pairwise master key (802.11i) (PMK)
In WLANs according to IEEE 802.11i, the pairwise master key(PMK) is derived from the master key ( MK), which is known only to the authentication server ( AS) and the WLAN component. This is transmitted from the authentication server to the access point( AP).
The PMK is a symmetric key for WLAN access that is used only for the session between the access point (AP) and the authentication server. The pairwise transient key ( PTK) for encryption of the communication is derived from the PMK key in a four-way handshake between the WLAN terminal and the authentication server. The PTK key is several operational keys: the Key Confirmation Key( KCK), the Key Encryption Key( KEK) and the Temporal Keys ( TK).
The Key Confirmation Key (KCK) is used to verify the PMK key and binds the PMK to the access point. The Key Encryption Key (KEK) is used to distribute the Group Transient Keys( GTK).