![]() NIST Helps You With Cryptography. Getting cryptography right isn’t easy, and it’s a lot worse on constrained devices like microcontrollers. RAM is usually the bottleneck — you will smash your stack computing a SHA- 2 hash on an AVR — but other resources like computing power and flash code storage space are also at a premium. Trimming down a standard algorithm to work within these constraints opens up the Pandora’s box of implementation- specific flaws. NIST stepped up to the plate, starting a lightweight cryptography project in 2.PDF. The project is ongoing, so don’t expect a how- to guide. Super Mario Games And Download . Network Footprinting (Reconnaissance) The tester would attempt to gather as much information as possible about the selected network. Reconnaissance can take two forms. Indeed, most of the report is a description of the problems with crypto on small devices. Given the state of Io. T security, just defining the problem is a huge contribution. Still, there are some concrete recommendations. Here are some spoilers. For encryption, they recommend a trimmed- down version of AES- 1. For message authentication, they’re happy with Galois/Counter Mode and AES- 1. I was most interested in hashing, and came away disappointed; the conclusion is that the SHA- 2 and SHA- 3 families simply require too much state (and RAM) and they make no recommendation, leaving you to pick among less- known functions: check out PHOTON or SPONGENT, and they’re still being actively researched. If you think small- device security is easy, read through the 2. And if you’re looking for a good starting point to read up on the state of the art, the bibliography is extensive. ![]() Your tax dollars at work. Thanks, NIST! And thanks [acs] for the tip!
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |