Re: 802.1x Problems

From: Jouni Malinen (jkmaline_at_cc.hut.fi)
Date: 2002-10-12 08:37:14 UTC

• Next message: Jouni Malinen: "Re: Changing iwconfig parameters in C file"
• Previous message: Jouni Malinen: "Re: a question"
• In reply to: Manjunathan PY: "RE: 802.1x Problems"
• Next in thread: Jacques Caron: "Re: 802.1x Problems"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

On Thu, Oct 10, 2002 at 10:34:41AM +0530, Manjunathan PY wrote:

> What exactly you mean by "It sends a key pair both to station and AP" ?
> What does the Radius server send to station and AP, in what message does it
> do so?

To AP:

MS-MPPE-Send-Key and MS-MPPE-Recv-Key attributes in Access-Accept message. These attributes are encrypted as specified in RFC 2548. Authenticator uses send key to sign and recv key to encrypt the WEP key to the station (when Authenticator generates the WEP keys).

To STA:

MPPE keys are derived from the secret (between Supplicant and AS) generated during TLS exchange, so the keys are not send explicitly in any message, but equal keys are derived both in STA and AS.

-- 
Jouni Malinen                                            PGP id EFC895FA

• Next message: Jouni Malinen: "Re: Changing iwconfig parameters in C file"
• Previous message: Jouni Malinen: "Re: a question"
• In reply to: Manjunathan PY: "RE: 802.1x Problems"
• Next in thread: Jacques Caron: "Re: 802.1x Problems"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]