Internet Of Things Applications
I can't give an iota about,
But ARM jamming SSL into mbed is just plain a good thing in the long run.
/running away before anyone sees it.
ARM has strengthened its security portfolio by buying Offspark, the company whose PolarSSL secure communications is widely used in Internet of Things devices. The purchase is not about organic growth for ARM, while the company isn’t giving out a figure for the value of purchase, a spokesman told El Reg it was well below …
This is a clear case of where ARM is no longer thinking intelligently and now is making mistakes they've watched Intel make but should have learned from but instead just copied.
TLS inside the CPU is ok if we limit ourselves to clearly verifiable code. For example, an AES block ciper is easily verified as the algorithm is fixed. You can compare it to software.
MD5 is also pretty easy to verify.
Here's where the problem is, security code should never ever ever be static within a chip. As soon as the slightest exploit is found (and it will be) the system running on the chip is trash, It takes A LONG time to harden a security stack, as OpenSSL.
There is a far smarter way to handle this, but it will hurt performance per watt which is critical in IoT devices. Most ASICs tend to include at least some FPGA to make patches in the chip after release. This is how Intel occassionally makes CPU fixes... by releasing chip firmware updates... the concept is more complex than that, it has to to with instruction intercepting and stuff, but to stay on topic security features belong in FPGA areas of the chip.
You may not know how AES works or other block ciphers and stream hashes work, but they aren't particularly difficult to implement in hardware. In fact, it would be quite easy to implement an FPGA area capable of hardware accelerated streams and fixed size block ciphers. It would just be a large number of relatively small ALUs, shift-registers and mapped swap functions.
When you add things like key exchange and such, that where things get hairy. Accelerating key production and verification can be extremely valuable, but there never has and never will be a time where this should ever be implemented in ASIC. Here's the reality, you'll use it, it'll work great, someone will find a loophole in your implementation and now 1 billion+ IoT devices are hackable.
So you send you a library update which moves the security into software... now 500million+ devices lack the performance to run.
Bad form ARM.