The point I'm making Hannes is that, though not so long ago the "cost"
for RNG was prohibitive for many constrained end-devices ... this is
more often no longer the case and improving every month (despite
whatever other security functions are packaged within the module).
On 5/14/2019 7:29 PM, Hannes Tschofenig wrote:
Hi Paul,
My understanding from reading the draft text was that the "cost" was actually talking about
"energy cost" rather than "monetary cost".
The monetary cost may also be interesting.
It is difficult to judge the extra cost of a RNG in an MCU because
(a) you rarely find an MCU with and without MCU (keeping all other features the
same),
(b) even if you find one there are other factors that impact the cost (such as
popularity of a particular MCU),
(c) RNG features are often provided with other features (such as SHA256 and AES
in hardware), and
(d) cost and price of an MCU are different aspects.
Ciao
Hannes
-----Original Message-----
From: Paul Duffy <[email protected]>
Sent: Dienstag, 14. Mai 2019 15:08
To: Hannes Tschofenig <[email protected]>; [email protected]
Subject: Re: [Ace] EST over CoAP: Randomness
On 5/9/2019 10:42 AM, Hannes Tschofenig wrote:
I believe we should encourage developers to pick the correct hardware for the
task rather than making them believe we have come up with solutions that allow
them to get away without a hardware-based RNG.
I also do not believe the statement that random number key generation is
costly. Can you give me some number?
Strong agreement. The added cost for hw based RNG is ever decreasing. Last
time I checked it was on the order of 50 cents @ Q 10k? It has likely fallen
since. Confirm with Atmel etc.
Cheers
IMPORTANT NOTICE: The contents of this email and any attachments are
confidential and may also be privileged. If you are not the intended recipient,
please notify the sender immediately and do not disclose the contents to any
other person, use it for any purpose, or store or copy the information in any
medium. Thank you.
_______________________________________________
Ace mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ace
