Hello,
PSA is indeed Platform Security Architecture. Mbed TLS can be used to
implement the cryptographic mechanisms in a PSA platform. The PSA
specifications include a cryptography API, and “PSA” in Mbed TLS refers
to this API. The PSA cryptography API is the “modern” API of Mbed TLS
for cryptography, and the next major version of Mbed TLS will remove
many non-PSA cryptography APIs.
Merely enabling PSA API support does not change anything with respect to
security. Using the PSA API rather than the legacy API makes no /direct/
difference for security, but PSA APIs have indirect advantages. One
advantage is that PSA APIs allow more isolation (e.g. separating the TLS
stack and the cryptographic primitives in different
processes/partitions/worlds, using keys in a secure element); this is
only an advantage if your platform uses this capability. Another
advantage of PSA APIs is that they are more protected against accidental
misuse (e.g. if an output buffer is too small, you'll get an error, not
a buffer overflow like some legacy APIs).
Best regards,
--
Gilles Peskine
Mbed TLS developer and PSA Crypto architect
On 18/03/2024 15:14, Satya Prakash Prasad via mbed-tls wrote:
> Hi,
>
> Please provide the details as requested : features of PSA in MbedTLS.
> I found this
> related document -
>
https://mbed-tls.readthedocs.io/en/latest/getting_started/psa/.
>
> Is PSA related to Platform Security Architecture or is related to TLS security?
>
> How will the inclusion and non-inclusion of PSA will differ in terms
> of security?
>
> Regards,
> Prakash
>
> On Sun, Mar 17, 2024 at 10:02 AM Satya Prakash Prasad
>
satyaprakash.developer.unix@gmail.com wrote:
>> Hi,
>>
>> Can someone please let me know features of PSA in MbedTLS. I found this
>> related document -
>>
https://mbed-tls.readthedocs.io/en/latest/getting_started/psa/.
>>
>> Is PSA related to Platform Security Architecture or is related to TLS security?
>>
>> How will the inclusion and non-inclusion of PSA will differ in terms
>> of security?
>>
>> Regards,
>> Prakash
>>
>> On Sat, Mar 16, 2024 at 10:59 AM Satya Prakash Prasad
>>
satyaprakash.developer.unix@gmail.com wrote:
>>> Hi,
>>>
>>> Please also let me know the features of PSA in MbedTLS. I found this
>>> related document -
>>>
https://mbed-tls.readthedocs.io/en/latest/getting_started/psa/.
>>>
>>> Is PSA related to Platform Security Architecture or is related to TLS security?
>>>
>>> How will the inclusion and non-inclusion of PSA will differ in terms
>>> of security?
>>>
>>> Thanks in advance.
>>>
>>> Regards,
>>> Prakash