802.1x, EAP-TLS -PEAP

Harsha gowda harsha.k.gowda at gmail.com
Wed Jun 17 02:39:54 EDT 2009 

Hi *Jouni Malinen,
*Thanks for your reply ,
I want to decrypt the WPA2 data flowing between supplicant and AccessPoint,
For this i need the DERIVE PMK,
So far i have derived *Master-secret* and *Key_block* for TLS, & *Tunnel Key
* for PEAP
Which key would lead me to Parwise Master Key(*PMK*),

The client is configured to connect to WPA2 AccessPoint with *PEAP-MS-CHAPv2
*,

If i need to debug using supplicant,
Can you mention any Live CD present for testing,
For radius server I have ZEROSHELL as live CD of radius server.

Regards
Harsha


On Tue, Jun 16, 2009 at 11:35 PM, Jouni Malinen <j at w1.fi> wrote:

> On Tue, Jun 16, 2009 at 01:45:49PM +0530, Harsha gowda wrote:
>
> > I want to decrypt the TLS tunnel data,
> > So far i have extracted client Key exchange message.
> > Which has pre master Key,Decrypted with Root Private Key,
> > Got 48 bytes of
> > (MK)*Master_key*=PRF(Pre-Master-Key,"*master key*
> > ",Client.random|Server.random).
> >
> > And derived 64 bytes
> > (TK)*TunnelKey* (Master-Key,"*Client EAP encryption*
> > ",Client.random|Server.random)
> >
> > Which is the key to encrypt/decrypt TLSV1 application data.
> >
> > Is tunnel Key is used to encrypt decrypt data.
>
> The master key is used to derive a set of keys and related values
> ("key_block") and those keys/parameters are used to encrypt/decrypt TLS
> records.
>
> The key you call TK (the 64 octet long key is the TLS PRF output) could
> be used, e.g., with WPA2-Enterprise as the PMK for 4-way handshake.
> However, since you call this TK, I would assume you are looking into
> PEAP cryptobinding case where this key is used to derive some additional
> key for binding the tunneled methods together.
>
> What are you trying to do? It would probably be easier to run through
> another authentication and just look at the supplicant (or
> authentication server) debug log to see what data was sent.. For
> example, wpa_supplicant can show you that data in the debug log.
>
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>



-- 
ಇಂತಿ
ಹರ್ಷ ಕೃ ಗೌಡ
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20090617/724898c9/attachment.htm

More information about the HostAP mailing list