WG Review: Lightweight Authenticated Key Exchange (lake)

The IESG <iesg-secretary@ietf.org> Tue, 08 October 2019 16:27 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 70DC0120018; Tue, 8 Oct 2019 09:27:07 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
Subject: WG Review: Lightweight Authenticated Key Exchange (lake)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.105.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: lake@ietf.org
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <157055202742.30543.9966018884762140362.idtracker@ietfa.amsl.com>
Date: Tue, 08 Oct 2019 09:27:07 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/smmv3b77EW4Kewt7jYgw6VjZ-zw>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2019 16:27:07 -0000

A new IETF WG has been proposed in the Security Area. The IESG has not made
any determination yet. The following draft charter was submitted, and is
provided for informational purposes only. Please send your comments to the
IESG mailing list (iesg@ietf.org) by 2019-10-15.

Lightweight Authenticated Key Exchange (lake)
-----------------------------------------------------------------------
Current status: Proposed WG

Chairs:
  Stephen Farrell <stephen.farrell@cs.tcd.ie>;

Assigned Area Director:
  Benjamin Kaduk <kaduk@mit.edu>;

Security Area Directors:
  Benjamin Kaduk <kaduk@mit.edu>;
  Roman Danyliw <rdd@cert.org>;

Mailing list:
  Address: lake@ietf.org
  To subscribe: https://www.ietf.org/mailman/listinfo/Lake
  Archive: https://mailarchive.ietf.org/arch/browse/lake/

Group page: https://datatracker.ietf.org/group/lake/

Charter: https://datatracker.ietf.org/doc/charter-ietf-lake/

Problem

Constrained environments using OSCORE in network environments such as
NB-IoT, 6TiSCH, and LoRaWAN need a ‘lightweight’ authenticated key
exchange (LAKE) that enables forward security.  'Lightweight' refers to:

  * resource consumption, measured by number of round-trips to complete,
    bytes on the wire, wall-clock time to complete, or power consumption
  * the amount of new code required on end systems which already have an
    OSCORE stack

but the LAKE must still provide the security properties expected of IETF
protocols, e.g., providing confidentiality protection, integrity protection,
and authentication with strong work factor.

Goals

This working group is intended to be a narrowly focused activity
intended to produce at most one LAKE for OSCORE usage and close.

The working group will collaborate and coordinate with other IETF WGs
such as ACE, CORE, 6TISCH, LPWAN, and LWIG to understand and validate the
requirements and solution.  draft-selander-ace-cose-ecdhe is a candidate
starting point for the LAKE produced by the WG.  Any work available from
TLS or other WGs that satisfies the determined requirements will also be
evaluated for suitability, but does not preclude the WG from freely
selecting its preferred LAKE for OSCORE.

Program of Work

The deliverables of this WG are:

1. Design requirements of the lightweight authenticated key exchange
protocol for OSCORE (this draft will not be published as an RFC but will be
used to drive WG consensus on the deliverable (2))

2. Specify a lightweight authenticated key exchange protocol suitable for
use in constrained environments using OSCORE

Milestones:

  Mar 2020 - WGLC on requirements document

  May 2020 - Adopt solution document or defer to existing external solution
  document

  Sep 2020 - solution document to IESG (if needed)