Re: [TLS] [Cfrg] 3DES diediedie

Philip Levis <pal@cs.stanford.edu> Wed, 07 September 2016 00:32 UTC

Return-Path: <pal@cs.stanford.edu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C337612B46B; Tue, 6 Sep 2016 17:32:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.729
X-Spam-Level:
X-Spam-Status: No, score=-5.729 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M01fREjGMUc0; Tue, 6 Sep 2016 17:32:04 -0700 (PDT)
Received: from smtp2.cs.Stanford.EDU (smtp2.cs.stanford.edu [171.64.64.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6A2B12B444; Tue, 6 Sep 2016 17:32:04 -0700 (PDT)
Received: from 139.sub-70-197-0.myvzw.com ([70.197.0.139]:7228 helo=[100.106.199.147]) by smtp2.cs.Stanford.EDU with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.84_2) (envelope-from <pal@cs.stanford.edu>) id 1bhQmZ-0006pS-DK; Tue, 06 Sep 2016 17:32:04 -0700
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Philip Levis <pal@cs.stanford.edu>
X-Mailer: iPhone Mail (13F69)
In-Reply-To: <201609062017.29697.davemgarrett@gmail.com>
Date: Tue, 6 Sep 2016 17:32:02 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <F912444F-CDEC-4C94-9918-28A5C977C6F4@cs.stanford.edu>
References: <m2lgzcyhxi.fsf@bos-mpeve.kendall.corp.akamai.com> <CABrd9STOCbBo=g22XySRnWofHwVZkrC-ripZY38yLRZV2kQh3A@mail.gmail.com> <sjminu8vk1t.fsf@securerf.ihtfp.org> <201609062017.29697.davemgarrett@gmail.com>
To: Dave Garrett <davemgarrett@gmail.com>
X-Scan-Signature: 7e839a9fe5d3c1ffc6f045e071031982
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/w7fz5RYKg6kA9uCbntU6wgSuYyE>
Cc: Derek Atkins <derek@ihtfp.com>, cfrg@irtf.org, tls@ietf.org, Hilarie Orman <hilarie@purplestreak.com>
Subject: Re: [TLS] [Cfrg] 3DES diediedie
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2016 00:32:13 -0000

The market is moving to ARM Cortex Ms, in part because of their clean I/O architecture and good SoC support. An M0 with integrated BLE chipset is easily <1$ today at small scale. Extrapolate a few years and to volume of millions between large companies rather than small startups.  Software like mBed OS and 6lowpan support helps too. 

You or I might not want chips in our light bulbs, but some people will, and so it is part of the Internet landscape we need to keep in mind. 

Phil [sent from a phone]

> On Sep 6, 2016, at 5:17 PM, Dave Garrett <davemgarrett@gmail.com> wrote:
> 
>> On Tuesday, September 06, 2016 04:40:30 pm Derek Atkins wrote:
>> Ben Laurie <benl@google.com> writes:
>>>    An ARM is far too much hardware to throw at "read sensor/munge data/send
>>>    data".
>>> 
>>> The question is not "how much hardware?" but "price?" - with  ARMs including h
>>> /w AES coming in at $2 for a single unit, its hard to explain why you\d want
>>> to use a less powerful CPU...
>> 
>> Because this is a light bulb that sells for $6-10.  Adding $2 to the price
>> is just completely unreasonable.  The price point needs to be pennies.
>> Note that this is just one example, but yes, these level of products are
>> getting "smarter" and we, as security professionals, should encourage
>> "as strong security as possble" without getting the manufacturers to
>> just say "sorry, too expensive, I'll go without."  (which is,
>> unfortunately, exactly what's been happening)
> 
> Personally, I'd just say "stop putting chips in light bulbs", instead. Companies making these things are unfortunately just not going to be making good security decisions. Bad or no security is cheaper than competent security, and selling light bulbs with bad security is not illegal. We'll be more successful focusing our effort on dealing with light bulb botnets than trying to get people to make secure "smart" light bulbs. There is no good solution on our end, and debating the price of chips for light bulbs is not a good way to make security decisions in TLS.
> 
> 
> Dave
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls