World Library  
Flag as Inappropriate
Email this Article

Tls-psk

Article Id: WHEBN0014453017
Reproduction Date:

Title: Tls-psk  
Author: World Heritage Encyclopedia
Language: English
Subject: Intel Active Management Technology, Secure communication
Collection:
Publisher: World Heritage Encyclopedia
Publication
Date:
 

Tls-psk

Transport layer security pre-shared key ciphersuites (TLS-PSK) is a set of cryptographic protocols that provide secure communication based on pre-shared keys (PSKs). These pre-shared keys are symmetric keys shared in advance among the communicating parties.

There are several ciphersuites: The first set of ciphersuites uses only symmetric key operations for authentication. The second set uses a Diffie-Hellman key exchange authenticated with a pre-shared key. The third set combines public key authentication of the server with pre-shared key authentication of the client.

Usually, TLS uses public key certificates or Kerberos for authentication. TLS-PSK uses symmetric keys, shared in advance among the communicating parties, to establish a TLS connection. There are several reasons to use PSKs:

  • Using pre-shared keys can, depending on the ciphersuite, avoid the need for public key operations. This is useful if TLS is used in performance-constrained environments with limited CPU power.
  • Pre-shared keys may be more convenient from a key management point of view. For instance, in closed environments where the connections are mostly configured manually in advance, it may be easier to configure a PSK than to use certificates. Another case is when the parties already have a mechanism for setting up a shared secret key, and that mechanism could be used to “bootstrap” a key for authenticating a TLS connection.

Standards

  • RFC 4279: “Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)”.
  • RFC 4785: “Pre-Shared Key (PSK) Ciphersuites with NULL Encryption for Transport Layer Security (TLS)”.
  • RFC 5487: “Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and AES Galois Counter Mode”.
  • RFC 5489: “ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)”.

See also

This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and USA.gov, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for USA.gov and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
 
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
 
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.
 


Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.