[Lake] Re: welcome your comments on EDHOC-AKA based on EDHOC-PSK
elsa.lopez-perez@inria.fr Fri, 24 April 2026 13:42 UTC
Return-Path: <elsa.lopez-perez@inria.fr>
X-Original-To: lake@mail2.ietf.org
Delivered-To: lake@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 6CA82E2643F3; Fri, 24 Apr 2026 06:42:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1777038137; bh=ixVxFXfkTwmSqjK+AUSG26+de8jBBgAsZ0mJFXaeNAY=; h=Date:From:To:Subject:References:In-Reply-To; b=UZNjScbtgpKnZRrrQv/cihoBXucG4yp+HQDOqTWRMoW31P/qgVPqwSvacC8D5ij1J grnbfkBWrsxRudxfo0qah2zhDV6G5mLE2psKn3vSQBEs8kAoNOI9od3NwNLQLEM0dt +0hVzvIdK+4tBoIG4jboSUOu8NZQw1x/Y5VKy0Ew=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.396
X-Spam-Level:
X-Spam-Status: No, score=-4.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=inria.fr
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fdAOXYZOTCsM; Fri, 24 Apr 2026 06:42:16 -0700 (PDT)
Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id EF40AE2642F6; Fri, 24 Apr 2026 06:42:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=inria.fr; s=dc; h=message-id:date:mime-version:from:to:subject:references: in-reply-to:content-transfer-encoding; bh=Fhv/KJmO6yOcu71rT26Lnuqy52BeOVYc3v/TGA9w6Fc=; b=JmW5WSi9sNg7fv8JxL9Hwx2OCleC13Dhf3rQ1AjoTuZU+vRRCnR3jPV/ dlWIu6VYWDh6gxhSGLiiisIBHyDExrA+0tYvnVErgVipzu1Nz5yyKu1wU 4TX0oFf+GPQVrj6QcqHNeWYRa9NWIJ9bQjCjIPDa95GYv8neM4FjUfvg/ 8=;
X-CSE-ConnectionGUID: kbjlLDy1SG+wdz5KDX5TaQ==
X-CSE-MsgGUID: IyjNny4sT7a5hJAJGQyzog==
Authentication-Results: mail3-relais-sop.national.inria.fr; dkim=none (message not signed) header.i=none; spf=SoftFail smtp.mailfrom=elsa.lopez-perez@inria.fr; dmarc=fail (p=none dis=none) d=inria.fr
X-IronPort-AV: E=Sophos;i="6.23,196,1770591600"; d="scan'208";a="144982625"
Received: from unknown (HELO [10.1.19.46]) ([217.110.184.17]) by mail3-relais-sop.national.inria.fr with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Apr 2026 15:42:07 +0200
Message-ID: <9da2b542-38b2-4234-ba4f-55bb4c0fe589@inria.fr>
Date: Fri, 24 Apr 2026 15:42:01 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: elsa.lopez-perez@inria.fr
To: Meiling Chen <chenmeiling@chinamobile.com>, "goran.selander" <goran.selander@ericsson.com>, "john.mattsson" <john.mattsson@ericsson.com>, rafa <rafa@um.es>, "francisco.lopezg" <francisco.lopezg@um.es>, lake <lake@ietf.org>, "draft-ietf-lake-edhoc-psk.authors" <draft-ietf-lake-edhoc-psk.authors@ietf.org>
References: <2026042319242937128744@chinamobile.com>
In-Reply-To: <2026042319242937128744@chinamobile.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Message-ID-Hash: 42AJALPP2LLIZMVBVATRZU2PJM4YVN72
X-Message-ID-Hash: 42AJALPP2LLIZMVBVATRZU2PJM4YVN72
X-MailFrom: elsa.lopez-perez@inria.fr
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Lake] Re: welcome your comments on EDHOC-AKA based on EDHOC-PSK
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/2GGiOG7ed9dfew-r4jDy2H4Ckbs>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Owner: <mailto:lake-owner@ietf.org>
List-Post: <mailto:lake@ietf.org>
List-Subscribe: <mailto:lake-join@ietf.org>
List-Unsubscribe: <mailto:lake-leave@ietf.org>
Hello Meiling, Thank you for your email and for reaching out. I went thorugh your draft and I have some questions regarding the motivation and integrtion aspects, which I hope you could clarify. First, regarding the architectural integration: in the draft you mention that "the Initiator (e.g., a mobile device) and a Repsonder (e.g., a service network) execute an AKA challenge-repsonse exchange". However, 5G-AKA (or EAP-AKA, also used as an authentication mechanism in cellular networks) is not a two party protocol, but involves multiple network functions. Given that EDHOC is inherently a two party protocol, I am curious how do you envision EDHOC-AKA fitting into the 5G architecture. Second, on the motivation (and potential redunancy): from the draft, it seems like EDHOC-AKA combines an AKA-based authentication (to derive k_AKA) with a subsequent EDHOC-PSK handshake. From my perspective, this seems like a double authentication, and I am unsure of what the benefits are compared to, for example, using existing 5G key derivation/export mechanisms. Lastly, the approach you use is to carry the AKA values inside the EAD fields, but this seems close to the already defined EAP methods. Could you elaborate on the specific benefits of this approach compared to directly using EAP? There is already a draft specifying EAP-EDHOC (https://datatracker.ietf.org/doc/draft-ietf-emu-eap-edhoc/) and EAP-AKA' is also defined on TS 33.501 version 15.9.0. Finally, it would be great to understand the deployment scenario. I hope these questions are helpful, and I am looking forward to hearing from you! Best regards, Elsa On 4/23/26 1:24 PM, Meiling Chen <chenmeiling@chinamobile.com> wrote: > Dear Elsa, Göran, John, Rafael, and Francisco, > > I hope this email finds you well. I have been closely following the > development of |draft-ietf-lake-edhoc-psk|. It provides a very clear and > solid foundation for pre-shared key authentication, which has been > instrumental for our own work. > > I'm writing to you today as the author of a new Internet-Draft, |draft- > chen-lake-edhoc-aka|, which specifies an Authentication and Key > Agreement (AKA) method for EDHOC. > > The main reason for this email is to introduce you that EDHOC-AKA is > designed as a specific profile of your EDHOC-PSK method, not as a > separate or competing authentication mechanism. Our approach leverages > the entire protocol flow and key derivation logic that you have > carefully defined. > > The core idea is to use the 3GPP AKA protocol to dynamically generate a > session-specific Pre-Shared Key (which we call |K_AKA|). This AKA > challenge-response exchange is carried entirely within the External > Authorization Data (EAD) fields of the EDHOC messages. > > Crucially, this means the message flow (message_1 through message_4) > remains identical to EDHOC-PSK. Proposing a standardized way to populate > the EAD fields to handle the AKA-specific parameters (like SUCI, RAND, > AUTN, and RES). Once the AKA exchange is complete (by message_3), the > derived |K_AKA| serves as the PSK for the remainder of the EDHOC-PSK > protocol, exactly as you have specified. > > Given your deep expertise in this area, and since our work is directly > based on yours, it would be extremely grateful for any feedback, > comments, or suggestions you might have on our approach. In particular, > I would appreciate your thoughts on: > > 1. Does this profiling approach seem reasonable to you? > 2. Do you foresee any potential security or implementation issues with > using the EAD fields for this purpose within the EDHOC-PSK framework? > > I believe this approach showcases a powerful use case for EDHOC-PSK, > especially for integrating constrained devices into mobile network > environments, and we want to ensure our work is well-aligned with your > specification. > > We look forward to your valuable insights. > > Best regards, > > Meiling Chen > > ------------------------------------------------------------------------ > chenmeiling@chinamobile.com >
- [Lake] welcome your comments on EDHOC-AKA based o… Meiling Chen
- [Lake] Re: welcome your comments on EDHOC-AKA bas… elsa.lopez-perez
- [Lake] Re: welcome your comments on EDHOC-AKA bas… Meiling Chen