[Secdispatch] EDHOC

Göran Selander <goran.selander@ericsson.com> Wed, 02 January 2019 22:56 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25D8D12D4F1 for <secdispatch@ietfa.amsl.com>; Wed, 2 Jan 2019 14:56:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.387
X-Spam-Level:
X-Spam-Status: No, score=-3.387 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=R23QLpjP; dkim=pass (1024-bit key) header.d=ericsson.com header.b=Ein8RQx/
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hs22KH3hPbJy for <secdispatch@ietfa.amsl.com>; Wed, 2 Jan 2019 14:56:26 -0800 (PST)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 517AD130E11 for <secdispatch@ietf.org>; Wed, 2 Jan 2019 14:56:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/relaxed; q=dns/txt; i=@ericsson.com; t=1546469784; x=1549061784; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=g58xRXECbuqJkuR+ykJ6xFbkMex5Qd5TtT6q3Kj3vLs=; b=R23QLpjPQflTqOILob1Z/eLGe8r5LRq23Ap3swP1VOHLLcrWxDELs2yFVQAeZNzA KsRSUddjUx93Ome/ZYtSHeJAYfn+7aZFDSwSEiTU42FYe4m14ROJW+3gNXTWq4w7 uD8L1LmcycxcT4d9mdtyOAdjYAaCm+J98RhCs18L8V0=;
X-AuditID: c1b4fb30-41b3a9e00000355c-ad-5c2d419816bc
Received: from ESESBMB504.ericsson.se (Unknown_Domain [153.88.183.117]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id E2.3B.13660.8914D2C5; Wed, 2 Jan 2019 23:56:24 +0100 (CET)
Received: from ESESSMR504.ericsson.se (153.88.183.126) by ESESBMB504.ericsson.se (153.88.183.171) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Wed, 2 Jan 2019 23:56:12 +0100
Received: from ESESBMB501.ericsson.se (153.88.183.168) by ESESSMR504.ericsson.se (153.88.183.126) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Wed, 2 Jan 2019 23:56:12 +0100
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB501.ericsson.se (153.88.183.168) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Wed, 2 Jan 2019 23:56:11 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=g58xRXECbuqJkuR+ykJ6xFbkMex5Qd5TtT6q3Kj3vLs=; b=Ein8RQx/0inq5D4YFTrdjejSqOYxH4JxCjL6Ipx9nmAjSD9bcMwuZXTJHvywuvRjlWNzh/MnH52Cvk201YQa4BuFQujtOYCAdjYsqubBSJvyMXcPW9UaMnBO4X0uMPriqFWC4sfoptVMmNdQ8aVRd/iW3FmGpDODQCa0CGjRySM=
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com (20.176.166.25) by HE1PR07MB4331.eurprd07.prod.outlook.com (20.176.167.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1495.6; Wed, 2 Jan 2019 22:56:10 +0000
Received: from HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::a006:7ef8:2fd:30a]) by HE1PR07MB4172.eurprd07.prod.outlook.com ([fe80::a006:7ef8:2fd:30a%4]) with mapi id 15.20.1495.005; Wed, 2 Jan 2019 22:56:09 +0000
From: =?utf-8?B?R8O2cmFuIFNlbGFuZGVy?= <goran.selander@ericsson.com>
To: "secdispatch@ietf.org" <secdispatch@ietf.org>
CC: John Mattsson <john.mattsson@ericsson.com>, Francesca Palombini <francesca.palombini@ericsson.com>
Thread-Topic: EDHOC
Thread-Index: AQHUou5Zx1xiDx+jgESY4I5hUyszWg==
Date: Wed, 2 Jan 2019 22:56:08 +0000
Message-ID: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.14.0.181208
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com;
x-originating-ip: [83.251.145.234]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; HE1PR07MB4331; 6:cEl8OS3W4qTcrNc4NcGMBKHcbSfPxGGtBxUdkfxY6AIfJjuAIt+SLrvgbJvUtWRcbT/Xt3hQQwwL26EBntu4qmTGca1ISXKRs7XlBbE0fOkdaN/nNDLK2/Rcsnut18G7BhULSzUtlWWncb14EMuI+TsaCE1aniySNwJfW5fhZM0IOcM+eGr7/w1MeDE1ZG+r39o1mZPzYe6hHwUOZvnDoVva1klKzWh2Wb0mTkgsr0rDYxvhI1rUqybiYo5YG2bEPzO17gMGGkWpdPs7vUsDoPmWBUK99AX53rD0y79aKszVJlV+/0oUuFoGWQESaMD4wr6UNXzc8WJJD26ILkAps9PpcEkRPtc4l2PMplnDyx4J8AxR0nJlhe7kWTj9iHGTbVXh04KQVfSJyBquBESanFcemsso/2LvJo4QI9UQGcou4MHbYYDGCDtncHi8GnG0IArtfXPpa4iIkZSNJunSLg==; 5:A8HICCcWN3NsLhLLkGXR2dyPWtFnDPJvhT+G1wXEW9+2cyLjlwmSYUl0ltZusn5fMjOi5cSUYVpKxEo7dgcn+UPLtouC05R4NN5gK77DFby3PsXfNEduT8ojtusOjoFIP2BvMQkEODUvjqZYAu0ZjnakWOMSythY3o3jLw5qR8CZNOlh47d33s+Kt8ZuCi9hsiBzW12P/Rd3SU5GVJSgTA==; 7:qMGxIKZ+X6MDHWuqA6P8gC8tv/E+ov4IKWC+3xAhYFzPgOzkTbyKbXotEdM5U3sEVsZ3I5G88Q9ENVYET1sKTDJd0jWt/FkGENMBo5wHZyqWgG4eD3nZP+b0pjLw+tF1yy2zQgZ/p8KxvgnsvsYEhA==
