diff --git a/src/eap-peap.c b/src/eap-peap.c
index 005eacc4..6decbfb3 100644
--- a/src/eap-peap.c
+++ b/src/eap-peap.c
@@ -46,8 +46,23 @@ struct peap_state {
 	struct eap_state *phase2;
 
 	uint8_t key[128];
+	uint8_t isk[32];
 };
 
+static void eap_peap_phase2_key_ready(const uint8_t *msk_data, size_t msk_len,
+				const uint8_t *emsk_data, size_t emsk_len,
+				const uint8_t *iv, size_t iv_len,
+				const uint8_t *session_id, size_t session_len,
+				void *user_data)
+{
+	struct peap_state *peap_state =
+				eap_tls_common_get_variant_data(user_data);
+
+	l_debug("PEAP: New ISK received");
+
+	memcpy(peap_state->isk, msk_data, sizeof(peap_state->isk));
+}
+
 static void eap_peap_phase2_send_response(const uint8_t *pdu, size_t pdu_len,
 								void *user_data)
 {
@@ -103,6 +118,7 @@ static void eap_peap_phase2_complete(enum eap_result result, void *user_data)
 	eap_set_key_material(eap, peap_state->key + 0, 64, NULL, 0, NULL,
 								0, NULL, 0);
 	explicit_bzero(peap_state->key, sizeof(peap_state->key));
+	explicit_bzero(peap_state->isk, sizeof(peap_state->isk));
 
 	eap_method_success(eap);
 }
@@ -144,12 +160,9 @@ static bool cryptobinding_tlv_generate_imck(struct eap_state *eap,
 {
 	struct peap_state *peap_state = eap_tls_common_get_variant_data(eap);
 	static const char *label = "Inner Methods Compound Keys";
-	uint8_t isk[32];
-
-	memset(isk, 0, sizeof(isk));
 
 	if (!prf_plus_sha1(peap_state->key, 40, label, strlen(label),
-					isk, sizeof(isk), imck_out, 60))
+					peap_state->isk, 32, imck_out, 60))
 		return false;
 
 	return true;
@@ -441,6 +454,7 @@ static void eap_extensions_handle_request(struct eap_state *eap,
 	eap_set_key_material(eap, peap_state->key + 0, 64, NULL, 0, NULL,
 								0, NULL, 0);
 	explicit_bzero(peap_state->key, sizeof(peap_state->key));
+	explicit_bzero(peap_state->isk, sizeof(peap_state->isk));
 
 	eap_method_success(eap);
 }
@@ -528,6 +542,7 @@ static void eap_peap_state_reset(void *variant_data)
 	eap_reset(peap_state->phase2);
 
 	explicit_bzero(peap_state->key, sizeof(peap_state->key));
+	explicit_bzero(peap_state->isk, sizeof(peap_state->isk));
 }
 
 static void eap_peap_state_destroy(void *variant_data)
@@ -541,6 +556,7 @@ static void eap_peap_state_destroy(void *variant_data)
 	eap_free(peap_state->phase2);
 
 	explicit_bzero(peap_state->key, sizeof(peap_state->key));
+	explicit_bzero(peap_state->isk, sizeof(peap_state->isk));
 
 	l_free(peap_state);
 }
@@ -604,6 +620,8 @@ static bool eap_peap_settings_load(struct eap_state *eap,
 
 	peap_state = l_new(struct peap_state, 1);
 	peap_state->phase2 = phase2;
+	eap_set_key_material_func(peap_state->phase2,
+						eap_peap_phase2_key_ready);
 
 	snprintf(setting_key_prefix, sizeof(setting_key_prefix), "%sPEAP-",
 									prefix);