4 Way Handshake
In my own simple words 4-way handshake between a client and an access point
Acronyms used: PMK - pairwise master key PRF = Pseudo Random Function AA = Authenticator Address, SA = Supplicant Address PTK = PRF(PMK | ANonce | SNonce | AA | SA) MIC = Message integrity code GTK = Group temporal key
- EAP-Key Message 1/4 (ANonce) – AP to CLIENT
As the first message is send from AP to client, this message includes a random number as ANonce for PTK generation at the client. Since the client knows its own SNonce and SA as well as the AA (from Beacons, Probe Response and/or Association Response) and PMK, the ANonce from this message is the only missing information.
- EAP-Key Message 2/4 – CLIENT to AP (SNonce, MIC)
As the Supplicant (client) replies to the first EAP Key message, the client sends the used SNonce as clear text to the AP “protected” by a cryptographic hash (HMAC-SHA1) called Message Integrity Code (MIC) for integrity of of this message the installed key on the client side. The AP will generate its own MIC and compare it the the one in this message, if they match, EAP-Key message 3 is send for key installation. This message also includes the Robust Security Network Information Element (RSN IE).
- EAP-Key Message 3/4 – AP to CLIENT >
Message 3 is the last unencrypted key message, as long as no retransmission(s) occur and the pairwise temporal key remains valid. The AP informs the client about the installation of the PTK and the receive sequence counter (RSC) for the GTK. The GTK itself is given in the WPA Key Data field, secured/encrypted with the PTK.
- EAP-Key Message 4/4 CLIENT to AP
The Supplicant acknowledges the installation of PTK and GTK afterwards, encrypted Unicast and Broad-/Multicast transmission can start now.
NOTE: The 4 Way Handshake happens after the open system auth or 802.11 association. WPA/2 right after the association. In case of 802.1x it happens after above process in the image.