The reader can understand the association mechanism between a WLAN station and Access point for 802.1X authentication here <Wireless Capture Example – EAP Handshake – Part 1>
There are a number of 802.1X EAP mechanisms that are used in WLAN. The number of EAP exchanges depend on the EAP Method employed. The Frame exchanges that are constant in an EAP exchange are
- EAPOL Start – Start of EAP exchange
- EAP Request Identity sent by the Access Point
- EAP Response Identity sent by the WLAN station in response to the EAP request identity – The identity is sent in clear text.
- EAP Success (or Failure)
The Current example is for an EAP-TLS session negotiation.
The Generic EAP Handshake is shown below
FIG Courtesy : CWSP Study guide
The EAP-TLS mechanism is shown below for understanding
FIG Courtesy: CWSP Study Guide
The wireless Capture indicating the EAP-TLS method is shown below
At the End of the EAP handshake – the Access Point and the WLAN Station have the Pairwise Master Key material and can now take part in an EAPOL 4-way handshake to obtain the temporal keys for data encryption