Was this page helpful?
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All Master Session Key (MSK) Derivation

Upon successful authentication, Extensible Authentication Protocol Method for Microsoft CHAP derives two 16-byte keys, MasterSendKey and MasterReceiveKey (as specified in [RFC3079], section 3.3).

MS-MPPE key attributes, defined in [RFC2548] section 2.4.2 and 2.4.3, are defined as follows on an Authenticator:

 MS-MPPE-Recv-Key      = MasterReceiveKey
 MS-MPPE-Send-Key      = MasterSendKey

MS-MPPE keys attributes on a Peer are as populated as follows.

 MS-MPPE-Recv-Key      = MasterSendKey
 MS-MPPE-Send-Key      = MasterReceiveKey

The Master Session Key [RFC3748] is derived from the two keys as follows:

 MSK = MasterReceiveKey + MasterSendKey + 32 bytes zeroes (padding)
© 2016 Microsoft