-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aloha!
Tom Ritter wrote: > On 17 March 2016 at 21:09, Martin Thomson <martin.thom...@gmail.com> > wrote: >> On 18 March 2016 at 12:37, Mike Hamburg <m...@shiftleft.org> >> wrote: >>> No. The goal should be to remove ciphers, not add new ones, >>> unless we have a really compelling reason. >> A necessary, but sufficient set of reasons might include: >> >> 1. thorough cryptanalysis 2. advantages over existing ciphers on >> important metrics like security and speed, though this would likely >> need to be significant at this point 3. interest in implementation >> >> Speck is 0 from 3. > > I might make it .5 for 3. Speck is specifically designed to be a > lightweight cipher for constrained devices. With RC4 dead in the > water - we don't have one of those. (Unless ChaCha20 is better than > Speck/Simon/related...) ChaCha20 was not explicitly designed to be lightweight. That said, it is fairly compact and get good performance on smaller architectures. Even though the internal variables ate 64-bit, the ARX operations are easy to map to smaller registers. The closely related Salsa20 cipher requires about 5 cycles/byte on ARM: https://www.hyperelliptic.org/tanja/vortraege/20121129.pdf But if we wanted algorithms optimized for embedded, small architectures we could look at the ECRYPT eSTREAM profile 2 ciphers: http://www.ecrypt.eu.org/stream/ AFAIK they did get a fair amount of analysis. - -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== Joachim Strömbergson Secworks AB joac...@secworks.se ======================================================================== -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJW768TAAoJEF3cfFQkIuyNI6kQAJqE8LL0RJl4hZGufq/qeMId q4t6m+kHLu0mZhufNUAs15yMz5XA4El0ZBOKuNml4sUUYRZWyUCinALjXvJ6gxEV jptsj9XiEKYGrmIOjOZxBo85oeKYgDKDvvXmgS5BWmsOFzvjTteuIV2udwEzydWo yWoHmYba47vI/R6GwNLykkaum3dYpYuZQtcRYHZO34/+asxcmhDydR03iYKOJWM6 EG1HyT2Wc9nzeXifzp21IdMFYe67IFz3E9/0YLExyInBA2ZCE1/ziQn/m2ZpSsBN DFjp6Rg3U6FkcvJ9f/xz0ltG5rp5+NZAGfzc5rcRNZ3sZfF1DbyV9bCcppWngjmd /7HYuzAWoveMmxcWU64ClFdUhkyMDyeBd3gRDq74GWXjHszZifFNxtEG2IKclqco HmrP7OWdEpeaaSF1EmKZwSjwNlpWD7OAYykTYoRqtETF4hzj2jqniFuG+QEy7MsS 9oMnI2ojNVkfDISlWmeDDIXEnH5m/RHQqXqK9YQwSM/YDz1mGidQjjJm576+M10y Ok9v/WswIuqwATtfKX8AWXci1YojwhY9iBegTDawphwRLtV11JRsY0C+iUD1xjJ3 Jywlx7d+HDZ0XX10NJS80FhJE9wzo12F93fntGlKsLDPzKhtiQfmulY4RFrr/LlU INSG+VzHMYQmPAjTVDCc =2IW+ -----END PGP SIGNATURE----- _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
