Bernard Aboba wrote: > > But Section 3.3 of RFC 3079 is not about EAP. It does specify how to > > calculate a 128-bit MasterKey, a 128-bit MasterSendKey, a 128-bit > > MasterReceiveKey, a 128-bit SendSessionKey, and a 128-bit > > ReceiveSessionKey. But how to get an EAP MSK from those is not > > specified. > > RFC 5216 describes the relationship between the MSK and the receive > and send keys (which was how the MSK was originally defined > in RFC 2716): > > Enc-RECV-Key = MSK(0,31) = Peer to Authenticator Encryption Key > (MS-MPPE-Recv-Key in [RFC2548]). Also known as the > PMK in [IEEE-802.11]. > Enc-SEND-Key = MSK(32,63) = Authenticator to Peer Encryption Key > (MS-MPPE-Send-Key in [RFC2548]
Right, but this formula assumes that MS-MPPE-Recv-Key and -Send-Key are 32 bytes (256 bits). The keys produced by RFC 3079 Section 3.3 are only 128 bits, so concatenating any two of them (in any order) doesn't produce an EAP MSK (which is at least 64 octets). Best regards, Pasi _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
