Re: [Secdispatch] EDHOC

Roman Danyliw <rdd@cert.org> Thu, 28 February 2019 15:27 UTC

From: Roman Danyliw <rdd@cert.org>
To: "secdispatch@ietf.org" <secdispatch@ietf.org>
CC: Francesca Palombini <francesca.palombini@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, Göran Selander <goran.selander@ericsson.com>
Thread-Topic: EDHOC
Thread-Index: AQHUou5Zx1xiDx+jgESY4I5hUyszWqW8B+hAgDmlp4A=
Date: Thu, 28 Feb 2019 15:27:16 +0000
Message-ID: <359EC4B99E040048A7131E0F4E113AFC01857DD7A7@marathon>
References: <D629D980-C059-474F-B259-2700F2EEAE41@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/qYSqRMXLolHWYMtm2hT9-2EBvys>
Subject: Re: [Secdispatch] EDHOC
Precedence: list


> -----Original Message-----
> From: Roman Danyliw
> Sent: Tuesday, January 22, 2019 6:10 PM
> To: secdispatch@ietf.org
> Cc: Francesca Palombini <francesca.palombini@ericsson.com>; John
> Mattsson <john.mattsson@ericsson.com>; 'Göran Selander'
> <goran.selander@ericsson.com>
> Subject: RE: EDHOC
> 
> Hi!
> 
> > -----Original Message-----
> > From: Secdispatch [mailto:secdispatch-bounces@ietf.org] On Behalf Of
> > Göran Selander
> > Sent: Wednesday, January 02, 2019 5:56 PM
> > To: secdispatch@ietf.org
> > Cc: Francesca Palombini <francesca.palombini@ericsson.com>; John
> > Mattsson <john.mattsson@ericsson.com>
> > Subject: [Secdispatch] EDHOC
> >
> > We have been advised to ask secdispatch to consider EDHOC:
> > https://tools.ietf.org/html/draft-selander-ace-cose-ecdhe
> 
> [snip]
> 
> > There has been a number of reviews of different versions of the draft;
> > both by people who want to deploy it and by people analysing the
> > security. A formal verification was presented at SSR 2018.
> 
> To save others the search time, I believe this is the reference on a formal
> verification of EDHOC:
> 
> Bruni A., Sahl Jørgensen T., Grønbech Petersen T., Schürmann C. (2018)
> Formal Verification of Ephemeral Diffie-Hellman Over COSE (EDHOC). In:
> Cremers C., Lehmann A. (eds) Security Standardisation Research. SSR 2018.
> Lecture Notes in Computer Science, vol 11322. Springer, Cham
> 
> https://link.springer.com/content/pdf/10.1007%2F978-3-030-04762-7_2.pdf

The following is an alternate reference to this paper that isn't behind a paywall (thanks to one of the paper's authors, Alessandro Bruni):

https://alessandrobruni.name/papers/18-edhoc.pdf

Additionally, the model associated with this paper can be found here:

https://github.com/theisgroenbech/edhoc-proverif

Roman

[Secdispatch] EDHOC Göran Selander
Re: [Secdispatch] EDHOC Kathleen Moriarty
Re: [Secdispatch] EDHOC Göran Selander
Re: [Secdispatch] EDHOC Richard Barnes
Re: [Secdispatch] EDHOC Kathleen Moriarty
Re: [Secdispatch] EDHOC Richard Barnes
Re: [Secdispatch] EDHOC Kathleen Moriarty
Re: [Secdispatch] [Ace] EDHOC Benjamin Kaduk
Re: [Secdispatch] [Ace] EDHOC Roman Danyliw
Re: [Secdispatch] EDHOC Roman Danyliw
Re: [Secdispatch] [Ace] EDHOC Richard Barnes
Re: [Secdispatch] [Ace] EDHOC Göran Selander
Re: [Secdispatch] [Ace] EDHOC Göran Selander
Re: [Secdispatch] [Ace] EDHOC Kathleen Moriarty
Re: [Secdispatch] [Ace] EDHOC Kathleen Moriarty
Re: [Secdispatch] [Ace] EDHOC Roman Danyliw
Re: [Secdispatch] [Ace] EDHOC Kathleen Moriarty
Re: [Secdispatch] [Ace] EDHOC Bret Jordan
Re: [Secdispatch] [Ace] EDHOC Roman Danyliw
Re: [Secdispatch] EDHOC Roman Danyliw