3.1.5.1 Master Session Key (MSK) Derivation

Upon successful authentication, Extensible Authentication Protocol Method for Microsoft CHAP derives two 16-byte keys, MasterSendKey and MasterReceiveKey (as specified in [RFC3079], section 3.3).

MS-MPPE key attributes, defined in [RFC2548] section 2.4.2 and 2.4.3, are defined as follows on an Authenticator:

 MS-MPPE-Recv-Key      = MasterReceiveKey
 MS-MPPE-Send-Key      = MasterSendKey

MS-MPPE keys attributes on a Peer are as populated as follows.

 MS-MPPE-Recv-Key      = MasterSendKey
 MS-MPPE-Send-Key      = MasterReceiveKey

The Master Session Key [RFC3748] is derived from the two keys as follows:

 MSK = MasterReceiveKey + MasterSendKey + 32 bytes zeroes (padding)