A pre-shared key (PSK) is a type of password used in cryptography. It's a shared secret that must be known by both parties involved in a secure communication before they begin their interaction. This key is exchanged through a secure channel beforehand to ensure that both parties can verify each other and keep their communication private.
The primary role of a PSK is to enable encryption, which keeps data safe from unauthorized access. When two devices need to communicate securely, they use the PSK to encrypt the messages they send to each other. Only the devices with the correct PSK can decrypt and read these messages, thus maintaining confidentiality and security.
In practice, a PSK can be a simple password, a passphrase, or a more complex string of characters, often written in hexadecimal format. It's crucial that this key is robust and random to avoid easy guessing through brute force attacks, where an attacker tries many possible keys until they find the right one. To ensure security, the key should be sufficiently long and chosen randomly. Using simple or short keys makes the communication vulnerable to attackers.
A PSK is commonly used in Wi-Fi security protocols like WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access). In these cases, the PSK method is known as WPA-PSK or WPA2-PSK. In a Wi-Fi network, both the wireless access point (AP) and all devices connecting to it share the same PSK. This shared key then encrypts the data transmitted over the network, ensuring that only authorized devices can access the network and its resources.
For added security, the key derivation function (KDF) is often employed. A KDF takes the original PSK and applies a hash function to generate a cryptographic key. This enhances security by ensuring that even if small changes are made to the PSK, the resulting cryptographic key is vastly different.
Using a PSK involves certain risks, particularly if the key is compromised at either end of the communication. Therefore, it's vital to keep the PSK secure and change it regularly to minimize the risk of unauthorized access. Tools are available to help generate strong random keys, but it's important to ensure that these tools are themselves secure and reliable.