Hi All Here is an example of PSK+ECDHE for IoT
https://tools.ietf.org/html/draft-urien-tls-se-00 uses TLS1.3 server PSK+ECDHE for secure elements The security level in these devices is as high as EAL5+ The computing time is about 1.4s for a PSK+ECDHE session (AES-128-CCM, + secp256r1) The real critical resource is the required RAM size, less than 1KB in our experiments The secure element only needs a classical TCP/IP interface (i.e. sockets like) Trusted PSK should avoid selfie attacks Pascal Le lun. 21 sept. 2020 à 11:29, Hannes Tschofenig <hannes.tschofe...@arm.com> a écrit : > Hi Filippo, > > > > - Indeed, if the SCADA industry has a particular need, they should > profile TLS for use in that industry, and not require we change the > recommendation for the open Internet. > > > > We have an IoT profile for TLS and it talks about the use of PSK, see > https://tools.ietf.org/html/rfc7925 > > > > On the “open Internet” (probably referring to the Web usage) you are not > going to use PSKs in TLS. There is a separate RFC that provides > recommendations for that environmnent, see RFC 752. That RFC is currently > being revised, see draft-sheffer-uta-rfc7525bis-00 > <https://datatracker.ietf.org/doc/draft-sheffer-uta-rfc7525bis/> > > > > Ciao > > Hannes > > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
