Re: [TLS] CPU cost of 1RTT handshake
Ilari Liusvaara <ilari.liusvaara@elisanet.fi> Sun, 10 August 2014 21:11 UTC
Return-Path: <ilari.liusvaara@elisanet.fi>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93E3C1A0052 for <tls@ietfa.amsl.com>; Sun, 10 Aug 2014 14:11:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dPyRskEZ6lXX for <tls@ietfa.amsl.com>; Sun, 10 Aug 2014 14:11:19 -0700 (PDT)
Received: from emh06.mail.saunalahti.fi (emh06.mail.saunalahti.fi [62.142.5.116]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6061C1A0051 for <tls@ietf.org>; Sun, 10 Aug 2014 14:11:19 -0700 (PDT)
Received: from LK-Perkele-VII (a88-112-44-140.elisa-laajakaista.fi [88.112.44.140]) by emh06.mail.saunalahti.fi (Postfix) with ESMTP id 71DCC699B2; Mon, 11 Aug 2014 00:11:14 +0300 (EEST)
Date: Mon, 11 Aug 2014 00:11:13 +0300
From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
To: Watson Ladd <watsonbladd@gmail.com>
Message-ID: <20140810211113.GA32711@LK-Perkele-VII>
References: <CACsn0cmxi5DdJz=XosLe3Kw=NYQnpm7PbzyPtqZAQrinzTsgAQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CACsn0cmxi5DdJz=XosLe3Kw=NYQnpm7PbzyPtqZAQrinzTsgAQ@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/s6zbaayloAtqJRpzocfSowNh2lA
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] CPU cost of 1RTT handshake
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Aug 2014 21:11:21 -0000
On Sun, Aug 10, 2014 at 01:35:13PM -0700, Watson Ladd wrote: > Dear all, > > Right now, instead of the server defining the group to be used and > sending a key in the group, the client computes multiple keys, and the > server selects one. This is very bad for embedded devices with > constrained CPU, especially if they are connecting to a server over > high-latency, low-bandwidth links. Have the constrained client support just 1 group (most probably the cheapest one to compute, hopefully it is something secure)? Constrained clients hopefully don't go connecting to random servers. Supporting additional groups would mean additional code too, and ROM space is scarce in constrained devices (50-250kB _total_ might be typical). -Ilari
- [TLS] CPU cost of 1RTT handshake Watson Ladd
- Re: [TLS] CPU cost of 1RTT handshake Ilari Liusvaara
- Re: [TLS] CPU cost of 1RTT handshake Eric Rescorla
- Re: [TLS] CPU cost of 1RTT handshake Watson Ladd
- Re: [TLS] CPU cost of 1RTT handshake Eric Rescorla