rfc9528.original | rfc9528.txt | |||
---|---|---|---|---|
LAKE Working Group G. Selander | Internet Engineering Task Force (IETF) G. Selander | |||
Internet-Draft J. Preuß Mattsson | Request for Comments: 9528 J. Preuß Mattsson | |||
Intended status: Standards Track F. Palombini | Category: Standards Track F. Palombini | |||
Expires: 25 July 2024 Ericsson | ISSN: 2070-1721 Ericsson | |||
22 January 2024 | March 2024 | |||
Ephemeral Diffie-Hellman Over COSE (EDHOC) | Ephemeral Diffie-Hellman Over COSE (EDHOC) | |||
draft-ietf-lake-edhoc-23 | ||||
Abstract | Abstract | |||
This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a | This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a | |||
very compact and lightweight authenticated Diffie-Hellman key | very compact and lightweight authenticated Diffie-Hellman (DH) key | |||
exchange with ephemeral keys. EDHOC provides mutual authentication, | exchange with ephemeral keys. EDHOC provides mutual authentication, | |||
forward secrecy, and identity protection. EDHOC is intended for | forward secrecy, and identity protection. EDHOC is intended for | |||
usage in constrained scenarios and a main use case is to establish an | usage in constrained scenarios, and a main use case is to establish | |||
OSCORE security context. By reusing COSE for cryptography, CBOR for | an Object Security for Constrained RESTful Environments (OSCORE) | |||
encoding, and CoAP for transport, the additional code size can be | security context. By reusing CBOR Object Signing and Encryption | |||
kept very low. | (COSE) for cryptography, Concise Binary Object Representation (CBOR) | |||
for encoding, and Constrained Application Protocol (CoAP) for | ||||
transport, the additional code size can be kept very low. | ||||
Status of This Memo | Status of This Memo | |||
This Internet-Draft is submitted in full conformance with the | This is an Internet Standards Track document. | |||
provisions of BCP 78 and BCP 79. | ||||
Internet-Drafts are working documents of the Internet Engineering | ||||
Task Force (IETF). Note that other groups may also distribute | ||||
working documents as Internet-Drafts. The list of current Internet- | ||||
Drafts is at https://datatracker.ietf.org/drafts/current/. | ||||
Internet-Drafts are draft documents valid for a maximum of six months | This document is a product of the Internet Engineering Task Force | |||
and may be updated, replaced, or obsoleted by other documents at any | (IETF). It represents the consensus of the IETF community. It has | |||
time. It is inappropriate to use Internet-Drafts as reference | received public review and has been approved for publication by the | |||
material or to cite them other than as "work in progress." | Internet Engineering Steering Group (IESG). Further information on | |||
Internet Standards is available in Section 2 of RFC 7841. | ||||
This Internet-Draft will expire on 25 July 2024. | Information about the current status of this document, any errata, | |||
and how to provide feedback on it may be obtained at | ||||
https://www.rfc-editor.org/info/rfc9528. | ||||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2024 IETF Trust and the persons identified as the | Copyright (c) 2024 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents | |||
license-info) in effect on the date of publication of this document. | (https://trustee.ietf.org/license-info) in effect on the date of | |||
Please review these documents carefully, as they describe your rights | publication of this document. Please review these documents | |||
and restrictions with respect to this document. Code Components | carefully, as they describe your rights and restrictions with respect | |||
extracted from this document must include Revised BSD License text as | to this document. Code Components extracted from this document must | |||
described in Section 4.e of the Trust Legal Provisions and are | include Revised BSD License text as described in Section 4.e of the | |||
provided without warranty as described in the Revised BSD License. | Trust Legal Provisions and are provided without warranty as described | |||
in the Revised BSD License. | ||||
Table of Contents | Table of Contents | |||
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction | |||
1.1. Motivation . . . . . . . . . . . . . . . . . . . . . . . 4 | 1.1. Motivation | |||
1.2. Message Size Examples . . . . . . . . . . . . . . . . . . 5 | 1.2. Message Size Examples | |||
1.3. Document Structure . . . . . . . . . . . . . . . . . . . 6 | 1.3. Document Structure | |||
1.4. Terminology and Requirements Language . . . . . . . . . . 6 | 1.4. Terminology and Requirements Language | |||
2. EDHOC Outline . . . . . . . . . . . . . . . . . . . . . . . . 7 | 2. EDHOC Outline | |||
3. Protocol Elements . . . . . . . . . . . . . . . . . . . . . . 9 | 3. Protocol Elements | |||
3.1. General . . . . . . . . . . . . . . . . . . . . . . . . . 9 | 3.1. General | |||
3.2. Method . . . . . . . . . . . . . . . . . . . . . . . . . 10 | 3.2. Method | |||
3.3. Connection Identifiers . . . . . . . . . . . . . . . . . 10 | 3.3. Connection Identifiers | |||
3.4. Transport . . . . . . . . . . . . . . . . . . . . . . . . 12 | 3.4. Transport | |||
3.5. Authentication Parameters . . . . . . . . . . . . . . . . 14 | 3.5. Authentication Parameters | |||
3.6. Cipher Suites . . . . . . . . . . . . . . . . . . . . . . 20 | 3.6. Cipher Suites | |||
3.7. Ephemeral Public Keys . . . . . . . . . . . . . . . . . . 21 | 3.7. Ephemeral Public Keys | |||
3.8. External Authorization Data (EAD) . . . . . . . . . . . . 22 | 3.8. External Authorization Data (EAD) | |||
3.9. Application Profile . . . . . . . . . . . . . . . . . . . 24 | 3.9. Application Profile | |||
4. Key Derivation . . . . . . . . . . . . . . . . . . . . . . . 25 | 4. Key Derivation | |||
4.1. Keys for EDHOC Message Processing . . . . . . . . . . . . 26 | 4.1. Keys for EDHOC Message Processing | |||
4.2. Keys for EDHOC Applications . . . . . . . . . . . . . . . 29 | 4.2. Keys for EDHOC Applications | |||
