Home » Cisco » 300-375 » When a wireless client uses WPA2 AES, which keys are created at the end of the four-way handshake process between the client and the access point?
When a wireless client uses WPA2 AES, which keys are created at the end of the four-way handshake process between the client and the access point?
A. AES key, TKIP key, WEP key
B. AES key, WPA2 key, PMK
C. KCK, KEK, TK
D. KCK, KEK, MIC key
Correct Answer: A
Explanation/Reference:
Explanation: When WPA-PSK or WPA2-PSK is performed via Temporal Key Integrity Protocol (TKIP) or Advanced Encryption Standard (AES) for the encryption, the client must go through the process known as the WPA 4-Way handshake for both the initial association and also when roaming. As previously explained, this is basically the key management process used in order for WPA/WPA2 to derive the encryption keys. However, when PSK is performed, it is also used in order to verify that the client has a valid Pre-Shared Key to join the WLAN.
Reference: http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/116493-technote-technology-00.html#anc6
That’s correct:-
Fourth, PTK will be divided into three keys as shown in
Figure 2 where :
• Key Confirmation Key (KCK 128 bits) which is used
to provide data integrity in the four-way handshaking
communication.
• Key Encryption Key (KEK 128 bits) which is used to
protect the four-way handshaking communication.
• Temporal Key (TK 128 bits) is used to protect wireless
data.
http://www.eecs.ucf.edu/~jinyier/papers/MILCOM15.pdf
C is correct because the PTK has three component keys “KCK, KEK, TK”. Search that on google images to look that.
from the technical view point, C is correct
C is correct
None of these are right, but A is the wrongest of them all.
http://www.wifi-professionals.com/2019/01/4-way-handshake