diff --git a/components/mbedtls/port/include/esp32/aes.h b/components/mbedtls/port/include/esp32/aes.h
deleted file mode 100644
index 3eb87a78c8..0000000000
--- a/components/mbedtls/port/include/esp32/aes.h
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * \brief AES block cipher, ESP32 hardware accelerated version
- * Based on mbedTLS FIPS-197 compliant version.
- *
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- *  Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- *
- */
-
-#ifndef ESP_AES_H
-#define ESP_AES_H
-
-#warning "esp32/aes.h is deprecated, please use aes/esp_aes.h instead"
-
-#include "aes/esp_aes.h"
-
-#endif /* aes.h */
diff --git a/components/mbedtls/port/include/esp32/sha.h b/components/mbedtls/port/include/esp32/sha.h
deleted file mode 100644
index 14d39b3d62..0000000000
--- a/components/mbedtls/port/include/esp32/sha.h
+++ /dev/null
@@ -1,20 +0,0 @@
-// Copyright 2019-2020 Espressif Systems (Shanghai) PTE LTD
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#pragma once
-
-
-#include "sha/sha_parallel_engine.h"
-
-#warning esp32/sha.h is deprecated, please use sha_parallel_engine.h instead
diff --git a/components/mbedtls/port/include/esp32s2/aes.h b/components/mbedtls/port/include/esp32s2/aes.h
deleted file mode 100644
index 09a3b3d59b..0000000000
--- a/components/mbedtls/port/include/esp32s2/aes.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * \brief AES block cipher, ESP32 hardware accelerated version
- * Based on mbedTLS FIPS-197 compliant version.
- *
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- *  Additions Copyright (C) 2016-20, Espressif Systems (Shanghai) PTE Ltd
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- *
- */
-
-#ifndef ESP_AES_H
-#define ESP_AES_H
-
-
-//#warning "esp32s2/aes.h is deprecated, please use aes/esp_aes.h instead"
-
-#include "aes/esp_aes.h"
-
-
-#endif /* aes.h */
diff --git a/components/mbedtls/port/include/esp32s2/gcm.h b/components/mbedtls/port/include/esp32s2/gcm.h
deleted file mode 100644
index 726783e8cc..0000000000
--- a/components/mbedtls/port/include/esp32s2/gcm.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * \brief AES block cipher, ESP32C hardware accelerated version
- * Based on mbedTLS FIPS-197 compliant version.
- *
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- *  Additions Copyright (C) 2019-2020, Espressif Systems (Shanghai) PTE Ltd
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- *
- */
-#pragma once
-
-#warning "esp32s2/gcm.h is deprecated, please use aes/esp_aes_gcm.h instead"
-
-#include "aes/esp_aes_gcm.h"
diff --git a/components/mbedtls/port/include/esp32s2/sha.h b/components/mbedtls/port/include/esp32s2/sha.h
deleted file mode 100644
index 366f7b6b79..0000000000
--- a/components/mbedtls/port/include/esp32s2/sha.h
+++ /dev/null
@@ -1,11 +0,0 @@
-/*
- * SPDX-FileCopyrightText: 2019-2025 Espressif Systems (Shanghai) CO LTD
- *
- * SPDX-License-Identifier: Apache-2.0
- */
-
-#pragma once
-
-#include "sha/sha_core.h"
-
-#warning esp32s2/sha.h is deprecated, please use sha/sha_core.h instead
diff --git a/components/mbedtls/port/include/sha/sha_block.h b/components/mbedtls/port/include/sha/sha_block.h
deleted file mode 100644
index a05e87bdd6..0000000000
--- a/components/mbedtls/port/include/sha/sha_block.h
