On the topic of TLS, the primary issue is the limited number of resources on the mega as opposed to a complete lack of libraries existing. Doing some research after our last discussion, I found https://github.com/OPEnSLab-OSU/SSLClient, but its minimum recommended requirements are ~7kb of ram and ~110kb of flash storage which the mega barely hits. It likely would have issues running the microphone data transmission due to the large overhead.
--
To unsubscribe from this group, send email to lwc-forum+...@list.nist.gov
Visit this group at https://groups.google.com/a/list.nist.gov/d/forum/lwc-forum
To unsubscribe from this group and stop receiving emails from it, send an email to lwc-forum+...@list.nist.gov.
>It would be interesting if it is possible to find DTLS 1.3 without the key management code...
As today I think the only implementation of DTLS 1.3 is WolfSSL. Given a DTLS 1.3 implementation you can probably dig out the record layer code, but the record layer is quite simple so it is likely as easy (or easier) to implement the same thing yourself using Ascon. Then you can fine tune it according to your application. You probably don’t want the encrypted content format is you are not using DTLS 1.3 handshake.
What you need is [Epoch], [Sequence number], and AEAD Ciphertext.
In the future I hope NIST will standardize a Ascon based accordion and derived functions.
https://csrc.nist.gov/Events/2024/accordion-cipher-mode-workshop-2024
https://csrc.nist.gov/csrc/media/Events/2024/accordion-cipher-mode-workshop-2024/documents/papers/comments-on-NIST-reqs-accordion-cipher.pdf
An AERO function based on an Ascon accordion could take care of nonce handling, nonce hiding, and replay protection while at the same time decreasing message overhead compared to doing sequence numbers and integrity independent of each other. That would be
an optimal stand-alone encryption envelope for constrained IoT.
Cheers,
John Preuß Mattsson