> From: Derek Atkins <de...@ihtfp.com> > Date: Wed, 31 Aug 2016 10:17:25 -0400
> "Steven M. Bellovin" <s...@cs.columbia.edu> writes: > > Yes. To a large extent, the "IoT devices are too puny for real > > crypto" is a hangover from several years ago. It was once true; for > > the most part, it isn't today, but people haven't flushed their cache > > from the old received wisdom. > This is certainly true for AES, mostly because many small chips are > including AES accelerators in hardware. It's not quite true for public > key solutions; there are still very small devices where even ECC takes > too long (and yes, there are cases where 200-400ms is still too long). > > It pays to look again at David Wagner's slides from 2005, on sensor > > nets and crypto: > > https://people.eecs.berkeley.edu/~daw/talks/sens-oak05.pdf > > Unattended sensors with wifi present an unsolved crypto problem. They can last 10 years on an AA battery without crypto, probably well less than a year if they have to do any kind of encryption. These things will be everywhere, providing the data that will underly all kinds of decision-making. Although much of the solution may lie in hardware innovation, the world really does need minimal crypto algorithms. Hilarie _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls