Re: [Secdispatch] EDHOC
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 02 January 2019 23:57 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26D62130E51 for <secdispatch@ietfa.amsl.com>; Wed, 2 Jan 2019 15:57:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xu5bJVm7G9_y for <secdispatch@ietfa.amsl.com>; Wed, 2 Jan 2019 15:57:52 -0800 (PST)
Received: from mail-qt1-x82c.google.com (mail-qt1-x82c.google.com [IPv6:2607:f8b0:4864:20::82c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F321F124BE5 for <secdispatch@ietf.org>; Wed, 2 Jan 2019 15:57:51 -0800 (PST)
Received: by mail-qt1-x82c.google.com with SMTP id n32so35215417qte.11 for <secdispatch@ietf.org>; Wed, 02 Jan 2019 15:57:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Nr7IUndilKMQMDhatv8xNjI9hL/sKGmtibZ4JT7Juzg=; b=Hu4lVzhyBF9PRQmDg0YUQEJ4XHH+3+09/q1q+xno3+NLBeH2aCSGXPZ+kG8Yvqic1D MEngKMNTl8lQG+LGTPnLU7kV4DlY7XXr7lY/G5R6tyUWI0hNV9/YRh5UB2QOr099RWlD Eiv66fCbYhL2or0PY5uEA5ZiiKG1D3hNQ1BVC8SXJyP1hJzB9HvS2YcDuPnLvaOqnnx9 axDa0scGA5/vOiSHl1pqjwfQLdU9BBfcvl9G+rX+MIVIofm6P08T8VNyLqUsJlj4P/Y8 /5Bl8tigxxQtAX0BRMNEQaYREy2FOUGx11Fw7qIZ5Ign0DAL+aorg/m/fy8aRCpXg9ax 99EA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Nr7IUndilKMQMDhatv8xNjI9hL/sKGmtibZ4JT7Juzg=; b=qYJBJ7dJ0AlyxNgv/vkkdBy6B+qpH1W/UILfclOjElZTBYoKKmLdroX37rGwGFo3uN 7Zgce/sYo9Or9+PHMXdI706Yti3YloIfSIBBiGdvosQW6Vo6yKYk/m1tKe3pyQPtPhqB 6WSl9FYzsgs0BnPyHuQ+MxKSSCmMeI3dZwd5oCGdWEpzFwiWbiznJEWTtoKvyMiNuQVS 03ygn04o2jfhEQR9XVqT6wZgamm69NuUOkZoXJwvmzu4IRv49jxZ6Lo2+NWqaGMmJSS3 5wYqJXtdVZ5Ao0dmhKwZE3d7bmSHoO6Dj6vMZE1mJ26hxL3sd+TtLtluBbO9nr5gGXEy 9LKA==
X-Gm-Message-State: AJcUukfho1/Mvim9+xbU1aujmfglBkAnEQztLazZGXPh5oWmtdoKWJQ9 jcdI66GVVTPZ4HDwUrsXf3Q=
X-Google-Smtp-Source: ALg8bN79naeSkid2XY2BsgwgkwrHkzpAeZ5Vq2igBejRYYk0aCmnV2l+6dlGEOTQeM8xdldEHb1b4g==
X-Received: by 2002:aed:2d66:: with SMTP id h93mr40981582qtd.130.1546473470973; Wed, 02 Jan 2019 15:57:50 -0800 (PST)
Received: from [10.111.222.210] (209-6-124-146.s3472.c3-0.arl-cbr1.sbo-arl.ma.cable.rcncustomer.com. [209.6.124.146]) by smtp.gmail.com with ESMTPSA id 83sm29398796qkz.73.2019.01.02.15.57.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 02 Jan 2019 15:57:50 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (1.0)
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
X-Mailer: iPhone Mail (15E216)
In-Reply-To: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com>
Date: Wed, 02 Jan 2019 18:57:49 -0500
Cc: "secdispatch@ietf.org" <secdispatch@ietf.org>, Francesca Palombini <francesca.palombini@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <79FD6563-8ADA-4D73-B8D5-C3D70604CD76@gmail.com>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com>
To: Göran Selander <goran.selander@ericsson.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/_qYFxBjQaF8yLIi_Gw6XjXi5TdE>
Subject: Re: [Secdispatch] EDHOC
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Jan 2019 23:57:54 -0000
