Re: [secdir] EDHOC and Transports

Hannes Tschofenig <> Fri, 25 January 2019 14:06 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 08AC4129AA0 for <>; Fri, 25 Jan 2019 06:06:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.043
X-Spam-Status: No, score=-2.043 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id b9a5oiVT9LkZ for <>; Fri, 25 Jan 2019 06:06:40 -0800 (PST)
Received: from ( [IPv6:2a01:111:f400:fe09::608]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 98C7A129A87 for <>; Fri, 25 Jan 2019 06:06:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bvKOtBlyB6a2NQPha8qHO7DHH/uofIAl4mT++3qQHXc=; b=W1+r2D3n7H9liX1Si4X9+9xn8zR7ZG+bqeWc+GzMEwgUVyBR1+mAEqtqhdZ1XFKpgq2ejGZZcaiPkQZ1qzR/z6viq63NxI2lowhpyWiJ7RkKMa4FmXUD+IvTMw6lDULKyoXeBU8RDmFuopSxYNmm2KBwdlHOoYKqd7uY/2AulNQ=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.18; Fri, 25 Jan 2019 14:06:36 +0000
Received: from ([fe80::3ce6:d8fa:3271:6019]) by ([fe80::3ce6:d8fa:3271:6019%7]) with mapi id 15.20.1558.016; Fri, 25 Jan 2019 14:06:36 +0000
From: Hannes Tschofenig <>
To: Hannes Tschofenig <>, Jim Schaad <>, "" <>
Thread-Topic: [secdir] EDHOC and Transports
Thread-Index: AdS0aYd+IIiEJdHOSfGMDJ3y6un6LAAOu51gAASLwYA=
Date: Fri, 25 Jan 2019 14:06:36 +0000
Message-ID: <>
References: <00ac01d4b46c$00f9de30$02ed9a90$> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR0801MB1262; 6:5ffFN69O2dWklqpSuI1TOCThUm4x7Q0qxQmcVZWzEWk4QqUOO4OdjXX5reCl4fOO5V6TUdbIsYIfLgWyZFx+CnKy92tizOJdZq6JeSDGiNmOsgHxbZgSu3jqkGoeQVlq3Ewa/Hy5VdEffMkSRuv59d5oRJVk8xivt/t/pLz9eQHK9pFSnAXy8K5O5UuQgZYT0Q68QUoVwiSBsN+O4kxMmX6a6+/09/RGrVzoP8JOQ6OepXZWlbBty5nXbM0EW1FDGwRB3UxowmeL9LYOxHDLCgV4siuJO9OU5DFu0fwKGT1LHpu5BUgEh5fQp42Ay9vUmE8tIUFM9Moud9JHzJZVQRmHBl1gRIcdxeGFE8i8AAskA+5x8YVxrw+dlma5Xs2OH8Y5rUZcemWTKjJusrY5fhbnSGlq04YbTFpDhVXupUanSRYDhG1gFCt0sk2LvVDwwQMB7mrh64lorib5JN11BA==; 5:9noy5amkOqiGb7CSQQCD4uCgc0C1kZh3CR6wMMeDPmumyRJ11gkehUQAVrTxWO/8dRVIS7Fis5HkyIR6S3yjfxi6Gxk4gdXQwy2Fi2ttvYzTgPHf6A99BX1+TJnt1h+4ZLntRvJj3VjpY2MTbs1hZn26L1ZVdg1wLT4PRfkyAmXNWs+NDlXoQ02IA/aY8F5UwZhEOWXCJ2iW4F0yjTGkCA==; 7:+2gggmji7TJohRiK8fgQYi7lbuvkCseyNXdgmo02NfkwlbNvBPsFi5U1eAtxSM3YT40a24HAM6L0pvc8J/xrcYv1VlvlaTR2xdaL+nKAbSj8w/ZsOFGAIbleP2XbCqYugSg8uRuQAo47ZX4McC19kg==
x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR;
x-ms-office365-filtering-correlation-id: 641645aa-bc6d-4e4b-4e61-08d682ce5188
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(4618075)(2017052603328)(7153060)(7193020); SRVR:VI1PR0801MB1262;
x-ms-traffictypediagnostic: VI1PR0801MB1262:
x-microsoft-antispam-prvs: <>
x-forefront-prvs: 0928072091
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(376002)(396003)(366004)(346002)(136003)(189003)(199004)(13464003)(40434004)(25786009)(71190400001)(71200400001)(110136005)(66574012)(99286004)(14444005)(97736004)(2940100002)(316002)(256004)(8936002)(5024004)(2906002)(81166006)(11346002)(81156014)(6436002)(446003)(8676002)(3846002)(6116002)(476003)(105586002)(106356001)(486006)(229853002)(66066001)(53546011)(93156006)(6506007)(74316002)(53936002)(102836004)(86362001)(305945005)(76176011)(7696005)(7736002)(186003)(6306002)(2501003)(9686003)(68736007)(33656002)(55016002)(6246003)(72206003)(14454004)(966005)(478600001)(26005); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0801MB1262;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: MIRyIFnEszTfaEJKukemRrwSvp48IxIFsxDhjv0tdGumxGTZfBjM0ePXB15yJN9dfFIjFr5yK0tG2mXdk7a4e/SiEfyjXpQeIM+9r7ubonNyfryrN61wrHWj95VG+JuBTsUgJ3OGiSc3ptpmhG51IbelPu3e0D9iZbYrXrb+Cqtx8Bz5HeW30OCXeOYQZmf6c8cC5dOWhqN0gLKEnw6YqMvoFyVJ1mwrsNshIn/57dnOltkg/heeSjsOlar5hx35/vE6YMKcN487JL09lxZ+j8B0/pDvTXtcZygY5JN1yfWcVE3udHcXMOlHN+xlniA11ZHPJ3HbrZTqwrYNBjisDQF/GPA1AQKv4cU4XYA2SONUcHZRtqM4fDBVFh8WIlR2geaaiSPQdimh/LR4XC51bGXXEj0HcGINQ6AknpC1OH0=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 641645aa-bc6d-4e4b-4e61-08d682ce5188
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Jan 2019 14:06:36.1483 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0801MB1262
Archived-At: <>
Subject: Re: [secdir] EDHOC and Transports
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 25 Jan 2019 14:06:43 -0000

