Re: [Lake] I-D Action: draft-ietf-lake-edhoc-10.txt
John Mattsson <john.mattsson@ericsson.com> Sat, 04 September 2021 17:34 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7A203A115F for <lake@ietfa.amsl.com>; Sat, 4 Sep 2021 10:34:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.552
X-Spam-Level:
X-Spam-Status: No, score=-2.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SVXEwj-9h-ma for <lake@ietfa.amsl.com>; Sat, 4 Sep 2021 10:34:30 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20086.outbound.protection.outlook.com [40.107.2.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A97D93A1132 for <lake@ietf.org>; Sat, 4 Sep 2021 10:34:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lTcSwjiRbg6EyHid5zW7a5FAgIYeiSmRsGRd5WGWCjGidyoYIc3ExMWpoPXfse/jG1a0s57gY3HT+LMUYf0NkiVjFPvtIRbPpPJtBHKhOUUnNe6QSJ1vtSCHeMRlHtWd+mMxbLgGXN6PrF9ne+0CZLVsSoxI4IS4n3ztDoAprIBEfHmhIi7BAY/YXmhkSKFaHHo5t41ZK5ERkUzGxBV1QuXOj4OTH+/JYQN6zuwsGS5aBlVIAZQ+QIOap9/rs41+xgMenshDzVhykb9KBr8J9vj4vNPzwVVyrc/o1Kj1ET/9xrDXuZEigkKKUP/mhQoR+66F3Yw1GcLlWekobm6NNw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=QOzEhLpkM9KWVk3ExAB9APGco4A8h0qmlyA5aclUf4E=; b=ApoAY4QbRO44HJHLEfsHmKQDNaGPCVRfynyOOeaSiCV1heiBvO/DPhylyjvt5SP/7iTrk6bCZqBlFkuQdK01UZ/xT/FA4dDn9lZAewit1tSOgvr+1O7Zq9sND+JefyZyxbZCJTNnP8/WxQ3XRtVOMsF5MUK4mKU35wW0GF7FSdsendeUkzorMx2ypATQZ7KHjM/2BiucHKrnG7MJx9WSA7Ek3CgRm/Sntai44lLPteyROm9XU9C6kpK3lyYovdgzmlOGWOyF0n8lo+g8+2Jvb5l4/rwRpyYK5fvnRuxcKxkKz7uJT/x9N1lb+s3yADJHhfu/JwRAXpkvIbvnQyDF8g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QOzEhLpkM9KWVk3ExAB9APGco4A8h0qmlyA5aclUf4E=; b=TenliLjpihJ4F0O959MmIB7oh3rxIKWItea24+F02ZC4p0cOl6dZaPwULVN4Y3rHniyUff6VwS8Wu4hCPnTYQ/qqS9nkQHcGrqh/B60UNDQ8Va7S0cx05e/C1ypryAzaZ2bIDSYhxGJmLD0rBci8OMC5FX+Viuahm2jpcoT0J6g=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by HE1PR0702MB3834.eurprd07.prod.outlook.com (2603:10a6:7:8c::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.12; Sat, 4 Sep 2021 17:34:19 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::d012:63e4:344b:a81b]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::d012:63e4:344b:a81b%8]) with mapi id 15.20.4500.009; Sat, 4 Sep 2021 17:34:19 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "lake@ietf.org" <lake@ietf.org>
Thread-Topic: [Lake] I-D Action: draft-ietf-lake-edhoc-10.txt
Thread-Index: AQHXoa3oYQDfBD4qdEGHNebKvFC1Z6uUGmqg
Date: Sat, 04 Sep 2021 17:34:18 +0000
Message-ID: <HE1PR0701MB3050DDB7DE8073681465D18E89D09@HE1PR0701MB3050.eurprd07.prod.outlook.com>
References: <163077455804.21500.299011346448018504@ietfa.amsl.com>
In-Reply-To: <163077455804.21500.299011346448018504@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ccc3691e-e2c2-49f0-86b9-08d96fca39d4
x-ms-traffictypediagnostic: HE1PR0702MB3834:
x-microsoft-antispam-prvs: <HE1PR0702MB3834DB3FF10B31B5FECD116D89D09@HE1PR0702MB3834.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: YvBmXoUz06C5dru0xSNGMNgTfqBZK62wIHhkVXKV7A5QwsmrZMJA2rg0/xMjpA7st86XlZSJxM/xj1YP02Sxb9xM1AC5BHAyc2Ep2P29ni6hvDfm3Fk7yG+gSKXJlVfWcg4JbNXCX9Caa2wn+g60UX5tGcReV/jyIMgVwApQXf9PRtN1PYwm9+HVfQkqG4BvKGio1zM7ZGWHT8Lrq8FhmgV9awcpXRvKqWHqeEuKGAE7dI0q1oGOVTTE5OJVHMiCktBb32dkQq095K925FKSZDQXJVa55sP0E8fVIiyZg80BBgozUDcKSoFcY7M9bed6HBWb5Zw+BADdebKeoz2Yxt0UeQ0j/xqP/v6PL495k90v1dhOrZkreQ6unPX3PpUaQSY+1bBTsp2qoZiqxvafhYKYSSslvpMCsc+XFkf37r2bUGJrVWPdiGVCCN4z17DylomPxQJFpAC94cX9c8/LjW4+/uZFvKorPwM1MtYMt+8wjcsF2jtlScpzBzcqoLG7UlkCwSVv0bdp1Raz7VJbjiGFOeUDu6CsY3gNy/iuB2pBGgrYir7TmmtfBajmexberepL6hBt5dG6d5Aj0KUMVBK5fX7QRSggjisHersfjCo2hm9Ha5vWuPWxyvbhU0VMRbrnnuTDNBIEf2vZfC6qPU5JK16L7QDnKR8AOkhKl1Wx/eBE5POh4sS+vG4LLZGLLfyC2N7gBecwl2PnrJxKtNg0OIYHt6JrTZ1AWM2xAcbrVm5YqMS3XcnOTICSE3BYKVsG4uv0GBs+rYOjaoBBLpvdnX5DX6+t110x+j9G41zjKOFOeaDCYSiMx6rSmKrxNjOQaM3pZWZgSI4VhgIaDg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(6506007)(76116006)(8676002)(66476007)(66446008)(186003)(122000001)(6916009)(66556008)(52536014)(2906002)(44832011)(71200400001)(966005)(508600001)(38100700002)(66946007)(86362001)(316002)(9686003)(7696005)(66574015)(55016002)(38070700005)(64756008)(26005)(166002)(33656002)(53546011)(5660300002)(8936002)(83380400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 0Qak88g4F0zOVB0CfTtMIa31++p9dKYT9pVe4zaNjcyGcdciPqiu+UVImDRx6FFucWrtHLZ6S/wuu4GGwyDYpVhyOmkQzpTkX4dKA9FKfiFExfAnbJkHVxTIrZdTj+wS2C07HDtnyYqm7awcJ22nnCkdy5NEBhuy28RHoo00POsO7YxyNN4LNz9+kp+7fnE/Z8IwEBY4SA6+Wexw5Qi/5m1SMo/iZI4FAQwLMBxpWSSsfIM+3yE+EYEYY4UQlmYdwx1LVEQ1OLeyhqiP35U93vJ1aNWpkBUjyTNs8CYdJLKUMy6GQe37iRrMX9QgXkieoKj8nllxbCyc4gHzvvkWcMyDGYxCXKy6B92mDM7mmK1xjdV0aqLhu9TVS8Dgw6TXV38MSJ4rn2yVxGvq1Y/eE0cyr7acKFHKRc/V4zFiNhE5lNw4bSgv/H6eXHhSbJcLC+YCyqT0GaHRR7MU1UaVhdgKLJWyx1chKlE/eBcqykBsJ5Am92vY0ARNu4BSBcc3uxaqDcrXGJkhDREnYW+0JLxbavu0mrJJ+b01Ec1f5ryhIcbiYW3etnQu60fdJdOv/aWojjNDz5dtHvKRAT+PEJvCOb0D3xku8Lu2yvcv1wN44iiejp5WtkxFxCbVq5Y+U/ypTGTqiokD2Qwo7JlqsQNX4vvz3RcsoijGR7X+1wnjHm6txIH8rPs47rZQQkRiT1+5M48qzaVH2pxnjA/nqx4CQNK/n78iCnKNzYYn5BGBIBTeeUjZY2Lb2uZt8eiviYIoLc9wUBF5u/996/TwTL5LhHuqyxMCuz2pODkDSt1NwS99oLZ4L2P26p2yueuQMQoy0YdVC+rgH4ynnwwwEkGe6ZN99E3q+sRuCBp5OJfesyp1ynyLyJRONTiaOEYcbsm04WSWyzQB4n3syTBg5cfdn5+Mk1UTEhwu3kYQLnEVcHXCDBF6O9a213whsMmlnsHm/+DWJISPyHPH128rsQ22ebJrFu/G5O4t1rfmD5hsfO3dxlKfIVh4wfvV5zSTmjqkmzYc973YEvDPHt4lU8h7N59ORttFpLZpJ2h/VLgy0el4NCV6bqtRC8719g0gdjpyUkXaEwHGfBhAcMh7odjtA0fa9PXW1/W+rd2r3BHf4nq5WF0ZPWo2Dvf4r03WZ6I3/hBQ5QvWih0y+xuXNDvI7AXTi5YbeH4AtePM3xvXAEnHVyQQ6K73lMTizJocGjJ/NTgTDJYb0M+bZdZEgDM73YsSzN+lyQDXoDQNha9JIA0F/3YmAcygXyf0t8fU4H2AqzgFd2C9uZf3wfzbOmq3RFT8uSlrHgWGQi4yfrPuEPymc66+FYkShYn43nYAfsWdLpLSEYj11BKI59yz/A==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB3050DDB7DE8073681465D18E89D09HE1PR0701MB3050_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ccc3691e-e2c2-49f0-86b9-08d96fca39d4
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Sep 2021 17:34:19.0723 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: nx94IaY9qu55EwMs9Q28l0+/1YIq8gdAvsTSlLBgeifr1g2HpMHu/Q2ghKVriRV8/CdW2kGFSC2Gr2EsjQXcy1Nec20ISNQNSo5Ni6InYH0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0702MB3834
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/F2zpDpqbUhOHh1RQMK2-U-gLwoE>
Subject: Re: [Lake] I-D Action: draft-ietf-lake-edhoc-10.txt
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Sep 2021 17:34:38 -0000
