The Internet Protocol Journal - Volume 6, Number 2

WAP: Broken Promises or Wrong Expectations?

by Edgar Danielyan, Danielyan Consulting LLP

The Wireless Application Protocol (WAP) was once hailed as the ultimate mobile Internet solution that would revolutionize how we use the Internet and mobile phones. As you may already know, it didn't. What is to blame? Is it bad technology, wrong time, or greedy network operators? Actually, is there a reason to blame anyone? This article introduces WAP with its related technologies and tries to answer these questions. Although WAP is available on a variety of wireless mobile networks, such as those employing Code Division Multiple Access (CDMA) IS-95, Time Division Multiple Access (TDMA) IS-136, International Mobile Telecommunications (IMT-2000), Universal Mobile Telecommunication System (UMTS), and Wideband Code Division Multiple Access (W-CDMA), in addition to GSM/GPRS this article covers WAP over GSM/GPRS networks only.

A Case for WAP
Before looking at WAP itself, let's first recall what sparked its idea and development. As we all know, most if not all second-generation (2G) mobile phones and networks suffer from numerous limitations that make it impossible or impractical to use standard Internet protocols and technologies on today's mobile phones. The most visible of these limitations include the following:
Low bandwidth (usually 9.6 kbps)
High network latency
Small, mostly monochrome displays
Numeric keypads
Slow processors
Limited memory

All these limitations meant that it was necessary to develop an alternative suite of protocols and technologies that would work on these mobiles phones but still provide functionality comparable to the standard Internet technologies used on wired networks and desktops. WAP was developed to address these issues [1].

WAP Forum and Open Mobile Alliance
The WAP Forum is the industry organization behind WAP and its associated protocols and technologies. In 2002, the WAP Forum and the Open Mobile Architecture Initiative merged, creating the Open Mobile Alliance (OMA), which will continue work on WAP 2 and develop new mobile and wireless solutions. Nearly 200 of the world's top network operators, vendors, and content providers are members of the Open Mobile Alliance [2]. Other organizations such as the Location Interoperability Forum (LIF) [3], Multimedia Messaging (MMS) Interoperability Group (MMS-IOP) [4], SyncML Initiative [5], and Wireless Village Initiative [6] have announced their support for the new organization.

Global System for Mobile Communications
GSM, or Global System for Mobile Communications , is used by more than 700 million people across 190 countries [7]. In less than ten years after its introduction, GSM became the most popular and widely used digital mobile wireless communications standard in the world. GSM networks use TDMA technology and are fully digital, employing a unique voice codec known as GSM codec to provide relatively good voice quality using narrow bandwidth (usually 9.6 kbps). However, GSM is not as secure as many may think. Although it does use encryption and smartcard technology, this didn't result in strong security. As a result, it is possible to intercept and decrypt GSM communications, fake short text messages (Short Message Service [SMS]), and clone Subscriber Identification Modules (SIMs), miniature smartcards used to identify subscribers to the GSM network. GSM security is not the subject of this article, but it deserves attention and I hope to cover it in a separate article in this journal.

Wireless Application Environment
Before proceeding further, we should clarify one point. The term "WAP" is usually used to refer to the entire suite of protocols and technologies that are actually called the Wireless Application Environment (WAE) [8]. However, "WAP" is used everywhere to refer to WAE (which includes WAP). Because WAP is the commonly used term, we shall continue to use it as well.

Wireless Application Protocol
WAP protocols were expected to satisfy the following criteria in order to implement the objectives set by the WAP Forum:
Independent of wireless network standard (bearer technology)
Open to all
Will be proposed to the appropriate standards bodies
Applications scale across transport options
Applications scale across device types
Extensible to new networks and transports

The objectives of the WAP as defined by the WAP Forum follow:
To bring Internet content and advanced data services to digital cellular phones and other wireless terminals
To create a global wireless protocol specification that will work across differing wireless network technologies
To enable the creation of content and applications that scale across a very wide range of bearer networks and device types
To embrace and extend existing standards and technology wherever appropriate

Two major versions of WAP exist—Versions 1 and 2. WAP Version 2 is backward compatible with WAP Version 1 and tends to be more integrated with the newest Internet and Web standards than WAP 1. Although WAP uses many technologies and concepts from the Internet and Web worlds, because of their inherent limitations, WAP devices are unable to directly access Web resources on the Internet [9]. To do so, they must use a WAP gateway. The following table shows the relationship between the WAP client device, WAP gateway, and Web servers on the Internet, with their protocol layers side by side:

