EAP-PSK - HMAC-MD5 for MIC - digest format

Poiex poiexxx at gmail.com
Wed Dec 24 06:01:59 EST 2008 

Hi,

I'm trying to understand how are composed the digest of the messages  
of 4-way handshake. In particular of second message.

--- First packet ---

Frame 2 (113 bytes on wire, 113 bytes captured)
Ethernet II, Src: PirelliB_ac:14:62 (00:17:c2:ac:14:62), Dst: Apple_be: 
4f:02 (00:1e:c2:be:4f:02)
802.1X Authentication
     Version: 1
     Type: Key (3)
     Length: 95
     Descriptor Type: EAPOL WPA key (254)
     Key Information: 0x0089
         .... .... .... .001 = Key Descriptor Version: HMAC-MD5 for  
MIC and RC4 for encryption (1)
         .... .... .... 1... = Key Type: Pairwise key
         .... .... ..00 .... = Key Index: 0
         .... .... .0.. .... = Install flag: Not set
         .... .... 1... .... = Key Ack flag: Set
         .... ...0 .... .... = Key MIC flag: Not set
         .... ..0. .... .... = Secure flag: Not set
         .... .0.. .... .... = Error flag: Not set
         .... 0... .... .... = Request flag: Not set
         ...0 .... .... .... = Encrypted Key Data flag: Not set
     Key Length: 32
     Replay Counter: 0
     Nonce: C70D78A73B030E4D3C26EE9A547A00C5A419FE310D2FB9DD...
     Key IV: 00000000000000000000000000000000
     WPA Key RSC: 0000000000000000
     WPA Key ID: 0000000000000000
     WPA Key MIC: 00000000000000000000000000000000
     WPA Key Length: 0

--- Second packet ---

Frame 3 (113 bytes on wire, 113 bytes captured)
Ethernet II, Src: Apple_be:4f:02 (00:1e:c2:be:4f:02), Dst: PirelliB_ac: 
14:62 (00:17:c2:ac:14:62)
802.1X Authentication
     Version: 1
     Type: Key (3)
     Length: 95
     Descriptor Type: EAPOL WPA key (254)
     Key Information: 0x0109
         .... .... .... .001 = Key Descriptor Version: HMAC-MD5 for  
MIC and RC4 for encryption (1)
         .... .... .... 1... = Key Type: Pairwise key
         .... .... ..00 .... = Key Index: 0
         .... .... .0.. .... = Install flag: Not set
         .... .... 0... .... = Key Ack flag: Not set
         .... ...1 .... .... = Key MIC flag: Set
         .... ..0. .... .... = Secure flag: Not set
         .... .0.. .... .... = Error flag: Not set
         .... 0... .... .... = Request flag: Not set
         ...0 .... .... .... = Encrypted Key Data flag: Not set
     Key Length: 32
     Replay Counter: 1
     Nonce: 875EF27A2070310B8D259BFBFC69AA0B0861D508AD92EAA3...
     Key IV: 00000000000000000000000000000000
     WPA Key RSC: 0000000000000000
     WPA Key ID: 0000000000000000
     WPA Key MIC: D78FA4EFC43F71CA234FA465190023A4
     WPA Key Length: 0

I know that the MIC is a HMAC-MD5 function of a concatenation of  
something. But, of what?
Can someone help me?

Poiex

poiexxx at gmail.com

More information about the HostAP mailing list