Tony Arcieri writes:
>As someone who works professionally in the payments industry alongside people
>who are directly implementing EMV protocols, let me note: those are not IETF
>protocols and should not have bearing on IETF/IRTF decisions regarding
>deprecations of protocols in TLS or other IETF
David McGrew (mcgrew) writes:
>Most of the lightweight “designed for IoT” block ciphers have a 64 bit block
>size (and sometimes even smaller); see for instance Table 1.1 of
>https://eprint.iacr.org/2013/404.pdf So perhaps what the Internet needs here
>is sound guidance on how to use 64-bit block
Hi Peter,
On 8/27/16, 8:21 AM, "Peter Gutmann" wrote:
>David McGrew (mcgrew) writes:
>
>>Most of the lightweight “designed for IoT” block ciphers have a 64 bit block
>>size (and sometimes even smaller); see for instance Table 1.1 of
>>https://eprint.iacr.org/2013/404.pdf So perhaps what the
David Benjamin writes:
>TLS 1.3 will resolve this with the new cipher suite negotiation, but I agree
>this makes the specification basically undeployable with TLS 1.2. This issue
>also got brought up here:
>https://www.ietf.org/mail-archive/web/tls/current/msg18697.html
Hmm, good point. So read
On Sat, Aug 27, 2016 at 01:27:15PM +, Peter Gutmann wrote:
> David Benjamin writes:
>
> >TLS 1.3 will resolve this with the new cipher suite negotiation, but I agree
> >this makes the specification basically undeployable with TLS 1.2. This issue
> >also got brought up here:
> >https://www.iet
> Looking at it from the other side, your typical IoT device will be sending,
> for example, a 12-byte message every 15 minutes, meaning it'll take, if my
> calculations are right, just under two million years to collect the 785GB of
> data required to perform the attack.
I agree that it would be
