David McGrew (mcgrew) <mcg...@cisco.com> writes: >I don’t think you understood my point. IoT is about small devices connecting >to the Internet, and IETF standards should expect designed-for-IoT crypto to >be increasingly in scope. It is important to not forget about these devices, >amidst the current attention being paid to misuses of 64-bit block ciphers, >which was the ultimate cause of this mail thread.
But the IETF has a long history of creating standards that completely ignore IoT. I can't think of a single general-purpose IETF security standard (TLS, SSH, IPsec, etc) that has any hope of working with IoT devices (say a 40Mhz ARM-core ASIC with 32kB RAM and 64kB flash). This is why the ITU/IEC and a million lesser-known standards bodies are all busy inventing their own exquisitely homebrew crypto protocols, most of which make WEP look like a model of good design. (I've always wanted to sit down and design a generic "encrypted pipe from A to B using minimal resources" spec, and I'm sure many other people have had the same thought at one time or another). So it seems like you've got: - The "TLS = the web" crowd (browser vendors and the like) who will implement whatever's trendy at the moment and assume everyone has a quad-core 2GHz CPU with gigabytes of RAM and access to weekly live updates and hotfixes. - Embedded/SCADA folks who need to deal with 10-15 year product cycles (see my TLS-LTS draft for more on this) and are kind of stuck. - IoT people, who can't use any standard protocol and will get the least unqualified person on staff to invent something that seems OK to them. I'm not sure that a draft on theoretical weaknesses in 64-bit block ciphers is going to affect any of those... Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
