diff --git a/src/libraries/Common/src/Interop/Unix/System.Net.Security.Native/Interop.NetSecurityNative.cs b/src/libraries/Common/src/Interop/Unix/System.Net.Security.Native/Interop.NetSecurityNative.cs
index e87970e2a9dd8e..cfbfebb27db2c6 100644
--- a/src/libraries/Common/src/Interop/Unix/System.Net.Security.Native/Interop.NetSecurityNative.cs
+++ b/src/libraries/Common/src/Interop/Unix/System.Net.Security.Native/Interop.NetSecurityNative.cs
@@ -285,5 +285,11 @@ internal static unsafe Status VerifyMic(
                 return VerifyMic(out minorStatus, contextHandle, inputBytesPtr, inputBytes.Length, tokenBytesPtr, tokenBytes.Length);
             }
         }
+
+        [LibraryImport(Interop.Libraries.NetSecurityNative, EntryPoint = "NetSecurityNative_InquireSecContextSessionKey")]
+        internal static partial Status InquireSecContextSessionKey(
+            out Status minorStatus,
+            SafeGssContextHandle? contextHandle,
+            ref GssBuffer outBuffer);
     }
 }
diff --git a/src/libraries/Common/src/Interop/Windows/SspiCli/Interop.SSPI.cs b/src/libraries/Common/src/Interop/Windows/SspiCli/Interop.SSPI.cs
index cbff2b2798efed..0cb7252a5bf155 100644
--- a/src/libraries/Common/src/Interop/Windows/SspiCli/Interop.SSPI.cs
+++ b/src/libraries/Common/src/Interop/Windows/SspiCli/Interop.SSPI.cs
@@ -50,6 +50,7 @@ internal enum ContextAttribute
             SECPKG_ATTR_DCE_INFO = 3,
             SECPKG_ATTR_STREAM_SIZES = 4,
             SECPKG_ATTR_AUTHORITY = 6,
+            SECPKG_ATTR_SESSION_KEY = 9,
             SECPKG_ATTR_PACKAGE_INFO = 10,
             SECPKG_ATTR_NEGOTIATION_INFO = 12,
             SECPKG_ATTR_UNIQUE_BINDINGS = 25,
diff --git a/src/libraries/Common/src/Interop/Windows/SspiCli/SecPkgContext_SessionKey.cs b/src/libraries/Common/src/Interop/Windows/SspiCli/SecPkgContext_SessionKey.cs
new file mode 100644
index 00000000000000..e3ed2e44d309b2
--- /dev/null
+++ b/src/libraries/Common/src/Interop/Windows/SspiCli/SecPkgContext_SessionKey.cs
@@ -0,0 +1,15 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using System.Runtime.InteropServices;
+
+namespace System.Net
+{
+    // sspi.h
+    [StructLayout(LayoutKind.Sequential)]
+    internal struct SecPkgContext_SessionKey
+    {
+        public int SessionKeyLength;
+        public nint SessionKey;
+    }
+}
diff --git a/src/libraries/System.Net.Security/ref/System.Net.Security.cs b/src/libraries/System.Net.Security/ref/System.Net.Security.cs
index 986a492e479212..1bb5411245ceeb 100644
--- a/src/libraries/System.Net.Security/ref/System.Net.Security.cs
+++ b/src/libraries/System.Net.Security/ref/System.Net.Security.cs
@@ -59,6 +59,10 @@ public void Dispose() { }
         public System.Net.Security.NegotiateAuthenticationStatusCode Wrap(System.ReadOnlySpan<byte> input, System.Buffers.IBufferWriter<byte> outputWriter, bool requestEncryption, out bool isEncrypted) { throw null; }
         public void ComputeIntegrityCheck(System.ReadOnlySpan<byte> message, System.Buffers.IBufferWriter<byte> signatureWriter) { }
         public bool VerifyIntegrityCheck(System.ReadOnlySpan<byte> message, System.ReadOnlySpan<byte> signature) { throw null; }
+        public void DeriveKeyFromSessionKey(Action<ReadOnlySpan<byte>> keyDerivationFunction) { }
+        public void DeriveKeyFromSessionKey<TState>(Action<ReadOnlySpan<byte>, TState> keyDerivationFunction, TState state) { }
+        public TReturn DeriveKeyFromSessionKey<TReturn>(Func<ReadOnlySpan<byte>, TReturn> keyDerivationFunction) { throw null; }
+        public TReturn DeriveKeyFromSessionKey<TState, TReturn>(Func<ReadOnlySpan<byte>, TState, TReturn> keyDerivationFunction, TState state) { throw null; }
     }
     public partial class NegotiateAuthenticationClientOptions
     {
diff --git a/src/libraries/System.Net.Security/src/System.Net.Security.csproj b/src/libraries/System.Net.Security/src/System.Net.Security.csproj
index ecf71f7c0f5c97..4649d91a2bb890 100644
--- a/src/libraries/System.Net.Security/src/System.Net.Security.csproj
+++ b/src/libraries/System.Net.Security/src/System.Net.Security.csproj
@@ -249,6 +249,8 @@
              Link="Common\Interop\Windows\SspiCli\SecPkgContext_NegotiationInfoW.cs" />
     <Compile Include="$(CommonPath)Interop\Windows\SspiCli\NegotiationInfoClass.cs"
              Link="Common\Interop\Windows\SspiCli\NegotiationInfoClass.cs" />
+    <Compile Include="$(CommonPath)Interop\Windows\SspiCli\SecPkgContext_SessionKey.cs"
+             Link="Common\Interop\Windows\SspiCli\SecPkgContext_SessionKey.cs" />
     <Compile Include="$(CommonPath)Interop\Windows\SspiCli\SecPkgContext_Sizes.cs"
              Link="Common\Interop\Windows\SspiCli\SecPkgContext_Sizes.cs" />
     <Compile Include="$(CommonPath)System\Collections\Generic\BidirectionalDictionary.cs"
diff --git a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs
index 147097e521c700..f035cdf5ef9e8b 100644
--- a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedNtlm.cs
@@ -31,6 +31,7 @@ internal sealed class ManagedNtlmNegotiateAuthenticationPal : NegotiateAuthentic
             private readonly ProtectionLevel _protectionLevel;
 
             // State parameters
+            private byte[]? _exportedSessionKey;
             private byte[]? _negotiateMessage;
             private byte[]? _clientSigningKey;
             private byte[]? _serverSigningKey;
@@ -247,6 +248,11 @@ private ManagedNtlmNegotiateAuthenticationPal(NegotiateAuthenticationClientOptio
             public override void Dispose()
             {
                 // Dispose of the state
+                if (_exportedSessionKey is not null)
+                {
+                    CryptographicOperations.ZeroMemory(_exportedSessionKey);
+                }
+                _exportedSessionKey = null;
                 _negotiateMessage = null;
                 _clientSigningKey = null;
                 _serverSigningKey = null;
@@ -654,8 +660,8 @@ private static byte[] DeriveKey(ReadOnlySpan<byte> exportedSessionKey, ReadOnlyS
                 AddToPayload(ref response.Workstation, s_workstation, payload, ref payloadOffset);
 
                 // Generate random session key that will be used for signing the messages
-                Span<byte> exportedSessionKey = stackalloc byte[16];
-                RandomNumberGenerator.Fill(exportedSessionKey);
+                _exportedSessionKey = new byte[SessionKeyLength];
+                RandomNumberGenerator.Fill(_exportedSessionKey);
 
                 // Both flags are necessary to exchange keys needed for MIC (!)
                 Debug.Assert(flags.HasFlag(Flags.NegotiateSign) && flags.HasFlag(Flags.NegotiateKeyExchange));
@@ -669,14 +675,14 @@ private static byte[] DeriveKey(ReadOnlySpan<byte> exportedSessionKey, ReadOnlyS
                 using (RC4 rc4 = new RC4(sessionBaseKey))
                 {
                     Span<byte> encryptedRandomSessionKey = payload.Slice(payloadOffset, 16);
-                    rc4.Transform(exportedSessionKey, encryptedRandomSessionKey);
+                    rc4.Transform(_exportedSessionKey, encryptedRandomSessionKey);
                     SetField(ref response.EncryptedRandomSessionKey, 16, payloadOffset);
                     payloadOffset += 16;
                 }
 
                 // Calculate MIC
                 Debug.Assert(_negotiateMessage != null);
-                using (var hmacMic = IncrementalHash.CreateHMAC(HashAlgorithmName.MD5, exportedSessionKey))
+                using (var hmacMic = IncrementalHash.CreateHMAC(HashAlgorithmName.MD5, _exportedSessionKey))
                 {
                     hmacMic.AppendData(_negotiateMessage);
                     hmacMic.AppendData(blob);
@@ -685,14 +691,13 @@ private static byte[] DeriveKey(ReadOnlySpan<byte> exportedSessionKey, ReadOnlyS
                 }
 
