[openssl-users] Authentication over ECDHE

Viktor Dukhovni openssl-users at dukhovni.org
Mon Dec 24 16:43:12 UTC 2018

On Mon, Dec 24, 2018 at 04:29:49PM +0000, Matt Caswell wrote:

> How about using PSKs? That way you completely avoid the need for a certificate.
> Authentication is implied since both peers must have access to the PSK for the
> connection to succeed. ECDHE can be combined with the PSK to create a temporary
> key for the connection, thus giving you forward secrecy, e.g. using a
> ciphersuite such as ECDHE-PSK-AES128-CBC-SHA256.

This requires more complex application code on the client and server,
so I would not recommend it.  And IIRC there may be some complications
with getting PSKs to work across both TLS 1.2 and TLS 1.3???


More information about the openssl-users mailing list