CSMA/CA

Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) is very similar to Ethernet's CSMA/CD (Carrier Sense Multiple Access/Collision Detection). The primary difference is that since WLAN radios are half duplex, they can only talk or listen, but not both at the same time. Therefore, 802.11 cannot detect collisions the way that wired Ethernet does using CSMA/CD's collision detection. Rather, 802.11 employs collision avoidance techniques, which, in essence, require the radio to listen before talking.

In addition, after sending a packet, the receiver will respond with an acknowledgement (ACK) frame indicating that the message has been received. If the ACK frame is not received, the sender will assume that the message has been lost and will attempt to retransmit.

There are some interesting security issues with CSMA/CA and DoS attacks. Let's say that an attacker is flooding the spectrum with noise (not necessarily even legitimate 802.11 traffic). As you can see, because of the listen-before-talking mandate, the clients will never start talking and network activity grinds to a halt. Further, even if the client manages to transmit the message, unless the client receives an ACK frame, it assumes that the message is lost and will keep trying to resubmit the same frame over and over again.

When it comes to DoS attacks, many of these issues are not yet addressed in the 802.11 protocol. Niels Ferguson (the designer of the “Michael” message integrity code algorithm used in TKIP) has been quoted as saying that “using a wireless network for mission-critical data is plain stupid. Using it for life-critical data is criminally negligent.” While many steps can be taken to enhance security, if your wireless network is a matter of life and death you had better be sure to have some kind of back-up plan in case your wireless network fails. You may want to keep an old Cat5 cable handy, just in case.