ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] SHA-x performance

2015-08-14 04:30:39
from [Peter Gutmann] [Permanent Link] 
ianG <iang(_at_)iang(_dot_)org> writes:


To what extent are we accepting the embedded market as "our market" ?


It's not a case of "now we want to target 8051's" but more a case of "the same
hardware that can currently employ PGP shouldn't be prevented from employing
it in the future because of a change to an overly heavyweight algorithm".
Switching from SHA-1 to SHA-256 isn't a big deal, but going to SHA-512 with
its order-of-magnitude slowdown over -256 is.

An example of a typical target device was the one mentioned in another post by
Yutaka Niibe, an STM32F103, which is a Cortex M3 that I mentioned earlier.  A
more recent, and also very popular one, is the M0 (released five years after
the M3, but with much more minimal capabilities, I'd set the minimum target at
an M3 in that if you want to be doing crypto you shouldn't be using an M0).


Is this something that already exists in the sense that a lot of them are
already doing OpenPGP signing for some purpose? 


Use of PGP in embedded is basically nonexistent, so it's more a case of "this
could be useful in the future".  The stuff will have to be secured in some
manner, and being able to present PGP as a candidate would be good.

(To put this into perspective, there's an apparently neverending stream of
checkbox-engineered security standards and best-practices for things like
smart meters where the developers are being asked to implement X.509 cert
handling, SCEP for cert enrolment, TLS for reporting, and SSH for remote
management, on an M0 realtime system (so no task can hold up the CPU for more
than, say, 10ms) with 4kB RAM and 32kB flash total.  Now admittedly PGP won't
fit into that either, but it's slightly less insane than the wishlists being
promulgated by industry groups.  I have no idea what developers are doing in
response to this disconnect from reality in the requirements, but I'm guessing
it'll provide fodder for Black Hat and Defcon talks for years to come).

Peter.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] SHA3 algorithm ids., Derek Atkins
Next by Date:  Re: [openpgp] SHA3 algorithm ids., Bill Frantz
Previous by Thread:  Re: [openpgp] SHA-x performance, Hilarie Orman
Next by Thread:  Re: [openpgp] SHA-x performance, NIIBE Yutaka
Indexes:  [Date] [Thread] [Top] [All Lists]