802.1x, EAP-TLS -PEAP

Jouni Malinen j at w1.fi
Wed Jun 17 13:49:25 EDT 2009


On Wed, Jun 17, 2009 at 12:09:54PM +0530, Harsha gowda wrote:

> I want to decrypt the WPA2 data flowing between supplicant and AccessPoint,
> For this i need the DERIVE PMK,
> So far i have derived *Master-secret* and *Key_block* for TLS, & *Tunnel Key
> * for PEAP
> Which key would lead me to Parwise Master Key(*PMK*),

If you are not using PEAP with cryptobinding, the key you called "TK" is
actually MSK and the first 32 octets of it will be used as PMK.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list