4 Way HANDSHAKE
* Authenticator sends EAPOL-Key frame containing an ANonce(Authenticator nonce) to supplicant.
* With this information, supplicant have all necessary input to generate PTK using pseudo-random function(PRF)
Message 2 (M2):
* Supplicant sends an EAPOL-Key frame containing SNonce to the Authenticator.
* Now authenticator has all the inputs to create PTK.
* Supplicant also sent RSN IE capabilities to Authenticator & MIC
* Authenticator derive PTK & validate the MIC as well.
Message 3 (M3):
* If necessary, Authenticator will derive GTK from GMK.
* Authenticator sends EAPOL-Key frame containing ANonce, RSN-IE & a MIC.
* GTK will be delivered (encrypted with PTK) to supplicant.
* Message to supplicant to install temporal keys.
Message 4 (M4):
* Supplicant sends final EAPOL-Key frame to authenticator to confirm temporal keys have been installed.
Comments
Post a Comment