Should EAP-MD5 and EAP-MSCHAPv2 support dynamic WEP key?

Jouni Malinen jkmaline at
Sat May 7 11:33:00 EDT 2005

On Fri, Apr 29, 2005 at 01:55:48PM +0800, YenJung Chang wrote:

> In wpa_supplicant, EAP-MD5 does NOT support dynamic WEP key, does it
> follow the standard? If it does, could somebody please tell me where
> can I get the standard and confirm this information?

EAP-MD5 does not generate keying material and as such, it cannot be used
to generate dynamic WEP keys. This EAP type is defined in RFC 3748.

> Beside, I did not find any information about the relationship between
> EAP-MSCHAPv2 and dynamic WEP key. Could somebody please tell me should
> EAP-MSCHAPv2 support dynamic WEP key or not?

In theory, this could be done, but most implementations do not seem to
use EAP-MSCHAPv2 to generate keys. The keying material defined for
MSCHAPv2 is shorter than normally used with IEEE 802.1X. It is used in
some cases, e.g., binding inner method keys to the full authentication
(EAP-FAST), but it is not usually used without tunneling method

Jouni Malinen                                            PGP id EFC895FA

More information about the HostAP mailing list