ISC2 ISSAP Exam - Topic 4 Question 17 Discussion

data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. The

public key infrastructure assumes the use of public key cryptography, which is the most common method on the Internet for authenticating a

message sender or encrypting a message.

Answer option D is incorrect. Group Temporal Key (GTK) is a random value that is assigned by the broadcast/multicast source. It is used to

protect broadcast/multicast medium access control (MAC) protocol data units. It is derived from a group master key (GMK).

Answer option B is incorrect. Pairwise Transient Key (PTK) is a 64-byte key that comprises the following:

16 bytes of EAPOL-Key Confirmation Key (KCK): This key is used to compute MIC on WPA EAPOL Key message.

16 bytes of EAPOL-Key Encryption Key (KEK): AP uses this key to encrypt additional data sent (in the 'Key Data' field) to the client.

16 bytes of Temporal Key (TK): This key is used to encrypt/decrypt unicast data packets.

8 bytes of Michael MIC Authenticator Tx Key: This key is used to compute MIC on unicast data packets transmitted by the AP.

8 bytes of Michael MIC Authenticator Rx Key: This key is used to compute MIC on unicast data packets transmitted by the station.

Pairwise Transient Key is derived from the pairwise master key (PMK), Authenticator address (AA), Supplicant address (SPA), Authenticator

nonce (A Nonce), and Supplicant nonce (S Nonce) using pseudo-random function (PRF).

Answer option A is incorrect. Pairwise Master Key (PMK) is the highest order key used within the 802.11i amendment. It is derived directly from

a preshared key and can also be derived from the Extensible Authentication Protocol (EAP). It is a cryptography key that is used to derive

lower level keys.