6 Sep
2014
6 Sep
'14
5:32 p.m.
On Sep 6, 2014, at 4:35 PM, <mark.leese@stfc.ac.uk> <mark.leese@stfc.ac.uk> wrote:
This is hopefully a simple question and so apologises if I’m being stupid :-) When using PEAP with an inner method of MS-CHAPv2, are the encryption keys (MS-MPPE-Recv-Key and MS-MPPE-Send-Key) derived from the MS-CHAP material or the TLS tunnel information? I always thought it was from the TLS tunnel, just like RFC3079 says it is when using EAP-TLS, but I could not find a definitive answer for PEAP.
The MPPE keys are always derived from the TLS session parameters. Alan DeKok.