On Tue, Sep 6, 2016 at 9:15 PM, Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote:
> When crypto hardware support is available, it's universally AES, > occasionally > SHA-1 and/or DES, and very rarely RSA and/or DH and/or ECDSA EMV chip cards support RSA digital signatures. Granted earlier EMV cards used ridiculously small key lengths (i.e. 320-bits), but they have been gradually ratcheted up to e.g. 768 or 1024-bits. These cards number in the billions (10s of billions?) and the chips are priced in the penny range. I don't think it's impractical to ship hardware accelerated asymmetric crypto primitives on chips that meet the specifications you're describing. The payments industry has definitely shown it's possible. -- Tony Arcieri
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
