back to article Uncle Sam wants to strip the IoS out of IoT with light crypto

The US National Institute of Standards and Technology wants to protect all devices great and small, and is getting closer to settling on next-gen cryptographic algorithms suitable for systems at both ends of that spectrum – the very great and the very small. At the tiny end, Internet of Things (IoT) gadgets include everything …

  1. Anonymous Coward
    Anonymous Coward

    Taking the S out

    While a laudable goal, is about more than building a plan to block the future landfill material. We need to actually kill all of the garbage that is already out there in addition to not adding new garbage to the pile.

    In jest we should look at the good work of the UK telly tax spy vans. Clearing the US of it's poorly built but oddly loved "smart" products house by house and block by block. We should just hook them to the garbage trucks. Bounty paid to those who toss them voluntarily and collected from those that hide them. Free pickup once a week with the yard waste.

    Or they'll find you...

    1. Anonymous Coward
      Anonymous Coward

      Re: Taking the S out

      If people want to use those devices within their own home then let them. You can prevent them from being sold and you can make people aware of the potential risks of using them but it is them up to them whether they want to keep them or not.

      1. big_D Silver badge

        Re: Taking the S out

        The problem is, they often call back to base and they are often exposed to the Internet, so can be exploited and used as a base of operations to launch further attacks on other, more secure devices, or even in DDoS attacks against others.

  2. Anonymous Coward
    Anonymous Coward

    "...lightweight cryptography..." ... Or More Misdirection?

    Recent work here at White Hat Towers has found a very interesting dichotomy:

    (1) Encryption and decryption using huge prime numbers is actually quite fast, even using pathetic, low end hardware

    (2) But FINDING useful huge prime numbers takes forever, even with reasonably powerful workstations

    Here we are talking about AES or samba20 and Diffie/Hellman with primes bigger than 20,000 bits.

    So it seems that this NIST project is focusing on item #1.......but failing to tell us that item #2 might be a real problem......

    .......particularly if citizens are going to actually control the security of their own hardware.

    Yup......let's use the "recommended" prime numbers (or the "recommended" elliptical curve)......supplied by NIST!

    Misdirection?

    I think we should be told!!!

    1. yetanotheraoc Silver badge

      Re: "...lightweight cryptography..." ... Or More Misdirection?

      "FINDING useful huge prime numbers takes forever"

      Just ask ChatGPT.

    2. It's just me
      Thumb Down

      Re: "...lightweight cryptography..." ... Or More Misdirection?

      AES and salsa20 are symmetric ciphers that don't use prime numbers. Sounds like you're doing some misdirecting yourself.

      1. Anonymous Coward
        Anonymous Coward

        Re: "...lightweight cryptography..." ... Or More Misdirection?

        @It's_Just_Me

        No misdirection.......Diffie/Hellman DOES use prime numbers.....and Diffie/Hellman is used to communicate keys.

        Sounds like you're doing some misdirecting yourself.

    3. FrogsAndChips Silver badge

      Re: "...lightweight cryptography..." ... Or More Misdirection?

      But FINDING useful huge prime numbers takes forever

      No, it doesn't

      Here we are talking about AES or samba20 and Diffie/Hellman with primes bigger than 20,000 bits

      RSA and DH use primes of size about 1024 or 2048 bits.

      1. MJB7

        Re: "...lightweight cryptography..." ... Or More Misdirection?

        RSA 1024 is only acceptable for historic protocols. It should not be used today. RSA 2048 is perfectly acceptable today, but for longer term security, you need RSA 4096 or higher.

        Key generation _is_ slow for RSA. The hardware security module my employer makes can take 15 minutes to generate an RSA16384, and it's got a relatively beefy processor. An IoT device is going to take a while to generate RSA2048 (not to mention the problem of "where does it get the entropy from") - but it doesn't have to do that for every message.

  3. NoneSuch Silver badge
    Devil

    "Cryptographers pulled apart and searched for weaknesses in the algorithms before choosing ten finalists"

    I'm sure. And the NSA staff members who did the review prioritized them on what they could break easily, but looks solid to the rest of the world.

    1. Anonymous Coward
      Anonymous Coward

      you're implying NSA staff are smarter than the rest of the world, they are not, they just have less ethics, like the FBI and CIA.

  4. MJB7
    Boffin

    Remember folks, the S in IoT stands for "Security"

    (shamelessly stolen from cryptography.stackexchange.com)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like