Wireless Access

Reply
Contributor II
Posts: 70
Registered: ‎05-01-2015

How the MSK is generated from the EAP process?

Hi guys,

 

Could someone tell me how the MSK is generated from the EAP process?

 

I know that they use the first 256 bits to be the PMK, but I really don't know during the EAP process how the MSK is generated.

Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: How the MSK is generated from the EAP process?

 MSK = MasterReceiveKey + MasterSendKey + 32 bytes zeroes (padding)


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II
Posts: 70
Registered: ‎05-01-2015

Re: How the MSK is generated from the EAP process?

Hi Tim,

 

You mean in EAP-tls both side have the same PMK, right ?

Because PMK = the first 256 bits of MSK

Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: How the MSK is generated from the EAP process?

Not sure I'm following you.

 

Here is the MSK deriviation for EAP-TLS from the standard.

 

RFC 5216            EAP-TLS Authentication Protocol           March 2008


            |                       | pre_master_secret       |
      server|                       |                         | client
      Random|                       V                         | Random
            |     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+     |
            |     |                                     |     |
            +---->|             master_secret           |<----+
            |     |               (TMS)                 |     |
            |     |                                     |     |
            |     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+     |
            |                       |                         |
            V                       V                         V
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                                                         |
      |                         key_block                       |
      |                   label == "key expansion"              |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
        |         |         |         |         |         |
        | client  | server  | client  | server  | client  | server
        | MAC     | MAC     | write   | write   | IV      | IV
        |         |         |         |         |         |
        V         V         V         V         V         V

                  Figure 1 - TLS [RFC4346] Key Hierarchy

   EAP-TLS derives exported keying material and parameters as follows:

   Key_Material = TLS-PRF-128(master_secret, "client EAP encryption",
                     client.random || server.random)
   MSK          = Key_Material(0,63)
   EMSK         = Key_Material(64,127)
   IV           = TLS-PRF-64("", "client EAP encryption",
                     client.random || server.random)

   Enc-RECV-Key = MSK(0,31) = Peer to Authenticator Encryption Key
                  (MS-MPPE-Recv-Key in [RFC2548]).  Also known as the
                  PMK in [IEEE-802.11].
   Enc-SEND-Key = MSK(32,63) = Authenticator to Peer Encryption Key
                  (MS-MPPE-Send-Key in [RFC2548])
   RECV-IV      = IV(0,31) = Peer to Authenticator Initialization Vector
   SEND-IV      = IV(32,63) = Authenticator to Peer Initialization
                              Vector
   Session-Id   = 0x0D || client.random || server.random

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II
Posts: 70
Registered: ‎05-01-2015

Re: How the MSK is generated from the EAP process?

Thanks, I may have to look into it deeply

Search Airheads
Showing results for 
Search instead for 
Did you mean: