In this illustration we see (from left to right): a laptop with a wireless node labeled "STA: client station," a base station labeled "AP: access point" connected to a server labeled "AS: authentication server" through a cloud labeled "Wired network." Below this we see the four phases of operation depicted as various blue arrows.

Phase 1 is depicted as a horizontal arrow pointing in both directions. This one is described as "Discovery of security capabilities."

Phase 2 is depicted as a horizontal arrow pointing in both directions; in the center is a small hump, depicted as a dashed line rather than a solid one. This phase is described as "STA and AS mutually authenticate, together generate Master Key (MK). AP serves as 'pass through.'"

Phase 3 is depicted as an empty space followed by an arrow pointing from right to left. The empty space is described as "STA derives Pairwise Master Key (PMK)," and the arrow is described as "AS derives same PMK, sends to AP."

Phase 4 is depicted in the same as Phase 1, and is described as "STA, AP use PMK to derive Temporal Key (TK) used for message encryption, integrity."