EAP-TLS PMK Generation

Unanswered Question
Mar 13th, 2009
User Badges:

Hi All,

So WPA2-PSK, the PMK is derived from the PSK, then hashed and the 4-way handshake occurs.

With EAP-TLS using digital certificates, where is the PMK derived from? Can anyone explain please?

Many kind regards,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
tstanik Thu, 03/19/2009 - 13:54
User Badges:
  • Bronze, 100 points or more

After the completion of a successful EAP authentication, the authentication server sends an EAP success message to the authenticator. This message tells the authenticator that the EAP authentication process was successful, and passes the pair-wise master key (PMK) to the authenticator that is in turn used as the basis for creating the encrypted stream.

kfarrington Fri, 03/20/2009 - 02:25
User Badges:

Many thx indeed for this.

Could I just ask, how the PMK is generated? in WPA2-PSK, it is derivved from the PSK itself. Does eap-tls or other eap-methods generate some random number as the PMK and exchange it?

Many thx indeed,



This Discussion



Trending Topics - Security & Network