5. Message Formatting and Processing . . . . . . . . . . . . . . 30 | 5. Message Formatting and Processing | |||
5.1. EDHOC Message Processing Outline . . . . . . . . . . . . 31 | 5.1. EDHOC Message Processing Outline | |||
5.2. EDHOC Message 1 . . . . . . . . . . . . . . . . . . . . . 32 | 5.2. EDHOC Message 1 | |||
5.3. EDHOC Message 2 . . . . . . . . . . . . . . . . . . . . . 33 | 5.3. EDHOC Message 2 | |||
5.4. EDHOC Message 3 . . . . . . . . . . . . . . . . . . . . . 36 | 5.4. EDHOC Message 3 | |||
5.5. EDHOC Message 4 . . . . . . . . . . . . . . . . . . . . . 39 | 5.5. EDHOC Message 4 | |||
6. Error Handling . . . . . . . . . . . . . . . . . . . . . . . 41 | 6. Error Handling | |||
6.1. Success . . . . . . . . . . . . . . . . . . . . . . . . . 42 | 6.1. Success | |||
6.2. Unspecified Error . . . . . . . . . . . . . . . . . . . . 42 | 6.2. Unspecified Error | |||
6.3. Wrong Selected Cipher Suite . . . . . . . . . . . . . . . 43 | 6.3. Wrong Selected Cipher Suite | |||
6.4. Unknown Credential Referenced . . . . . . . . . . . . . . 45 | 6.4. Unknown Credential Referenced | |||
7. EDHOC Message Deduplication . . . . . . . . . . . . . . . . . 46 | 7. EDHOC Message Deduplication | |||
8. Compliance Requirements . . . . . . . . . . . . . . . . . . . 47 | 8. Compliance Requirements | |||
9. Security Considerations . . . . . . . . . . . . . . . . . . . 47 | 9. Security Considerations | |||
9.1. Security Properties . . . . . . . . . . . . . . . . . . . 48 | 9.1. Security Properties | |||
9.2. Cryptographic Considerations . . . . . . . . . . . . . . 51 | 9.2. Cryptographic Considerations | |||
9.3. Cipher Suites and Cryptographic Algorithms . . . . . . . 53 | 9.3. Cipher Suites and Cryptographic Algorithms | |||
9.4. Post-Quantum Considerations . . . . . . . . . . . . . . . 53 | 9.4. Post-Quantum Considerations | |||
9.5. Unprotected Data and Privacy . . . . . . . . . . . . . . 54 | 9.5. Unprotected Data and Privacy | |||
9.6. Updated Internet Threat Model Considerations . . . . . . 55 | 9.6. Updated Internet Threat Model Considerations | |||
9.7. Denial-of-Service . . . . . . . . . . . . . . . . . . . . 55 | 9.7. Denial of Service | |||
9.8. Implementation Considerations . . . . . . . . . . . . . . 56 | 9.8. Implementation Considerations | |||
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 59 | 10. IANA Considerations | |||
10.1. EDHOC Exporter Label Registry . . . . . . . . . . . . . 59 | 10.1. EDHOC Exporter Label Registry | |||
10.2. EDHOC Cipher Suites Registry . . . . . . . . . . . . . . 60 | 10.2. EDHOC Cipher Suites Registry | |||
10.3. EDHOC Method Type Registry . . . . . . . . . . . . . . . 62 | 10.3. EDHOC Method Type Registry | |||
10.4. EDHOC Error Codes Registry . . . . . . . . . . . . . . . 63 | 10.4. EDHOC Error Codes Registry | |||
10.5. EDHOC External Authorization Data Registry . . . . . . . 63 | 10.5. EDHOC External Authorization Data Registry | |||
10.6. COSE Header Parameters Registry . . . . . . . . . . . . 64 | 10.6. COSE Header Parameters Registry | |||
10.7. The Well-Known URI Registry . . . . . . . . . . . . . . 65 | 10.7. Well-Known URI Registry | |||
10.8. Media Types Registry . . . . . . . . . . . . . . . . . . 65 | 10.8. Media Types Registry | |||
10.9. CoAP Content-Formats Registry . . . . . . . . . . . . . 67 | 10.9. CoAP Content-Formats Registry | |||
10.10. Resource Type (rt=) Link Target Attribute Values | 10.10. Resource Type (rt=) Link Target Attribute Values Registry | |||
Registry . . . . . . . . . . . . . . . . . . . . . . . 67 | 10.11. Expert Review Instructions | |||
10.11. Expert Review Instructions . . . . . . . . . . . . . . . 67 | 11. References | |||
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 68 | 11.1. Normative References | |||
11.1. Normative References . . . . . . . . . . . . . . . . . . 68 | 11.2. Informative References | |||
11.2. Informative References . . . . . . . . . . . . . . . . . 71 | Appendix A. Use with OSCORE and Transfer over CoAP | |||
Appendix A. Use with OSCORE and Transfer over CoAP . . . . . . . 76 | A.1. Deriving the OSCORE Security Context | |||
A.1. Deriving the OSCORE Security Context . . . . . . . . . . 76 | A.2. Transferring EDHOC over CoAP | |||
A.2. Transferring EDHOC over CoAP . . . . . . . . . . . . . . 78 | Appendix B. Compact Representation | |||
Appendix B. Compact Representation . . . . . . . . . . . . . . . 82 | Appendix C. Use of CBOR, CDDL, and COSE in EDHOC | |||
Appendix C. Use of CBOR, CDDL, and COSE in EDHOC . . . . . . . . 83 | C.1. CBOR and CDDL | |||
C.1. CBOR and CDDL . . . . . . . . . . . . . . . . . . . . . . 84 | C.2. CDDL Definitions | |||
C.2. CDDL Definitions . . . . . . . . . . . . . . . . . . . . 85 | C.3. COSE | |||
C.3. COSE . . . . . . . . . . . . . . . . . . . . . . . . . . 86 | Appendix D. Authentication-Related Verifications | |||
Appendix D. Authentication Related Verifications . . . . . . . . 88 | D.1. Validating the Authentication Credential | |||
D.1. Validating the Authentication Credential . . . . . . . . 88 | D.2. Identities | |||
D.2. Identities . . . . . . . . . . . . . . . . . . . . . . . 89 | D.3. Certification Path and Trust Anchors | |||
D.3. Certification Path and Trust Anchors . . . . . . . . . . 90 | D.4. Revocation Status | |||
D.4. Revocation Status . . . . . . . . . . . . . . . . . . . . 91 | D.5. Unauthenticated Operation | |||
D.5. Unauthenticated Operation . . . . . . . . . . . . . . . . 91 | Appendix E. Use of External Authorization Data | |||
Appendix E. Use of External Authorization Data . . . . . . . . . 91 | Appendix F. Application Profile Example | |||
Appendix F. Application Profile Example . . . . . . . . . . . . 93 | Appendix G. Long PLAINTEXT_2 | |||
Appendix G. Long PLAINTEXT_2 . . . . . . . . . . . . . . . . . . 94 | Appendix H. EDHOC_KeyUpdate | |||
Appendix H. EDHOC_KeyUpdate . . . . . . . . . . . . . . . . . . 95 | Appendix I. Example Protocol State Machine | |||
Appendix I. Example Protocol State Machine . . . . . . . . . . . 96 | I.1. Initiator State Machine | |||
I.1. Initiator State Machine . . . . . . . . . . . . . . . . . 96 | I.2. Responder State Machine | |||
I.2. Responder State Machine . . . . . . . . . . . . . . . . . 98 | Acknowledgments | |||
Appendix J. Change Log . . . . . . . . . . . . . . . . . . . . . 100 | Authors' Addresses | |||
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 112 | ||||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 112 | ||||
1. Introduction | 1. Introduction | |||
1.1. Motivation | 1.1. Motivation | |||
Many Internet of Things (IoT) deployments require technologies which | Many Internet of Things (IoT) deployments require technologies that | |||
are highly performant in constrained environments [RFC7228]. IoT | are highly performant in constrained environments [RFC7228]. IoT | |||
devices may be constrained in various ways, including memory, | devices may be constrained in various ways, including memory, | |||
storage, processing capacity, and power. The connectivity for these | storage, processing capacity, and power. The connectivity for these | |||
settings may also exhibit constraints such as unreliable and lossy | settings may also exhibit constraints, such as unreliable and lossy | |||
channels, highly restricted bandwidth, and dynamic topology. The | channels, highly restricted bandwidth, and dynamic topology. The | |||
IETF has acknowledged this problem by standardizing a range of | IETF has acknowledged this problem by standardizing a range of | |||
lightweight protocols and enablers designed for the IoT, including | lightweight protocols and enablers designed for the IoT, including | |||
the Constrained Application Protocol (CoAP, [RFC7252]), Concise | the CoAP [RFC7252], CBOR [RFC8949], and Static Context Header | |||
Binary Object Representation (CBOR, [RFC8949]), and Static Context | Compression (SCHC) [RFC8724]. | |||
Header Compression (SCHC, [RFC8724]). | ||||
The need for special protocols targeting constrained IoT deployments | The need for special protocols targeting constrained IoT deployments | |||
extends also to the security domain [I-D.ietf-lake-reqs]. Important | extends also to the security domain [LAKE-REQS]. Important | |||
characteristics in constrained environments are the number of round | characteristics in constrained environments are the number of round | |||
trips and protocol message sizes, which if kept low can contribute to | trips and protocol message sizes, which (if kept low) can contribute | |||
good performance by enabling transport over a small number of radio | to good performance by enabling transport over a small number of | |||
frames, reducing latency due to fragmentation or duty cycles, etc. | radio frames, reducing latency due to fragmentation, duty cycles, | |||
Another important criterion is code size, which may be prohibitively | etc. Another important criterion is code size, which may be | |||
large for certain deployments due to device capabilities or network | prohibitively large for certain deployments due to device | |||
load during firmware update. Some IoT deployments also need to | capabilities or network load during firmware updates. Some IoT | |||
support a variety of underlying transport technologies, potentially | deployments also need to support a variety of underlying transport | |||
even with a single connection. | technologies, potentially even with a single connection. | |||
Some security solutions for such settings exist already. CBOR Object | Some security solutions for such settings exist already. COSE | |||
Signing and Encryption (COSE, [RFC9052]) specifies basic application- | [RFC9052] specifies basic application-layer security services | |||
layer security services efficiently encoded in CBOR. Another example | efficiently encoded in CBOR. Another example is OSCORE [RFC8613], | |||
is Object Security for Constrained RESTful Environments (OSCORE, | which is a lightweight communication security extension to CoAP using | |||
[RFC8613]) which is a lightweight communication security extension to | CBOR and COSE. In order to establish good quality cryptographic keys | |||
CoAP using CBOR and COSE. In order to establish good quality | for security protocols such as COSE and OSCORE, the two endpoints may | |||
cryptographic keys for security protocols such as COSE and OSCORE, | run an authenticated Diffie-Hellman key exchange protocol, from which | |||
the two endpoints may run an authenticated Diffie-Hellman key | shared secret keying material can be derived. Such a key exchange | |||
exchange protocol, from which shared secret keying material can be | protocol should also be lightweight to prevent bad performance in | |||
derived. Such a key exchange protocol should also be lightweight; to | case of repeated use, e.g., due to device rebooting or frequent | |||
prevent bad performance in case of repeated use, e.g., due to device | rekeying for security reasons or to avoid latencies in a network | |||
rebooting or frequent rekeying for security reasons; or to avoid | formation setting with many devices authenticating at the same time. | |||
latencies in a network formation setting with many devices | ||||
authenticating at the same time. | ||||
This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a | This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a | |||
lightweight authenticated key exchange protocol providing good | lightweight authenticated key exchange protocol providing good | |||
security properties including forward secrecy, identity protection, | security properties including forward secrecy, identity protection, | |||
and cipher suite negotiation. Authentication can be based on raw | and cipher suite negotiation. Authentication can be based on raw | |||
public keys (RPK) or public key certificates and requires the | public keys (RPKs) or public key certificates and requires the | |||
application to provide input on how to verify that endpoints are | application to provide input on how to verify that endpoints are | |||
trusted. This specification supports the referencing of credentials | trusted. This specification supports the referencing of credentials | |||
in order to reduce message overhead, but credentials may | in order to reduce message overhead, but credentials may | |||
