TLS中PSK的簡要介紹

發(fā)布時(shí)間：2020-05-30 16:38:17 來源：網(wǎng)絡(luò) 閱讀：2762 作者：MAKOfly 欄目：安全技術(shù)

PSK的目的

??我們都知道TLS需要依賴非對(duì)稱算法（RSK，EC，DS，DH...）完成秘鑰交換，身份認(rèn)證的功能，但是非對(duì)稱算法的耗時(shí)和耗計(jì)算資源的特性在對(duì)資源或者耗時(shí)敏感的場景下，你就想把他優(yōu)化掉。本文我們就簡紹一種TLS標(biāo)準(zhǔn)本身提供的優(yōu)化方式:PSK.

PSK的江湖地位

??PSK的方式應(yīng)該是最古老的一種秘鑰交換和認(rèn)證方式，但是它在TLS中的江湖地位是比較低的，從最早的非正式的優(yōu)化方案到有了自己的RFC編號(hào)RFC4279(December 2005)對(duì)比TLS的歷史

TLS中PSK的核心目的

一下是RFC中的原文摘錄

This document specifies three sets of new ciphersuites for the
   Transport Layer Security (TLS) protocol to support authentication
   based on pre-shared keys (PSKs).  
These pre-shared keys are symmetric
   keys, shared in advance among the communicating parties. 

一，The first set of ciphersuites uses only symmetric key operations for  authentication.  

TLS_PSK_WITH_RC4_128_SHA           PSK           RC4_128       SHA
TLS_PSK_WITH_3DES_EDE_CBC_SHA      PSK           3DES_EDE_CBC  SHA
TLS_PSK_WITH_AES_128_CBC_SHA       PSK           AES_128_CBC   SHA
TLS_PSK_WITH_AES_256_CBC_SHA       PSK           AES_256_CBC   SHA

二，The second set uses a Diffie-Hellman exchange authenticated with a pre-shared key, and

TLS_DHE_PSK_WITH_RC4_128_SHA       DHE_PSK       RC4_128       SHA
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA  DHE_PSK       3DES_EDE_CBC  SHA
TLS_DHE_PSK_WITH_AES_128_CBC_SHA   DHE_PSK       AES_128_CBC   SHA
TLS_DHE_PSK_WITH_AES_256_CBC_SHA   DHE_PSK       AES_256_CBC   SHA

三，the third set combines  public key authentication of the server with pre-shared key authentication of the client.

TLS_RSA_PSK_WITH_RC4_128_SHA       RSA_PSK       RC4_128       SHA
 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA  RSA_PSK       3DES_EDE_CBC  SHA
 TLS_RSA_PSK_WITH_AES_128_CBC_SHA   RSA_PSK       AES_128_CBC   SHA
 TLS_RSA_PSK_WITH_AES_256_CBC_SHA   RSA_PSK       AES_256_CBC   SHA

向AI問一下細(xì)節(jié)

TLS中PSK的簡要介紹

PSK的目的

PSK的江湖地位

TLS中PSK的核心目的

猜你喜歡

最新資訊

相關(guān)推薦

相關(guān)標(biāo)簽