[Help-gnutls] Re: Question regarding TLS with PSK

Simon Josefsson simon at josefsson.org
Thu Aug 16 11:40:12 CEST 2007

Frank Eberle <himself at frank-eberle.de> writes:

> Hello,
> I've to write an application which requires a secured communication
> channel. To keep the user's effort minimal I want to use pre-shared
> keys for authentication.
> Now my question: In my understanding when using PSK-DH the client is
> authenticated when connecting to the server, but is the server also
> authenticated against the client?

The PSK handshake will not succeed unless both sides know the same
pre-shared key.  A theorist may say that it is not the same thing as
cryptographic authentication, but in practice people traditionally do
not care about the difference.

> Or in other words: When an attacker replaces the server by his own
> implementation is the client able to recognize this? Or do I have to
> use a server certificate to achieve this.

Yes, the client should notice this because the handshake will fail.  You
could try this.


More information about the Gnutls-help mailing list