WPA/RSN four handshakes and PTK

Source: Internet
Author: User

WPA/RSN uses 4-way handshake to generate the required key.

Function

The four handshakes generate a PTK (pairwise transient key) from the PMK (pairwise master key) through a series of interactions ). The PMK is derived from the master session key, which is the first 256 bits and 32 bytes.

The main purpose of this article is to talk about PTK, So we temporarily ignore PMK and MSK.

PTK content

PTK consists of three parts: kck (key confirmation key), KEK (key encryption key), and TK (Temporal Key ).

The total length of the PTK varies depending on the encryption method.

When the encryption method is TKIP, the PTK is 512 characters long, with kck accounting for 128 places in sequence, KEK accounting for 128 places, and TK accounting for 256 places.

When the encryption method is CCMP, the PTK is 384 characters long, with kck accounting for 128 places in sequence, KEK accounting for 128 places, and TK accounting for 128 places.

The KEK and kck are used for encryption and Integrity Verification for eapol-key, that is, four handshakes. TK is used for subsequent data encryption.

The four handshakes are based on eapol-key. The eapol-key structure is as follows:

PTK generation

To generate a PTK, five necessary elements are required: PMK, anonce (nonce 1), snonce (nonce 2), authenticate MAC (Mac 1), and supplicant MAC (MAC 2 ). For example:

The two nonce values are random numbers generated by authenticator and supplicant respectively.

The output of this topology contains four parts. In fact, data encr and data mic are combined as the TK mentioned above. The eapol encr/MIC corresponds to the previous KEK and kck respectively.

Interaction Process of four handshakes

The interaction below is just a process, so we will not elaborate on the processing of some internal data.

1/4: authenticator-> supplicant

Authenticator sends anonce to supplicant. After supplicant receives 1/4, it has all the elements that generate the PTK. Because 1/4 also contains the MAC address of the authenticator.

2/4: Supplicant-> authenticator

Supplicant calculates the PTK and sends snonce and its MAC address to authenticator. At the same time, starting from 2/4 packets, each message will have mic. 1/4 No.

3/4: authenticator-> supplicant

Authenticator proves to supplicant that he has been valid and that he has also joined the mic.

4/4: Supplicant-> authenticator

Only one ack for 3/4. It indicates that the PTK has been installed and the subsequent data can be encrypted.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.