Re: [openpgp] SHA3 algorithm ids.
Phillip Hallam-Baker <phill@hallambaker.com> Tue, 18 August 2015 14:53 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A55C1A009C for <openpgp@ietfa.amsl.com>; Tue, 18 Aug 2015 07:53:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GzRHUwKcvRgE for <openpgp@ietfa.amsl.com>; Tue, 18 Aug 2015 07:53:16 -0700 (PDT)
Received: from mail-qk0-x234.google.com (mail-qk0-x234.google.com [IPv6:2607:f8b0:400d:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBD211A0074 for <openpgp@ietf.org>; Tue, 18 Aug 2015 07:53:15 -0700 (PDT)
Received: by qkbm65 with SMTP id m65so58899005qkb.2 for <openpgp@ietf.org>; Tue, 18 Aug 2015 07:53:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=KHzb5xUchhh5nMTPknUWYIopbJMcz9W6WQQTJqxLNVw=; b=09NUJI07LJ4QC9d/16zB8wwT5s3BlRLtZ97ybjQn8y1O3XH4V4yNlSSE5MBrl2ZGem j0GRCEow1Nm89j0TYJwLq3FgK58zkxV3l7GJ7/0VwA4i8sWlEW/nUluUmaOVJST1RBFz cfVgZGoVBgPRiEfk4aJvGhqcPT5SpNs9jaglCV4i5plU2xwjlH2DDF+h7MtBZsSfsiw2 MQ42WhOSHQDqL77UBw/eb/AykdpS7ZS1ov/+NPjkGlZqF9l2gs9zYXbrb6OQUqDkybIT tbXbTAZjCEkl1CMgYz8bub1nkJSceK9guh6IIINujrngDN92BfmM6clvtvLeI30O2ROz wNUA==
MIME-Version: 1.0
X-Received: by 10.55.52.12 with SMTP id b12mr13465864qka.21.1439909594920; Tue, 18 Aug 2015 07:53:14 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.140.43.97 with HTTP; Tue, 18 Aug 2015 07:53:14 -0700 (PDT)
In-Reply-To: <r422Ps-1075i-86B582D336144E6FBEE41CEEF8DF7299@Williams-MacBook-Pro.local>
References: <sjmoai7p74i.fsf@securerf.ihtfp.org> <r422Ps-1075i-86B582D336144E6FBEE41CEEF8DF7299@Williams-MacBook-Pro.local>
Date: Tue, 18 Aug 2015 10:53:14 -0400
X-Google-Sender-Auth: n4MSCMYRmfXUkbJ2b8LSKYuRAuA
Message-ID: <CAMm+LwjLS44jY0PhjTMJBi5A13495xuKDNWVoNJCUNTAM0wKjQ@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Bill Frantz <frantz@pwpconsult.com>
Content-Type: multipart/alternative; boundary="001a11478082ea05b4051d97135b"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/uKyhd1FWEmDVLB-q1UhHDPh7Frs>
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>, IETF OpenPGP <openpgp@ietf.org>, Derek Atkins <derek@ihtfp.com>, ianG <iang@iang.org>
Subject: Re: [openpgp] SHA3 algorithm ids.