Hi, During implementation of test vectors for -09 we noticed some minor problems that required updating the specification. We felt it was important to quickly publish test vectors along with a matching specification. We have therefore published -10 with the following changes: - That the application was able to input a CBOR sequence in the exporter could lead to info not being well-formed CBOR unless context was validated by the EDHOC application. Context has therefore been changed to an ordinary byte string (wrapping the CBOR sequence in case of MAC_2 and MAC_3). - The flexible truncation of SUITES_I led to a lot of questions from implementors a year ago and the test vectors had previously been simplified. We now updated the specification to always use the maximum truncation of SUITES_I following the previous test vectors. This also means that the selected suite int is no longer needed which saves 1 byte in some cases. - The UCCS example was missing a 'kid' parameter which is needed to use it by reference. Updates to the COSE IANA registrations: - CWT and UCCS now has two separate header parameters 'cwt' and 'uccs'. They have quite different security properties. - We noticed that that there is a third 'kid' parameter. The draft now extends the CWT Confirmation Method kid parameter to bstr / int I have implemented test vectors that aligns with the -10 version. Source code and a text file with a several test vectors can be found here https://github.com/lake-wg/edhoc/tree/master/test-vectors-10 The new test vectors also include message_4, as well as examples of uccs, ead, and messages. The new test vectors will be used to create something like the test vector appendix in -08 (either as an appendix or a separate draft). Cheers, John From: Lake <lake-bounces@ietf.org> on behalf of internet-drafts@ietf.org <internet-drafts@ietf.org> Date: Saturday, 4 September 2021 at 18:57 To: i-d-announce@ietf.org <i-d-announce@ietf.org> Cc: lake@ietf.org <lake@ietf.org> Subject: [Lake] I-D Action: draft-ietf-lake-edhoc-10.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Lightweight Authenticated Key Exchange WG of the IETF. Title : Ephemeral Diffie-Hellman Over COSE (EDHOC) Authors : Göran Selander John Preuß Mattsson Francesca Palombini Filename : draft-ietf-lake-edhoc-10.txt Pages : 76 Date : 2021-09-04 Abstract: This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a very compact and lightweight authenticated Diffie-Hellman key exchange with ephemeral keys. EDHOC provides mutual authentication, forward secrecy, and identity protection. EDHOC is intended for usage in constrained scenarios and a main use case is to establish an OSCORE security context. By reusing COSE for cryptography, CBOR for encoding, and CoAP for transport, the additional code size can be kept very low. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-lake-edhoc/ There is also an htmlized version available at: https://datatracker.ietf.org/doc/html/draft-ietf-lake-edhoc-10 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-lake-edhoc-10 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ -- Lake mailing list Lake@ietf.org https://www.ietf.org/mailman/listinfo/lake
- [Lake] I-D Action: draft-ietf-lake-edhoc-10.txt internet-drafts
- Re: [Lake] I-D Action: draft-ietf-lake-edhoc-10.t… John Mattsson
- Re: [Lake] I-D Action: draft-ietf-lake-edhoc-10.t… John Mattsson