In WLANs according to IEEE 802.11i, the pairwise master key (PMK) is derived from the master key (MK), which is only known to the authentication server (AS) and the WLAN component. This is transmitted from the authentication server to the access point
(AP). The PMK is a symmetric key for WLAN access that is only used for the session between the access point (AP) and the authentication server. The Pairwise Transient Key (PTK) for the encryption of the communication is derived from the PMK key in a four-way handshake between the WLAN end device and the authentication server. The PTK key is several operational keys: the Key Confirmation Key (KCK), the Key Encryption Key (KEK) and the Temporal Keys
(TK)Key Confirmation Key (KCK) is used to verify the PMK key and binds the PMK to the access point. The Key Encryption Key (KEK) is used to distribute the Group Transient Keys (GTK).