wolfSSL with ECDHE-PSK Cipher Suites



The wolfSSL embedded SSL/TLS library has added the option for using ECDHE-PSK cipher suites. This opens up using the small memory size ECC keys with PSK on embedded devices.

PSK (pre shared keys) is a viable option when controlling both ends of the connection. It allows for saving memory and computation time when performing a TLS handshake. Adding ECDHE gives the cipher suite perfect forward secrecy with using an ephemeral ECC key during the TLS handshake. Previously wolfSSL had DHE-PSK cipher suites but using ECDHE-PSK cipher suites will save even more memory, beneficial in resource-constrained, IoT devices.

The ECDHE-PSK cipher suites available to users include:

ECDHE-PSK-NULL-SHA256
ECDHE-PSK-AES128-CBC-SHA256
ECDHE-PSK-CHACHA20-POLY1305

Originally posted at: http://www.wolfssl.com/wolfSSL/Blog/Entries/2016/4/14_wolfSSL_with_ECDHE-PSK_Cipher_Suites.html
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.