[Cryptography] Long-term security (was Re: ratcheting DH strengths over time)
Ray Dillinger
bear at sonic.net
Wed Nov 18 22:06:05 EST 2015
On 11/18/2015 04:25 PM, John Denker wrote:
> On 11/18/2015 01:39 PM, Jerry Leichter wrote:
>
>> (Not to mention the blowback when a thermostat declares itself
>> "obsolete" and shuts down in the middle of a blizzard and someone
>> freezes to death.)
>
> In the immortal words of Henny Youngman: So don't do that then.
Absolutely. The thermostat doesn't have to shut down; what
has to shut down is every functionality it has that involves
a network.
As far as the network is concerned, such devices should be
"write-only" after their expiry: No response whatsoever and
no local behavior prompted by any network message, no matter
what gets sent to them. No way to even tell there is any
device attached to the far end of the wire.
But that doesn't mean they have to stop being useful devices.
A thermostat whose network software has expired can still be
a fine (locally) programmable thermostat without being on any
network. An expired refrigerator can still keep food cold.
And a car whose IoT functions expire can still be a perfectly
good car even if its doors stop responding to remote-unlock
commands from cell phones and start requiring you to use the
physical key instead.
In fact, cars are extra-easy because they require maintenance
anyway. Pick something that gets changed regularly anyway, like
a car's air filter or something, and make the software module
(remember, they cost <20 cents each in bulk) part of that. no
extra steps, no extra technician time. Take the old one out,
drop in the new one, and the software is part of what got
physically replaced. "Maintenance Mechanic doesn't even notice
she's doing it and it adds nothing to the jobs she already does"
is exactly the level of automatic update you're looking for.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151118/1ed92a17/attachment.sig>
More information about the cryptography
mailing list