The 4-Way Handshake establishes the encryption keys used for a secure Wi-Fi session. In Message 3, sent from the Authenticator (AP) to the Supplicant (client), the Group Temporal Key (GTK) is transmitted. By this stage, both the AP and the client have independently derived the Pairwise Transient Key (PTK). The AP uses a portion of the PTK, specifically the Key Encryption Key (KEK), to encrypt the GTK before sending it. The client then uses its copy of the KEK to decrypt the GTK. The GTK is necessary for the client to decrypt broadcast and multicast traffic sent by the AP to all connected devices.

A. PMK: The Pairwise Master Key (PMK) is the initial shared secret and is used as an input to create the PTK; it is never transmitted during the handshake.

B. PTK: The Pairwise Transient Key (PTK) is derived independently by both the client and the AP using shared information; it is never transmitted across the wireless medium.

C. GMK: The Group Master Key (GMK) is a key held exclusively by the Authenticator (AP) to generate new GTKs. It is never distributed to clients.

1. IEEE Std 802.11™-2020. IEEE Standard for Information Technology—Telecommunications and Information Exchange between Systems Local and Metropolitan Area Networks—Specific Requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. Section 12.8.2.3, "The 4-way handshake," states: "Message 3... The Authenticator sends this message to the Supplicant. It includes the ANonce and the GTK... The Key Data field is encrypted using the KEK derived from the PTK."

2. Cisco. Understand the 4-Way Handshake in a WPA2-PSK network. (2023). This document details the handshake process, stating for Message 3: "In Message 3, the AP sends the GTK (Group Temporal Key) to the client. The GTK is encrypted by the use of the KEK."

3. Moore, A. W. (2017). Computer Networking, Lecture 16: Wireless Security. University of Cambridge, Department of Computer Science and Technology. Slide 29, "IEEE 802.11i: 4-way handshake," shows the content of Message 3 as "{GTK}KEK", indicating the GTK is encrypted with the KEK. Available at: https://www.cl.cam.ac.uk/teaching/1718/CompNet/slides/lec16.pdf