IETF Logo Mail Archive

Re: [Cfrg] 3DES diediedie

Derek Atkins <derek@ihtfp.com> Fri, 02 September 2016 17:00 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5459212D79A for <cfrg@ietfa.amsl.com>; Fri, 2 Sep 2016 10:00:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5x0vN4DS3o50 for <cfrg@ietfa.amsl.com>; Fri, 2 Sep 2016 10:00:26 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4153412D66F for <cfrg@irtf.org>; Fri, 2 Sep 2016 10:00:26 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id EEBA7E2043; Fri, 2 Sep 2016 13:00:21 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 16129-09; Fri, 2 Sep 2016 13:00:19 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [IPv6:2001:470:e448:2:ea2a:eaff:fe7d:235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 20067E2040; Fri, 2 Sep 2016 13:00:19 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1472835619; bh=rqGFv9yDIywT0jxZQKUfzokE8gyxzfq1DGS2ocWH6PQ=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=SjZuu9S/10/4g/9koGcjm1X9+M1MS62xtXcwr3WE2Y5wXNV0eUJRhRweBAAe6hsm4 bHRqdK49hL8H0Foa2E0zvUxxy8kCs7pXtqecP3wIjqzetRowEF7nREP04nVpK8n2ou yKEU//qVw/1KbWTDrDsAjlkSYwRPrSrBgxwlAdG4=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.14.8/Submit) id u82H0Hcj004792; Fri, 2 Sep 2016 13:00:17 -0400
From: Derek Atkins <derek@ihtfp.com>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
References: <CAHOTMV+r5PVxqnSozYyqJqq_YocMKV06aAa-43t+5Huzh7Lo=A@mail.gmail.com> <F42128A0-9682-4042-8C7E-E3686743B314@cisco.com> <9A043F3CF02CD34C8E74AC1594475C73F4D0473F@uxcn10-5.UoA.auckland.ac.nz> <B749662D-B518-46E0-A51D-4AD1D30A8ED2@cisco.com> <9A043F3CF02CD34C8E74AC1594475C73F4D0528F@uxcn10-5.UoA.auckland.ac.nz> <3401C8F7-5A74-4D02-96F5-057E9A45F8B0@cisco.com> <89A46793-73A1-4C71-9954-37BF6ED6F297@callas.org> <5CF32AA8-59CC-4918-8951-A2ACBD233C19@cs.columbia.edu> <sjmfuplvx8q.fsf@securerf.ihtfp.org> <1468330B-F858-4E89-B791-B83507475C48@cs.columbia.edu>
Date: Fri, 02 Sep 2016 13:00:17 -0400
In-Reply-To: <1468330B-F858-4E89-B791-B83507475C48@cs.columbia.edu> (Steven M. Bellovin's message of "Wed, 31 Aug 2016 22:54:13 -0400")
Message-ID: <sjm37liw82m.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/P5jCB-7XG0Mk405jF0glF5JBtSs>
Cc: Jon Callas <jon@callas.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, "cfrg@irtf.org" <cfrg@irtf.org>, David McGrew <mcgrew@cisco.com>, tls@ietf.org
Subject: Re: [Cfrg] 3DES diediedie
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Sep 2016 17:00:29 -0000

"Steven M. Bellovin" <smb@cs.columbia.edu> writes:

> On 31 Aug 2016, at 10:17, Derek Atkins wrote:
>
>> "Steven M. Bellovin" <smb@cs.columbia.edu> writes:
>>
>>> Yes.  To a large extent, the "IoT devices are too puny for real
>>> crypto" is a hangover from several years ago. It was once true; for
>>> the most part, it isn't today, but people haven't flushed their cache
>>> from the old received wisdom.
>>
>> This is certainly true for AES, mostly because many small chips are
>> including AES accelerators in hardware.  It's not quite true for public
>> key solutions; there are still very small devices where even ECC takes
>> too long (and yes, there are cases where 200-400ms is still too long).
>>
> Certainly plausible.  What I'm saying is (a) don't assert, measure; and
> (b) measure again next year because tech keeps improving.
>
> As for your specific points: if AES is indeed feasible, we don't need
> new ciphers.

It is feasible in many cases.  It may not be feasible in all cases.

>     If elliptic curve is too slow, the only answer is architectures
> that don't use public key at all; we're not going to find new, cheaper
> public key algorithms without a *lot* of effort and the people who can
> do that sort of thing are too busy working on post-quantum crypto.

Nothing says these two aren't the same problem ;)

> The remaining approach is a cheaper protocol than TLS.  That shouldn't
> be hard at all, especially if we're going back to KDCs.

True.

>         --Steve Bellovin, https://www.cs.columbia.edu/~smb

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant

v2.23.0 | Report a Bug | By Email