                 // Derive signing keys
-                _clientSigningKey = DeriveKey(exportedSessionKey, ClientSigningKeyMagic);
-                _serverSigningKey = DeriveKey(exportedSessionKey, ServerSigningKeyMagic);
-                _clientSealingKey = DeriveKey(exportedSessionKey, ClientSealingKeyMagic);
-                _serverSealingKey = DeriveKey(exportedSessionKey, ServerSealingKeyMagic);
+                _clientSigningKey = DeriveKey(_exportedSessionKey, ClientSigningKeyMagic);
+                _serverSigningKey = DeriveKey(_exportedSessionKey, ServerSigningKeyMagic);
+                _clientSealingKey = DeriveKey(_exportedSessionKey, ClientSealingKeyMagic);
+                _serverSealingKey = DeriveKey(_exportedSessionKey, ServerSealingKeyMagic);
                 ResetKeys();
                 _clientSequenceNumber = 0;
                 _serverSequenceNumber = 0;
-                CryptographicOperations.ZeroMemory(exportedSessionKey);
 
                 Debug.Assert(payloadOffset == responseBytes.Length);
 
@@ -829,6 +834,16 @@ public override NegotiateAuthenticationStatusCode UnwrapInPlace(Span<byte> input
 
                 return NegotiateAuthenticationStatusCode.Completed;
             }
+
+            public override TReturn DeriveKeyFromSessionKey<TState, TReturn>(Func<ReadOnlySpan<byte>, TState, TReturn> keyDerivationFunction, TState state)
+            {
+                if (_exportedSessionKey is null)
+                {
+                    throw new InvalidOperationException(SR.net_auth_noauth);
+                }
+
+                return keyDerivationFunction(_exportedSessionKey, state);
+            }
         }
     }
 }
diff --git a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedSpnego.cs b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedSpnego.cs
index 1ddb004769037f..654d8d48e2c3e9 100644
--- a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedSpnego.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.ManagedSpnego.cs
@@ -450,6 +450,16 @@ public override void GetMIC(ReadOnlySpan<byte> message, IBufferWriter<byte> sign
 
                 _mechanism.GetMIC(message, signature);
             }
+
+            public override TReturn DeriveKeyFromSessionKey<TState, TReturn>(Func<ReadOnlySpan<byte>, TState, TReturn> keyDerivationFunction, TState state)
+            {
+                if (_mechanism is null || !_isAuthenticated)
+                {
+                    throw new InvalidOperationException(SR.net_auth_noauth);
+                }
+
+                return _mechanism.DeriveKeyFromSessionKey(keyDerivationFunction, state);
+            }
         }
     }
 }
diff --git a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs
index 77c3a3454b1ce6..a9c4d571d08c71 100644
--- a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unix.cs
@@ -457,6 +457,31 @@ public override unsafe bool VerifyMIC(ReadOnlySpan<byte> message, ReadOnlySpan<b
                 return status == Interop.NetSecurityNative.Status.GSS_S_COMPLETE;
             }
 
+            public override TReturn DeriveKeyFromSessionKey<TState, TReturn>(Func<ReadOnlySpan<byte>, TState, TReturn> keyDerivationFunction, TState state)
+            {
+                Debug.Assert(_securityContext is not null);
+
+                Interop.NetSecurityNative.GssBuffer keyBuffer = default;
+                try
+                {
+                    Interop.NetSecurityNative.Status minorStatus;
+                    Interop.NetSecurityNative.Status status = Interop.NetSecurityNative.InquireSecContextSessionKey(
+                        out minorStatus,
+                        _securityContext,
+                        ref keyBuffer);
+                    if (status != Interop.NetSecurityNative.Status.GSS_S_COMPLETE)
+                    {
+                        throw new Interop.NetSecurityNative.GssApiException(status, minorStatus);
+                    }
+
+                    return keyDerivationFunction(keyBuffer.Span, state);
+                }
+                finally
+                {
+                    keyBuffer.Dispose();
+                }
+            }
+
             private static Interop.NetSecurityNative.PackageType GetPackageType(string package)
             {
                 if (string.Equals(package, NegotiationInfoClass.Negotiate, StringComparison.OrdinalIgnoreCase))
diff --git a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unsupported.cs b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unsupported.cs
index 1cdeef37fad544..0094d5c67cffdd 100644
--- a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unsupported.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Unsupported.cs
@@ -54,6 +54,7 @@ public override void Dispose()
             public override NegotiateAuthenticationStatusCode UnwrapInPlace(Span<byte> input, out int unwrappedOffset, out int unwrappedLength, out bool wasEncrypted) => throw new InvalidOperationException();
             public override void GetMIC(ReadOnlySpan<byte> message, IBufferWriter<byte> signature) => throw new InvalidOperationException();
             public override bool VerifyMIC(ReadOnlySpan<byte> message, ReadOnlySpan<byte> signature) => throw new InvalidOperationException();
+            public override TReturn DeriveKeyFromSessionKey<TState, TReturn>(Func<ReadOnlySpan<byte>, TState, TReturn> keyDerivationFunction, TState state) => throw new InvalidOperationException();
         }
     }
 }
diff --git a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Windows.cs b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Windows.cs
index 8e86d3dc91ca7e..8b382661acc928 100644
--- a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Windows.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.Windows.cs
@@ -664,6 +664,29 @@ public override unsafe bool VerifyMIC(ReadOnlySpan<byte> message, ReadOnlySpan<b
                 }
             }
 