Web Client WAP Gateway Web Server
WSP WSP/HTTP HTTP
WTP WTP/HTTP HTTP
WTLS WTLS/SSL/TLS SSL/TLS
WDP WDP/TCP/UDP TCP/UDP
Bearer Bearer/IP IP

The table shows that the main function of the WAP gateway is to translate between WAP and Web/Internet protocols, conventions, and encodings. In some cases the WAP gateway and the Web server may be the same system, eliminating the need for a separate WAP gateway and possibly improving performance—however, for this setup to work the combined WAP/Web server has to be integrated into the mobile/wireless network provider's infrastructure. In practice, network operators provide the WAP gateway services and content providers offer WAP content on separate Web servers configured for WAP access (any standards-compliant Web server can do this).

Wireless Session Protocol
The Wireless Session Protocol (WSP) is the WAP session-layer protocol for remote operations between a wireless (WAP) client and proxies, gateways, and servers [10]. It functions above the Wireless Transaction Protocol (WTP) and the Wireless Datagram Protocol (WDP), and optionally, the Wireless Transport Layer Security (WTLS). The WSP provides a way for an organized exchange of data between client/server applications in a wireless environment. It provides such features as establishment and release of sessions between client and server; agreement on common functionality by way of negotiation; and exchange of data between client and server using compact encoding. WSP defines two subprotocols—a connection-oriented session service protocol over WTP and a connectionless service protocol over the WDP.

Wireless Transaction Protocol
WTP runs on top of the WDP and optionally, the WTLS protocol, and provides the request/response protocol used by WAP browsers to request and receive content [11]. WTP is a reliable transaction-oriented protocol specially designed for wireless networks—in WTP there are no connection setup or release phases.

Reliability in WTP is achieved using transaction IDs, retransmissions, acknowledgments, and removal of duplicates.

Wireless Datagram Protocol
WDP is the transport protocol of WAP [12]. It operates directly above the bearer technology (such as GSM CSD or GPRS) and directly below WTP described previously. WDP provides a consistent, bearer-independent interface for the upper-level protocols to the transport service provided by WDP. In addition to the GSM Circuit Switched Data (CSD) and the General Packet Radio Service (GPRS), WDP supports the following wireless bearer technologies:

GSM SMS IDEN Packet Data
GSM USSD FLEX
GSM Cell Broadcast REFLEX
ANSI-I36 PHS CSD
CDPD DataTAC
CDMA CSD TETRA Short Data Service
CDMA Packet Data TETRA Packed Data
CDMA SMS DECT SMS
PDC Circut Switched Data DECT Connection-oriented Service
PDC CSD DECT Packed Switched Service
PDC Pacet Data Mobitex
IDEN CSD  

When used over GSM CSD, WDP actually uses the User Datagram Protocol (UDP) in the following way:
Layer 4: UDP
Layer 3: Internet Protocol (IP)
Layer 2: Point-to-Point Protocol (PPP)
Layer 1: GSM CSD
When used over the GPRS, PPP at Layer 2 is not necessary, because GPRS works at Layers 1 and 2:
Layer 4: UDP
Layer 3: IP
Layers 1 and 2: GSM and GPRS
In all cases when IP is supported over a given bearer, UDP is used by WDP—actually, UDP is the WDP in these cases.

Wireless Control Message Protocol
Not surprisingly, Wireless Control Message Protocol (WCMP) resembles and corresponds to the Internet Control Message Protocol (ICMP) of TCP/IP networks [13]. WCMP is used by WDP nodes to report errors and provide network information and diagnostics. However, WCMP is not necessary and is not used with bearers that support IP—the function of WCMP in these circumstances is carried out by ICMP. In particular, this is the case with GSM CSD and GPRS bearers.

Wireless Transport Layer Security
WTLS is the transport layer security protocol of the WAE that provides privacy, integrity, and authentication services [14]. It is heavily influenced by the Transport Level Security (TLS) protocol Version 1 and includes additional support for optimized handshake, connectionless transport, and dynamic key refresh. WTLS, like other WAP protocols, is optimized for low-bandwidth, high-latency wireless networks and supports server and client certificates for mutual authentication. WTLS includes the following three subprotocols:

Cipher protocol
Alert protocol
Handshake protocol

The following cryptographic algorithms are used by the Wireless TLS protocol:

RSA
SHA-1
Diffie-Hellman (DH)
Elliptic Curve Diffie-Hellman (EC-DH)
DSA
Elliptic Curve DSA (EC-DSA)
MD5
RC5
DES
IDEA

WTLS is tightly linked to and works in conjunction with the Wireless Public Key Infrastructure (WPKI).

