Deriving of Preshared key in EAP-PSK method

Jouni Malinen jkmaline at cc.hut.fi
Wed Nov 29 22:06:22 EST 2006


On Wed, Nov 29, 2006 at 07:53:41PM +0530, Ravi Kishore Singh wrote:

> I have one question regarding Preshared key that is used if we
> choose EAP-PSK as our EAP method::
> 
> Do we need to enter 16 byte PSK manually as input for this method.
> It seems cumbersome. As Peer and Server should have same PSK, so
> there must be some standard mechanism which can generate PSK (same at both
> ends) from a set of user inputs provided at both ends.

In the current implementation, the PSK for EAP-PSK can only be entered
as a 16-byte buffer of random bytes, not using an ASCII passphrase that
would be converted to a key. draft-bersane-eap-psk-11.txt describes a
"formally discouraged" mechanism for deriving the PSK from a password,
so in theory, it would be possible to add support for a passphrase entry
in the same was as WPA-Personal(PSK) can be used.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list