Skip to main content
  • A Journey from Surathkal to the IETF

    We are final-year undergraduate students majoring in Computer Science and Engineering at the National Institute of Technology Karnataka (NITK) in the Surathkal town of Mangalore, India. IETF 122 in Bangkok marked our first in-person participation in the Internet Engineering Task Force – and what a journey it was.

    7 May 2025
  • Working on Post-Quantum Cryptography for Open Source Software from Africa

    During the IETF 122 Hackathon in Bangkok and online last month, the cyberstorm.mu team from Mauritius, the United States, and Kenya participated remotely to implement post-quantum cryptography components currently missing from widely-used open source software such as nmap, zmap, wireshark, and GnuTLS.

    30 Apr 2025
  • IETF 122 post-meeting survey

    IETF 122 Bangkok was held 15-21 March 2025 and the results of the post-meeting survey are now available on a web-based interactive dashboard.

    17 Apr 2025
  • IETF Snapshot 2024

    Want to catch up on IETF activity in 2024? How many RFCs were published? How many Internet-Drafts were submitted? How many Working Groups were chartered or concluded? The IETF Snapshot provides a short summary of IETF activity for the previous year.

    17 Apr 2025
  • Report from RPC Retreat 2025

    In early April 2025, the RFC Production Center (RPC) and IETF LLC senior staff met for the first RPC retreat following the contract change that now has the RPC reporting directly to the IETF Executive Director. This was a high-level retreat, the first of its kind for the RPC, looking at community requirements and the RPC internal processes that deliver those.

    16 Apr 2025

Filter by topic and date

Filter by topic and date

EDHOC - A new lightweight authenticated key exchange protocol provides improved security with less overhead for Internet-of-Things devices

5 Jun 2024

Ephemeral Diffie-Hellman Over COSE (EDHOC) is a very compact, lightweight authenticated key exchange protocol, providing state-of-the-art security including mutual authentication, forward secrecy and identity protection.

pexels-mhafetrey-2416657-4048177

Running an authenticated key exchange protocol over low-power Internet-of-Things radio technologies is challenging. These technologies often have Maximum Transmission Units (MTUs) on the order of several tens of bytes and very limited data rates, sometimes lower than dial-up modems used to access the Internet in the 1990s. What is more, the devices are also constrained in terms of the available memory and processing. EDHOC—described in the recently-published RFC 9528 and RFC 9529—enables state-of-the-art key exchange, for which we have formal security proofs, yet avoids message fragmentation even in the presence of these radio constraints thanks to small message sizes. EDHOC implementations require a minimal amount of code and data memory.

EDHOC is designed to be a security enabler in the next generation of Internet-of-Things products and can be used for instance in appliances for home and businesses. One example of a company working in this area is ASSA ABLOY, who offer a broad range of access solutions where EDHOC is considered as a suitable authentication component enabling modern standards-based IoT integrations that are power efficient, fast and lightweight.

EDHOC is built on proven technologies. It uses the Concise Binary Object Representation (CBOR) encoding for message compactness, without sacrificing on extensibility. It leverages the CBOR Object Signing and Encryption (COSE) algorithms to provide cryptographic agility and reduce the amount of new code that is required on constrained devices. EDHOC also uses COSE for identification of authentication credentials, including COSE keys, CBOR Web Token (CWT), CWT Claims Set (CCS), X.509, and CBOR-encoded X.509 (C509) certificates. EDHOC’s authentication credentials, e.g. certificates, need not be transported over the air, a feature that enables significant byte savings. Through this effective usage of Internet technologies standardized for constrained environments, and careful cryptographic design, EDHOC guarantees mutual authentication of the two endpoints and the confidentiality of the established shared secret. This secret can then be used by other protocols such as Object Security for Constrained RESTful Environments (OSCORE) or COSE for data encryption.

Following up on the successful standardization stories of TLS 1.3 and Messaging Layer Security (MLS), particular attention during the standardization process in the LAKE working group was given to formal verification of protocol security. The academic community was invited to study the protocol and responded with more than 5 independent studies. The open process gives assurance that the protocol is sound.

Screenshot 2024-06-03 at 16.22.11

EDHOC is already widely implemented. Optimized implementations for microcontrollers exist in Rust and in C, and in Java for non-constrained systems. Implementations have been interop-tested through several interop events organized by the LAKE working group. More implementation effort is always welcome and any feedback should be communicated to the LAKE working group, which is continuing the maintenance of EDHOC by compiling implementation experience, defining application profiles and adding security applications through the integration point defined by the base protocol.


Share this page