A minor follow-up: I mentioned that I am aware of a company using the energy scavenging devices and it turns out that this information is actually public and there is even a short video on YouTube. The company we worked with is called Alphatronics and here is the video:

As you can hear in the video we have been using our Mbed OS together with our device management solution (LwM2M with DTLS and CoAP) for these types of devices.


-----Original Message-----
From: secdir <> On Behalf Of Hannes Tschofenig
Sent: Freitag, 25. Januar 2019 13:52
To: Jim Schaad <>;
Subject: Re: [secdir] EDHOC and Transports

Hi Jim,

what we are doing here is making an optimization. For some (unknown reason) we have focused our attention to the over-the-wire transmission overhead (not code size, RAM utilization, or developer usability*). We are doing this optimization mostly based on information about what other people tell us rather than based on our experience. The problem is that we have too few people with hands-on knowledge and/or deployment experience and if they have that experience they may not like to talk about it. So, we are stepping around in the dark and mostly perceived problems.

Having said that I would like to provide a few remarks to your list below:

1.  Low-power devices that either are battery based or scavenge power, these devices pay a power penalty for every byte of data sent and thus have a desire for the smallest messages possible.

[Hannes] Low power is a very complex topic since it is a system issue and boiling it down to the transmission overhead of every byte is an oversimplification. You are making certain assumptions of how power consumption of radio technologies work, which will be hard to verify. I have been working on power measurements recently (but only focused on power measurements of crypto, see I doubt that many people on this list nor in the IETF have a lot of experience in this field to use this as a basic for an optimization.

My co-workers, who are active in this space, tell me that there is nothing like a "per byte" linear relationship (for small quantities of data) in terms of energy cost. Obviously if you trigger "an additional transmission", which requires you to ramp up a PLL, turn on radio amplifiers, send lengthy preambles etc then the incremental cost of sending 64 bytes in that packet vs 16 bytes might be immeasurable small.  The critical thing appears to be how long the RF amplifiers are powered on. Hence, you will often see publications that tell you that waiting for incoming packets is actually the most expensive task (in terms of power consumption).

When it comes to energy scavenging devices then it becomes even more challenging since this is a more rarely used case. I know about one company doing this and I have spoken with a researchers at last year's Arm research summit who show-cased one device. The device shown by the researcher was a prototype and didn't use any Internet protocol nor a security mechanism. I wouldn't call myself knowledgeable enough to optimize a system based on this experience but maybe you have more expertise in this field. I am happy to learn more.

2. CoAP over SMS:  SMS has a 140 byte packet size.  There are two approaches for dealing with packets of larger than 140 bytes:  1) There is a method of appending multiple packets together to form a single larger packet.  2) You can use CoAP blockwise transfer.  Using CoAP blockwise would result in 128 byte packets for the underlying transfer assuming that only 12 bytes are needed for the CoAP header itself.

[Hannes] It turns out that CoAP over SMS is rarely used for delivering data of IP-based devices since SMS is a pretty expensive transport. From my work in the OMA I know that people use SMS to trigger the wake-up of devices and then switch to regular data transmission over IP. IMHO optimizing for use cases that barely anyone  uses appears to be a waste of time.

3. 6LoPan over IEEE 802.15.4:  This has a packet size of 127 bytes.  The maximum frame overhead size is 25 bytes allowing for 102 bytes of message
space.   If one assumes 20 bytes of overhead for CoAP then this means a
protocol packet size of 82 bytes.  If one needs to break the message across multiple packets then the maximum data size is going to be 64 bytes using CoAP blockwise options.

[Hannes] For some reason there seems to be the worry that a small MTU size at the link layer will cause a lot of problems. There are some radios that have this small MTU size, IEEE 802.15.4 and Bluetooth Low Energy belong to them. It turns out, however, that higher layers then offer fragmentation and reassembly support so that higher layers just don't get to see any of this. In IEEE 802.15.4 this fragmentation & reassembly support is offered by 6lowpan and in case of Bluetooth Low Energy the link layer actually consists of various sub-protocols. One of them offers fragmentation & reassembly. As such, the problem you describe is actually not a problem. There is no reason why you always have to put a single application layer payload into a single link layer frame.

We have been using LwM2M (which uses DTLS and CoAP) over IEEE 802.15.4 networks successfully for big commercial deployments. We have not run into problems with the smaller MTU size at the lower layers. The handshake itself is just a very small part of the overall size of data that gets transmitted during the lifetime of the device since the handshake obviously happens extremely rarely. There are much better ways to optimize traffic and you obviously have to look at all the data you are transmitting for the device.


*: In my experience the ability for developers to easily use any of the performance optimization techniques is the biggest barrier for gaining performance. Of course, this does not fit nicely in any of the standardization efforts in the IETF so the focus has to be somewhere else.
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

secdir mailing list
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.