Re: [Cfrg] [TLS] 3DES diediedie

Derek Atkins <derek@ihtfp.com> Tue, 06 September 2016 20:44 UTC

From: Derek Atkins <derek@ihtfp.com>
To: Joachim Strömbergson <joachim@secworks.se>
References: <20160906114030.18292816.41703.89024@ll.mit.edu> <57CEAE6F.1040608@secworks.se>
Date: Tue, 06 Sep 2016 16:44:42 -0400
In-Reply-To: <57CEAE6F.1040608@secworks.se> ("Joachim Strömbergson"'s message of "Tue, 06 Sep 2016 13:54:23 +0200")
Message-ID: <sjmeg4wvjut.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/dAHKMJIGhEOLNV3kxyfMab3-fMo>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>, Hilarie Orman <hilarie@purplestreak.com>
Subject: Re: [Cfrg] [TLS] 3DES diediedie
Precedence: list

Hi,

Joachim Strömbergson <joachim@secworks.se> writes:

> Aloha!
>
> The point is that you _can_ run the highly standardized AES cipher and
> meet cost, power consumption and use case (including response times,
> performance) requirements on modern, low cost 32-bit MCUs even for
> highly constrained IoT solutions.
>
> Thus the need for smaller and cheaper ciphers that are less well known,
> less proven, not generally available in peers, hosts, servers are not
> needed.
>
> Yes, you can find solutions where ultra light ciphers are needed, but
> thanks to Moore's law those cases has rapidly diminished. More so than
> people in general seem to understand.

I'm afraid I have to disagree here.  What's it's done is pushed
yesterday's computation capabilities into smaller and smaller devices,
lower and lower on the food chain.  C.f. my previous email about a light
bulb.  Cost is definitely a concern, as well as power and performance.

So while yes, we can say "let's use an ARM Cortex Mx", that really
doesn't work in all cases.  So sure, we can wait yet another decade for
Moore's law to catch up with today's smart devices, but I suspect then
we'll have yet another class of even smaller devices.

> The implementation of the cipher is rarely the components that make or
> break the design. And in terms of development cost, deployment cost and
> the effort to convince buyers to trust something that is not AES, they
> all increase. Things you also need to account for at system design time.

True..  but it can certainly be a factor.

