RFC 3079 (rfc3079) - Page 2 of 21


Deriving Keys for use with Microsoft Point-to-Point Encryption (MPPE)



Alternative Format: Original Text Document



RFC 3079                  MPPE Key Derivation                 March 2001


Table of Contents

   1.  Specification of Requirements ............................... 2
   2.  Deriving Session Keys from MS-CHAP Credentials .............. 2
   2.1.  Generating 40-bit Session Keys ............................ 3
   2.2.  Generating 56-bit Session Keys ............................ 3
   2.3.  Generating 128-bit Session Keys ........................... 4
   2.4.  Key Derivation Functions .................................. 5
   2.5.  Sample Key Derivations .................................... 6
   2.5.1.  Sample 40-bit Key Derivation ............................ 6
   2.5.2.  Sample 56-bit Key Derivation ............................ 6
   2.5.3.  Sample 128-bit Key Derivation ........................... 7
   3.  Deriving Session Keys from MS-CHAP-2 Credentials ............ 7
   3.1.  Generating 40-bit Session Keys ............................ 8
   3.2.  Generating 56-bit Session Keys ............................ 9
   3.3.  Generating 128-bit Session Keys ...........................10
   3.4.  Key Derivation Functions ..................................11
   3.5.  Sample Key Derivations ....................................13
   3.5.1.  Sample 40-bit Key Derivation ............................13
   3.5.2.  Sample 56-bit Key Derivation ............................14
   3.5.3.  Sample 128-bit Key Derivation ...........................15
   4.  Deriving MPPE Session Keys from TLS Session Keys ............16
   4.1.  Generating 40-bit Session Keys ............................16
   4.2.  Generating 56-bit Session Keys ............................17
   4.3.  Generating 128-bit Session Keys ...........................17
   5.  Security Considerations .....................................18
   5.1.  MS-CHAP Credentials .......................................18
   5.2.  EAP-TLS Credentials .......................................19
   6.  References ..................................................19
   7.  Acknowledgements ............................................20
   8.  Author's Address ............................................20
   9.  Full Copyright Statement ....................................21

1.  Specification of Requirements

   In this document, the key words "MAY", "MUST, "MUST NOT", "optional",
   "recommended", "SHOULD", and "SHOULD NOT" are to be interpreted as
   described in [6].

2.  Deriving Session Keys from MS-CHAP Credentials

   The Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP-1)
   [2] is a Microsoft-proprietary PPP [1] authentication protocol,
   providing the functionality to which LAN-based users are accustomed
   while integrating the encryption and hashing algorithms used on
   Windows networks.





Zorn                         Informational