+            public override unsafe TReturn DeriveKeyFromSessionKey<TState, TReturn>(Func<ReadOnlySpan<byte>, TState, TReturn> keyDerivationFunction, TState state)
+            {
+                Debug.Assert(_securityContext is not null);
+
+                SecPkgContext_SessionKey sessionKey = default;
+                int result = Interop.SspiCli.QueryContextAttributesW(ref _securityContext._handle, Interop.SspiCli.ContextAttribute.SECPKG_ATTR_SESSION_KEY, &sessionKey);
+                if (result != 0)
+                {
+                    if (NetEventSource.Log.IsEnabled()) NetEventSource.Error(null, SR.Format(SR.net_log_operation_failed_with_error, nameof(Interop.SspiCli.QueryContextAttributesW), $"0x{result:X}"));
+                    throw new Win32Exception(result);
+                }
+
+                try
+                {
+                    ReadOnlySpan<byte> key = new ReadOnlySpan<byte>((void*)sessionKey.SessionKey, sessionKey.SessionKeyLength);
+                    return keyDerivationFunction(key, state);
+                }
+                finally
+                {
+                    Interop.SspiCli.FreeContextBuffer(sessionKey.SessionKey);
+                }
+            }
+
             private static SafeFreeCredentials AcquireDefaultCredential(string package, bool isServer)
             {
                 return SSPIWrapper.AcquireDefaultCredential(
diff --git a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.cs b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.cs
index 4f6e44ee3e375a..1458235c568857 100644
--- a/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/NegotiateAuthenticationPal.cs
@@ -25,5 +25,6 @@ internal abstract partial class NegotiateAuthenticationPal : IDisposable
         public abstract NegotiateAuthenticationStatusCode UnwrapInPlace(Span<byte> input, out int unwrappedOffset, out int unwrappedLength, out bool wasEncrypted);
         public abstract void GetMIC(ReadOnlySpan<byte> message, IBufferWriter<byte> signature);
         public abstract bool VerifyMIC(ReadOnlySpan<byte> message, ReadOnlySpan<byte> signature);
+        public abstract TReturn DeriveKeyFromSessionKey<TState, TReturn>(Func<ReadOnlySpan<byte>, TState, TReturn> keyDerivationFunction, TState state);
     }
 }
diff --git a/src/libraries/System.Net.Security/src/System/Net/Security/NegotiateAuthentication.cs b/src/libraries/System.Net.Security/src/System/Net/Security/NegotiateAuthentication.cs
index 0042f73605919f..b013213bb64aee 100644
--- a/src/libraries/System.Net.Security/src/System/Net/Security/NegotiateAuthentication.cs
+++ b/src/libraries/System.Net.Security/src/System/Net/Security/NegotiateAuthentication.cs
@@ -401,6 +401,58 @@ public bool VerifyIntegrityCheck(ReadOnlySpan<byte> message, ReadOnlySpan<byte>
             return _pal.VerifyMIC(message, signature);
         }
 
