Computer Science/Terminology

Pre-Shared Key (PSK)

Dichter_dev 2018. 3. 30. 21:28

Pre-shared Key

In cryptography, a pre-shared key (PSK) is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used.

To build a key from shared secret, the key derivation function is typically used. Such systems almost always use symmetric key cryptographic algorithms. The term PSK is used in Wi-Fi encryption such as Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), where the method is called WPA-PSK or WPA2-PSK, and also in the Extensible Authentication Protocol (EAP), where it is known as EAP-PSK. In all these cases, both the wireless access point (AP) and all clients share the same key.

The characteristics of this secret or keyare determined by the system which uses it; some system designs require that such keys be in a particular format. It can be a password, a pass phrase, or a hexadecimal string. The secret is used by all systems involved in the cryptographic processes used to secure the traffic between the systems.

Crypto systems rely on one or more keys for confidentiality. One particular attack is always against keys, the brute force key search attack. A sufficiently long, randomly chosen, key can resist any practical brute force attack, though not in principle if an attacker hassufficient computational power. Unavoidably, however, pre-shared keys are heldby both parties to the communication, and so can be compromised at one end, without the knowledge of anyone at the other. There are several tools available to help one chose strong passwords, though doing so over any network connection is inherently unsafe as one cannot in general know who, if anyone, may be eavesdropping on the interaction. Choosing keys used by cryptographic algorithms is somewhat different in that any pattern whatsoever should be avoided, as any such pattern may provide an attacker with a lower effort attack than brute force search. This implies random key choice to force attackers to spend as much effort as possible; this is very difficult in principle and in practice as well. As a general rule, any software except a cryptographically secure pseudorandom number generator should be avoided.

From: https://en.wikipedia.org/wiki/Pre-shared_key


저작자표시 비영리 변경금지 (새창열림)