diff --git a/doc/releases/migration-guide-4.1.rst b/doc/releases/migration-guide-4.1.rst
index c2928e77aef..9f4688c94f4 100644
--- a/doc/releases/migration-guide-4.1.rst
+++ b/doc/releases/migration-guide-4.1.rst
@@ -141,6 +141,11 @@ Bluetooth HCI
 Bluetooth Mesh
 ==============
 
+* Following the beginnig of the deprecation process for the TinyCrypt crypto
+  library, Kconfig symbol :kconfig:option:`CONFIG_BT_MESH_USES_TINYCRYPT` was
+  set as deprecated. Default option for platforms that do not support TF-M
+  is :kconfig:option:`CONFIG_BT_MESH_USES_MBEDTLS_PSA`.
+
 Bluetooth Audio
 ===============
 
diff --git a/subsys/bluetooth/mesh/Kconfig b/subsys/bluetooth/mesh/Kconfig
index 4731d1c4179..4bcd270367d 100644
--- a/subsys/bluetooth/mesh/Kconfig
+++ b/subsys/bluetooth/mesh/Kconfig
@@ -1455,12 +1455,13 @@ endmenu # Proxy
 choice BT_MESH_CRYPTO_LIB
 	prompt "Crypto library:"
 	default BT_MESH_USES_TFM_PSA if BUILD_WITH_TFM
-	default BT_MESH_USES_TINYCRYPT
+	default BT_MESH_USES_MBEDTLS_PSA
 	help
 	  Crypto library selection for mesh security.
 
 config BT_MESH_USES_TINYCRYPT
-	bool "TinyCrypt"
+	bool "TinyCrypt [DEPRECATED]"
+	select DEPRECATED
 	select TINYCRYPT
 	select TINYCRYPT_AES
 	select TINYCRYPT_AES_CMAC
@@ -1475,9 +1476,8 @@ config BT_MESH_USES_MBEDTLS_PSA
 	bool "mbed TLS PSA [EXPERIMENTAL]"
 	select EXPERIMENTAL
 	select MBEDTLS
-	select MBEDTLS_ENTROPY_C
 	select MBEDTLS_PSA_CRYPTO_C
-	select MBEDTLS_USE_PSA_CRYPTO
+	select MBEDTLS_ENTROPY_C
 	select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT
 	select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT
 	select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE
@@ -1497,20 +1497,18 @@ config BT_MESH_USES_MBEDTLS_PSA
 	select PSA_WANT_ECC_SECP_R1_256
 	select MBEDTLS_PK_WRITE_C
 	help
-	  Use mbed TLS library to perform crypto operations. Support of
-	  mbed TLS and PSA is experimental and only BabbleSim tests were run.
-	  Mbed TLS still does not support ITS (internal trust storage) based
-	  on Zephyr's settings subsystem.
-	  Not possible to use for embedded devices yet.
+	  Use Mbed TLS as PSA Crypto API provider. This is useful on platforms
+	  that do not support TF-M.
+	  This feature is experimental and only BabbleSim tests were run.
 
 config BT_MESH_USES_TFM_PSA
 	bool "Use TF-M PSA [EXPERIMENTAL]"
 	select EXPERIMENTAL
 	depends on BUILD_WITH_TFM
 	help
-	  Use TF-M that implements PSA security framework. Support of TF-M is
-	  experimental. It is only possible to use with platforms that TF-M supports.
-	  For more platform details see TF-M documentation.
+	  Use TF-M as PSA Crypto API provider. This is only possible on platforms
+	  that support TF-M.
+	  This feature is experimental.
 