+        /// <summary>
+        /// Derive a key from the negotiate authentication's session key.
+        /// </summary>
+        /// <param name="keyDerivationFunction">A callback that receives the session key.</param>
+        /// <exception cref="InvalidOperationException">Authentication failed or has not occurred.</exception>
+        public void DeriveKeyFromSessionKey(Action<ReadOnlySpan<byte>> keyDerivationFunction) =>
+            DeriveKeyFromSessionKey(static (key, state) => state(key), keyDerivationFunction);
+
+        /// <summary>
+        /// Derive a key from the negotiate authentication's session key with the provided state.
+        /// </summary>
+        /// <param name="keyDerivationFunction">A callback that receives the session key.</param>
+        /// <param name="state">The element to pass to <paramref name="keyDerivationFunction"/>.</param>
+        /// <exception cref="InvalidOperationException">Authentication failed or has not occurred.</exception>
+        public void DeriveKeyFromSessionKey<TState>(Action<ReadOnlySpan<byte>, TState> keyDerivationFunction, TState state) =>
+            DeriveKeyFromSessionKey(
+                static (key, state) =>
+                {
+                    state.Kdf(key, state.State);
+                    return 0;
+                },
+                (Kdf: keyDerivationFunction, State: state));
+
+        /// <summary>
+        /// Derive a key from the negotiate authentication's session key.
+        /// </summary>
+        /// <typeparam name="TReturn">The return type of <paramref name="keyDerivationFunction"/>.</typeparam>
+        /// <param name="keyDerivationFunction">A callback that receives the session key and returns a value.</param>
+        /// <returns>The value returned by <paramref name="keyDerivationFunction"/>.</returns>
+        /// <exception cref="InvalidOperationException">Authentication failed or has not occurred.</exception>
+        public TReturn DeriveKeyFromSessionKey<TReturn>(Func<ReadOnlySpan<byte>, TReturn> keyDerivationFunction) =>
+            DeriveKeyFromSessionKey(static (key, state) => state(key), keyDerivationFunction);
+
+        /// <summary>
+        /// Derive a key from the negotiate authentication's session key with the provided state.
+        /// </summary>
+        /// <typeparam name="TState">The type of the state element.</typeparam>
+        /// <typeparam name="TReturn">The return type of <paramref name="keyDerivationFunction"/>.</typeparam>
+        /// <param name="keyDerivationFunction">A callback that receives the session key and returns a value.</param>
+        /// <param name="state">The element to pass to <paramref name="keyDerivationFunction"/>.</param>
+        /// <returns>The value returned by <paramref name="keyDerivationFunction"/>.</returns>
+        /// <exception cref="InvalidOperationException">Authentication failed or has not occurred.</exception>
+        public TReturn DeriveKeyFromSessionKey<TState, TReturn>(Func<ReadOnlySpan<byte>, TState, TReturn> keyDerivationFunction, TState state)
+        {
+            if (!IsAuthenticated || _isDisposed)
+            {
+                throw new InvalidOperationException(SR.net_auth_noauth);
+            }
+
+            return _pal.DeriveKeyFromSessionKey(keyDerivationFunction, state);
+        }
+
         private bool CheckSpn()
         {
             Debug.Assert(_extendedProtectionPolicy != null);
diff --git a/src/libraries/System.Net.Security/tests/FunctionalTests/NegotiateAuthenticationKerberosTest.cs b/src/libraries/System.Net.Security/tests/FunctionalTests/NegotiateAuthenticationKerberosTest.cs
index d7149f8daf62d7..d6e2cdba87c698 100644
--- a/src/libraries/System.Net.Security/tests/FunctionalTests/NegotiateAuthenticationKerberosTest.cs
+++ b/src/libraries/System.Net.Security/tests/FunctionalTests/NegotiateAuthenticationKerberosTest.cs
@@ -17,7 +17,7 @@ public NegotiateAuthenticationKerberosTest(ITestOutputHelper testOutputHelper)
         {
             _testOutputHelper = testOutputHelper;
         }
-    
+
         [Fact]
         public async Task Loopback_Success()
         {
@@ -58,6 +58,10 @@ await kerberosExecutor.Invoke(() =>
                 Assert.Equal("Kerberos", serverNegotiateAuthentication.Package);
                 Assert.True(clientNegotiateAuthentication.IsAuthenticated);
                 Assert.True(serverNegotiateAuthentication.IsAuthenticated);
+
+                byte[] clientKey = clientNegotiateAuthentication.DeriveKeyFromSessionKey(static (k) => k.ToArray());
+                byte[] serverKey = serverNegotiateAuthentication.DeriveKeyFromSessionKey(static (k) => k.ToArray());
+                Assert.Equal(clientKey, serverKey);
             });
         }
 
diff --git a/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs b/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs
index 2120d49a924f30..a23ba660b354dc 100644
--- a/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs
+++ b/src/libraries/System.Net.Security/tests/UnitTests/NegotiateAuthenticationTests.cs
@@ -64,6 +64,53 @@ public void RemoteIdentity_ThrowsOnDisposed()
             }
         }
 
