Re: [TLS] [Cfrg] 3DES diediedie

Derek Atkins <derek@ihtfp.com> Tue, 06 September 2016 20:40 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAD5A12B41E for <tls@ietfa.amsl.com>; Tue, 6 Sep 2016 13:40:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0jgW3OumUP9P for <tls@ietfa.amsl.com>; Tue, 6 Sep 2016 13:40:35 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A37612B44A for <tls@ietf.org>; Tue, 6 Sep 2016 13:40:35 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 1783BE2045; Tue, 6 Sep 2016 16:40:34 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 21867-01; Tue, 6 Sep 2016 16:40:31 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [IPv6:2001:470:e448:2:ea2a:eaff:fe7d:235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 3B967E2038; Tue, 6 Sep 2016 16:40:31 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1473194431; bh=GjXRhF+eldyUxTQU9A7EfeTIP/d5LluNLW04Jf1KYpU=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=JQAgnszU3/XctmFhfnjiacQ5Ief8zDAFOSVPcxeQWr2M5ZG18tBwEr2tKv44V+tQE qWQzyYsex1zpTVeQV9y/0XoxXKC2J5qoVUFSoX6GGq8MNxfGWfs/shC2G4+l6vGIAe UIqPZwUgDoo6i7jnnCepsvcEkPtKEIDOGfxARDAQ=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.14.8/Submit) id u86KeU7A023000; Tue, 6 Sep 2016 16:40:30 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Ben Laurie <benl@google.com>
References: <m2lgzcyhxi.fsf@bos-mpeve.kendall.corp.akamai.com> <201608311948.u7VJmChl018731@rumpleteazer.rhmr.com> <CABrd9STOCbBo=g22XySRnWofHwVZkrC-ripZY38yLRZV2kQh3A@mail.gmail.com>
Date: Tue, 06 Sep 2016 16:40:30 -0400
In-Reply-To: <CABrd9STOCbBo=g22XySRnWofHwVZkrC-ripZY38yLRZV2kQh3A@mail.gmail.com> (Ben Laurie's message of "Mon, 5 Sep 2016 19:25:39 +0100")
Message-ID: <sjminu8vk1t.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/cmhebISRHBjpQn5jBogpgbFsjkU>
Cc: cfrg@irtf.org, Hilarie Orman <hilarie@purplestreak.com>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] [Cfrg] 3DES diediedie
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Sep 2016 20:40:37 -0000

Ben Laurie <benl@google.com> writes:

>     An ARM is far too much hardware to throw at "read sensor/munge data/send
>     data".
>
> The question is not "how much hardware?" but "price?" - with  ARMs including h
> /w AES coming in at $2 for a single unit, its hard to explain why you\d want
> to use a less powerful CPU...

Because this is a light bulb that sells for $6-10.  Adding $2 to the price
is just completely unreasonable.  The price point needs to be pennies.
Note that this is just one example, but yes, these level of products are
getting "smarter" and we, as security professionals, should encourage
"as strong security as possble" without getting the manufacturers to
just say "sorry, too expensive, I'll go without."  (which is,
unfortunately, exactly what's been happening)

>     Hilarie

-derek
-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant