On Thu, 2017-10-26 at 15:03 +0000, Tony Putman wrote: > Hi all, > > I've recently started working in the IoT space and wish to > standardize > our transport security by introducing the use of DTLS. It seems that > the > usual practice is to use PSK for mutual authentication, but I'm not > happy with this solution. A breach of server security allows not only > server impersonation, but also, due to the PSK symmetry, client > impersonation.
If you worry about server impersonation in TLS1.2 there are the RSA-PSK ciphersuites which require the server to utilize its private key in RFC4279. If you worry about client impersonation there is TLS with SRP (RFC5054), which can also provide protection against server impersonation on the SRP-RSA mode. The latter is only defined over FF, i.e, there is no EC-based version of SRP defined for TLS. regards, Nikos _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
