Re: [Ace] EST over CoAP: Randomness

Hannes Tschofenig <> Tue, 14 May 2019 23:29 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4CC5F12003E for <>; Tue, 14 May 2019 16:29:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ju2FYsAWV6gi for <>; Tue, 14 May 2019 16:29:07 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4247612004E for <>; Tue, 14 May 2019 16:29:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kpMSRSmmQJiqBFJya9aZj0+6XdlD9z8fg9IjdNwAAKo=; b=V/WAQwcJrza50i8qGZoh8a8EfiJLn0aB8m1QSqARGHGWCzfqvogATfmmGAZQ1HtMUcIjh/slKw+rSN+v2OIeo8Arojx8hUdR53PZ9TbVBORnmbBWFFKySXIKk90Kql3pJecobiqUiIfyJh6DeeHbkhqeUCYn1DDr2bLId5iVA0E=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1878.22; Tue, 14 May 2019 23:29:00 +0000
Received: from ([fe80::35d0:ad07:4504:44a2]) by ([fe80::35d0:ad07:4504:44a2%7]) with mapi id 15.20.1878.024; Tue, 14 May 2019 23:29:00 +0000
From: Hannes Tschofenig <>
To: Paul Duffy <>, "" <>
Thread-Topic: [Ace] EST over CoAP: Randomness
Thread-Index: AdUGcOnxX76zbRm2S2qe/nEWIh3V6AEMI0QAAAJINfA=
Date: Tue, 14 May 2019 23:29:00 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 67505e92-6f9d-4cc6-21a1-08d6d8c3f1e1
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(4618075)(2017052603328)(7193020); SRVR:AM0PR08MB3284;
x-ms-traffictypediagnostic: AM0PR08MB3284:
x-microsoft-antispam-prvs: <>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-forefront-prvs: 0037FD6480
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(396003)(376002)(346002)(366004)(39860400002)(13464003)(40434004)(189003)(199004)(446003)(110136005)(316002)(74316002)(33656002)(71200400001)(71190400001)(66946007)(11346002)(7696005)(25786009)(68736007)(55016002)(76176011)(86362001)(99286004)(476003)(486006)(9686003)(6506007)(53546011)(305945005)(26005)(2501003)(229853002)(186003)(6436002)(66066001)(478600001)(14454004)(256004)(8936002)(52536014)(6246003)(53936002)(102836004)(5660300002)(72206003)(8676002)(81156014)(73956011)(66476007)(64756008)(81166006)(66556008)(66446008)(5024004)(76116006)(14444005)(6116002)(7736002)(2906002)(3846002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR08MB3284;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: khBQMhE3r24xKF75DLG53adyuGIiQJZPXWTZws8FSXURXyzQCP0DYRIgJekYCnApps6Aila98Dq9njVqPX+LIcO7xUlnGDgn0RNVO98ivsAkBKicc7zCdYS/wJPXAcOLg/0DAGDcQoJlz5nQTcP3JnwyfpmMVwMH0O8XXdE09mtZ6IQpNuOnpebQ/0cI5ayylk3BC3wWOu6p3OxNQC5uZDH5hGa8RPdDrZhd8d7IONNapMbwf98V7g1DV0bcjCxsB59xWH8f4TnDyrLziCup6YXIp9kemVsZqMAlYlgWxzuKenUDb5SFpaYytsZv/Sta2EZRYYc+Y7WyZhA7D+v9l+crlif5amhUd3uEhbeyZQTuGQDhxIw8gBtdMstkVeESbJDJ/RP+j8zGZ7XHE8rwdigUWTP/P1eoGcqGLTv2yJE=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 67505e92-6f9d-4cc6-21a1-08d6d8c3f1e1
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 May 2019 23:29:00.7459 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB3284
Archived-At: <>
Subject: Re: [Ace] EST over CoAP: Randomness
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 14 May 2019 23:29:12 -0000

Hi Paul,

My understanding from reading the draft text was that the "cost" was actually talking about "energy cost" rather than "monetary cost".
The monetary cost may also be interesting.

It is difficult to judge the extra cost of a RNG in an MCU because
(a) you rarely find an MCU with and without MCU (keeping all other features the same),
(b) even if you find one there are other factors that impact the cost (such as popularity of a particular MCU),
(c) RNG features are often provided with other features (such as SHA256 and AES in hardware), and
(d) cost and price of an MCU are different aspects.


-----Original Message-----
From: Paul Duffy <>
Sent: Dienstag, 14. Mai 2019 15:08
To: Hannes Tschofenig <>om>;
Subject: Re: [Ace] EST over CoAP: Randomness

On 5/9/2019 10:42 AM, Hannes Tschofenig wrote:
> I believe we should encourage developers to pick the correct hardware for the task rather than making them believe we have come up with solutions that allow them to get away without a hardware-based RNG.
> I also do not believe the statement that random number key generation is costly. Can you give me some number?

Strong agreement.  The added cost for hw based RNG is ever decreasing. Last time I checked it was on the order of 50 cents @ Q 10k?  It has likely fallen since.  Confirm with Atmel etc.


IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.