[Cryptography] [FORGED] The Energy Budget for Wireless Security shows cryptography is cheap
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Oct 27 23:16:06 EDT 2015
Ryan Carboni <ryacko at gmail.com> writes:
>This is a recurrent problem. Focusing on individual cipher costs while
>ignoring protocol costs wastes time towards pointless optimizations which
>could prove insecure and vulnerable (needless reductions in security
>margins). ChaCha's speed likely does not add any true benefit when asymmetric
>cryptography is factored in.
That's something that really needs saying. The number of times I've had
people come to me agonising about which algorithm(s) they can pare down to in
embedded devices to save code space and CPU, when what they're using them with
is massively complex and heavyweight security stacks like TLS or SSH (and then
loading XML config files over their embedded web server). For some reason
everyone seems to focus on the crypto algorithm and forget about the fact that
the crypto can run entirely in the RAM that their XML parser leaks every time
it loads a file.
Peter.
More information about the cryptography
mailing list