[Cryptography] Long-term security (was Re: ratcheting DH strengths over time)

[Peter Gutmann]

Bill Frantz <frantz at pwpconsult.com> writes:

>Many of them could be updated with security fixes, but their manufacturers
>have stopped supporting them.

That really depends on the manufacturer, some like Draytek keep up support
more or less indefinitely, they still issue firmware updates for decade-old
long-EOL'd products.  On the other hand you do pay quite a premium for that.
At the other end of the scale are vendors like Linksys, where it's typically
an unsupported legacy product the minute you walk out of the store with it.

>But people still use the old ones because they continue to work,

Yeah, that's the killer, until they explode or melt they'll continue to be
used.  There's some upgrade pressure from ADSL1 -> ADSL2 -> fibre, but even
then what'll get put in is the cheapest, crappiest router the ISP can source
for you.

>One bright spot is the major browser vendors flexing a bit of muscle and
>turning off old, insecure protocols and algorithms. It may be that the home
>router continues to run, but can not longer be administrated because there
>are no browsers in the house that are willing to speak the old protocol.

That won't happen, no-one's going to turn off HTTP 1.x.  At least one reason
for this is the HTTP 2 standards folks' attitude of "HTTP 2 is heavyweight to
implement, if you can't deal with that stick with HTTP 1".  This means they'll
have to continute to exist in parallel for perpetuity.

Peter.