Four-way handshake definition
A four-way handshake is a type of network authentication protocol that allows an authenticator and a wireless client to establish an encrypted connection without having to reveal the pass key (called the Pairwise Master Key or PMK) to each other. The four-way handshake protocol was established by the IEEE-802.11i standard.
How a four-way handshake works
- Message 1: The wireless access point (WAP) sends an EAPOL-Key frame with nonce value (a random number that can only be used once in a given cryptographic exchange) and connection information to the client. The WAP’s nonce value is called ANonce. With this information, the client is able to derive the pairwise transient key (PTK), which is required to encrypt traffic between the client and the WAP.
- Message 2: The client sends its own EAPOL-Key frame with SNonce (its own nonce value), RSN Element, MIC (message integrity code), and authentication to the WAP.
- Message 3: After verifying message 2, the WAP sends the ANonce, RSN Element, another MIC, and the group temporal key (GTK) back to the client. The GTK is used to protect broadcast and multicast frames.
- Message 4: After verifying message 3, the client sends confirmation to the WAP that the temporal keys have been installed successfully.