Hi Hosnieh,I suggest you seriously study [0] or [1] and try to frame your question more precisely because you are misunderstanding the key schedule as well as the guarantees that PSK-based handshake provides.
On 18.11.25 10:39, H.Rafiee wrote:
main secret is not any generated key
Wrong. It is a key generated within the TLS key schedule. See the specs [1]. Just because you don't see some key in OpenSSL implementation does not mean that it is not generated.
but it is similar to initual key.
Perhaps it's a typo. What do you mean by "initual" key?
You have to understand that performance comes at the cost of security. Could you please quote a few prominent ones for us?If you are using PSK handshakes without ECDH there is no security against PSK compromise. All keys in a PSK-without-ECDHE handshake are deterministic, this is well understood and documented.This is A) why almost nobody seems to support/use PSK-only handshakes and B) e.g. TLS session tickets are often one-time-use.I totally agree with B, but not with A. please search on internet that for performance cases how many system are using it
and secondly, this did not answer still the problem of not randomized early secret which is used as inputs for key derivation for session or handshake key.
This has been answered in [2].
[1] https://www.ietf.org/archive/id/draft-ietf-tls-rfc8446bis-14.html#figure-5[0] https://www.researchgate.net/publication/396245726_Perspicuity_of_Attestation_Mechanisms_in_Confidential_Computing_Validation_of_TLS_13_Key_Schedule
[2] https://mailarchive.ietf.org/arch/msg/tls/17zIQeq9mE0TUXQip1OSTg_l_pg/
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