alternatively be embedded in the messages. EDHOC does not currently | alternatively be embedded in the messages. EDHOC does not currently | |||
support pre-shared key (PSK) authentication as authentication with | support Pre-Shared Key (PSK) authentication as authentication with | |||
static Diffie-Hellman public keys by reference produces equally small | static Diffie-Hellman public keys by reference produces equally small | |||
message sizes but with much simpler key distribution and identity | message sizes but with much simpler key distribution and identity | |||
protection. | protection. | |||
EDHOC makes use of known protocol constructions, such as SIGMA | EDHOC makes use of known protocol constructions, such as SIGn-and-MAc | |||
[SIGMA], the Noise XX pattern [Noise], and Extract-and-Expand | [SIGMA], the Noise XX pattern [Noise], and Extract-and-Expand | |||
[RFC5869]. EDHOC uses COSE for cryptography and identification of | [RFC5869]. EDHOC uses COSE for cryptography and identification of | |||
credentials (including COSE_Key, CBOR Web Token (CWT), CWT Claims Set | credentials (including COSE_Key, CBOR Web Token (CWT), CWT Claims Set | |||
(CCS), X.509, and CBOR encoded X.509 (C509) certificates, see | (CCS), X.509, and CBOR-encoded X.509 (C509) certificates; see | |||
Section 3.5.2). COSE provides crypto agility and enables the use of | Section 3.5.2). COSE provides crypto agility and enables the use of | |||
future algorithms and credential types targeting IoT. | future algorithms and credential types targeting IoT. | |||
EDHOC is designed for highly constrained settings making it | EDHOC is designed for highly constrained settings, making it | |||
especially suitable for low-power networks [RFC8376] such as Cellular | especially suitable for low-power networks [RFC8376] such as Cellular | |||
IoT, 6TiSCH, and LoRaWAN. A main objective for EDHOC is to be a | IoT, IPv6 over the TSCH mode of IEEE 802.15.4e (6TiSCH), and LoRaWAN. | |||
lightweight authenticated key exchange for OSCORE, i.e., to provide | A main objective for EDHOC is to be a lightweight authenticated key | |||
authentication and session key establishment for IoT use cases such | exchange for OSCORE, i.e., to provide authentication and session key | |||
as those built on CoAP [RFC7252] involving 'things' with embedded | establishment for IoT use cases such as those built on CoAP [RFC7252] | |||
microcontrollers, sensors, and actuators. By reusing the same | involving 'things' with embedded microcontrollers, sensors, and | |||
lightweight primitives as OSCORE (CBOR, COSE, CoAP) the additional | actuators. By reusing the same lightweight primitives as OSCORE | |||
code size can be kept very low. Note that while CBOR and COSE | (CBOR, COSE, and CoAP), the additional code size can be kept very | |||
primitives are built into the protocol messages, EDHOC is not bound | low. Note that while CBOR and COSE primitives are built into the | |||
to a particular transport. | protocol messages, EDHOC is not bound to a particular transport. | |||
A typical setting is when one of the endpoints is constrained or in a | A typical setting is when one of the endpoints is constrained or in a | |||
constrained network, and the other endpoint is a node on the Internet | constrained network and the other endpoint is a node on the Internet | |||
(such as a mobile phone). Thing-to-thing interactions over | (such as a mobile phone). Thing-to-thing interactions over | |||
constrained networks are also relevant since both endpoints would | constrained networks are also relevant since both endpoints would | |||
then benefit from the lightweight properties of the protocol. EDHOC | then benefit from the lightweight properties of the protocol. EDHOC | |||
could, e.g., be run when a device connects for the first time, or to | could, e.g., be run when a device connects for the first time or to | |||
establish fresh keys which are not revealed by a later compromise of | establish fresh keys that are not revealed by a later compromise of | |||
the long-term keys. | the long-term keys. | |||
1.2. Message Size Examples | 1.2. Message Size Examples | |||
Examples of EDHOC message sizes are shown in Figure 1, using | Examples of EDHOC message sizes are shown in Table 1, which use | |||
different kinds of authentication keys and COSE header parameters for | different kinds of authentication keys and COSE header parameters for | |||
identification: static Diffie-Hellman keys or signature keys, either | identification, i.e., static Diffie-Hellman keys or signature keys, | |||
in CBOR Web Token (CWT) / CWT Claims Set (CCS) [RFC8392] identified | either in CWT/CCS [RFC8392] identified by a key identifier using | |||
by a key identifier using 'kid' [RFC9052], or in X.509 certificates | 'kid' [RFC9052] or in X.509 certificates identified by a hash value | |||
identified by a hash value using 'x5t' [RFC9360]. As a comparison, | using 'x5t' [RFC9360]. EDHOC always uses ephemeral-ephemeral key | |||
in the case of RPK authentication, the EDHOC message size when | exchange. As a comparison, in the case of RPK authentication and | |||
transferred in CoAP can be less than 1/7 of the DTLS 1.3 handshake | when transferred in CoAP, the EDHOC message size can be less than 1/7 | |||
[RFC9147] with ECDHE and connection ID, see Section 2 of | of the DTLS 1.3 handshake [RFC9147] with Ephemeral Elliptic Curve | |||
[I-D.ietf-iotops-security-protocol-comparison]. | Diffie-Hellman (ECDHE) and connection ID; see Section 2 of | |||
[CoAP-SEC-PROT]. | ||||
---------------------------------------------------------- | +===========+================+================+ | |||
Static DH Keys Signature Keys | | | Static DH Keys | Signature Keys | | |||
---------------- ---------------- | +===========+==========+=====+==========+=====+ | |||
kid x5t kid x5t | | | kid | x5t | kid | x5t | | |||
---------------------------------------------------------- | +===========+==========+=====+==========+=====+ | |||
message_1 37 37 37 37 | | message_1 | 37 | 37 | 37 | 37 | | |||
message_2 45 58 102 115 | +-----------+----------+-----+----------+-----+ | |||