+        [Fact]
+        public void DeriveKeyFromSessionKey_ThrowsOnUnauthenticated()
+        {
+            NegotiateAuthenticationClientOptions clientOptions = new NegotiateAuthenticationClientOptions { Credential = s_testCredentialRight, TargetName = "HTTP/foo" };
+            NegotiateAuthentication negotiateAuthentication = new NegotiateAuthentication(clientOptions);
+            Assert.Throws<InvalidOperationException>(() => negotiateAuthentication.DeriveKeyFromSessionKey(static (k) => throw new Exception()));
+        }
+
+        [ConditionalFact(nameof(IsNtlmAvailable))]
+        public void DeriveKeyFromSessionKey()
+        {
+            using FakeNtlmServer fakeNtlmServer = new FakeNtlmServer(s_testCredentialRight);
+            NegotiateAuthentication negotiateAuthentication = new NegotiateAuthentication(
+                new NegotiateAuthenticationClientOptions
+                {
+                    Package = "NTLM",
+                    Credential = s_testCredentialRight,
+                    TargetName = "HTTP/foo",
+                    RequiredProtectionLevel = ProtectionLevel.Sign
+                });
+
+            DoNtlmExchange(fakeNtlmServer, negotiateAuthentication);
+
+            Assert.True(fakeNtlmServer.IsAuthenticated);
+            Assert.True(negotiateAuthentication.IsAuthenticated);
+
+            byte[] sessionKey = negotiateAuthentication.DeriveKeyFromSessionKey(static (k) => k.ToArray());
+            Assert.Equal(16, sessionKey.Length);  // NTLM is always 16
+
+            negotiateAuthentication.DeriveKeyFromSessionKey((k) =>
+            {
+                Assert.Equal(sessionKey, k);
+            });
+
+            negotiateAuthentication.DeriveKeyFromSessionKey(static (k, s) =>
+            {
+                Assert.Equal(s, k);
+            }, sessionKey);
+
+            bool res = negotiateAuthentication.DeriveKeyFromSessionKey(static (k, s) =>
+            {
+                Assert.Equal(s, k);
+                return true;
+            }, sessionKey);
+            Assert.True(res);
+        }
+
         [Fact]
         public void Package_Unsupported()
         {
diff --git a/src/libraries/System.Net.Security/tests/UnitTests/System.Net.Security.Unit.Tests.csproj b/src/libraries/System.Net.Security/tests/UnitTests/System.Net.Security.Unit.Tests.csproj
index d35de6d843f3d6..89b571858ea51b 100644
--- a/src/libraries/System.Net.Security/tests/UnitTests/System.Net.Security.Unit.Tests.csproj
+++ b/src/libraries/System.Net.Security/tests/UnitTests/System.Net.Security.Unit.Tests.csproj
@@ -289,6 +289,8 @@
              Link="Common\Interop\Windows\SspiCli\SecurityPackageInfoClass.cs" />
     <Compile Include="$(CommonPath)Interop\Windows\SspiCli\SecurityPackageInfo.cs"
              Link="Common\Interop\Windows\SspiCli\SecurityPackageInfo.cs" />
+    <Compile Include="$(CommonPath)Interop\Windows\SspiCli\SecPkgContext_SessionKey.cs"
+             Link="Common\Interop\Windows\SspiCli\SecPkgContext_SessionKey.cs" />
     <Compile Include="$(CommonPath)Interop\Windows\SspiCli\SecPkgContext_Sizes.cs"
              Link="Common\Interop\Windows\SspiCli\SecPkgContext_Sizes.cs" />
     <Compile Include="$(CommonPath)Interop\Windows\SspiCli\SafeDeleteContext.cs"
diff --git a/src/native/libs/Common/pal_config.h.in b/src/native/libs/Common/pal_config.h.in
index c8e43fa37dd6a7..5e634beb92130e 100644
--- a/src/native/libs/Common/pal_config.h.in
+++ b/src/native/libs/Common/pal_config.h.in
@@ -102,6 +102,7 @@
 #cmakedefine01 HAVE_TCP_H_TCPSTATE_ENUM
 #cmakedefine01 HAVE_TCP_FSM_H
 #cmakedefine01 HAVE_GSSFW_HEADERS
+#cmakedefine01 HAVE_GSS_C_INQ_SSPI_SESSION_KEY
 #cmakedefine01 HAVE_GSS_SPNEGO_MECHANISM
 #cmakedefine01 HAVE_HEIMDAL_HEADERS
 #cmakedefine01 HAVE_NSGETENVIRON
diff --git a/src/native/libs/System.Net.Security.Native/entrypoints.c b/src/native/libs/System.Net.Security.Native/entrypoints.c
index 07882c163ec5fe..28e3ab1932072b 100644
--- a/src/native/libs/System.Net.Security.Native/entrypoints.c
+++ b/src/native/libs/System.Net.Security.Native/entrypoints.c
@@ -29,6 +29,7 @@ static const Entry s_securityNative[] =
     DllImportEntry(NetSecurityNative_Wrap)
     DllImportEntry(NetSecurityNative_GetMic)
     DllImportEntry(NetSecurityNative_VerifyMic)
+    DllImportEntry(NetSecurityNative_InquireSecContextSessionKey)
 };
 
