The Extensible Authentication Protocol (EAP) provides a framework supporting various authentication protocols known as EAP methods. To avoid a full EAP authentication exchange when there is a handover across EAP authenticators, a handover key hierarchy should be specified. This document specifies how to derive a handover key hierarchy from the Extended Master Session Key (EMSK). In our mechanism, both intra and inter-authenticator handovers can be supported.