You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The tls1.3 ecdh secret key generation there is a performance limit when 3-4 million tcp connections per server, the client may frequently build a connection, I consider using psk, the server does not want to maintain the state, so
the first time connection does tls1.3 complete process, exchange certificate, generate secret key, after that ,the server uses the a key to encrypt masterkey and sends it to the client by newsessionticket , the client save the ticket .
When the client reconnects, it loads the ticket and psk identity and sends them to the server, decrypts them get masterkey.
I am not sure if this idea can be implemented with openssl1.1 or 3.x. Nowadays, the information shows that psk cannot be raw used as the masterkey , seems only replaces the certificate, but rfc shows that the server can use psk to restore the connection statelessly and encrypt the master key with the secret key only kept by the server.
I don't want to do another secret key derivation when restore session use psk.
Thanks for any help.
This discussion was converted from issue #21235 on August 20, 2023 13:47.
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
The tls1.3 ecdh secret key generation there is a performance limit when 3-4 million tcp connections per server, the client may frequently build a connection, I consider using psk, the server does not want to maintain the state, so
the first time connection does tls1.3 complete process, exchange certificate, generate secret key, after that ,the server uses the a key to encrypt masterkey and sends it to the client by newsessionticket , the client save the ticket .
When the client reconnects, it loads the ticket and psk identity and sends them to the server, decrypts them get masterkey.
I am not sure if this idea can be implemented with openssl1.1 or 3.x. Nowadays, the information shows that psk cannot be raw used as the masterkey , seems only replaces the certificate, but rfc shows that the server can use psk to restore the connection statelessly and encrypt the master key with the secret key only kept by the server.
I don't want to do another secret key derivation when restore session use psk.
Thanks for any help.
Beta Was this translation helpful? Give feedback.
All reactions