 EXTERN_C const void* SecurityResolveDllImport(const char* name);
diff --git a/src/native/libs/System.Net.Security.Native/pal_gssapi.c b/src/native/libs/System.Net.Security.Native/pal_gssapi.c
index c12f4c26cf1b72..a0b725867f8199 100644
--- a/src/native/libs/System.Net.Security.Native/pal_gssapi.c
+++ b/src/native/libs/System.Net.Security.Native/pal_gssapi.c
@@ -56,6 +56,13 @@ static gss_OID_desc gss_mech_ntlm_OID_desc = {.length = STRING_LENGTH(gss_ntlm_o
                                               .elements = gss_ntlm_oid_value};
 #endif
 
+#if !HAVE_GSS_C_INQ_SSPI_SESSION_KEY
+static char gss_c_inq_sspi_session_key_oid_value[] =
+    "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05"; // Binary representation of GSS_C_INQ_SSPI_SESSION_KEY OID
+static gss_OID_desc gss_c_inq_sspi_session_key_OID_desc = {.length = STRING_LENGTH(gss_c_inq_sspi_session_key_oid_value),
+                                                           .elements = gss_c_inq_sspi_session_key_oid_value};
+#endif
+
 #if defined(GSS_SHIM)
 
 #define FOR_ALL_GSS_FUNCTIONS \
@@ -69,9 +76,11 @@ static gss_OID_desc gss_mech_ntlm_OID_desc = {.length = STRING_LENGTH(gss_ntlm_o
     PER_FUNCTION_BLOCK(gss_indicate_mechs) \
     PER_FUNCTION_BLOCK(gss_init_sec_context) \
     PER_FUNCTION_BLOCK(gss_inquire_context) \
+    PER_FUNCTION_BLOCK(gss_inquire_sec_context_by_oid) \
     PER_FUNCTION_BLOCK(gss_mech_krb5) \
     PER_FUNCTION_BLOCK(gss_oid_equal) \
     PER_FUNCTION_BLOCK(gss_release_buffer) \
+    PER_FUNCTION_BLOCK(gss_release_buffer_set) \
     PER_FUNCTION_BLOCK(gss_release_cred) \
     PER_FUNCTION_BLOCK(gss_release_name) \
     PER_FUNCTION_BLOCK(gss_release_oid_set) \
@@ -103,8 +112,10 @@ static void* volatile s_gssLib = NULL;
 #define gss_indicate_mechs(...)             gss_indicate_mechs_ptr(__VA_ARGS__)
 #define gss_init_sec_context(...)           gss_init_sec_context_ptr(__VA_ARGS__)
 #define gss_inquire_context(...)            gss_inquire_context_ptr(__VA_ARGS__)
+#define gss_inquire_sec_context_by_oid(...) gss_inquire_sec_context_by_oid_ptr(__VA_ARGS__)
 #define gss_oid_equal(...)                  gss_oid_equal_ptr(__VA_ARGS__)
 #define gss_release_buffer(...)             gss_release_buffer_ptr(__VA_ARGS__)
+#define gss_release_buffer_set(...)         gss_release_buffer_set_ptr(__VA_ARGS__)
 #define gss_release_cred(...)               gss_release_cred_ptr(__VA_ARGS__)
 #define gss_release_name(...)               gss_release_name_ptr(__VA_ARGS__)
 #define gss_release_oid_set(...)            gss_release_oid_set_ptr(__VA_ARGS__)
@@ -706,6 +717,52 @@ uint32_t NetSecurityNative_IsNtlmInstalled(void)
     return foundNtlm;
 }
 
