Lightweight Authorization using Ephemeral Diffie-Hellman Over COSE (ELA)

	draft-ietf-lake-authz-07.txt
	Date:	02/03/2026
	Authors:	Goeran Selander, John Mattsson, Malisa Vucinic, Geovane Fedrecheski, Michael Richardson
	Working Group:	Lightweight Authenticated Key Exchange (lake)

Ephemeral Diffie-Hellman Over COSE (EDHOC) is a lightweight authenticated key exchange protocol intended for use in constrained scenarios. This document specifies Lightweight Authorization using EDHOC (ELA). The procedure allows authorizing enrollment of new devices using the extension point defined in EDHOC. ELA is applicable to zero-touch onboarding of new devices to a constrained network leveraging trust anchors installed at manufacture time.

Implementation Considerations for Ephemeral Diffie-Hellman Over COSE (EDHOC)

	draft-ietf-lake-edhoc-impl-cons-06.txt
	Date:	02/03/2026
	Authors:	Marco Tiloca
	Working Group:	Lightweight Authenticated Key Exchange (lake)

This document provides considerations for guiding the implementation of the authenticated key exchange protocol Ephemeral Diffie-Hellman Over COSE (EDHOC).

Coordinating the Use of Application Profiles for Ephemeral Diffie-Hellman Over COSE (EDHOC)

	draft-ietf-lake-app-profiles-04.txt
	Date:	02/03/2026
	Authors:	Marco Tiloca, Rikard Hoeglund
	Working Group:	Lightweight Authenticated Key Exchange (lake)

The lightweight authenticated key exchange protocol Ephemeral Diffie- Hellman Over COSE (EDHOC) requires certain parameters to be agreed out-of-band, in order to ensure its successful completion. To this end, application profiles specify the intended use of EDHOC to allow for the relevant processing and verifications to be made. In order to ensure the applicability of such parameters and information beyond transport- or setup-specific scenarios, this document defines a canonical, CBOR-based representation that can be used to describe, distribute, and store EDHOC application profiles. Furthermore, in order to facilitate interoperability between EDHOC implementations and support EDHOC extensibility for additional integrations, this document defines a number of means to coordinate the use of EDHOC application profiles. Finally, this document defines a set of well- known EDHOC application profiles.

EDHOC Authenticated with Pre-Shared Keys (PSK)

	draft-ietf-lake-edhoc-psk-07.txt
	Date:	02/03/2026
	Authors:	Elsa, Goeran Selander, John Mattsson, Rafael Marin-Lopez, Francisco Lopez
	Working Group:	Lightweight Authenticated Key Exchange (lake)

This document specifies a Pre-Shared Key (PSK) authentication method for the Ephemeral Diffie-Hellman Over COSE (EDHOC) key exchange protocol. The PSK method enhances computational efficiency while providing mutual authentication, ephemeral key exchange, identity protection, and quantum resistance. It is particularly suited for systems where nodes share a PSK provided out-of-band (external PSK) and enables efficient session resumption with less computational overhead when the PSK is provided from a previous EDHOC session (resumption PSK). This document details the PSK method flow, key derivation changes, message formatting, processing, and security considerations.

Applying Generate Random Extensions And Sustain Extensibility (GREASE) to EDHOC Extensibility

	draft-ietf-lake-edhoc-grease-01.txt
	Date:	02/03/2026
	Authors:	Christian Amsuess
	Working Group:	Lightweight Authenticated Key Exchange (lake)

This document applies the extensibility mechanism GREASE (Generate Random Extensions And Sustain Extensibility), which was pioneered for TLS, to the EDHOC ecosystem. It reserves a set of non-critical EAD labels and unusable cipher suites that may be included in messages to ensure peers correctly handle unknown values.

Remote attestation over EDHOC

	draft-ietf-lake-ra-04.txt
	Date:	02/03/2026
	Authors:	Yuxuan Song, Goeran Selander
	Working Group:	Lightweight Authenticated Key Exchange (lake)

This document specifies how to perform remote attestation as part of the lightweight authenticated Diffie-Hellman key exchange protocol EDHOC (Ephemeral Diffie-Hellman Over COSE), based on the Remote ATtestation procedureS (RATS) architecture.

Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Lightweight Authenticated Key Exchange (lake)

WG	Name	Lightweight Authenticated Key Exchange
	Acronym	lake
	Area	Security Area (sec)
	State	Active
	Charter	charter-ietf-lake-03 Approved
	Document dependencies	Document dependencies Loading... Pan and zoom the dependency graph after the layout settles. Show legend Loading...
	Additional resources	GitHub Page Webpage Zulip stream
Personnel	Chairs	Mališa Vučinić, Renzo Navas
	Area Director	Paul Wouters
Mailing list	Address	lake@ietf.org
	To subscribe	https://www.ietf.org/mailman/listinfo/lake
	Archive	https://mailarchive.ietf.org/arch/browse/lake/
Chat	Room address	https://zulip.ietf.org/#narrow/stream/lake

Charter for Working Group

Background

Ephemeral Diffie-Hellman over COSE (EDHOC, RFC 9528) specifies a lightweight authenticated key exchange protocol between two peers. EDHOC is especially suited for constrained network environments such as NB-IoT, 6TiSCH, LoRaWAN, IEEE 802.15.4 and BLE.

By publishing the base protocol specification, RFC 9528, and detailed protocol traces, RFC 9529, the LAKE working group has completed its initial goals. The initial design scope of EDHOC focused on asymmetric authentication credentials (e.g., raw public keys and public key certificates) in order to streamline the working group activities. This left the work on authentication using symmetric keys, rekeying, as well as quantum resistance for a later stage. The working group will now tackle these points and continue to maintain and extend the EDHOC protocol.

Scope

The working group will define a Standards Track EDHOC rekeying protocol reusing the protocol elements from the base specification that uses symmetric keys for authentication, to make those usable both during a key update and a first-time key exchange.

The scope also includes the work on evaluating, and potentially adopting, documents that define new methods or new cipher suites. Works on specifying one or more EDHOC methods that are quantum-resistant, including where one or both parties are authenticated using a Key Encapsulation Mechanism (KEM), are in scope. Any such specified method must reuse the protocol elements from the base EDHOC specification. Potential algorithm candidates include accepted COSE algorithms, algorithms evaluated by the CFRG, as well as those that have undergone public review and evaluation processes, such as the US NIST Post-Quantum Cryptography (PQC) and Lightweight Cryptography (LWC) algorithms.

The work on maintenance of EDHOC also includes any relevant updates to the base specification, in which case the working group will publish Standards Track document(s). This includes the work on continuing to reduce transport overhead, e.g., using references or new credential types, but also any security-relevant updates to the base specification.

Within each protocol message, EDHOC provides External Authorization Data (EAD) fields. These fields may be used by external security applications to reduce
the number of messages and round trips, or to simplify processing. The working group will specify Standards Track documents with the following uses of EAD fields to augment the EDHOC key exchange:

3rd party-assisted authorization of EDHOC peers.
Remote attestation of EDHOC peers, reusing as much as possible available work from the RATS and TLS working groups.

The working group will also work on a Standard Track means for coordinating the use and discovery of EDHOC application profiles, the definition of well-known application profiles and processing extensions through EDHOC’s defined extension points, such as registering new schemes and new EAD registrations.

In addition, the working group will work on an Informational document gathering implementation considerations and guidance for the base protocol specification.

Liaisons and Formal Analysis

The working group will work closely with other related working groups in the IETF. This includes for example CoRE, ACE, IOTOPS, PQUIP, COSE, CBOR, RATS, EMU, TLS, SEAT and 6LO. The group welcomes formal analysis to be performed on the documents that introduce cryptographically-relevant changes or additions to the EDHOC protocol.

Milestones

Date	Milestone	Associated documents
Dec 2026	EDHOC quantum-resistant methods submitted to IESG as Proposed Standard
Dec 2026	3rd party-assisted authorization of EDHOC submitted to IESG as Proposed Standard	draft-ietf-lake-authz
Jun 2026	Application profiles document submitted to IESG as Proposed Standard	draft-ietf-lake-app-profiles
Jun 2026	EDHOC rekeying protocol submitted to IESG as Proposed Standard	draft-ietf-lake-edhoc-psk
Jun 2026	Implementation considerations and guidance submitted to IESG as Informational RFC	draft-ietf-lake-edhoc-impl-cons
Mar 2026	Remote attestation of EDHOC peers submitted to IESG as Proposed Standard	draft-ietf-lake-ra