Re: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22

Martin Disch <martindisch@gmail.com> Sat, 13 June 2020 20:28 UTC

Return-Path: <martindisch@gmail.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C37793A00D2 for <lake@ietfa.amsl.com>; Sat, 13 Jun 2020 13:28:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MZkEJynq6-Fp for <lake@ietfa.amsl.com>; Sat, 13 Jun 2020 13:28:55 -0700 (PDT)
Received: from mail-lf1-x131.google.com (mail-lf1-x131.google.com [IPv6:2a00:1450:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DDD73A00C9 for <lake@ietf.org>; Sat, 13 Jun 2020 13:28:54 -0700 (PDT)
Received: by mail-lf1-x131.google.com with SMTP id j12so7356404lfh.0 for <lake@ietf.org>; Sat, 13 Jun 2020 13:28:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=TukQHN++69lXteUbUSKwRg6WOU1SZslsbOgIDkNduhk=; b=ongRUvSJvlzBoFMs+vZkg2dWYDMPW8izE4nmjRFZyMbI5eDvjAlxoL/cmV8RZK0EQa aRh2E9sLYqwE8pwe36MHBgc+5NcAJwA7eLFxtmJe3KaUSR9SPucm921Pu2R14ZhRa7oQ q00owMamN5TyQETxvgaCtVsg0t5f8LRe2yyMU7X2mcZcS0QyDUALUwCvtWvVhq+iqkMh l7Td3U5pyqGer81lbJvr8A2mxg62yJPf0UBt0tl2zaoxOq3nmUl4eumnLbmplsNoXtwC eU90OAmi46/bDe58KYzX28rnTIpLUiLCfIEtLPeo/cy0emIxZ1Fr3kzgi1od5aJqcyQT /O3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=TukQHN++69lXteUbUSKwRg6WOU1SZslsbOgIDkNduhk=; b=Dzz+c4MPaOGorlYY5MYT/HOzghxpx/gmeKsxuzCrL3n/k0wU+0cq+ftxVR+vFT7xSo LUxo4v5BS9di59Osz9ISZmjqj90PGuTIqJdt2pOuG1JBu3Vv4IumgjKKal6TQZWhlGS4 sLdtsVr+BlOz5MGDUyvbXFYY/NQhMWyWB7k1U74K1/YOUx/MMjMO94JwGFXKf6RaNNbG ULDr0ANWJHSMaei2eCzDzlnLSEsTlfJRaXm5+KAengqUKs6OC2tt2usEPh50Yc7vn4WF PysLOKHZE06kA5Qy00NaYrcmuY/mE9dGhiJRziDMUErNEdlCUGwTYTCWwgWP67iopldO V7gg==
X-Gm-Message-State: AOAM530ZTS9rmx1QnIye3lRqXN6FrMHsEg4KZu/kdphdhjdj0d9RATFw 9b18SUE6l5938f+q8SwXk/6f/fTAbYiwIm021+g=
X-Google-Smtp-Source: ABdhPJxi38sXwFlHxBkkW6acSeELXaaZGSugWhDo9RuuVWFh2IZvWv0J+l3br0Zb9hEuWeySLOLA5Aukh//ycWDBZUo=
X-Received: by 2002:a19:f813:: with SMTP id a19mr9818730lff.212.1592080131401; Sat, 13 Jun 2020 13:28:51 -0700 (PDT)
MIME-Version: 1.0
References: <89EA6A63-AB99-4649-9F08-D6FBDE1DEF2F@inria.fr>
In-Reply-To: <89EA6A63-AB99-4649-9F08-D6FBDE1DEF2F@inria.fr>
From: Martin Disch <martindisch@gmail.com>
Date: Sat, 13 Jun 2020 22:28:40 +0200
Message-ID: <CADgBbC11JFaAMWkSuPQ+9_K8BzJcw+C4i0P_nUx6ZQpL+JnG5g@mail.gmail.com>
To: =?UTF-8?B?TWFsacWhYSBWdcSNaW5pxIc=?= <malisa.vucinic@inria.fr>
Cc: lake@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/KmAQm0KmDGEBnvQm3ZGwGiLu3LE>
Subject: Re: [Lake] Call for adoption for draft-selander-lake-edhoc - respond by June 22
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Jun 2020 20:28:57 -0000

On Mon, Jun 8, 2020 at 3:54 PM Mališa Vučinić <malisa.vucinic@inria.fr> wrote:
> Please reply to this thread whether you support the adoption, and indicate if you are ready to review if this draft becomes a working group document.

As part of a thesis I built a proof-of-concept implementation of EDHOC
in the Rust programming language available at
https://github.com/martindisch/oscore. The naming of the repository is
due to the subject being both EDHOC and OSCORE on embedded devices,
but the following refers only to the EDHOC implementation.

It's based on draft-selander-ace-cose-ecdhe-14 and as such, sadly,
outdated. Since it was just one part of the overall work, I only
managed to implement the subset I needed, which is RPK and the
signature-signature based scheme (corresponding to what
draft-selander-lake-edhoc calls method 0). I also took some other
shortcuts, such as not supporting auxiliary data. Fortunately, test
vectors were about to be introduced just around the time I was working
on it, so I've been able to successfully verify my implementation
against them when John shared them with me for some preliminary
testing. Since I didn't have any prior experience implementing this
kind of software, I would definitely consider it more of an
experiment, but it's out there and it works, in case it can be useful
to anybody.

I'm convinced that EDHOC will be valuable particularly in the context
of OSCORE, possibly even beyond that. As for the draft itself, I would
like to mention one aspect that I think could be improved from the
perspective of an implementer. Part of the promise of EDHOC is that
it's simple and lightweight due to reusing COSE. That is certainly the
case, but breaks down somewhat when working on a system where no fully
featured library for it is available. This was the case for me and I
personally found it difficult to quickly figure out which aspects of
COSE I needed to implement. The draft does a good job of pointing to
the right places in RFC 8152, but I still ended up trying to
understand another ~100 page document just to implement the few
constructs I actually needed. I know the authors are aware of this and
there has been some effort to inline more information directly in the
specification, which I greatly appreciate. It would be very nice to
have an entirely self-contained document to work with. But I have to
again point out my lack of experience in that area, it's entirely
possible that this draft is in fact much better than others in this
regard and I just don't know it yet.

With that I would like to support the adoption and am looking forward
to seeing how it develops.

Kind regards,

Martin