Things that won't solve IoT security: More efficient crypto chips.https://news.mit.edu/2018/energy-efficient-encryption-internet-of-things-0213 …
-
-
It only seems to do mTLS, bizarrely
-
Doing protocol rather than primitives is a horrible mistake unless it has upgradeable firmware....
-
yeah that seemed weird. I like the idea of EC instructions though generally. Seems a sane add on to eg vector instruction sets that already have wide ints.
-
Field arithmetic instructions would be generally more useful, but some manufacturers (eg Microchip) are already putting in full offload. The problem I have with those implementations is that they're not reviewable.
-
EC cost isn't what's keeping TLS expensive for IoT though. Making max fragment length mandatory and eliminating handshake fragmentation would help a lot. Adding some new AES + CMAC and non-broken AES + HMAC modes would also help hardware that has AES or SHA units.
-
Unfortunately the 1.3 spec authors care more about making it slightly faster to get to YouTube than they do implementation simplicity (and correctness) or scalability to small systems. :/
-
Can't you just drop all those features (session resume stuff etc) when implementing?
-
You can. I think adding features was a poor choice of direction for TLS 1.3 though. I think would have been more important to make it as simple as possible to produce a correct implementation by limiting protocol flexibility.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.