From 8958b564509b4a4a63004763d70457d3ff5e5392 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Mon, 11 Jun 2018 17:03:41 +0200 Subject: Add presentation from CSNOG --- 2018-csnog/pres.tex | 133 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 133 insertions(+) create mode 100644 2018-csnog/pres.tex (limited to '2018-csnog/pres.tex') diff --git a/2018-csnog/pres.tex b/2018-csnog/pres.tex new file mode 100644 index 0000000..f883cca --- /dev/null +++ b/2018-csnog/pres.tex @@ -0,0 +1,133 @@ +\documentclass{beamer} +\usepackage{lmodern} +\usepackage[czech]{babel} +\usepackage[utf8x]{inputenc} +\usepackage[T1]{fontenc} +\usepackage{textpos} +\usepackage{tikz,calc} +\usepackage{graphicx} +\usepackage{wrapfig} +\usepackage{color} +\usepackage{mathtools} +\usepackage{hyperref} +\usepackage{epstopdf} +\usepackage{amsmath} +\hypersetup{ + colorlinks, + citecolor=black, + filecolor=black, + linkcolor=black, + urlcolor=black +} +\usepackage{pdflscape} + +\input{theme/theme.tex} + +\title{Wifi roaming and open source} +\author{Karel Kočí} +\date{12.6.2018} + +\AtBeginSection[]{ + \begin{frame} + \tableofcontents[currentsection] + \end{frame} +} + +\begin{document} + +\input{theme/title.tex} + +\begin{frame}{802.11r} + \begin{itemize} + \item Extension to 802.11i (WPA2) + \item Allows AP switching in cooperation between both APs + \item Supplicant negotiates keys before AP switch + \item Usable when moving between access points + \item Only in same mobility domain + \item Communication between APs can be either over air or DS + \end{itemize} +\end{frame} + +\begin{frame}{802.11r terminology} + \begin{itemize} + \item \textbf{R0KH} Derives keys for all R1KM in network + \item \textbf{R1KH} Derives PTK (Pairwise transient key) + \item \textbf{S0KH} in Supplicant derives R0 keys + \item \textbf{S1KH} in Supplicant derives with R1KH PTK + \end{itemize} + Both R0KH and R1KH communicate with authenticator + + Another point: 802.11r (FT) is advertised +\end{frame} + +\begin{frame}{Over-the-DS TF protocol (non-RSN)} + \includegraphics[width=10cm]{over-ds.png} + + \tiny{Source: IEEE Standard (11:13.5.5,13-8)} +\end{frame} + +\begin{frame}[fragile]{Setting it up (on OpenWRT)} + \begin{verbatim} +option ieee80211r '1' +option nasid '11' +option r1_key_holder '04F021242480' +list r0kh '04:F0:21:24:24:80,11,E1594C87BF2C30DA27E1C116C5683B90' +list r0kh '04:F0:21:24:24:5E,12,903F4FFCC7907A6562B665B6721D5E1F' +list r1kh '04:F0:21:24:24:80,04:F0:21:24:24:80,290856554F810E3D3D5C06DC5F82639E' +list r1kh '04:F0:21:24:24:5E,04:F0:21:24:24:5E,F38D019B98BA8C8B559ED52A456083CC' + \end{verbatim} + \vspace{1cm} + \begin{verbatim} +list r0kh 'BSSID,NASID,KEY' +list r1kh 'BSSID,KEYHOLDER-ID,KEY' + \end{verbatim} +\end{frame} + +\begin{frame}{Measurements} + \begin{itemize} + \item Two 5GHz APs with OpenWRT and configured 802.11r (hostapd, ath10k) + \item PC running iperf3 server + \item Laptop with wpa\_supplicant running iperf3 client in UDP mode + \item iperf3 configured for 600Mbits/sec + \end{itemize} +\end{frame} + +\begin{frame}{Switching with roaming} + \includegraphics[width=10.7cm,trim=1cm 0 0 4cm]{with-r.pdf} +\end{frame} + +\begin{frame}{Switching with roaming} + \includegraphics[width=10.7cm,trim=1cm 0 0 4cm]{with-r-close.pdf} +\end{frame} + +\begin{frame}{Switching without roaming} + \includegraphics[width=10.7cm,trim=1cm 0 0 4cm]{no-r.pdf} +\end{frame} + +\begin{frame}{Switching without roaming} + \includegraphics[width=10.7cm,trim=1cm 0 0 4cm]{no-r-close.pdf} +\end{frame} + +\begin{frame}[fragile]{Real usability} + \begin{itemize} + \item \textbf{Android} Lowers threshold for switch + \item \textbf{Linux(wpa\_supplicant)} No effect (well..) + \end{itemize} + + \begin{verbatim} + # mode:short scan:threshold:long scan + bgscan="simple:5:-50:300" + \end{verbatim} +\end{frame} + +\begin{frame}[fragile]{Should we deploy it?} + Probably yes? + + \vspace{5cm} + + \textbf{Thank you for you attention} + + Karel Kočí (@karel\_koci, karel.koci@nic.cz) +\end{frame} + +\end{document} -- cgit v1.2.3