Summary
- Probe response and beacon frames include the WPA IE (AP WPA capabilities)
- Association request from STA includes the WPA IE (STA WPA capablities)
- IEs in EAPOL messages and corresponding probe/beacon/assoc messages should match
- WPA Pairwise Key (TKIP) is dervied from the following
- STA MAC address
- AP MAC address
- PMK (Pairwise Master Key) (PMK = PSK (256 bits))
- Authenticator (AP) Nonce (A random value genearted by AP)
- Supplicant (STA) Nonce (A random value generated by STA)
- Pairwise key consists of
- EAPOL KEK (128 bits)
- EAPOL KCK (128 bits)
- TKIP TK (128 bits)
- TKIP MIC Key (128 bits)
- WPA does not use KEK to encrypt the keys (Q:What is the purpose of KEK in TKIP?)
- KCK is used for integrity protection of EAPOL messages
- Group key messages are encrypted using TKIP TK
- Group key consists of
- Group Temporal Key (128 bits)
- Group MIC (128 bits)
- Group key may be periodically updated by the AP
- Air-traces used to generate this diagram can be downloaded from here