Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1374
Views
0
Helpful
2
Replies

EAP-TLS PMK Generation

kfarrington
Level 3
Level 3

‎03-13-2009 08:46 AM - edited ‎07-03-2021 05:18 PM

Hi All,

So WPA2-PSK, the PMK is derived from the PSK, then hashed and the 4-way handshake occurs.

With EAP-TLS using digital certificates, where is the PMK derived from? Can anyone explain please?

Many kind regards,

Ken

Labels:
0 Helpful
2 Replies 2

tstanik
Level 5
Level 5

‎03-19-2009 01:54 PM

After the completion of a successful EAP authentication, the authentication server sends an EAP success message to the authenticator. This message tells the authenticator that the EAP authentication process was successful, and passes the pair-wise master key (PMK) to the authenticator that is in turn used as the basis for creating the encrypted stream.

0 Helpful

kfarrington
Level 3
Level 3
In response to tstanik

‎03-20-2009 02:25 AM

Many thx indeed for this.

Could I just ask, how the PMK is generated? in WPA2-PSK, it is derivved from the PSK itself. Does eap-tls or other eap-methods generate some random number as the PMK and exchange it?

Many thx indeed,

Ken

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card