Collaborate Disseminate
It is very common (at least where I am) for routers to come with a WiFi-PSK on the bottom of the router.
And I don’t mean something like Wifi-Link-2G, I mean something random and (cryptographically) secure.
For example, my one came with th… Continue reading Is it safe to keep the (secure and random) PSK provided with your router?
"The KeyUpdate handshake message is used to indicate that the sender is updating its sending cryptographic keys."
"If the request_update field is set to "update_requested", then the receiver MUST send a KeyUpdate o… Continue reading what should be the response of keyupdate if the initial KeyUpdateRequest is set to update_not_requested not update_requested
I am having a Handshake session of PSK_only mode in TLS1.3 , where I use PSK’s established out of band.
consider, client Hello is sent with the extensions of supported_versions, PreSharedKey, psk_key_exchange_modes
Q1)If server sends a Hel… Continue reading In TLS1.3 can the client hello have the extensions which were not sent as part of HelloRetryRequest
I am doing testing with some ethernet device, for which I use an own TLS implementation (using OpenSSL for the actual cryptographic functions). There are pre shared keys used. When I am connecting to the device using the cipher suite TLS_P… Continue reading Anlyzing PSK-TLS handshake (Handshake Finished record) in Wireshark
I’m looking for a standard solution to the following problem. I’ve been unable to find how something like this is normally accomplished. Even a key word that points me in the right direction would be helpful at this point.
Imagine two devi… Continue reading Authenticating a device for remote motor control
In the context of TLS 1.3 session resumption, how is the pre-shared key derived? Section 7 of RFC 8446 says the the PSK is derived from the "derived from the resumption_master_secret value from a previous connection" using this f… Continue reading How is the TLS PSK derived? [closed]
TLS 1.2 session tickets are encrypted by the server with the session ticket encryption key (STEK). This key is shared with all the servers doing TLS termination. The session ticket contains all the information the server needs to resume th… Continue reading TLS session ticket vs pre-shared key state management
All you want is a decent night’s sleep, so you decide to invest in one of those fancy adjustable beds. At first, it’s fine — being able to adjust the …read more Continue reading Reverse Engineering a Better Night’s Sleep
Pre-Shared Key (PSK) with simple symmetric encryption is a popular way of solving both client and server authentication when SSL cannot be used for some reason (for example, can’t trust or deal with certificate management, or even SSL not … Continue reading How to build a PSK website
EAP-TLS with TLS 1.3 is standardized in RFC 9190. Section 2.1.1 specifies Authentication. The RFC states that PSK authentication shall not be used except for resumption. This is surprising, because TLS 1.3 allows authentication with PSK (a… Continue reading Why does EAP-TLS 1.3 not allow for PSK authentication?