Re: [Cfrg] [TLS] 3DES diediedie

Joachim Strömbergson <joachim@secworks.se> Thu, 01 September 2016 07:50 UTC

Return-Path: <joachim@secworks.se>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1ADF912D7D0 for <cfrg@ietfa.amsl.com>; Thu, 1 Sep 2016 00:50:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bkw_IZlDhDzL for <cfrg@ietfa.amsl.com>; Thu, 1 Sep 2016 00:50:24 -0700 (PDT)
Received: from mail.frobbit.se (mail.frobbit.se [IPv6:2a02:80:3ffe::176]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE8A112D7C7 for <cfrg@irtf.org>; Thu, 1 Sep 2016 00:50:23 -0700 (PDT)
Received: from Knubbis.local (unknown [80.252.219.34]) by mail.frobbit.se (Postfix) with ESMTPSA id A710521356; Thu, 1 Sep 2016 09:50:19 +0200 (CEST)
Message-ID: <57C7DDB7.9010606@secworks.se>
Date: Thu, 01 Sep 2016 09:50:15 +0200
From: Joachim Strömbergson <joachim@secworks.se>
User-Agent: Postbox 4.0.8 (Macintosh/20151105)
MIME-Version: 1.0
To: Hilarie Orman <hilarie@purplestreak.com>
References: <201608311948.u7VJmChl018731@rumpleteazer.rhmr.com>
In-Reply-To: <201608311948.u7VJmChl018731@rumpleteazer.rhmr.com>
X-Enigmail-Version: 1.2.3
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/w1wLciu34iRpmv37NopdEQmasH8>
Cc: cfrg@irtf.org, tls@ietf.org
Subject: Re: [Cfrg] [TLS] 3DES diediedie
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Sep 2016 07:50:26 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Hilarie Orman wrote:
> An ARM is far too much hardware to throw at "read sensor/munge
> data/send data".

No, they are not. The Cortex M0+ is aimed at these kinds of very simple
systems that runs for many years on a single battery.

Look at the STM32L0 series from ST for example. These devices can run on
energy harvesting and very tiny physically and very, very cheap (ten-ish
cents in high volume):

http://www.st.com/content/st_com/en/products/microcontrollers/stm32-32-bit-arm-cortex-mcus/stm32l0-series.html?querycriteria=productId=SS1817

The STM32L021 has an AES-128 core. Not very fast (200+ cycles), but
several times faster than SW. You can also run the AES core wile the CPU
core is in power save mode.

Another example is the Zero Gecko from Silicon Labs. Same price range, a
huge number of power modes. And an AES core that is really fast. 50+
cycles for AES-128, which basically means 4 cycles/round (which implies
4 S-boxes)

https://www.silabs.com/products/mcu/32-bit/efm32-zero-gecko/pages/efm32-zero-gecko.aspx

Pre-shared key is whats easiest. But I've implemented Curve25519 for key
exchange on the STM32 device and can achieve <1 sec performance with
about 1 kByte RAM and 8 kByte code. I'm sure Peter Schwabe has some much
better results.


Yes, you can limit yourself to an 8-bit MCU and shave off some cents and
a little bit of power. But for most applications I see, a Cortex M0+
meets technical and commercial requirements too.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim@secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJXx923AAoJEF3cfFQkIuyN4tkP+QGscSmBzUAPbamlaRqpm7sh
zVwhMwhllJMdTs+HozeSbMvtw7JlO5vu+PyD/El4sxP2SAQhv1LqJFaC0nxuCJ2P
I+RxISEkrxYYB2YDRGlPd3Cfm4cRrDBd/BQCPMZuAQurWxH7ptMMKIZ3hS6NuOIb
gyluKMDMrUW9qFx0lrpa3yAMPHrBqlhHl1GmcUMJwoRVGOxDdc243YjNB7J/FEDh
pJCzI8Dv4uyWEufr0cBv1xCiSY4eaalv25H/Cyc3rZ78Os7d52DUyuBD8IAuAkkH
i32L2gK7CbrCF/3zw+Tv2aDn1ncGOiucENmQIzO99hwWwtJFC7TN59rCtoArmh5U
EC0Ncq1IIbicrot+DLibHNvSWk0c15bvtg1c06UecME21SF2t8ZigF0OuYKGdeu1
a4h0dUcNUyQxUbAs9JDTXtwABvR7CMNZi3kD5Vh8NfvK7DmojPVThrQ1r/2x+6hS
QnPiZcuvedjkM19y1hRchZQT23qPJQ4TrC5MvQSHnU20oW3QomPJfTAXtCctsN5s
3b+ZdWh5/EAysPpgjzzwKP0mWN3tkeSKROsh6BabMku84zerKPzCn5MwhyhUqHLD
Sv453a5oK0ne5pD/b7CIPWRwK2Z6/6pFN+jWPG0SZtZTgEJjkSVPaskMd51SVSga
EkqJv7VnqIa5lP5es+Is
=ri48
-----END PGP SIGNATURE-----