[Cryptography] How widely are the PSK modes used?
Dmitry Belyavsky
beldmit at gmail.com
Fri Feb 22 02:27:50 EST 2019
Dear Jon,
On Fri, Feb 22, 2019 at 2:22 AM Jon Callas <jon at callas.org> wrote:
>
>
> > On Feb 21, 2019, at 10:30 AM, Dmitry Belyavsky <beldmit at gmail.com>
> wrote:
> >
> > чт, 21 февр. 2019 г., 21:27 John Denker <jsd at av8n.com>:
> > On 2/21/19 2:48 AM, Dmitry Belyavsky wrote:
> >
> > > Could you please describe the spheres where PSK ciphersuites are used
> in
> > > practice?
> >
> > You mean besides more-or-less every WPA wireless setup?
> >
> > Does WPA use TLS? I mostly mean TLS context. Sorry for the lack of
> clarity.
>
> I think this gets to the core of the issue. As John Denker points out,
> just about every WiFi setup in the world is using a single pre-shared key.
> You can get per-link keys, but you have to set up “Enterprise” WPA and do
> Radius and stuff like that. It’s much easier to have a PSK and go.
>
> In contrast, TLS is *easy* to use with ephemeral(ish) keys; it’s the usual
> way we all do it. You *can* do TLS with PSKs, but it’s hard to set up.
> Thus, you rarely see PSK with TLS for the very same reason you usually see
> it with WPA.
>
> Thus, I’m curious about what the question behind your question is. In TLS,
> it’s hard to set up PSKs, it’s not the normal user experience, and
> consequently it’s rare. If it were easy to use PSKs with TLS, we’d see it a
> lot.
>
>
I suppose there are some places where PSK is necessary though
bootstrapping it is still hard. For example, a lack of randomness for the
normal TLS in IoT solutions can be such a place.
The other place I keep in mind is TLS 1.3, where the PSK mode, if I
understand it correctly, is a part of session resumption and, if it is not
available, we have to do the full handshake.
The real question is: if we make a PSK-less TLS profile, what problems do
we get? What areas will suffer from such a limitation?
Thank you!
--
SY, Dmitry Belyavsky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20190222/47c484bd/attachment.html>
More information about the cryptography
mailing list