x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10009020)(376002)(136003)(39860400002)(366004)(346002)(396003)(199004)(189003)(106356001)(105586002)(85202003)(2351001)(221733001)(66066001)(5660300001)(7116003)(14444005)(256004)(486006)(85182001)(476003)(68736007)(2906002)(8936002)(14454004)(7736002)(3846002)(71190400001)(6116002)(413944005)(966005)(82746002)(71200400001)(81156014)(81166006)(83716004)(3480700005)(1730700003)(8676002)(305945005)(66574012)(316002)(25786009)(102836004)(54906003)(97736004)(2501003)(26005)(6506007)(6486002)(6512007)(6306002)(5640700003)(86362001)(6916009)(99286004)(33656002)(107886003)(36756003)(186003)(4326008)(2616005)(53936002)(58126008)(478600001)(6436002)(215093002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB4331; H:HE1PR07MB4172.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
x-ms-office365-filtering-correlation-id: 9960ecac-497e-4c21-d0f3-08d671057c2e
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(2017052603328)(7153060)(7193020); SRVR:HE1PR07MB4331;
x-ms-traffictypediagnostic: HE1PR07MB4331:
x-microsoft-antispam-prvs: <HE1PR07MB43315D2A0A75AEA894701947F48C0@HE1PR07MB4331.eurprd07.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(3230021)(908002)(999002)(5005026)(6040522)(8220060)(2401047)(8121501046)(3231475)(944501520)(52105112)(93006095)(93001095)(10201501046)(3002001)(6041310)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(201708071742011)(7699051)(76991095); SRVR:HE1PR07MB4331; BCL:0; PCL:0; RULEID:; SRVR:HE1PR07MB4331;
x-forefront-prvs: 0905A6B2C7
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Nj6WQ1mIQU7W/D2kBBrI6N4JD5tzdCPbU0SOMkiFBXBNbOXT9JNRQhdfY5Hm5k6WWLblSJZcd5IVQuYeBua34uF4xWwwK7qx/F1I0GB+t1QI833fSDALa8AYHPDGp4ibQVFc+91eWl+J+nX1+gZ7EsPprY+frtRGVYAeEcsoTg761oFzYj+Ldlt+jplnyA+DDA6vWX8BCwQCQb3ui1M9bXapdJLXvoYkslu0nTWiGPK8WIO6Ewxp4t3ks/Xdxwc1kfNjqkVBfrjVWN3NEDe4buW2OySYv7zPCQ9wrJPkn4KvNzQmAquKKY7utMk7Kp5b
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <9DC5F22DAF93A348978DBF179BA20A12@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 9960ecac-497e-4c21-d0f3-08d671057c2e
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jan 2019 22:56:08.9560 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4331
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupileLIzCtJLcpLzFFi42KZGbG9VHeGo26Mwb+5ShZrrl1ndWD0WLLk J1MAYxSXTUpqTmZZapG+XQJXxoPT61gKeoQqdk5tYG5gvCDYxcjBISFgIrHjf3IXIxeHkMAR RonnF74wQzhfGSWuHnjFAuc823qEFcJZzCRxub8fLMMiMIFZYunLKVBlE5kk/j38AeXcZZR4 8PIZUxcjJwebgIvEg4ZHYLaIgKHEjXs3WUFsZoEMifnf+phBbGEBPonf16czQ9QIS7zdPZ8d wtaTeLZyHwuIzSKgIvH6yCqwOK+AvcTHpe1g9YwCYhLfT61hgpgpLnHryXwwW0JAQGLJnvPM ELaoxMvH/8D2igroSzz4dIAdojdOomldAxtEjZLE7taTUPWyEpfmdzOCPCMh0MQusf/VFkaI hKHE8ZX7mSESl9kkDn66wgqR8JWYM2kJE0TiAqPEhNaLUKO0JD5fuQFlZ0s8/A/yAkjRRWaJ Rc9+ME1gNJyF5PRZwIhhFtCUWL9LHyLsIbFz430WCFtRYkr3Q/ZZ4BAQlDg58wnLAkbWVYyi xanFSbnpRkZ6qUWZycXF+Xl6eaklmxiBKeTglt8GOxhfPnc8xCjAwajEw5thoxsjxJpYVlyZ e4hRgoNZSYRXrFgnRog3JbGyKrUoP76oNCe1+BCjNAeLkjjvHyHBGCGB9MSS1OzU1ILUIpgs EwenVAPj3OAvcrl/L86MNBa3Mg7yn189+7mRxsntr7k/xAad7aiUmNPF+rFg+lFHbk3+Lpe0 jYd2bc47/kHR7czTC5s3re9/ucUu8lCkmO49xi+xrUt+bOKK0VTnrjHuyu/LubJifVV/pWla +IGyDaL6bRxxa3kY1kot0i9e9qel4/EsPU0XRZVV6y8rsRRnJBpqMRcVJwIAix/z8x0DAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/UollkQtwBu8TbTo9ANpnkcmpBxQ>
Subject: [Secdispatch] EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Jan 2019 22:56:29 -0000

