Re: [Ace] EDHOC standardization

Benjamin Kaduk <> Wed, 31 October 2018 15:43 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A753F130DDF for <>; Wed, 31 Oct 2018 08:43:16 -0700 (PDT)
X-Quarantine-ID: <gdvfrGjypqSH>
X-Virus-Scanned: amavisd-new at
X-Amavis-Alert: BAD HEADER SECTION, Non-encoded 8-bit data (char 9C hex): Received: ...s kaduk@ATHENA.MIT.EDU)\n\t\234by[...]
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id gdvfrGjypqSH for <>; Wed, 31 Oct 2018 08:43:14 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4BDC6130DE5 for <>; Wed, 31 Oct 2018 08:43:12 -0700 (PDT)
X-AuditID: 12074422-de7ff700000025ff-8c-5bd9cd8aaae9
Received: from ( []) (using TLS with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id 87.73.09727.A8DC9DB5; Wed, 31 Oct 2018 11:43:07 -0400 (EDT)
Received: from (OUTGOING-AUTH-1.MIT.EDU []) by (8.14.7/8.9.2) with ESMTP id w9VFh5LK028906; Wed, 31 Oct 2018 11:43:05 -0400
Received: from ( []) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) �by (8.14.7/8.12.4) with ESMTP id w9VFh114013495 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 31 Oct 2018 11:43:03 -0400
Date: Wed, 31 Oct 2018 10:43:01 -0500
From: Benjamin Kaduk <>
To: Salvador =?iso-8859-1?Q?P=E9rez?= <>
Message-ID: <>
References: <>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpgleLIzCtJLcpLzFFi42IR4hRV1u0+ezPa4Pk3EYvv33qYLZpXXWV3 YPJYsuQnk8e5l20sAUxRXDYpqTmZZalF+nYJXBlPHuxhK5grUPFp4W6mBsY1vF2MnBwSAiYS vzrus4HYQgJrmCS2HQroYuQCsjcySjxe/IEdwrnLJDHl6zN2kCoWAVWJw1t+gNlsAioSDd2X mUFsEQEribPzj7B2MXJwMAsISHy4ngQSFhbQkNjYtRWsnBdoWf+VaWwgJUICFhLL9+RAhAUl Ts58wgJiMwuoS/yZd4kZYoq0xPJ/HBBheYnmrbPBFnEKWErsejEDzBYVUJbY23eIfQKj4Cwk k2YhmTQLYdIsJJMWMLKsYpRNya3SzU3MzClOTdYtTk7My0st0jXVy80s0UtNKd3ECApodhel HYwT/3kdYhTgYFTi4X2QfCNaiDWxrLgy9xCjJAeTkijvybqb0UJ8SfkplRmJxRnxRaU5qcWH GCU4mJVEeL8fBcrxpiRWVqUW5cOkpDlYlMR5J7YsjhYSSE8sSc1OTS1ILYLJynBwKEnwHjoD 1ChYlJqeWpGWmVOCkGbi4AQZzgM0/DpIDW9xQWJucWY6RP4Uo6KUOK8NSEIAJJFRmgfXC0o4 Etn7a14xigO9IszrC1LFA0xWcN2vgAYzAQ3mYr8BMrgkESEl1cCYHhAw0/rKlHz1QtG7lzfb tcgZlM48//lPv8JLowmZnPPXyl9rV9Q0d5n6b3Hv7+ApPl5bp2+rcz9Y89qz482tJ09LFRTn Jt4u8Trk5SXzsKLVW2hNdLBzDU9y+qxrfev7uKd8mix4NSv68OPJj9fsXeLNV/3q0y1GJd2n Qtc0taJvzrXcJHxRiaU4I9FQi7moOBEA2gUECBMDAAA=
Archived-At: <>
Subject: Re: [Ace] EDHOC standardization
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 31 Oct 2018 15:43:17 -0000

Hi Salvador,

On Wed, Oct 31, 2018 at 10:12:54AM +0100, Salvador Pérez wrote:
> Hello authors of EDHOC,
> 	we have implemented a previous version of EDHOC (draft-selander-ace-cose-ecdhe) and want to share some experiences.
> Our work so far has focused on implementation and evaluation of version -08 of EDHOC over CoAP using real IoT hardware. The obtained results show a significant performance improvement compared to other key establishment protocols, such as DTLS handshake (version 1.2), especially with respect to length and number of exchanged messages.

Are your results written up anywhere?  It would be great to see more
details of the comparison and the actual numbers.
Unfortunately, I don't think that DTLS 1.2 is the best comparison -- DTLS
1.3 should be seen as the current "state of the art" for DTLS, and is
expected to itself be leaner than DTLS 1.2, which might wash out some of
the results you've seen here.



> We have reviewed version -10 and noted the reduction of message length. Based on our experience, we propose that also removing the overhead due to security parameter negotiation could be an important optimization, and relevant in many use cases where these parameters are available through an out-of-band process.
> Accordingly and taking into account that EDHOC provides a basic security functionality for any context where security needs to be enabled, we are currently considering the application of this protocol in different IoT deployments, such as LoRaWAN networks, OSCORE-enabled scenarios or its integration with capabilities. We therefore would like to see the progress of EDHOC in standardization.
> Kind regards,
> --------------------
> Salvador Pérez
> PhD student in "Future Internet Networks: Infrastructure and Security”
> Faculty of Computer Science - University of Murcia
> Email:
> Skype:

> _______________________________________________
> Ace mailing list