Re: [Cfrg] [TLS] 3DES diediedie
Joachim Strömbergson <joachim@secworks.se> Wed, 07 September 2016 07:50 UTC
Return-Path: <joachim@secworks.se>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B4C212B0B4 for <cfrg@ietfa.amsl.com>; Wed, 7 Sep 2016 00:50:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G9u8A4nYuWaZ for <cfrg@ietfa.amsl.com>; Wed, 7 Sep 2016 00:50:34 -0700 (PDT)
Received: from mail.frobbit.se (mail.frobbit.se [85.30.129.185]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AE5712B324 for <cfrg@irtf.org>; Wed, 7 Sep 2016 00:50:34 -0700 (PDT)
Received: from Knubbis.local (unknown [80.252.219.34]) by mail.frobbit.se (Postfix) with ESMTPSA id 0D31F2050E; Wed, 7 Sep 2016 09:50:32 +0200 (CEST)
Message-ID: <57CFC6C6.5030006@secworks.se>
Date: Wed, 07 Sep 2016 09:50:30 +0200
From: Joachim Strömbergson <joachim@secworks.se>
User-Agent: Postbox 4.0.8 (Macintosh/20151105)
MIME-Version: 1.0
To: Derek Atkins <derek@ihtfp.com>
References: <20160906114030.18292816.41703.89024@ll.mit.edu> <57CEAE6F.1040608@secworks.se> <sjmeg4wvjut.fsf@securerf.ihtfp.org>
In-Reply-To: <sjmeg4wvjut.fsf@securerf.ihtfp.org>
X-Enigmail-Version: 1.2.3
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/wm0xpE7WtywYmN7rnV1c0leOCaA>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>, Hilarie Orman <hilarie@purplestreak.com>
Subject: Re: [Cfrg] [TLS] 3DES diediedie
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2016 07:50:38 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aloha! Derek Atkins wrote: > I'm afraid I have to disagree here. What's it's done is pushed > yesterday's computation capabilities into smaller and smaller > devices, lower and lower on the food chain. C.f. my previous email > about a light bulb. Cost is definitely a concern, as well as power > and performance. So far this year I've seen things like light bulbs, tyre pressure sensors, tooth brushes, power meters, car door side panel controls, melody gift cards that contain ARM based MCUs. It is not a decade away, it is today. > So while yes, we can say "let's use an ARM Cortex Mx", that really > doesn't work in all cases. So sure, we can wait yet another decade > for Moore's law to catch up with today's smart devices, but I suspect > then we'll have yet another class of even smaller devices. And I claim that for a huge number of use cases, ARM based devices are already there. In terms of price, in terms of power. And, as I've tried to explain. Simpler (less gates) designs don't scale down very good with Moore's law if the die size is I/O bound. You just get more unused space (which is why MCUs gets more internal RAM memory since that is what you easily can use the void for.) What you gain is lower power consumption. Many MCUs still need to support fairly high voltage I/Os (which makes the I/Os bigger on the die). What I tried to show is that ARM based devices can do the same processing as a PIC with the same power consumption. Some of them also sports very good power modes that allows you to control the power consumption. And specifically for AES you can get much better performance and very much better power consumption with an AES core. (There are some MSP430 and 8051 based 8-bit MCUs that also have AES cores too.) >> The implementation of the cipher is rarely the components that make >> or break the design. And in terms of development cost, deployment >> cost and the effort to convince buyers to trust something that is >> not AES, they all increase. Things you also need to account for at >> system design time. > > True.. but it can certainly be a factor. I don't think so. Look, I really love crypto stuff. And the Trivium eSTREAM cipher in the embedded portfolio for example is a beautiful design that shows what you can do with limited resources. Grain is another lightweight cipher, and it has gotten some traction I think. But unless you can get much better properties for your product in terms of cost and performance (including battery life), you will have an uphill battle in comparison to AES as your symmetric cipher. At least where I live in Europe you have huge smart grids with up to millions of power meter nodes in the network. All of them talks ZigBee SmartEnergy or things close to it. That means AES in CCM mode. This is what the customers are used to and expect. And it is what the developers are used to, the support and service organizations are used too. Coming to these orgs with a device that uses some other cipher requires not only integration costs, but also the psychological cost of trying to explain why 48 rounds of SIMON is better than 10 rounds of AES-128 that has been tested, analyzed since 1997. Researching lightweight ciphers is cool and good. But I don't expect to see many symmetric primitives gain any major deployment. Where I think we have a clear need for IoT is lightweight asymmetric primitives. Key exchange, signatures etc. Too many devices use PSK simply because key exchange is too costly, takes too long time. If my work experience is anything to go by, if there are going to be any new primitives being used, it will be from NaCl, that is Salsa och Chacha, Poly1305 and Curve25519. Where I specifically see a big need is for a good standardized firmware update mechanism. Today everybody either rolls their own firmware mechanism or get a (broken) one from their MCU vendor. I think there were a new working group for this within the IETF. Can't remember and can't find. But I think that it a very good idea. - -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== Joachim Strömbergson Secworks AB joachim@secworks.se ======================================================================== -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJXz8bGAAoJEF3cfFQkIuyNjsIQAJIrf5q8jJ7ItJcTFd37Tw/Z yvH2cBLjJXqO08PMqcgrzJZNgX+yHboNxzUct6fak+DFXZhoECgrVk+HnNM6SAj1 kvNvC/YFzRW49yGPJnzylf8KvdzTxqbfL2Yf/7ZqmuRjwcpm37ytLKjMLpJWhmRG xehFSNdhew7JvwwnKD5/dZRP13TSrBIuBAMxvPWsvnS6fQk+gS/Tbxn/Q1YzKJ9c Y2oHR4eigRkStg8yycIyNMjZ4BZjplc5KdsIoH4uyFixPUOAGj1b3g1gKyez7gRq xygfpY0fORGX9n2Np/vdeV3nwol4ms+KaYgiQwmDz2rXEo8FD9oWDh3rjKYpyowx 3C2zHbd3OkpxkVCZV7AF0I83CFhR7rziqEhU9PJ4CD4I8te/ZTeAnehWBLWVipqv 8xuNt7QYYWaQhs/zLJhxr1PyueaxJCP+6rTFoa6p+x7mk+4EAdbbXX9nxbSIUrcr +fw6jqRoDbBTDmVJOqVjeZHB/3Mm20v2fyWqngjR2Wm/jpJxYp14rXWdKEimC/2w lOzVXy4g3XiCpEh1ouHagUQriXLbilAvHd731R6MLt/+c4ZsWd7hgQvGVsgs04d5 IG8C+nOOyCDyfLFhVUKYXQA4HafU5qojouDdVz0x6nmVKec510NvEbTvBjdWZtko RsB20rCIj3Aa2R7//kSh =WL5X -----END PGP SIGNATURE-----
- Re: [Cfrg] [TLS] 3DES diediedie Viktor Dukhovni
- [Cfrg] 3DES diediedie Tony Arcieri
- Re: [Cfrg] 3DES diediedie Benjamin Kaduk
- Re: [Cfrg] 3DES diediedie Tony Arcieri
- Re: [Cfrg] 3DES diediedie Tony Arcieri
- Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
- Re: [Cfrg] [TLS] 3DES diediedie Tony Arcieri
- Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
- Re: [Cfrg] [TLS] 3DES diediedie Tony Arcieri
- Re: [Cfrg] [TLS] 3DES diediedie John Mattsson
- Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
- Re: [Cfrg] [TLS] 3DES diediedie Hubert Kario
- Re: [Cfrg] [TLS] 3DES diediedie david wong
- Re: [Cfrg] [TLS] 3DES diediedie Eric Rescorla
- Re: [Cfrg] [TLS] 3DES diediedie Ira McDonald
- Re: [Cfrg] [TLS] 3DES diediedie Hubert Kario
- Re: [Cfrg] [TLS] 3DES diediedie Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [SSH] [TLS] 3DES diediedie denis bider (Bitvise)
- Re: [Cfrg] 3DES diediedie Geoffrey Keating
- Re: [Cfrg] [SSH] [TLS] 3DES diediedie Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [SSH] [TLS] 3DES diediedie David Jacobson
- Re: [Cfrg] [TLS] 3DES diediedie Dmitry Belyavsky
- Re: [Cfrg] [TLS] 3DES diediedie Stanislav V. Smyshlyaev
- Re: [Cfrg] [TLS] 3DES diediedie Hanno Böck
- Re: [Cfrg] [TLS] 3DES diediedie Иван Лавриков
- Re: [Cfrg] 3DES diediedie David McGrew (mcgrew)
- Re: [Cfrg] [TLS] 3DES diediedie Watson Ladd
- Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