Hi, I’ve read earlier versions of this draft and appreciate all the work you have done with the security proof and comparing to existing standardized protocols. If ACE is interested, why is this going to SECDispatch? It might help to understand that better. Is it that a recharter would be needed? Thank you & happy new year! Kathleen Sent from my mobile device > On Jan 2, 2019, at 5:56 PM, Göran Selander <goran.selander@ericsson.com> wrote: > > Dear Secdispatch, > > We have been advised to ask secdispatch to consider EDHOC: https://tools.ietf.org/html/draft-selander-ace-cose-ecdhe > > Those that follow the ACE WG should be familiar with this draft. The problem statement and motivation for EDHOC is described in section 1. In brief, the target is a lightweight key exchange protocol suitable for IoT applications, which: > a) has small message size and reuses existing IoT primitives to enable low overhead and small code footprint; > b) is not bound to a particular transport, to enable end-to-end security in IoT deployments with varying underlying layers; and > c) can be used to key OSCORE (draft-ietf-core-object-security) that is lacking a harmonizing key exchange protocol. > > These requirements are motivated by constrained IoT device deployments, but the protocol is applicable to other end-to-end security settings where the overhead due to security needs to be low. EDHOC addresses these requirements and builds on the SIGMA construction for Diffie-Hellman key exchanges. EDHOC, like OSCORE, is built on CBOR (RFC 7049) and COSE (RFC 8152) and the protocol messages may be transported with CoAP (RFC 7252). > > There has been a number of reviews of different versions of the draft; both by people who want to deploy it and by people analysing the security. A formal verification was presented at SSR 2018. There are a few implementations of different versions of the draft. The ACE WG has expressed interest in this work in several f2f meetings. > > Please let us know if some information is missing for secdispatch to consider this draft, or how we can help out in the process. > > Best regards > Göran, John, Francesca > > > _______________________________________________ > Secdispatch mailing list > Secdispatch@ietf.org > https://www.ietf.org/mailman/listinfo/secdispatch
- [Secdispatch] EDHOC Göran Selander
- Re: [Secdispatch] EDHOC Kathleen Moriarty
- Re: [Secdispatch] EDHOC Göran Selander
- Re: [Secdispatch] EDHOC Richard Barnes
- Re: [Secdispatch] EDHOC Kathleen Moriarty
- Re: [Secdispatch] EDHOC Richard Barnes
- Re: [Secdispatch] EDHOC Kathleen Moriarty
- Re: [Secdispatch] [Ace] EDHOC Benjamin Kaduk
- Re: [Secdispatch] [Ace] EDHOC Roman Danyliw
- Re: [Secdispatch] EDHOC Roman Danyliw
- Re: [Secdispatch] [Ace] EDHOC Richard Barnes
- Re: [Secdispatch] [Ace] EDHOC Göran Selander
- Re: [Secdispatch] [Ace] EDHOC Göran Selander
- Re: [Secdispatch] [Ace] EDHOC Kathleen Moriarty
- Re: [Secdispatch] [Ace] EDHOC Kathleen Moriarty
- Re: [Secdispatch] [Ace] EDHOC Roman Danyliw
- Re: [Secdispatch] [Ace] EDHOC Kathleen Moriarty
- Re: [Secdispatch] [Ace] EDHOC Bret Jordan
- Re: [Secdispatch] [Ace] EDHOC Roman Danyliw
- Re: [Secdispatch] EDHOC Roman Danyliw