1

I have read that once TLS-PSK encryption is about equally secure as TLS-PKI. The level of security by both depends on the data entered to configure the encryption. Could you please confirm this?

Here are the points I am interested in:

  • What is the difference between TLS-PKI and TLS-PSK?
  • Which encryption standard is more secure and why?
  • If I wish to protect my access to the servers, will TLS-PSK suffice? TLS-PSK is significantly faster to configure.

Thank you.

Bunkai.Satori
  • 117
  • 2
  • 10

1 Answers1

4
  • PSK you give the key to someone first

  • PKI you request the key after receiving something

  • PSK is used more for things like access

  • PKI is used more for things like authentication

past that your level of security is dependent on your encryption algorithm.

Jacob Evans
  • 7,886
  • 3
  • 29
  • 57
  • Hi Jacob, thank you for this explanation. In other words, if I configure secure connection just for me, I do not have to strive to have PKI. PSK should work just fine. After the communication is established, possible intruder will have the same difficulty penetrating the encryption. – Bunkai.Satori Sep 18 '15 at 13:32
  • Yes, just like if you and your home router want to talk, PSK is perfect, but distributing that key to 100s of employees is why PSK fails, key rotation is also a factor. – Jacob Evans Sep 18 '15 at 13:34