[Cryptography] Long-term security (was Re: ratcheting DH strengths over time)

[John-Mark Gurney]

Perry E. Metzger wrote this message on Mon, Nov 16, 2015 at 13:05 -0500:
> SCADA systems and other embedded hardware may need to be kept secure
> from tampering for 30 years or longer. This stuff shows up in
> surprising places -- people really are doing things like putting
> building heating and elevator systems onto the internet now.
> 
> The biggest current problem is that generally the engineers building
> such systems have no idea how to design them for security, but even if
> they did, how do you design a system to remain secure when it might be
> in place in forty years because no one wants to replace their elevator
> controller since it is still working?

A number of years ago when I was building a small embeded device, 64k
flash, 8k ram w/ ethernet port, I thought about what I wanted to do for
security...

Put a password on it?  it can be brute forced.. Push ssh on it?  didn't
want to try.

Then I thought about it, putting any type of security on it gave the
user of the device a false sense of security.  There is no way that I
could properly secure the device from a remote attacker, so I decided
that no security was the best security...  This would hopefully require
the user to use a bastion host to access the device..

Though I like this thought, I'm not revisiting it due to all the ICS
that are accessed via VPN, but I haven't thought of a better way...
Though getting lower power, inexpensive devices that are more powerful
is a lot easier today then when I was working on the project...  Still,
having to only upgrade one single bastion host's security than 10's or
100's of devices does seem nice...

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."