+uint32_t NetSecurityNative_InquireSecContextSessionKey(uint32_t* minorStatus,
+                                                       GssCtxId* contextHandle,
+                                                       PAL_GssBuffer* outBuffer)
+{
+    assert(minorStatus != NULL);
+    assert(contextHandle != NULL);
+    assert(outBuffer != NULL);
+
+    uint32_t minorStatusFree;
+    size_t i;
+#if HAVE_GSS_C_INQ_SSPI_SESSION_KEY
+    gss_OID desiredObject = GSS_C_INQ_SSPI_SESSION_KEY;
+#else
+    gss_OID desiredObject = &gss_c_inq_sspi_session_key_OID_desc;
+#endif
+    gss_buffer_set_t sessionKey = GSS_C_NO_BUFFER_SET;
+
+    uint32_t majorStatus =
+        gss_inquire_sec_context_by_oid(minorStatus, contextHandle, desiredObject, &sessionKey);
+
+    if (majorStatus != GSS_S_COMPLETE)
+    {
+        return majorStatus;
+    }
+
+    // We expect at least 1 buffer in the set with the first being the session key.
+    if (sessionKey->count < 1)
+    {
+        gss_release_buffer_set(&minorStatusFree, &sessionKey);
+        return GSS_S_FAILURE;
+    }
+
+    // It is difficult to map the buffer set to the .NET shim so we copy the session key into a single buffer that can
+    // be freed by our shim. We need to make sure we clear out the remaining data set values and the set itself.
+    NetSecurityNative_MoveBuffer(&sessionKey->elements[0], outBuffer);
+
+    for (i = 1; i < sessionKey->count; i++)
+    {
+        gss_release_buffer(&minorStatusFree, &sessionKey->elements[i]);
+    }
+    free(sessionKey->elements);
+    free(sessionKey);
+
+    return majorStatus;
+}
+
 int32_t NetSecurityNative_EnsureGssInitialized(void)
 {
 #if defined(GSS_SHIM)
diff --git a/src/native/libs/System.Net.Security.Native/pal_gssapi.h b/src/native/libs/System.Net.Security.Native/pal_gssapi.h
index 10be636c7789e5..a72ec80eae7f5c 100644
--- a/src/native/libs/System.Net.Security.Native/pal_gssapi.h
+++ b/src/native/libs/System.Net.Security.Native/pal_gssapi.h
@@ -220,6 +220,14 @@ PALEXPORT uint32_t NetSecurityNative_GetUser(uint32_t* minorStatus,
                                              GssCtxId* contextHandle,
                                              PAL_GssBuffer* outBuffer);
 
+
+/*
+Shims gss_inquire_sec_context_by_oid with GSS_C_INQ_SSPI_SESSION_KEY.
+*/
+PALEXPORT uint32_t NetSecurityNative_InquireSecContextSessionKey(uint32_t* minorStatus,
+                                                                 GssCtxId* contextHandle,
+                                                                 PAL_GssBuffer* outBuffer);
+
 /*
 Performs initialization of GSS shim, if necessary.
 Return value 0 indicates a success.
diff --git a/src/native/libs/configure.cmake b/src/native/libs/configure.cmake
index fc7332a54f9fac..1575d689d54798 100644
--- a/src/native/libs/configure.cmake
+++ b/src/native/libs/configure.cmake
@@ -1041,11 +1041,19 @@ check_include_files(
     HAVE_GSSFW_HEADERS)
 
 if (HAVE_GSSFW_HEADERS)
+    check_symbol_exists(
+        GSS_C_INQ_SSPI_SESSION_KEY
+        "GSS/GSS.h"
+        HAVE_GSS_C_INQ_SSPI_SESSION_KEY)
     check_symbol_exists(
         GSS_SPNEGO_MECHANISM
         "GSS/GSS.h"
         HAVE_GSS_SPNEGO_MECHANISM)
 else ()
+    check_symbol_exists(
+        GSS_C_INQ_SSPI_SESSION_KEY,
+        "gssapi/gssapi.h"
+        HAVE_GSS_C_INQ_SSPI_SESSION_KEY)
     check_symbol_exists(
         GSS_SPNEGO_MECHANISM
         "gssapi/gssapi.h"