> Yours
> JoachimS

-derek
-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant

Re: [Cfrg] [TLS] 3DES diediedie Viktor Dukhovni
[Cfrg] 3DES diediedie Tony Arcieri
Re: [Cfrg] 3DES diediedie Benjamin Kaduk
Re: [Cfrg] 3DES diediedie Tony Arcieri
Re: [Cfrg] 3DES diediedie Tony Arcieri
Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
Re: [Cfrg] [TLS] 3DES diediedie Tony Arcieri
Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
Re: [Cfrg] [TLS] 3DES diediedie Tony Arcieri
Re: [Cfrg] [TLS] 3DES diediedie John Mattsson
Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
Re: [Cfrg] [TLS] 3DES diediedie Hubert Kario
Re: [Cfrg] [TLS] 3DES diediedie david wong
Re: [Cfrg] [TLS] 3DES diediedie Eric Rescorla
Re: [Cfrg] [TLS] 3DES diediedie Ira McDonald
Re: [Cfrg] [TLS] 3DES diediedie Hubert Kario
Re: [Cfrg] [TLS] 3DES diediedie Blumenthal, Uri - 0553 - MITLL
Re: [Cfrg] [SSH] [TLS] 3DES diediedie denis bider (Bitvise)
Re: [Cfrg] 3DES diediedie Geoffrey Keating
Re: [Cfrg] [SSH] [TLS] 3DES diediedie Blumenthal, Uri - 0553 - MITLL
Re: [Cfrg] [SSH] [TLS] 3DES diediedie David Jacobson
Re: [Cfrg] [TLS] 3DES diediedie Dmitry Belyavsky
Re: [Cfrg] [TLS] 3DES diediedie Stanislav V. Smyshlyaev
Re: [Cfrg] [TLS] 3DES diediedie Hanno Böck
Re: [Cfrg] [TLS] 3DES diediedie Иван Лавриков
Re: [Cfrg] 3DES diediedie David McGrew (mcgrew)
Re: [Cfrg] [TLS] 3DES diediedie Watson Ladd
Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
Re: [Cfrg] 3DES diediedie Peter Gutmann
Re: [Cfrg] 3DES diediedie David McGrew (mcgrew)
Re: [Cfrg] [TLS] 3DES diediedie Karthikeyan Bhargavan
Re: [Cfrg] 3DES diediedie Peter Gutmann
Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
Re: [Cfrg] [TLS] 3DES diediedie Hubert Kario
Re: [Cfrg] 3DES diediedie David McGrew (mcgrew)
Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
Re: [Cfrg] 3DES diediedie John Mattsson
[Cfrg] (confusing the issues) Re: [TLS] 3DES died… Rene Struik
Re: [Cfrg] 3DES diediedie Ilari Liusvaara
Re: [Cfrg] [TLS] (confusing the issues) Re: 3DES … Dave Garrett
Re: [Cfrg] 3DES diediedie Jon Callas
Re: [Cfrg] (confusing the issues) Re: [TLS] 3DES … Jon Callas
Re: [Cfrg] 3DES diediedie Steven M. Bellovin
Re: [Cfrg] (confusing the issues) Re: [TLS] 3DES … Rene Struik
Re: [Cfrg] (confusing the issues) Re: [TLS] 3DES … Greg Rose
Re: [Cfrg] 3DES diediedie Peter Gutmann
Re: [Cfrg] 3DES diediedie Peter Gutmann
Re: [Cfrg] 3DES diediedie David McGrew (mcgrew)
Re: [Cfrg] 3DES diediedie Peter Gutmann
Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
Re: [Cfrg] 3DES diediedie Derek Atkins
Re: [Cfrg] 3DES diediedie Hilarie Orman
Re: [Cfrg] [TLS] 3DES diediedie Brian Sniffen
Re: [Cfrg] [TLS] 3DES diediedie Hilarie Orman
Re: [Cfrg] 3DES diediedie Steven M. Bellovin
Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
Re: [Cfrg] [TLS] 3DES diediedie Blumenthal, Uri - 0553 - MITLL
Re: [Cfrg] [TLS] 3DES diediedie Hilarie Orman
Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
Re: [Cfrg] [TLS] 3DES diediedie Kyle Rose
Re: [Cfrg] [TLS] 3DES diediedie Richard Hartmann
Re: [Cfrg] 3DES diediedie Derek Atkins
Re: [Cfrg] [TLS] 3DES diediedie Hilarie Orman
Re: [Cfrg] [TLS] 3DES diediedie Ben Laurie
Re: [Cfrg] [TLS] 3DES diediedie Ben Laurie
Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
Re: [Cfrg] [TLS] 3DES diediedie Blumenthal, Uri - 0553 - MITLL
Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
Re: [Cfrg] [TLS] 3DES diediedie Salz, Rich
Re: [Cfrg] [TLS] 3DES diediedie Ira McDonald
Re: [Cfrg] [TLS] 3DES diediedie Watson Ladd
Re: [Cfrg] [TLS] 3DES diediedie Ira McDonald
Re: [Cfrg] [TLS] 3DES diediedie Dave Garrett
Re: [Cfrg] [TLS] 3DES diediedie Ira McDonald
Re: [Cfrg] [TLS] 3DES diediedie Philip Levis
Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
Re: [Cfrg] [TLS] 3DES diediedie Tony Arcieri
Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
Re: [Cfrg] [TLS] 3DES diediedie Ilari Liusvaara
Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
Re: [Cfrg] [TLS] 3DES diediedie Ilari Liusvaara
Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
Re: [Cfrg] [TLS] 3DES diediedie Richard Hartmann
Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
Re: [Cfrg] [TLS] 3DES diediedie Salz, Rich
Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
Re: [Cfrg] [TLS] 3DES diediedie Tony Arcieri
Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
Re: [Cfrg] [TLS] 3DES diediedie Kyle Rose
Re: [Cfrg] [TLS] 3DES diediedie Tony Arcieri
Re: [Cfrg] [TLS] 3DES diediedie Ilari Liusvaara
Re: [Cfrg] [TLS] 3DES diediedie Yoav Nir
Re: [Cfrg] [TLS] 3DES diediedie Kyle Rose
Re: [Cfrg] [TLS] 3DES diediedie denis bider (Bitvise)