message_3 19 33 77 90 | | message_2 | 45 | 58 | 102 | 115 | | |||
---------------------------------------------------------- | +-----------+----------+-----+----------+-----+ | |||
Total 101 128 216 242 | | message_3 | 19 | 33 | 77 | 90 | | |||
---------------------------------------------------------- | +-----------+----------+-----+----------+-----+ | |||
| Total | 101 | 128 | 216 | 242 | | ||||
+-----------+----------+-----+----------+-----+ | ||||
Figure 1: Examples of EDHOC message sizes in bytes. | Table 1: Examples of EDHOC Message Sizes in | |||
Bytes | ||||
1.3. Document Structure | 1.3. Document Structure | |||
The remainder of the document is organized as follows: Section 2 | The remainder of the document is organized as follows: Section 2 | |||
outlines EDHOC authenticated with signature keys, Section 3 describes | outlines EDHOC authenticated with signature keys; Section 3 describes | |||
the protocol elements of EDHOC, including formatting of the ephemeral | the protocol elements of EDHOC, including formatting of the ephemeral | |||
public keys, Section 4 specifies the key derivation, Section 5 | public keys; Section 4 specifies the key derivation; Section 5 | |||
specifies message processing for EDHOC authenticated with signature | specifies message processing for EDHOC authenticated with signature | |||
keys or static Diffie-Hellman keys, Section 6 describes the error | keys or static Diffie-Hellman keys; Section 6 describes the error | |||
messages, Section 7 describes EDHOC support for transport that does | messages; Section 7 describes EDHOC support for transport that does | |||
not handle message duplication, and Section 8 lists compliance | not handle message duplication; and Section 8 lists compliance | |||
requirements. Note that normative text is also used in appendices, | requirements. Note that normative text is also used in appendices, | |||
in particular Appendix A. | in particular Appendix A. | |||
1.4. Terminology and Requirements Language | 1.4. Terminology and Requirements Language | |||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
"OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
capitals, as shown here. | capitals, as shown here. | |||
Readers are expected to be familiar with the terms and concepts | Readers are expected to be familiar with the terms and concepts | |||
described in CBOR [RFC8949], CBOR Sequences [RFC8742], COSE | described in CBOR [RFC8949], CBOR Sequences [RFC8742], COSE | |||
structures and processing [RFC9052], COSE algorithms [RFC9053], CWT | Structures and Processing [RFC9052], COSE Algorithms [RFC9053], CWT | |||
and CWT Claims Set [RFC8392], and the Concise Data Definition | and CCS [RFC8392], and the Concise Data Definition Language (CDDL) | |||
Language (CDDL, [RFC8610]), which is used to express CBOR data | [RFC8610], which is used to express CBOR data structures. Examples | |||
structures. Examples of CBOR and CDDL are provided in Appendix C.1. | of CBOR and CDDL are provided in Appendix C.1. When referring to | |||
When referring to CBOR, this specification always refers to | CBOR, this specification always refers to Deterministically Encoded | |||
Deterministically Encoded CBOR as specified in Sections 4.2.1 and | CBOR, as specified in Sections 4.2.1 and 4.2.2 of [RFC8949]. The | |||
4.2.2 of [RFC8949]. The single output from authenticated encryption | single output from authenticated encryption (including the | |||
(including the authentication tag) is called "ciphertext", following | authentication tag) is called "ciphertext", following [RFC5116]. | |||
[RFC5116]. | ||||
2. EDHOC Outline | 2. EDHOC Outline | |||
EDHOC specifies different authentication methods of the ephemeral- | EDHOC specifies different authentication methods of the ephemeral- | |||
ephemeral Diffie-Hellman key exchange: signature keys and static | ephemeral Diffie-Hellman key exchange, i.e., signature keys and | |||
Diffie-Hellman keys. This section outlines the signature key based | static Diffie-Hellman keys. This section outlines the signature-key- | |||
method. Further details of protocol elements and other | based method. Further details of protocol elements and other | |||
authentication methods are provided in the remainder of this | authentication methods are provided in the remainder of this | |||
document. | document. | |||
SIGMA (SIGn-and-MAc) is a family of theoretical protocols with a | SIGn-and-MAc (SIGMA) is a family of theoretical protocols with a | |||
large number of variants [SIGMA]. Like in IKEv2 [RFC7296] and (D)TLS | number of variants [SIGMA]. Like in Internet Key Exchange Protocol | |||
1.3 [RFC8446][RFC9147], EDHOC authenticated with signature keys is | Version 2 (IKEv2) [RFC7296] and (D)TLS 1.3 [RFC8446] [RFC9147], EDHOC | |||
built on a variant of the SIGMA protocol, SIGMA-I, which provides | authenticated with signature keys is built on a variant of the SIGMA | |||
identity protection against active attacks on the party initiating | protocol, SIGMA-I, which provides identity protection against active | |||
the protocol. Also like IKEv2, EDHOC implements the MAC-then-Sign | attacks on the party initiating the protocol. Also like IKEv2, EDHOC | |||
variant of the SIGMA-I protocol. The message flow (excluding an | implements the MAC-then-Sign variant of the SIGMA-I protocol. The | |||
optional fourth message) is shown in Figure 2. | message flow (excluding an optional fourth message) is shown in | |||
Figure 1. | ||||
Initiator Responder | Initiator Responder | |||
| G_X | | | G_X | | |||
+------------------------------------------------------------------>| | +------------------------------------------------------------------>| | |||
| | | | | | |||
| G_Y, Enc( ID_CRED_R, Sig( R; MAC( CRED_R, G_X, G_Y ) ) ) | | | G_Y, Enc( ID_CRED_R, Sig( R; MAC( CRED_R, G_X, G_Y ) ) ) | | |||
|<------------------------------------------------------------------+ | |<------------------------------------------------------------------+ | |||
| | | | | | |||
| AEAD( ID_CRED_I, Sig( I; MAC( CRED_I, G_Y, G_X ) ) ) | | | AEAD( ID_CRED_I, Sig( I; MAC( CRED_I, G_Y, G_X ) ) ) | | |||
+------------------------------------------------------------------>| | +------------------------------------------------------------------>| | |||
| | | | | | |||
Figure 2: MAC-then-Sign variant of the SIGMA-I protocol used by | Figure 1: MAC-then-Sign Variant of the SIGMA-I Protocol Used by | |||
EDHOC method 0. | the EDHOC Method 0 | |||
The parties exchanging messages in an EDHOC session are called | The parties exchanging messages in an EDHOC session are called the | |||
Initiator (I) and Responder (R), where the Initiator sends message_1 | Initiator (I) and the Responder (R), where the Initiator sends | |||
(see Section 3). They exchange ephemeral public keys, compute a | message_1 (see Section 3). They exchange ephemeral public keys, | |||
shared secret session key PRK_out, and derive symmetric application | compute a shared secret session key PRK_out, and derive symmetric | |||
keys used to protect application data. | application keys used to protect application data. | |||
* G_X and G_Y are the ECDH ephemeral public keys of I and R, | * G_X and G_Y are the Elliptic Curve Diffie-Hellman (ECDH) ephemeral | |||
respectively. | public keys of I and R, respectively. | |||
* CRED_I and CRED_R are the authentication credentials containing | * CRED_I and CRED_R are the authentication credentials containing | |||
the public authentication keys of I and R, respectively. | the public authentication keys of I and R, respectively. | |||
* ID_CRED_I and ID_CRED_R are used to identify and optionally | * ID_CRED_I and ID_CRED_R are used to identify and optionally | |||
transport the credentials of the Initiator and the Responder, | transport the credentials of I and R, respectively. | |||
respectively. | ||||
* Sig(I; . ) and Sig(R; . ) denote signatures made with the private | * Sig(I; . ) and Sig(R; . ) denote signatures made with the private | |||
authentication key of I and R, respectively. | authentication key of I and R, respectively. | |||
* Enc(), AEAD(), and MAC() denotes encryption, authenticated | * Enc(), AEAD(), and MAC() denote encryption, Authenticated | |||
encryption with additional data, and message authentication code - | Encryption with Associated Data, and Message Authentication Code | |||
crypto algorithms applied with keys derived from one or more | -- crypto algorithms applied with keys derived from one or more | |||
shared secrets calculated during the protocol. | shared secrets calculated during the protocol. | |||
In order to create a "full-fledged" protocol some additional protocol | In order to create a "full-fledged" protocol, some additional | |||
elements are needed. EDHOC adds: | protocol elements are needed. EDHOC adds: | |||
* Transcript hashes (hashes of message data) TH_2, TH_3, TH_4 used | * transcript hashes (hashes of message data), TH_2, TH_3, and TH_4, | |||
for key derivation and as additional authenticated data. | used for key derivation and as additional authenticated data, | |||
* Computationally independent keys derived from the ECDH shared | * computationally independent keys derived from the ECDH shared | |||
secret and used for authenticated encryption of different | secret and used for authenticated encryption of different | |||
messages. | messages, | |||
* An optional fourth message giving key confirmation to I in | * an optional fourth message giving key confirmation to I in | |||
deployments where no protected application data is sent from R to | deployments where no protected application data is sent from R to | |||
I. | I, | |||
* A keying material exporter and a key update function with forward | * a keying material exporter and a key update function with forward | |||
secrecy. | secrecy, | |||
* Secure negotiation of cipher suite. | * secure negotiation of the cipher suite, | |||
* Method types, error handling, and padding. | * method types, error handling, and padding, | |||
* Selection of connection identifiers C_I and C_R which may be used | * a selection of connection identifiers, C_I and C_R, which may be | |||
in EDHOC to identify protocol state. | used in EDHOC to identify the protocol state, and | |||
* Transport of external authorization data. | * transport of external authorization data. | |||
EDHOC is designed to encrypt and integrity protect as much | EDHOC is designed to encrypt and integrity protect as much | |||
information as possible. Symmetric keys and random material used in | information as possible. Symmetric keys and random material used in | |||
EDHOC are derived using EDHOC_KDF with as much previous information | EDHOC are derived using EDHOC_KDF with as much previous information | |||
as possible, see Figure 8. EDHOC is furthermore designed to be as | as possible; see Figure 6. EDHOC is furthermore designed to be as | |||
compact and lightweight as possible, in terms of message sizes, | compact and lightweight as possible, in terms of message sizes, | |||
processing, and the ability to reuse already existing CBOR, COSE, and | processing, and the ability to reuse already existing CBOR, COSE, and | |||
CoAP libraries. Like in (D)TLS, authentication is the responsibility | CoAP libraries. Like in (D)TLS, authentication is the responsibility | |||
of the application. EDHOC identifies (and optionally transports) | of the application. EDHOC identifies (and optionally transports) | |||
authentication credentials, and provides proof-of-possession of the | authentication credentials and provides proof-of-possession of the | |||
private authentication key. | private authentication key. | |||
To simplify for implementors, the use of CBOR and COSE in EDHOC is | To simplify for implementors, the use of CBOR and COSE in EDHOC is | |||
summarized in Appendix C. Test vectors including CBOR diagnostic | summarized in Appendix C. Test vectors, including CBOR diagnostic | |||
notation are provided in [I-D.ietf-lake-traces]. | notation, are provided in [RFC9529]. | |||
3. Protocol Elements | 3. Protocol Elements | |||
3.1. General | 3.1. General | |||
The EDHOC protocol consists of three mandatory messages (message_1, | The EDHOC protocol consists of three mandatory messages (message_1, | |||
message_2, message_3), an optional fourth message (message_4), and an | message_2, and message_3), an optional fourth message (message_4), | |||
error message, between an Initiator (I) and a Responder (R). The odd | and an error message, between an Initiator (I) and a Responder (R). | |||
messages are sent by I, the even by R. Both I and R can send error | The odd messages are sent by I, the even by R. Both I and R can send | |||
messages. The roles have slightly different security properties | error messages. The roles have slightly different security | |||
which should be considered when the roles are assigned, see | properties that should be considered when the roles are assigned; see | |||
Section 9.1. All EDHOC messages are CBOR Sequences [RFC8742], and | Section 9.1. All EDHOC messages are CBOR Sequences [RFC8742] and are | |||
are defined to be deterministically encoded CBOR as specified in | defined to be deterministically encoded CBOR as specified in | |||
Section 4.2.1 of [RFC8949]. Figure 3 illustrates an EDHOC message | Section 4.2.1 of [RFC8949]. Figure 2 illustrates an EDHOC message | |||
flow with the optional fourth message as well as the content of each | flow with the optional fourth message as well as the content of each | |||
message. The protocol elements in the figure are introduced in | message. The protocol elements in the figure are introduced in | |||
Section 3 and Section 5. Message formatting and processing are | Sections 3 and 5. Message formatting and processing are specified in | |||
specified in Section 5 and Section 6. | Sections 5 and 6. | |||
Application data may be protected using the agreed application | Application data may be protected using the agreed application | |||
algorithms (AEAD, hash) in the selected cipher suite (see | algorithms (AEAD, hash) in the selected cipher suite (see | |||
Section 3.6) and the application can make use of the established | Section 3.6), and the application can make use of the established | |||
connection identifiers C_I and C_R (see Section 3.3). Media types | connection identifiers C_I and C_R (see Section 3.3). Media types | |||
that may be used for EDHOC are defined in Section 10.8. | that may be used for EDHOC are defined in Section 10.8. | |||
The Initiator can derive symmetric application keys after creating | The Initiator can derive symmetric application keys after creating | |||
EDHOC message_3, see Section 4.2.1. Protected application data can | EDHOC message_3; see Section 4.2.1. Protected application data can | |||
therefore be sent in parallel or together with EDHOC message_3. | therefore be sent in parallel or together with EDHOC message_3. | |||
EDHOC message_4 is typically not sent. | EDHOC message_4 is typically not sent. | |||
Initiator Responder | Initiator Responder | |||
| METHOD, SUITES_I, G_X, C_I, EAD_1 | | | METHOD, SUITES_I, G_X, C_I, EAD_1 | | |||
+------------------------------------------------------------------>| | +------------------------------------------------------------------>| | |||
| message_1 | | | message_1 | | |||
| | | | | | |||
| G_Y, Enc( C_R, ID_CRED_R, Signature_or_MAC_2, EAD_2 ) | | | G_Y, Enc( C_R, ID_CRED_R, Signature_or_MAC_2, EAD_2 ) | | |||
|<------------------------------------------------------------------+ | |<------------------------------------------------------------------+ | |||
| message_2 | | | message_2 | | |||
| | | | | | |||
| AEAD( ID_CRED_I, Signature_or_MAC_3, EAD_3 ) | | | AEAD( ID_CRED_I, Signature_or_MAC_3, EAD_3 ) | | |||
+------------------------------------------------------------------>| | +------------------------------------------------------------------>| | |||
| message_3 | | | message_3 | | |||
| | | | | | |||
| AEAD( EAD_4 ) | | | AEAD( EAD_4 ) | | |||
|<- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + | |<- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + | |||
| message_4 | | | message_4 | | |||
Figure 3: EDHOC message flow including the optional fourth message. | Figure 2: EDHOC Message Flow Including the Optional Fourth Message | |||
3.2. Method | 3.2. Method | |||
The data item METHOD in message_1 (see Section 5.2.1), is an integer | The data item METHOD in message_1 (see Section 5.2.1) is an integer | |||
specifying the authentication method. EDHOC supports authentication | specifying the authentication method. EDHOC supports authentication | |||
with signature or static Diffie-Hellman keys, as defined in the four | with signature or static Diffie-Hellman keys, as defined in the four | |||
authentication methods: 0, 1, 2, and 3, see Figure 4. When using a | authentication methods: 0, 1, 2, and 3; see Table 2. When using a | |||
static Diffie-Hellman key the authentication is provided by a Message | static Diffie-Hellman key, the authentication is provided by a | |||
Authentication Code (MAC) computed from an ephemeral-static ECDH | Message Authentication Code (MAC) computed from an ephemeral-static | |||
shared secret which enables significant reductions in message sizes. | ECDH shared secret that enables significant reductions in message | |||
Note that also in the static Diffie-Hellman based authentication | sizes. Note that, also in the static Diffie-Hellman-based | |||
methods there is an ephemeral-ephemeral Diffie-Hellman key exchange. | authentication methods, there is an ephemeral-ephemeral Diffie- | |||
Hellman key exchange. | ||||
The Initiator and the Responder need to have agreed on a single | The Initiator and Responder need to have agreed on a single method to | |||
method to be used for EDHOC, see Section 3.9. | be used for EDHOC; see Section 3.9. | |||
+-------------+--------------------+--------------------+ | +===================+====================+====================+ | |||
| Method Type | Initiator | Responder | | | Method Type Value | Initiator | Responder | | |||
| Value | Authentication Key | Authentication Key | | | | Authentication Key | Authentication Key | | |||
