Wiki English
Wiki EnglishWiki DeutschWiki Nederlands

Pre-Shared Key

In cryptography, a pre-shared key (PSK) is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used.

Key

To build a key from shared secret, the key derivation function is typically used. Such systems almost always use symmetric key cryptographic algorithms. The term PSK is used in Wi-Fi encryption such as Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), where the method is called WPA-PSK or WPA2-PSK, and also in the Extensible Authentication Protocol (EAP), where it is known as EAP-PSK. In all these cases, both the wireless access points (AP) and all clients share the same key.

The characteristics of this secret or key are determined by the system which uses it; some system designs require that such keys be in a particular format. It can be a password, a passphrase, or a hexadecimal string. The secret is used by all systems involved in the cryptographic processes used to secure the traffic between the systems.

Crypto systems rely on one or more keys for confidentiality. One particular attack is always possible against keys, the brute force key space search attack. A sufficiently long, randomly chosen, key can resist any practical brute force attack, though not in principle if an attacker has sufficient computational power (see password strength and password cracking for more discussion). Unavoidably, however, pre-shared keys are held by both parties to the communication, and so can be compromised at one end, without the knowledge of anyone at the other. There are several tools available to help one choose strong passwords, though doing so over any network connection is inherently unsafe as one cannot in general know who, if anyone, may be eavesdropping on the interaction. Choosing keys used by cryptographic algorithms is somewhat different in that any pattern whatsoever should be avoided, as any such pattern may provide an attacker with a lower effort attack than brute force search. This implies random key choice to force attackers to spend as much effort as possible; this is very difficult in principle and in practice as well. As a general rule, any software except a cryptographically secure pseudorandom number generator (CSPRNG) should be avoided.

See also

References

Tags:

CryptographySecure channelShared secret

🔥 Trending searches on Wiki English:

Hugh JackmanOlu FashanuDubaiAnya Taylor-JoyRonan FarrowSpice GirlsUnsimulated sex2024 Summer OlympicsRichard Nixon2024 Indian general election in BiharList of countries by GDP (nominal) per capitaJoe Alwyn69 (sex position)Scarlett JohanssonJosh BrolinGmailCaleb WilliamsDeadpool & WolverineRobert Downey Jr.Shaitaan (2024 film)ChinaThe Three-Body Problem (novel)Columbia UniversityRonald ReaganKylian MbappéRuslaan2024 Indian general election in DelhiFacebookLewis HamiltonBob Cole (sportscaster)Justin BieberManchester City F.C.2024 Indian general election in TelanganaTaliese FuagaResults of the 2019 Indian general electionUkraineWordleJimmy CarterOttoman EmpireBrad PittBharatiya Janata PartyWhite dress of Marilyn MonroeMeta PlatformsPoor Things (film)Sonic the Hedgehog 3 (film)José Mourinho2017 NFL draftAlia BhattRoger GoodellBradley CooperKombucha2023–24 Premier LeagueWilliam Temple FranklinGaza Strip2018 AFC U-23 ChampionshipTom CruiseIsraeli–Palestinian conflictArne SlotGraham Barton2024 Indian Premier LeagueLaapataa LadiesDeaths in 2024Clara BowBored ApeMarianne BachmeierLimoneneKYURAngela KinseyBarack ObamaDune (2021 film)Diana, Princess of Wales2024 Premier League DartsThe Gentlemen (2024 TV series)Marilyn MonroeStormy DanielsArtificial intelligenceAriana GrandeJordan Morgan (American football, born 2001)Anthony Perkins🡆 More