Thursday, June 2, 2016

WiFi Fast Roaming (IEEE 802.11r), Simplified

This blog post originally appeared in Network Computing on 5/23/2016.

A primer on the 802.11 wireless protocol and when to implement it.

For some reason, all descriptions of 802.11r spectacularly fail to provide a simple explanation of the WiFi fast roaming protocol. Most of them are too high level and are effectively useless, or they tend to quickly get lost in the technical weeds. This blog post attempts to bridge that gap and provide a reasonably simple but thorough explanation.WiFi.jpg
(Image: iSergey/iStockphoto)

What is fast roaming?

Fast roaming, also known as IEEE 802.11r or Fast BSS Transition (FT), allows a client device to roam quickly in environments implementing WPA2 Enterprise security, by ensuring that the client device does not need to re-authenticate to the RADIUS server every time it roams from one access point to another. This is accomplished by actually altering the standard authentication, association, and four-way handshake processes used when a device roams (i.e., re-associates) to a new WiFi access point.
The simplest explanation is that, after a client connects to the first AP on the network, the client is "vouched for." When a client device roams to a new AP, information from the original association is passed to the new AP to provide the client with credentials. The new AP therefore knows that this client has already been approved by the authentication server, and thus need not repeat the whole 802.1X/EAP exchange again.
Fast roaming also introduces efficiencies into the process of establishing the new encryption key between the new AP and the client device, which benefits both WPA2 Personal (a.k.a. pre-shared key or passphrase) and WPA2 Enterprise (a.k.a. 802.1X or EAP). Support for 802.11r is advertised in the AP beacon and probe response frames.

The regular association process

Here are the normal, or  pre 802.11r, steps followed by a client device as it connects to an access point or roams from one access point to another.
1.  Authentication (client)
2.  Authentication Response (AP)
3.  (Re)Association Request (client)
4.  (Re)Association Response (AP)
 WPA2 Enterprise 802.1X/EAP (client, AP, and authentication server); skipped in WPA2 Personal
5.  Four-way handshake #1 – AP nonce passed to client (AP)
6.  Four-way handshake #2 – Supplicant nonce passed to AP(client)
6.5  Derivation of encryption key (AP & Client independently)
7.  Four-way handshake #3 – verification of derived encryption key and communication of group transient key (AP)
8.  Four-way handshake #4 – acknowledgement of successful decryption (client)
Note, a nonce is a pseudo-random number generated for the purpose of seeding the encryption algorithm. Both the AP (anonce) and the client supplicant device (snonce) generate their own nonces as part of the negotiation.

Fast roaming re-association process

The following lists the revised --  802.11r -- steps followed by a client device as it uses Fast BSS Transition (FT) to move from one access point to another.
1.  FT authentication; includes PMK seed information from original association and supplicant nonce (client)
2.  FT authentication response – includes PMK seed information and AP nonce (AP)
2.5  Derivation of encryption key (AP & Client independently)
3.  FT re-association request – verification of derived encryption key (client)
4.  FT re-association response – acknowledgement of successful decryption and Group Transient Key (AP)
This process works for both WPA2 Enterprise and WPA2 Personal re-associations. In both cases, the eight messages passed between an AP and a client device for authentication, association, and the four-way handshake are reduced to four messages.
Note that there is an alternative method called over-the-DS fast BSS transition, where the credentials are passed from one AP to the others on the network via FT action management frames over the wired Ethernet network that interconnects them. This is usually one of those details that muddies the waters of the 802.11r story. The essential point remains the same: The first AP "vouches" for the client device to the other APs, so that the remaining APs need not re-verify that the client device is allowed to connect to the network.

When should you use fast roaming?

The human brain generally cannot perceive an event that occurs faster than about 100 milliseconds. An interruption in voice or video service during a roam that occurs faster than this will therefore not be observed by the user. The typical target roam time for a client is half of this value, or 50 ms, and in most well-designed Wi-Fi networks, the eight messages that make up the authentication, association, and four-way handshake collectively will take on the order of 40 ms to 50 ms. Thus, in a network using WPA2 Personal security, shrinking the number of messages from eight to four is naturally helpful for efficient airtime utilization, but is really unimportant to the roaming process from a perceived service-quality perspective.
The real benefit of 802.11r comes from not having to do the 802.1X/EAP exchange when using WPA2 Enterprise security.  Even with a local RADIUS server, this exchange can easily take several hundred milliseconds, and far longer if your RADIUS server is not on your LAN, but requires access over the Internet. Thus, fast roaming should ALWAYS be enabled when you are using WPA2 Enterprise security.
One of the issues with 802.11r is that many older client devices don’t have drivers that support it, and in fact even have trouble properly detecting and associating to networks with 802.11r enabled. While adding new information elements to beacon frames is a scalable part of the 802.11 protocol since the early days of WiFi -- and is an essential element in backwards compatibility of new APs with older client devices -- many older client drivers cannot read and interpret the new FT information element in the beacon frames properly so they see the beacons as corrupted frames. Therefore, to ensure maximum client compatibility, the common recommendation is to disable fast roaming when using WPA2 Personal, and only use it for WPA2 Enterprise networks.