Hi,
"Grunwald, Markus" <[email protected]> writes:
> - How are applications handled that are not able to provide private/
> public key encryption?
>
> I may (most possibly) have missed something, but the only answer that you seem
> to accept is “public key encryption”, period. Then let me ask directly: how
> should systems that have to reply in a tight margin be handled? People will
> simply not buy a lighting solution where the light will switch on 500ms after
> you pressed the switch. They will lough at this “solution”.
True, but there are other public-key games in town.
> So, throw more hardware at it? For light switches that cost €100, adding a
> crypto chip for ¢50 might not be a problem. But there are parts like ECG where
> ¢2 matter. One of them will be in every luminaire…
Indeed. Cost is an important characteristic. On the other hand it's
definitely not going to come for free. So where is the cost/benefit
curve cross over?
> This means, there are systems that cannot afford to provide public key
> encryption. Do you want an IoT without light? Let’s not bow to the
> “discrimination of the light switch”, at least not for the parking house/
> parking lot. An Airport is a different beast.
For the record, I've been working on a group theoretic public-key
signature scheme that's looking very promising. It's designed to run
extremely efficiently in these extremely constrained devices. In our
tests so far signature verification is 1-2 orders of magnitude faster
than ECDSA verification, and runs extremely well in 8, 16, and 32-bit
environments. For example, on an ARM Cortex-M3 the verification runs in
under 10ms. (I believe Hannes was reporting 200-400ms for ECDSA
verification). Something to keep in mind when thinking about how hard
it is to work with public key signature verification on these devices.
-derek
--
Derek Atkins 617-623-3745
[email protected] www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
Ace mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ace
