IETF Logo Mail Archive

Re: [Cfrg] [TLS] 3DES diediedie

Ira McDonald <blueroofmusic@gmail.com> Tue, 06 September 2016 23:37 UTC

Return-Path: <blueroofmusic@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AA0A12B03A for <cfrg@ietfa.amsl.com>; Tue, 6 Sep 2016 16:37:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[AC_DIV_BONANZA=0.001, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hqp9EoJUteAu for <cfrg@ietfa.amsl.com>; Tue, 6 Sep 2016 16:37:15 -0700 (PDT)
Received: from mail-oi0-x233.google.com (mail-oi0-x233.google.com [IPv6:2607:f8b0:4003:c06::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D79BD12B28F for <cfrg@irtf.org>; Tue, 6 Sep 2016 16:37:10 -0700 (PDT)
Received: by mail-oi0-x233.google.com with SMTP id y2so102431530oie.0 for <cfrg@irtf.org>; Tue, 06 Sep 2016 16:37:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=j0mhlXQj8HJvf5ul/6u/x6/NBkB7UvOqSgXc06+qR8k=; b=OyOfj05pi4K4JlfX01DgSnWu5I9+Cqv515d74s5yp1Ol3vKBfk9AUYk5RGHJVFz89M 55NpRoJxHjUI3yDADTdcLAtRGTFOeJBKkzTLRaGA0zMkZS4CZFN1vvj24eXaSWFfWJIQ doYUjgAfJSdEI2RMZx/1hX7bpcioZGPBZDXxF0hMPDq2IHQwB0eeyEU5Y7fxNFr7yKaF eLWerAjssCtTYK+JbPGrgb6RZbpPKwZG2CmhQSPegPiankv8nmrLTUwO+GUinjUXHIkz mxLT8pJYXLuBLm9vYEAg4mUAkCtMG5IdnuS2v6i461RQAIJo+hg7GR9aLpnwnIvC6jm5 fc4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=j0mhlXQj8HJvf5ul/6u/x6/NBkB7UvOqSgXc06+qR8k=; b=RYjSCvM6fzrzNF/JgdlULSFOuvDZxRTRHZltlyTe3JlwN8gpY1qWzWUG/fHP9lAeO5 +a6c8axBFmjzLAFfVipVZ2k9wyfEuXfT4nwas7lHLNL0RZtuGy1/nuzfVlyBRqljHpZE 1hANdqvBlblbPqF9Rl0LccPsDAYRfzXs6Yjlo6l3/iR/UC966qDQaOGbZQmh/z5AvLyJ Blb46mPuGiRFyKzSgbz9gWibHWibvL8Dk9QUfxJ555wTq0/Jby9gKre9ki1va70UauYH ZOPiJ4SWKcgpHkKfMg8Rpd0DVn2ON3AIKygrnMnaKvd9KohlpKkmNifXn7PijZrnTdkE 3Yvw==
X-Gm-Message-State: AE9vXwNSvp9bG/qd1k4RHVzNwLYqBwEID3TRmPXdw7lIkebQl5eD/5Pp9l6d0TZzyMVtf5ZdVlYBicQV/RtOLA==
X-Received: by 10.36.60.131 with SMTP id m125mr2063819ita.4.1473205030237; Tue, 06 Sep 2016 16:37:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.11.67 with HTTP; Tue, 6 Sep 2016 16:36:49 -0700 (PDT)
In-Reply-To: <d1b84ec2-5b02-b285-8304-e3b393d9ee4a@cs.tcd.ie>
References: <20160906114030.18292816.41703.89024@ll.mit.edu> <57CEAE6F.1040608@secworks.se> <sjmeg4wvjut.fsf@securerf.ihtfp.org> <d1b84ec2-5b02-b285-8304-e3b393d9ee4a@cs.tcd.ie>
From: Ira McDonald <blueroofmusic@gmail.com>
Date: Tue, 06 Sep 2016 19:36:49 -0400
Message-ID: <CAN40gSv3dOENg_fh-4OFgJ72UFNNX9rr=v2HtoiNaLDMwh21NA@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Ira McDonald <blueroofmusic@gmail.com>
Content-Type: multipart/alternative; boundary="001a114aa2f682396f053bdf463c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/6mWo5-2fj61XXZQMm-qvL9WG_1U>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>, Joachim Strömbergson <joachim@secworks.se>, Hilarie Orman <hilarie@purplestreak.com>
Subject: Re: [Cfrg] [TLS] 3DES diediedie
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Sep 2016 23:37:18 -0000

