eap-10----Page:11
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
|
Binding Phase Exchange with Compound Keyed MACs Binding Request B1 Binding Response B2 [VERSION,S_NONCE,……….. B1_MAC] [VERSION,C_NONCE,……….. B2_MAC] TSK = Tunnel Session Keys ISKi = Inner Session Keys for each method ‘i’ where i = 1..n C_NONCE = 256 bit random number derived on client S_NONCE = 256 bit random number derived on server Note: Sufficiency of 2-way handshake is based on binding using fresh session keys |