EDHOC Is a New Security Handshake Standard: An Overview of Security Analysis
Authors: 
Elsa López Pérez, Göran Selander, John Preuß Mattsson, 
Thomas Watteyne, Mališa VučinićAuthors Info & Claims
Elsa López Pérez, Göran Selander, John Preuß Mattsson, Thomas Watteyne, Mališa VučinićAuthors Info & ClaimsAbstract
We wrap up the call for formal analysis of the new security handshake protocol EDHOC by providing an overview of the protocol, a summary of the formal security analyses, and a discussion on open venues for future work.
References
[1]
J. Preuss Mattsson, F. Palombini, and M. Vučinić. “Comparison of CoAP security protocols.” Internet Engineering Task Force, Work in progress. [Online]. Available: draft-ietf-iotops-security-protocol-comparison-06
[2]
G. Fedrecheski, M. Vučinić, and T. Watteyne, “Performance comparison of EDHOC and DTLS 1.3 in Internet-of-Things environments,” in Proc. IEEE Wireless Commun. Netw. Conf. (WCNC), Dubai, United Arab Emirates, Apr. 2024, pp. 21–24.
[3]
M. Vučinić, G. Selander, J. Preuss Mattsson, and T. Watteyne, “Lightweight authenticated key exchange with EDHOC,” IEEE Comput., vol. 55, no. 4, pp. 94–100, Apr. 2022.
[4]
M. Vučinić, G. Selander, J. Preuss Mattsson, and D. Garcia-Carillo, “Requirements for a Lightweight AKE for OSCORE,” Internet Engineering Task Force, Fremont, CA, USA, Jun. 2020. [Online]. Available: draft-ietf-lake-reqs-04
[5]
T. Perrin. “The noise protocol framework.” Noise Protocol Framework. Accessed: May 30, 2024. [Online]. Available: https://noiseprotocol.org/noise.html
[6]
M. Bellare and P. Rogaway, “The security of triple encryption and a framework for code-based game-playing proofs,” in Proc. Int. Conf. Theory Appl. Cryptogr. Techn. (Eurocrypt), Saint Petersburg, Russia, Jun. 2006, pp. 409–426.
[7]
C. Jacomme, E. Klein, S. Kremer, and M. Racouchot, “A comprehensive, formal and automated analysis of the EDHOC protocol,” in Proc. USENIX Secur. Symp. (USENIX), Anaheim, CA, USA, Aug. 2023, pp. 5881–5898.
[8]
F. Günther and M. I. T. Mukendi, “Careful with MAc-then-SIGn: A computational analysis of the EDHOC lightweight authenticated key exchange protocol,” in Proc. IEEE Eur. Symp. Secur. Privacy (EuroS&P), Delft, The Netherlands, Jul. 2023, pp. 773–796.
[9]
B. Cottier and D. Pointcheval, “Security analysis of improved EDHOC protocol,” in Proc. Int. Symp. Found. Pract. Secur. (FPS), Ottawa, ON, Canada, 2022, pp. 3–18.
[10]
K. Norrman, V. Sundararajan, and A. Bruni, “Formal analysis of EDHOC key establishment for constrained IoT devices,” 2020,.
[11]
J. Kim, D. G. Duguma, S. Lee, B. Kim, J. Lim, and I. You, “Scrutinizing the vulnerability of ephemeral Diffie–Hellman over COSE (EDHOC) for IoT environment using formal approaches,” Mobile Inf. Syst., vol. 2021, 2021, Art. no. 7314508.
[12]
L. Ferreira, “Computational security analysis of the full EDHOC protocol,” in Proc. Cryptographers’ Track RSA Conf. (CT-RSA), San Francisco, CA, USA, May 2024, pp. 25–48.
Index Terms
- EDHOC Is a New Security Handshake Standard: An Overview of Security Analysis
Index terms have been assigned to the content through auto-classification.
Recommendations
Security Analysis of Improved EDHOC Protocol
Foundations and Practice of SecurityAbstractEphemeral Diffie-Hellman Over COSE (EDHOC) aims at being a very compact and lightweight authenticated Diffie-Hellman key exchange with ephemeral keys. It is expected to provide mutual authentication, forward secrecy, and identity protection, with ...
New notions of security: achieving universal composability without trusted setup
STOC '04: Proceedings of the thirty-sixth annual ACM symposium on Theory of computingWe propose a modification to the framework of Universally Composable (UC) security [3]. Our new notion involves comparing the real protocol execution with an ideal execution involving ideal functionalities (just as in UC-security), but allowing the ...
Comments
Information & Contributors
Information
Published In
0018-9162 © 2024 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See https://www.ieee.org/publications/rights/index.html for more information.
Publisher
IEEE Computer Society Press
Washington, DC, United States
Publication History
Published: 30 August 2024
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 21 Sep 2024
Other Metrics
Citations
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in