Hi,

I'm usually immediately corrected.

But I wanted to observe that, after my recent years working in the
auto security area, there are extreme cost constraints (and power
constraints) on CPUs in small sensors and smaller auto ECUs.

Cents matter.  Dollars are out-of-the-question.

Auto product development and ISO26262 safety validation cycles
mean that today's new project will be fielded in three to five years.

FWIW, US NIST is sufficiently concerned about their perception of
the need for lightweight crypto to have created a Lightweight Crypto
project that will select multiple algorithms based on an open process.
They are currently building on previous work in ITU-T and ISO.  They
recently issued this draft report (in public review until October 31st):

http://csrc.nist.gov/publications/drafts/nistir-8114/nistir_8114_draft.pdf

One could argue "well then they won't use TLS", which may be true,
but's it's a dangerous path IMHO.

Cheers,
- Ira



Ira McDonald (Musician / Software Architect)
Co-Chair - TCG Trusted Mobility Solutions WG
Chair - Linux Foundation Open Printing WG
Secretary - IEEE-ISTO Printer Working Group
Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
IETF Designated Expert - IPP & Printer MIB
Blue Roof Music / High North Inc
http://sites.google.com/site/blueroofmusic
http://sites.google.com/site/highnorthinc
mailto: blueroofmusic@gmail.com
Jan-April: 579 Park Place  Saline, MI  48176  734-944-0094
May-Dec: PO Box 221  Grand Marais, MI 49839  906-494-2434


On Tue, Sep 6, 2016 at 5:23 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie>
wrote:

>
> Hi Derek,
>
> On 06/09/16 21:44, Derek Atkins wrote:
> > I'm afraid I have to disagree here.  What's it's done is pushed
> > yesterday's computation capabilities into smaller and smaller devices,
> > lower and lower on the food chain.  C.f. my previous email about a light
> > bulb.  Cost is definitely a concern, as well as power and performance.
>
> I think that's true but not the entire story.
>
> Another part of the trade off is that any device that
> connects to the Internet and runs s/w is potentially
> vulnerable and usable to attack the network.
>
> So we're not only talking about security/crypto to
> protect someone's choice of what colour a bulb appears,
> but rather we're very often talking about the protection
> of a small computer on the network, and of the security
> of the network as a whole.
>
> That last I think argues strongly for support for
> sufficiently good crypto everywhere. And I'm not sure
> what sufficiently good options exist that are notably
> lighter weight than AES. (And if one does support good
> crypto then there seems less reason to use less good
> crypto for some functions.)
>
> Note that I'm arguing against weaker crypto or crypto
> of unknown or possibly-problematic provenance here. So
> I'm not arguing for HW-AES-everywhere. But it is also
> true that AES-everywhere would avoid this significant
> problem.
>
> That said, I do realise that this is not a winning
> argument as people will develop feature-rich devices
> with crap security and there's no device-police to stop
> them, but we (as in cfrg) should really also bear in
> mind that any weaker crypto anywhere has significant
> downsides as many devices really do need what we currently
> consider strong crypto because they connect to the
> Internet and may not get any updated s/w for quite some
> time.
>
> So... it's tricky - I think we know what's right but we
> also know that that's not what "the market" is going
> to produce;-)
>
> S.
>
>
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>
>

v2.23.0 | Report a Bug | By Email