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Aug 2015 14:53:17 -0000
On Tue, Aug 18, 2015 at 10:32 AM, Bill Frantz <frantz@pwpconsult.com> wrote: > On 8/16/15 at 8:47 AM, derek@ihtfp.com (Derek Atkins) wrote: > > Bill Frantz <frantz@pwpconsult.com> writes: >> >> I think in the IoT space, we will need to have signed software >>> updates. I don't think there is much of an issue taking several >>> seconds to verify an update signature, but these 8 bit processors seem >>> like the right level of hardware for these IoT devices. >>> >> >> Yes, signed software is definitely one use case. However, often on >> these systems it's more than just authenticating a software update; >> sometimes it might actually want to check the signature on every bootup >> (to prevent an attack on the flash/firmware)! >> > > I hope we don't have to worry about attacks via physical access, so the > only attacks available will be through the upgrade mechanism. > > We also need to worry about authentication and replay prevention for the > instructions delivered to these devices through the internet. One can > imagine an architecture with a controller with the power of a Raspberry Pi > giving orders to dumber devices using authenticated symmetric crypto as a > solution. That system would prevent my favorite "neat hack" attack, turning > your neighbor's living room into your own light organ. Exactly the approach I want to see. Yes, it is absolutely true that 8 bit CPUs matter and I have been telling people that there are more of them produced every year than the last for over ten years now. BUT Anyone building a system who is trying to tell me that there is no room anywhere in that system for a $1 Raspberry Pi sized CPU and memory needs slapping with a cluestick. What I would really like right now is some low cost controller for two stepper motors that can sit off an IC2 serial port with all the commands being authenticated by a MAC. I don't need a lot of CPU power to be able to take commands off a slowish serial bus, authenticate them and set registers controlling a couple of steppers. Llama, my static hero sized dalek prop would like to be able to waggle his plunger and exterminator gun. The idea is that when someone enters the office without badging in, they get a surprise.
- [openpgp] SHA3 algorithm ids. Werner Koch
- Re: [openpgp] SHA3 algorithm ids. Paul Wouters
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Christoph Anton Mitterer
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Werner Koch
- Re: [openpgp] SHA3 algorithm ids. Peter Gutmann
- Re: [openpgp] SHA3 algorithm ids. Christoph Anton Mitterer
- Re: [openpgp] SHA3 algorithm ids. Stephen Farrell
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Derek Atkins
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. Werner Koch
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Paul Wouters
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. Peter Gutmann
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- [openpgp] Why or why not SHA{2,3}-512 (was: SHA3 … Werner Koch
- [openpgp] WWhy or why not SHA{2,3}-512 (was: SHA3… Werner Koch
- Re: [openpgp] SHA3 algorithm ids. Werner Koch
- Re: [openpgp] SHA3 algorithm ids. Werner Koch
- Re: [openpgp] SHA3 algorithm ids. Daniel Kahn Gillmor
- Re: [openpgp] SHA3 algorithm ids. Daniel Kahn Gillmor
- Re: [openpgp] SHA3 algorithm ids. Peter Gutmann
- [openpgp] SHA-x performance (was: SHA3 algorithm … Werner Koch
- Re: [openpgp] SHA-x performance (was: SHA3 algori… Daniel Kahn Gillmor
- Re: [openpgp] SHA-x performance (was: SHA3 algori… Peter Gutmann
- Re: [openpgp] SHA-x performance (was: SHA3 algori… Dang, Quynh
- Re: [openpgp] SHA-x performance Werner Koch
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA-x performance Werner Koch
- Re: [openpgp] Why or why not SHA{2, 3}-512 (was: … Phillip Hallam-Baker
- Re: [openpgp] SHA-x performance Peter Gutmann
- Re: [openpgp] Why or why not SHA{2, 3}-512 Werner Koch
- Re: [openpgp] SHA-x performance ianG
- Re: [openpgp] SHA-x performance Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. Derek Atkins
- Re: [openpgp] SHA-x performance ianG
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA-x performance Bill Frantz
- Re: [openpgp] SHA-x performance Hilarie Orman
- Re: [openpgp] WWhy or why not SHA{2, 3}-512 (was:… Phillip Hallam-Baker
- Re: [openpgp] SHA-x performance NIIBE Yutaka
- Re: [openpgp] SHA3 algorithm ids. Derek Atkins
- Re: [openpgp] SHA-x performance Peter Gutmann
- Re: [openpgp] SHA3 algorithm ids. Bill Frantz
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Derek Atkins
- Re: [openpgp] SHA3 algorithm ids. Bill Frantz
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. Peter Gutmann
- Re: [openpgp] SHA3 algorithm ids. Andrey Jivsov
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Robert J. Hansen
- Re: [openpgp] SHA3 algorithm ids. Werner Koch