PMK derivation in Host AP (wpa_supplicant)

Jouni Malinen jkmaline
Mon Sep 6 12:55:49 PDT 2004

On Tue, Sep 07, 2004 at 01:16:56AM +0530, Manoj Verma, Noida wrote:

> I was trying to find out the exact place in the Host-AP code for the
> derivation of PMK (256 bit) from the master secret key.

Calling this "Host-AP code" is somewhat confusing, since apparently you
are talking about wpa_supplicant..

> In function eap_ttls_process (), the master secret is passed as a parameter
> to eap_tls_derive_key(), which internally user eap_prf() function, to get
> the another key. 
> My confusion is, the key above obtained is of length EAP_TLS_KEY_LEN i.e.
> 64, then where exactly the 256 bit PMK is derived in the code.

Each EAP method that generates suitable keying data is expected to store
this data in eapKeyData (struct eap_sm). Most methods, like TLS, TTLS,
PEAP, SIM, generate more than 256 bits of keying material (e.g., MSK,
EMSK, etc.). MSK is expected to start from the beginning of eapKeyData
and first 256 bits of this is used as PMK for WPA/IEEE 802.11i.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list