- Re: [Cfrg] 3DES diediedie Peter Gutmann
- Re: [Cfrg] 3DES diediedie David McGrew (mcgrew)
- Re: [Cfrg] [TLS] 3DES diediedie Karthikeyan Bhargavan
- Re: [Cfrg] 3DES diediedie Peter Gutmann
- Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
- Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
- Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
- Re: [Cfrg] [TLS] 3DES diediedie Hubert Kario
- Re: [Cfrg] 3DES diediedie David McGrew (mcgrew)
- Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
- Re: [Cfrg] 3DES diediedie John Mattsson
- [Cfrg] (confusing the issues) Re: [TLS] 3DES died… Rene Struik
- Re: [Cfrg] 3DES diediedie Ilari Liusvaara
- Re: [Cfrg] [TLS] (confusing the issues) Re: 3DES … Dave Garrett
- Re: [Cfrg] 3DES diediedie Jon Callas
- Re: [Cfrg] (confusing the issues) Re: [TLS] 3DES … Jon Callas
- Re: [Cfrg] 3DES diediedie Steven M. Bellovin
- Re: [Cfrg] (confusing the issues) Re: [TLS] 3DES … Rene Struik
- Re: [Cfrg] (confusing the issues) Re: [TLS] 3DES … Greg Rose
- Re: [Cfrg] 3DES diediedie Peter Gutmann
- Re: [Cfrg] 3DES diediedie Peter Gutmann
- Re: [Cfrg] 3DES diediedie David McGrew (mcgrew)
- Re: [Cfrg] 3DES diediedie Peter Gutmann
- Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
- Re: [Cfrg] 3DES diediedie Derek Atkins
- Re: [Cfrg] 3DES diediedie Hilarie Orman
- Re: [Cfrg] [TLS] 3DES diediedie Brian Sniffen
- Re: [Cfrg] [TLS] 3DES diediedie Hilarie Orman
- Re: [Cfrg] 3DES diediedie Steven M. Bellovin
- Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
- Re: [Cfrg] [TLS] 3DES diediedie Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [TLS] 3DES diediedie Hilarie Orman
- Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
- Re: [Cfrg] [TLS] 3DES diediedie Kyle Rose
- Re: [Cfrg] [TLS] 3DES diediedie Richard Hartmann
- Re: [Cfrg] 3DES diediedie Derek Atkins
- Re: [Cfrg] [TLS] 3DES diediedie Hilarie Orman
- Re: [Cfrg] [TLS] 3DES diediedie Ben Laurie
- Re: [Cfrg] [TLS] 3DES diediedie Ben Laurie
- Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
- Re: [Cfrg] [TLS] 3DES diediedie Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
- Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
- Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
- Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
- Re: [Cfrg] [TLS] 3DES diediedie Salz, Rich
- Re: [Cfrg] [TLS] 3DES diediedie Ira McDonald
- Re: [Cfrg] [TLS] 3DES diediedie Watson Ladd
- Re: [Cfrg] [TLS] 3DES diediedie Ira McDonald
- Re: [Cfrg] [TLS] 3DES diediedie Dave Garrett
- Re: [Cfrg] [TLS] 3DES diediedie Ira McDonald
- Re: [Cfrg] [TLS] 3DES diediedie Philip Levis
- Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
- Re: [Cfrg] [TLS] 3DES diediedie Tony Arcieri
- Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
- Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
- Re: [Cfrg] [TLS] 3DES diediedie Ilari Liusvaara
- Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
- Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
- Re: [Cfrg] [TLS] 3DES diediedie Ilari Liusvaara
- Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
- Re: [Cfrg] [TLS] 3DES diediedie Joachim Strömbergson
- Re: [Cfrg] [TLS] 3DES diediedie Richard Hartmann
- Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
- Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
- Re: [Cfrg] [TLS] 3DES diediedie Salz, Rich
- Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
- Re: [Cfrg] [TLS] 3DES diediedie Tony Arcieri
- Re: [Cfrg] [TLS] 3DES diediedie Peter Gutmann
- Re: [Cfrg] [TLS] 3DES diediedie Stephen Farrell
- Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
- Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
- Re: [Cfrg] [TLS] 3DES diediedie Derek Atkins
- Re: [Cfrg] [TLS] 3DES diediedie Kyle Rose
- Re: [Cfrg] [TLS] 3DES diediedie Tony Arcieri
- Re: [Cfrg] [TLS] 3DES diediedie Ilari Liusvaara
- Re: [Cfrg] [TLS] 3DES diediedie Yoav Nir
- Re: [Cfrg] [TLS] 3DES diediedie Kyle Rose
- Re: [Cfrg] [TLS] 3DES diediedie denis bider (Bitvise)