 endchoice
 
diff --git a/tests/bluetooth/mesh/brg/CMakeLists.txt b/tests/bluetooth/mesh/brg/CMakeLists.txt
index d878ad04d50..aa140c39c22 100644
--- a/tests/bluetooth/mesh/brg/CMakeLists.txt
+++ b/tests/bluetooth/mesh/brg/CMakeLists.txt
@@ -19,4 +19,4 @@ target_compile_options(app
 	-DCONFIG_BT_SETTINGS
 	-DCONFIG_BT_MESH_BRG_CFG_SRV
 	-DCONFIG_BT_MESH_BRG_TABLE_ITEMS_MAX=16
-	-DCONFIG_BT_MESH_USES_TINYCRYPT)
+	-DCONFIG_BT_MESH_USES_MBEDTLS_PSA)
diff --git a/tests/bluetooth/mesh/delayable_msg/CMakeLists.txt b/tests/bluetooth/mesh/delayable_msg/CMakeLists.txt
index 51bf28d8320..9c10285f055 100644
--- a/tests/bluetooth/mesh/delayable_msg/CMakeLists.txt
+++ b/tests/bluetooth/mesh/delayable_msg/CMakeLists.txt
@@ -20,4 +20,4 @@ target_compile_options(app
 	-DCONFIG_BT_MESH_ACCESS_DELAYABLE_MSG_COUNT=4
 	-DCONFIG_BT_MESH_ACCESS_DELAYABLE_MSG_CHUNK_SIZE=20
 	-DCONFIG_BT_MESH_ACCESS_DELAYABLE_MSG_CHUNK_COUNT=20
-	-DCONFIG_BT_MESH_USES_TINYCRYPT)
+	-DCONFIG_BT_MESH_USES_MBEDTLS_PSA)
diff --git a/tests/bluetooth/mesh/rpl/CMakeLists.txt b/tests/bluetooth/mesh/rpl/CMakeLists.txt
index b22dcae3e7c..17545736a44 100644
--- a/tests/bluetooth/mesh/rpl/CMakeLists.txt
+++ b/tests/bluetooth/mesh/rpl/CMakeLists.txt
@@ -19,4 +19,4 @@ target_compile_options(app
 	-DCONFIG_BT_MESH_CRPL=10
 	-DCONFIG_BT_MESH_RPL_STORE_TIMEOUT=1
 	-DCONFIG_BT_SETTINGS
-	-DCONFIG_BT_MESH_USES_TINYCRYPT)
+	-DCONFIG_BT_MESH_USES_MBEDTLS_PSA)
diff --git a/tests/bsim/bluetooth/mesh/src/test_provision.c b/tests/bsim/bluetooth/mesh/src/test_provision.c
index c7fed00485a..f4057ebc7b7 100644
--- a/tests/bsim/bluetooth/mesh/src/test_provision.c
+++ b/tests/bsim/bluetooth/mesh/src/test_provision.c
@@ -15,10 +15,6 @@
 
 #if defined CONFIG_BT_MESH_USES_MBEDTLS_PSA
 #include <psa/crypto.h>
-#elif defined CONFIG_BT_MESH_USES_TINYCRYPT
-#include <tinycrypt/constants.h>
-#include <tinycrypt/ecc.h>
-#include <tinycrypt/ecc_dh.h>
 #else
 #error "Unknown crypto library has been chosen"
 #endif
@@ -435,7 +431,6 @@ static void oob_auth_set(int test_step)
 	prov.input_actions = oob_auth_test_vector[test_step].input_actions;
 }
 
-#if defined CONFIG_BT_MESH_USES_MBEDTLS_PSA
 static void generate_oob_key_pair(void)
 {
 	psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
@@ -470,12 +465,6 @@ static void generate_oob_key_pair(void)
 
 	memcpy(public_key_be, public_key_repr + 1, 64);
 }
-#elif defined CONFIG_BT_MESH_USES_TINYCRYPT
-static void generate_oob_key_pair(void)
-{
-	ASSERT_TRUE(uECC_make_key(public_key_be, private_key_be, uECC_secp256r1()));
-}
-#endif
 
 static void oob_device(bool use_oob_pk)
 {