> On 4 Oct 2017, at 16:29, Russ Housley <hous...@vigilsec.com> wrote: > > >> On Oct 4, 2017, at 3:30 AM, Yoav Nir <ynir.i...@gmail.com >> <mailto:ynir.i...@gmail.com>> wrote: >> >> (IoT) - This requirement is for interoperability with IoT. Only >> 128-bit keys are at the given level. > If the IoT environment is willing to accept lower integrity protection in > order to save a few bits on the wire/ether, I do not see why the > specification also forces them from using a larger key size. > > Russ >
Maybe to save a few cycles in addition to the few bits? They claimed that the one AEAD cipher they needed was AES_CCM_8 with a 128-bit key, because that was all that their hardware supports. What we are saying is that if you want your (in that case IPsec, but it’s no different for TLS) to work with IoT devices, you need that AEAD cipher. Yoav
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls