Let's try to understand how WPA3-SAE generates PMK for each user and helps the user secure from not becoming prey for brute force and dictionary attacks.
Key generation is done based on Diffie Hellman Algorithm in SAE.
Below is the information flow between the user Device and Access point in the PMK Key generation procedure in WPA3-Personal.
“Password Element = g= is derived function of Password / Pre-shared key and Mac-addresses.”
P = Prime number.
Both P and g values will be the same on the Access point and the user device.
Variables in red never exchanged between the user device and access point.
X and Y are Random numbers.
X and Y are normally known as Private Key.
Calculation of Common secret S for the user device
Calculation of Common secret S for the Access point
Using “S,” PMK is calculated. Without knowing X and Y values, it is impractical to calculate Value “S.”
Suppose the user device fails to key in the Wrong Passphrase or Pre-shared key. Authentication Confirm from AP to the user device will status code: Unspecified Failure as shown below.
Let’s take an example and try to calculate the value “S” to clarify any confusion.
Note: To calculate the Mod you can use Microsoft excel. For example, "=mod(3125,23)" feed-in the cell of excel and hit enter, we will see the result 20. The values taken in the example are minimal but will be used in huge random numbers, and that's why it's impractical to calculate the value S.
Thanks for viewing the article, please leave a feedback comment (good or bad), so that I can improve.
congratulations for the post, very clear indeed.
I have two questions in this regard:
1) how do both devices (client and access point) know the value of P? If it has to be the same for both of them at some point they will have to exchange it. Or how for g is calculated independently?
2) S represents the PMK right?