[iot-wg] algorithm agility for IoT
- Previous message (by thread): [iot-wg] algorithm agility for IoT
- Next message (by thread): [iot-wg] algorithm agility for IoT
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Marco Hogewoning
marcoh at ripe.net
Mon Jan 21 14:22:03 CET 2019
On 21 Jan 2019, at 13:53, Jim Reid <jim at rfc1035.com> wrote: > > I’m not sure that’s true Andrei. > > If an IoT device is on the Internet, it shouldn’t have hard-wired crypto. Just like how it shouldn’t have a factory-set password of 0000 or whatever. This should not be a subject for debate. It’s basic common sense.* Whether that device is a node in a sensor network or some piece of CPE is irrelevant from that perspective. A bit to the side of this, but probably relevant in this context: the ongoing discussion between “hardware based security” and “software”. This also flairs up every now and then in forums like AIOTI. Where chip vendors of course are a big proponent of hardware based solutions, saying software is easier to compromise. Agility as you propose doesn’t rule out hardware solutions, but they are probably harder to modify on-the-go and less agile as an entirely software based solution. I have no particular opinion on it, but pushing back on hardware solutions may find some responding counter pressure from those groups who prefer hardware over software. On the original question; did you already look at GSM’s eSIM (and possibly SIM) specification. Not 100% sure they are ‘agile’ in a sense you are aiming for, but it has some ways to update to newer stuff afaik. MarcoH
- Previous message (by thread): [iot-wg] algorithm agility for IoT
- Next message (by thread): [iot-wg] algorithm agility for IoT
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ iot-wg Archives ]