+++ /dev/null
@@ -1,9 +0,0 @@
-/*
- * SPDX-FileCopyrightText: 2022-2024 Espressif Systems (Shanghai) CO LTD
- *
- * SPDX-License-Identifier: Apache-2.0
- */
-
-#pragma once
-
-#include "sha/sha_core.h"
diff --git a/components/mbedtls/port/include/sha/sha_dma.h b/components/mbedtls/port/include/sha/sha_dma.h
deleted file mode 100644
index 8274858884..0000000000
--- a/components/mbedtls/port/include/sha/sha_dma.h
+++ /dev/null
@@ -1,9 +0,0 @@
-/*
- * SPDX-FileCopyrightText: 2019-2024 Espressif Systems (Shanghai) CO LTD
- *
- * SPDX-License-Identifier: Apache-2.0
- */
-
-#pragma once
-
-#include "sha/sha_core.h"
diff --git a/docs/en/migration-guides/release-6.x/6.0/index.rst b/docs/en/migration-guides/release-6.x/6.0/index.rst
index 5a20fe8189..0c383b402b 100644
--- a/docs/en/migration-guides/release-6.x/6.0/index.rst
+++ b/docs/en/migration-guides/release-6.x/6.0/index.rst
@@ -7,4 +7,5 @@ Migration from 5.5 to 6.0
     :maxdepth: 1
 
     peripherals
+    security
     tools
diff --git a/docs/en/migration-guides/release-6.x/6.0/security.rst b/docs/en/migration-guides/release-6.x/6.0/security.rst
new file mode 100644
index 0000000000..3bcb3cdfef
--- /dev/null
+++ b/docs/en/migration-guides/release-6.x/6.0/security.rst
@@ -0,0 +1,13 @@
+Security
+========
+
+:link_to_translation:`zh_CN:[中文]`
+
+Mbed TLS
+--------
+
+    Starting from **ESP-IDF v6.0**, some already deprecated mbedtls header files like ``esp32/aes.h``, ``esp32/sha.h``, ``esp32s2/aes.h``, ``esp32s2/sha.h`` and ``esp32s2/gcm.h`` have been removed, instead, you should include ``aes/esp_aes.h``, ``sha/sha_core.h`` and ``aes/esp_aes_gcm.h`` respectively.
+
+    .. only:: SOC_SHA_SUPPORTED
+
+        The SHA module headers ``sha/sha_dma.h`` and ``sha/sha_block.h`` are also deprecated and removed. You should include ``sha/sha_core.h`` instead.
diff --git a/docs/zh_CN/migration-guides/release-6.x/6.0/index.rst b/docs/zh_CN/migration-guides/release-6.x/6.0/index.rst
index 2720a3b054..4d848eb47a 100644
--- a/docs/zh_CN/migration-guides/release-6.x/6.0/index.rst
+++ b/docs/zh_CN/migration-guides/release-6.x/6.0/index.rst
@@ -6,5 +6,6 @@
 .. toctree::
     :maxdepth: 1
 
+    security
     peripherals
     tools
diff --git a/docs/zh_CN/migration-guides/release-6.x/6.0/security.rst b/docs/zh_CN/migration-guides/release-6.x/6.0/security.rst
new file mode 100644
index 0000000000..87004c5383
--- /dev/null
+++ b/docs/zh_CN/migration-guides/release-6.x/6.0/security.rst
@@ -0,0 +1,4 @@
+安全性
+=======
+
+:link_to_translation:`en:[English]`
diff --git a/tools/ci/check_copyright_ignore.txt b/tools/ci/check_copyright_ignore.txt
index e38100cfc6..53b6d93498 100644
--- a/tools/ci/check_copyright_ignore.txt
+++ b/tools/ci/check_copyright_ignore.txt
@@ -475,10 +475,6 @@ components/mbedtls/port/aes/esp_aes_xts.c
 components/mbedtls/port/include/aes/esp_aes.h
 components/mbedtls/port/include/aes_alt.h
 components/mbedtls/port/include/bignum_impl.h
-components/mbedtls/port/include/esp32/aes.h
-components/mbedtls/port/include/esp32/sha.h
-components/mbedtls/port/include/esp32s2/aes.h
-components/mbedtls/port/include/esp32s2/gcm.h
 components/mbedtls/port/include/mbedtls/esp_debug.h
 components/mbedtls/port/include/sha1_alt.h
 components/mbedtls/port/include/sha256_alt.h