Keys

Jouni Malinen j at w1.fi
Sun Jan 23 11:49:50 EST 2011


On Fri, Jan 14, 2011 at 12:05:35AM -0800, rosect190 at yahoo.com wrote:
> When using PEAP/MSCHAPv2, there are two places where keys are generated.
> 
> One is in eap_server.c / SM_STATE(EAP, METHOD_RESPONSE), where eap_peap_getKey() 
> is called (sm->eap_if.eapKeyData = sm->m->getKey(..))
> 
> The other is in eap_server_peap.c  where eap_mschapv2_getKey() is called.
> (data->phase2_key = data->phase2_method->getKey();)
> 
> What are the differences between the two keys? Thank you.

The former is the key generated by PEAP (i.e., MSK/PMK) and the latter
is an intermediate key generated by a Phase 2 method during the PEAP
run. The intermediate key could be used in the PEAP key generation
and/or binding of the separate operations.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list