Dear Secdispatch,

We have been advised to ask secdispatch to consider EDHOC: https://tools.ietf.org/html/draft-selander-ace-cose-ecdhe

Those that follow the ACE WG should be familiar with this draft. The problem statement and motivation for EDHOC is described in section 1. In brief, the target is a lightweight key exchange protocol suitable for IoT applications, which:
a) has small message size and reuses existing IoT primitives to enable low overhead and small code footprint; 
b) is not bound to a particular transport, to enable end-to-end security in IoT deployments with varying underlying layers; and
c) can be used to key OSCORE (draft-ietf-core-object-security) that is lacking a harmonizing key exchange protocol.

These requirements are motivated by constrained IoT device deployments, but the protocol is applicable to other end-to-end security settings where the overhead due to security needs to be low. EDHOC addresses these requirements and builds on the SIGMA construction for Diffie-Hellman key exchanges. EDHOC, like OSCORE, is built on CBOR (RFC 7049) and COSE (RFC 8152) and the protocol messages may be transported with CoAP (RFC 7252).  

There has been a number of reviews of different versions of the draft; both by people who want to deploy it and by people analysing the security. A formal verification was presented at SSR 2018. There are a few implementations of different versions of the draft. The ACE WG has expressed interest in this work in several f2f meetings.

Please let us know if some information is missing for secdispatch to consider this draft, or how we can help out in the process.

Best regards
Göran, John, Francesca