 802.11ax.

802.11ax, also called High-Efficiency Wireless (HEW), looking beyond the raw link speeds of 802.11ac. It implements several mechanisms to serve more users consistent and reliable data throughput in highly dense wireless environments. High-Efficiency Wireless includes the following key features:

·         Backwards compatible with 802.11a/b/g/n/ac.

·         Increase 4X the average throughput per user in high-density scenarios, such as train stations, airports and stadiums. -Data rates and channel widths similar to 802.11ac, with the exception of new Modulation and Coding Sets (MCS 10 and 11) with 1024-QAM.

·         Specified for downlink and uplink multi-user operation by means of MU-MIMO and Orthogonal Frequency Division Multiple Access (OFDMA) technology.

·         Larger OFDM FFT sizes (4x larger), narrower subcarrier spacing (4X closer), and longer symbol time (4X) for improved robustness and performance in multipath fading environments and outdoors.

·         Improved traffic flow and channel access.

·         Better power management for longer battery life.

In fact 802.11ax going to be a distributed data rates for fare distribution of overall capacity to each user's, making an efficient system with larger spectrum band.

With above facts, 802.11ax becomes a good partner with LTE for a better convergence and provide a combination of licensed and unlicensed for a larger capacity to end users.

This also opens the gate for Wifi entry to 5G system as an associative data network with LTE as a control plane. So it's not going to be only NR with LTE but WiFi too, much in NSA mode of 5G.

Friday, 15 June 2018

3GPP has completed SA mode specification for 5G in release 15. How the industry will incorporate SA and NSA mode?

As 3GPP announced a new milestone on 5G release 15 standardization, that is completion of Stand Alone mode specification of 5G operation. The big question arises, would there be a split in 5G deployments in near future (i.e. with the availability of equipment's and mobile terminals)? because there is no obstruction possible on NSA mode rather NSA is going to have a major coverage, in fact for large coverage areas NSA would be there and probably SA would cover smaller coverage areas through small cells.

SA mode is about no LTE for control plane but both plane would be on NR only. So SA will put LTE on spare, really? That is feasible only for smallcell deployment cases as the operators are not going to make LTE spare due to heavy investment. Rather that is the upbring of 5G in real sense. We have already witnessed gigabit LTE deployments and vested interest of operator on it through LAA and LWA due to LTE based carrier aggregation CA or multi RAT convergence.

That trends is leading towards the solid root for NSA mode, SA mode would be filling the gap and caveats but not overshadowing it anywhere. The Fixed broadband uses case of 5G NR so far has been for millimeter waves but sub 6 Ghz NR has yet to come for mobile use cases ( as we all are waiting for mobile terminals use cases). 

LTE is far established and well coordinated for network spread and coverage enhancements, 5G NR has yet to come for that level of maturity and that's gonna take long time. Still LTE and 5G both seems to be moving parallel as there seems to be no obstruction for LTE as well. Technology has matured and taken its much advance form in LTE adv pro. In fact LTE adv pro is well taken to accomplish much of 5G use cases, whether it be massiv IOT, V2X or URLLC use cases like for robotics or healthcare.

Therefore 5G is not about 5G NR only,  There is much more wider outlook for 5G, like Network Slicing, Application defined etc, etc. 5G is a big hash, technology under which create a comprehensive system, not a isolated sliver.

Thursday, 14 June 2018

The QoS (quality of service) should change to AoS (applicability of service) in NGN.

5G could not be delivered without E2E QoS service management, So current QoS management architecture from LTE networks will not be effective there. We can't put QoS control at the edges of access, but we will have to see things E2E to abstract the QoS concept at application demand level. We propose here cocepts of AOS, that is applicability of service, a QoS demand from application towards service delivery network, E2E.

As 5G is more about 'application defined network'. The QoS (quality of service) should change to AoS (applicability of service). QoS is the network constrains whereas AoS is network demand. New policy architecture is demanding here. This is a paradigm shift from ‘bottom-up’ approach to ‘top-down’ approach. This is about to bring more flexibility, better control and far reaching service assurance, for required Quality of Experience QoE and service delivery.

Such kind of Policy architecture could be aligned with 3GPP efforts of verticalization through Standards for north bound APIs. A Northbound API is an interface between an Application Server (either in a mobile operator's network or external to it - operated by a third party) and the 3GPP system via specified Functions in a mobile operator's network (SDN can make this E2E QoS feasible in real world from AOS point of view).

Wednesday, 13 June 2018

XCOM - A 5G start up from Qualcomm EX.

Former Qualcomm Chairman, Paul Jacobs recently launched a wireless startup called XCOM. The company plans on focusing on advancing wireless technology, specifically in the 5G sector. Along with Jacobs, two former Qualcomm executives, Derek Aberle and Matthew Grob have also joined the company.

While a solid business model still hasn’t been laid out, Aberle confirmed in an interview with CNBC that the company will try to tackle important 5G problems, especially around latency and reliability. The company is also expected to license its proprietary 5G technology or provide software solutions to other companies that can be used in their semi-conductors. The three executives also plan on expanding the company’s workforce in coming months.

catch news here 

Saturday, 2 June 2018

IOT: Much Ado About Nothing - So Far.

IOT: Much Ado About Nothing - So Far.

IOT means Internet of Things, in literary term it's like expansion of connectivity to things not only to humans assistance for remote connectivity, that is only 'Internet'.
There are radios already available for Low range and low power connectivity and also devices and sensors. IOT is for what then - to rejuvenate this industry by creating a buzz in disruptive environment. Definitely not, but it could not be denied that such industry has taken or created much ado around IOT, which is actually not IOT but a kind of Automation only. Although good to specify some has come with categorization like Industrial IOT or IIOT.
There are technology like BLE, LORA, ZiGBEE, Sigfox, LOPWAN, already there and have a significant ecosystem too, and so could be said for devices with sensors - enhanced with LTE backhaul connectivity and miniatu.
IOT is widely used to create the buzz around, though the term IOT is essentially about global connectivity, much like internet. Its essentially about connectivity of devices, with zero human interaction, to far reaching data centers.
This is possible only with the networks of capacity and capability to connect this massive devices hives. Hives with different kind of requirements like throughput, signaling, and so on.
3GPP has come up with standards on it like LTE-M, NB-IOT and also GSM specific technological tweaks to cater such issues. But there is no big picture across the industry around IOT as a holistic system.
IOT is relevant with Big data and analytics, and could help and also be squared up with AI and machine learning.