[Cryptography] Long-term security (was Re: ratcheting DH strengths over time)
Gé Weijers
ge at weijers.org
Mon Nov 16 15:27:17 EST 2015
On Mon, Nov 16, 2015 at 10:05 AM Perry E. Metzger <perry at piermont.com>
wrote:
[...]
> SCADA systems and other embedded hardware may need to be kept secure
> from tampering for 30 years or longer. This stuff shows up in
> surprising places -- people really are doing things like putting
> building heating and elevator systems onto the internet now.
>
>
Keeping a secret for 30 years is a very different proposition from keeping
a SCADA system secure for 30 years. Long-term (or even short-term) secrecy
is not a major concern for most embedded applications of this type.
> Say you have thousands of such systems or even millions of them out in
> the field, all happily dialing home and getting new instructions, all
> that protected by an RSA key or an elliptic curve signature key. How
> do you keep that safe for a stupid amount of time?
>
>
I would suggest making the remote management component (or at least the
network interface) one that can be upgraded independently from the rest of
the system. This may be too costly for consumer devices, but may be cheaper
in the long run for commercial equipment. As you mentioned we don't know
how to design systems that stay secure for 30 years anyway. Perhaps we
should give these controllers an expiration date, after which they're
required to go offline until they get maintenance.
Gé
--
—
Gé
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151116/9c2d004d/attachment.html>
More information about the cryptography
mailing list