Wireless Public Key Infrastructure
WPKI tries to reuse the existing Public Key Infrastructure (PKI) standards as much as practical to provide an adequate PKI framework for the WAE. Both X.509 and WTLS certificates can be used by WTLS [15].

Wireless Markup Language Version 1
The Wireless Markup Language (WML) Version 1 [16] is used in WAP/ WAE 1 and supported in WAE 2. Unlike usual HTML, it is a strict application of the Extensible Markup Language (XML), specially designed for use on narrowband devices. Also unlike HTML, WML has a metaphor of decks and cards . A deck contains one or more cards, and cards in turn contain one or more screens of user interaction. This metaphor helps increase efficiency on low-speed, high-latency wireless networks by bundling several screens into a single WML file (deck). WML supports all basic text display options, such as italic , boldface , and underlined text, as well as inter-card and inter-deck navigation using hyperlinks. The most apparent difference between HTML and WML noted by HTML developers is the fact that WML is a strict markup language and does not tolerate even seemingly little errors—an incorrectly written WML file will not display at all. Some would say this is an overkill but it is not—this feature of WML is important because compiled versions of WML files are sent to WAP clients by the WAP gateway instead of the source WML text files. This compiled bytecode is known as WMLC, and it considerably lessens the time it takes to download a WML document.

WML Version 2
WML version 2 is based on XHTML Basic with additional modules for support of features specific to wireless devices—this extended XHTML is called XHTML Mobile Profile (XHTML-MP) [17]. WML Version 2 is backward compatible with WML Version 1, so devices able to display WML 2 will also display WML 1 content. Use of XHTML shows that WAP in Version 2 is moving toward even closer integration with Internet and Web standards.

WMLScript
WMLScript is a lightweight scripting language based on ECMAScript, which is in turn based on JavaScript [18]. It is well integrated with WML and has a defined set of standard libraries, including support for cryptographic functions. Like WML, WMLScript files are also compiled into bytecode and only then sent to the requesting WAP device. Another difference between JavaScript and WMLScript is that WMLScript content is not embedded in WML pages but instead is requested separately—the necessary WMLScript functions are only referenced in WML pages. The main use of WMLScript is the clientside validation of user input—accepting only valid input is more crucial for WAP than for Web applications because of the low-speed and usually expensive nature of WAP transport.

Wireless bitmaps
The Wireless Bitmaps (WBMP) file format (.wbmp) is used by WAP devices to transmit and display small and simple monochrome bitmap images [19].

GSM CSD
CSD is the traditional data service provided by GSM networks. Also known as a data call service , it provides either a 9.6- or 14.4-kbps dialup facility and is supported by all GSM networks. Data calls are possible both from and to a GSM network. When used as a bearer for WAP, it serves at the physical layer of the Open System Interconnection (OSI) model, with PPP used in the usual way.

High-Speed Circuit Switched Data
The High-Speed Circuit Switched Data (HSCSD) service is similar in nature to CSD, but provides 28.8 or 43.2 kbps of bandwidth. It is not as widespread as the regular CSD, nor it is as asked-for as GPRS.

General Packet Radio Service
GPRS is an always-on, higher-speed alternative to the CSD service of GSM networks. It solves two of the most annoying issues of GSM data users—connection delay (the time it takes to set up a data call before data may be sent or received) and the bandwidth limitation, increasing the supported data rates to 48 kbps, with theoretical maximum of 171.2 kbps. Because GPRS is a connectionless packet service, GPRS terminals are always connected and may send and receive IP packets at any time. This makes possible applications such as instant messaging previously impossible or impractical with GSM CSD. Eight time slots are available for GPRS in GSM networks, but only five may be used simultaneously. The GPRS class supported by the GPRS terminal dictates what data rates are possible:

Class 2: Uplink 8-12 kbps, downlink 16-24 kbps
Class 4: Uplink 8-12 kbps, downlink 24-36 kbps
Class 6: Uplink 16-24 kbps, downlink 24-36 kbps, or
Uplink 24-36 kbps, downlink 16-24 kbps
Class 8; Uplink 8-12 kbps, downlink 32-40 kbps
Class 10: Uplink 8-12 kbps, downlink 32-48 kbps, or
Uplink 16-24 kbps, downlink 24-36 kbps
Class 12: Uplink 8-12 kbps, downlink 32-48 kbps, or
Uplink 16-24 kbps, downlink 24-36 kbps, or
Uplink 24-36 kbps, downlink 16-24 kbps, or
Uplink 32-48 kbps, downlink 8-12 kbps

In addition to the classes of GPRS service, there are three classes of GPRS terminals:
Class A terminals can be connected to GSM and GPRS services simultaneously.
Class B terminals can be connected to both GSM and GPRS services, but can use only one service at a time.
Class C terminals can be connected to either GSM or GPRS services but the user has to switch between two modes of operation.

When used as a bearer for WAP, GPRS works at the physical and data link layers of the OSI reference model. Because GPRS is connectionless and always on, there is no need for PPP—so IP works directly over GPRS.

So Why Aren't We Happy with WAP?
Many surveys of customer opinion show that the end users of WAP are not as happy as WAP developers and content providers wanted them to be. WAP service and content providers discovered that sign-up and usage rates of WAP services have not reached two-thirds of the total customer base once predicted. In short, WAP didn't change the world, and people still use their mobile phones mainly to talk to each other and send a text message or two. If you have used WAP, you probably know the reasons: the data transfer rate is slow, screens are small, charges are high, and it is tiring to type even a short URL or an e-mail message using the ten keys of a phone.

But wait a moment—are these limitations of WAP or the handsets and networks they use? Remember, WAP was required to work on devices with many limitations? So it does. Is WAP to blame that these devices have these limitations? No, that wouldn't be just. But of course it is not only the today's technology restrictions that stood in the way of the widespread usage and popularity of WAP. Scarcity of WAP content and services also contributed to this. Relatively high charges for WAP/data usage by network operators didn't help either, so the combination of these issues resulted in the situation we have today—most networks support WAP but most users don't use it anyway.

Is the technology dead, as some think? Definitely not—there are millions of WAP handsets and most wireless users will not have 3G for the foreseeable future because of both technical and economic issues, so the only available solution for these users is WAP. On the other side, 3G networks and handsets are coming and will be upon us sooner or later (they are already available in some countries), and only time will show whether tomorrow's WAP will be more popular or less relevant when 3G finally arrives. And, of course, fundamental limits of mobile phones—screen sizes, power consumption, and input methods—will still remain relevant. Other issues, such as the time it takes to set up a CSD connection, are solved by newer technologies such as GPRS, and are not really faults of WAP. You may say that if GRPS is available why would you need WAP? Why not run trusted IP? Well, this is true if you are using GPRS with a laptop or a palmtop computer, but a large majority of mobile phones don't have the resources necessary to run IP, UDP, TCP, HTTP/HTTPS, POP, and SMTP—so even if GPRS is available but your equipment cannot run the full TCP/IP suite, your only choice is still WAP.

Although WAP is clearly not as popular as its proponents and developers hoped, it is still used and developed, and handsets that support only WAP are still sold. But the hype and excitement built up by the media and the industry didn't match the reality, and it is these unrealistic expectations that have broken the promise of WAP.

Additional Acronyms

DataTAC: Motorola wireless data system
DECT: Digital Enhanced Cordless Technology
DES: Data Encryption Standard
DSA: Digital Signature Algorithm
FLEX: Motorola one-way paging system
IDEA: International Data Encryption Algorithm
IDEN: Integrated Dispatch Enhanced Network
MD5: Messege Digest 5
PDC: Pacific Digital Cellular System
RC5: Rivest Cipher 5
REFLEX: Motorola two-way paging system
SHA-1: Secure Hash Algorithm 1
TETRA: TErrestrial Trunked Radio
Nokia open digital professional mobile radio standard
USSD: Unstructured Supplementary Service Data

For Further Reading
[1] Global System for Mobile Communications (GSM): http://www.gsmworld.com

EDGAR DANIELYAN, CISSP, CCNP Security, CCDP®, SCNA, TICSA, CIWCI Security is the principal partner at Danielyan Consulting LLP , an information security consultancy in London and Yerevan. He is a published author and editor specialising in UNIX, networking, and information security, having been a cofounder of a national ISP and manager of a country TLD. His book, Solaris 8 Security , was published by New Riders Publishing in English and by Pearson Education in Japanese. He is a member of IEEE, IEEE Standards Association, IEEE Computer Society, ACM, ISACA, USENIX, and the SAGE. E-mail: edd@danielyan.com