+=============+====================+====================+ | +===================+====================+====================+ | |||
| 0 | Signature Key | Signature Key | | | 0 | Signature Key | Signature Key | | |||
| 1 | Signature Key | Static DH Key | | +-------------------+--------------------+--------------------+ | |||
| 2 | Static DH Key | Signature Key | | | 1 | Signature Key | Static DH Key | | |||
| 3 | Static DH Key | Static DH Key | | +-------------------+--------------------+--------------------+ | |||
+-------------+--------------------+--------------------+ | | 2 | Static DH Key | Signature Key | | |||
+-------------------+--------------------+--------------------+ | ||||
| 3 | Static DH Key | Static DH Key | | ||||
+-------------------+--------------------+--------------------+ | ||||
| 23 | Reserved | Reserved | | ||||
+-------------------+--------------------+--------------------+ | ||||
Figure 4: Authentication keys for method types. | Table 2: Authentication Keys for Method Types | |||
EDHOC does not have a dedicated message field to indicate the | EDHOC does not have a dedicated message field to indicate the | |||
protocol version. Breaking changes to EDHOC can be introduced by | protocol version. Breaking changes to EDHOC can be introduced by | |||
specifying and registering new methods. | specifying and registering new methods. | |||
3.3. Connection Identifiers | 3.3. Connection Identifiers | |||
EDHOC includes the selection of connection identifiers (C_I, C_R) | EDHOC includes the selection of connection identifiers (C_I and C_R) | |||
identifying a connection for which keys are agreed. | identifying a connection for which keys are agreed. | |||
Connection identifiers may be used to correlate EDHOC messages and | Connection identifiers may be used to correlate EDHOC messages and | |||
facilitate the retrieval of protocol state during an EDHOC session | facilitate the retrieval of protocol state during an EDHOC session | |||
(see Section 3.4), or may be used in applications of EDHOC, e.g., in | (see Section 3.4) or may be used in applications of EDHOC, e.g., in | |||
OSCORE (see Section 3.3.3). The connection identifiers do not have | OSCORE (see Section 3.3.3). The connection identifiers do not have | |||
any cryptographic purpose in EDHOC and only facilitate the retrieval | any cryptographic purpose in EDHOC and only facilitate the retrieval | |||
of security data associated with the protocol state. | of security data associated with the protocol state. | |||
Connection identifiers in EDHOC are intrinsically byte strings. Most | Connection identifiers in EDHOC are intrinsically byte strings. Most | |||
constrained devices only have a few connections for which short | constrained devices only have a few connections for which short | |||
identifiers may be sufficient. In some cases minimum length | identifiers may be sufficient. In some cases, minimum length | |||
identifiers are necessary to comply with overhead requirements. | identifiers are necessary to comply with overhead requirements. | |||
However, CBOR byte strings - with the exception of the empty byte | However, CBOR byte strings -- with the exception of the empty byte | |||
string h’’ which encodes as one byte (0x40) - are encoded as two or | string h'', which encodes as one byte (0x40) -- are encoded as two or | |||
more bytes. To enable one-byte encoding of certain byte strings | more bytes. To enable one-byte encoding of certain byte strings | |||
while maintaining CBOR encoding, EDHOC represents certain identifiers | while maintaining CBOR encoding, EDHOC represents certain identifiers | |||
as CBOR integers on the wire, see Section 3.3.2. | as CBOR integers on the wire; see Section 3.3.2. | |||
3.3.1. Selection of Connection Identifiers | 3.3.1. Selection of Connection Identifiers | |||
C_I and C_R are chosen by I and R, respectively. The Initiator | C_I and C_R are chosen by I and R, respectively. The Initiator | |||
selects C_I and sends it in message_1 for the Responder to use as a | selects C_I and sends it in message_1 for the Responder to use as a | |||
reference to the connection in communication with the Initiator. The | reference to the connection in communications with the Initiator. | |||
Responder selects C_R and sends it in message_2 for the Initiator to | The Responder selects C_R and sends it in message_2 for the Initiator | |||
use as a reference to the connection in communications with the | to use as a reference to the connection in communications with the | |||
Responder. | Responder. | |||
If connection identifiers are used by an application protocol for | If connection identifiers are used by an application protocol for | |||
which EDHOC establishes keys then the selected connection identifiers | which EDHOC establishes keys, then the selected connection | |||
SHALL adhere to the requirements for that protocol, see Section 3.3.3 | identifiers SHALL adhere to the requirements for that protocol; see | |||
for an example. | Section 3.3.3 for an example. | |||
3.3.2. Representation of Byte String Identifiers | 3.3.2. Representation of Byte String Identifiers | |||
To allow identifiers with minimal overhead on the wire, certain byte | To allow identifiers with minimal overhead on the wire, certain byte | |||
strings used in connection identifiers and credential identifiers | strings used in connection identifiers and credential identifiers | |||
(see Section Section 3.5.3) are defined to have integer | (see Section 3.5.3) are defined to have integer representations. | |||
representations. | ||||
The integers with one-byte CBOR encoding are -24, ..., 23, see | The integers with one-byte CBOR encoding are -24, ..., 23; see | |||
Figure 5. | Figure 3. | |||
Integer: -24 -23 ... -11 ... -2 -1 0 1 ... 15 ... 23 | Integer: -24 -23 ... -11 ... -2 -1 0 1 ... 15 ... 23 | |||
Encoding: 37 36 ... 2A ... 21 20 00 01 ... 0F ... 17 | Encoding: 37 36 ... 2A ... 21 20 00 01 ... 0F ... 17 | |||
Figure 5: One-byte CBOR encoded integers. | Figure 3: One-Byte CBOR-Encoded Integers | |||
The byte strings which coincide with a one-byte CBOR encoding of an | The byte strings that coincide with a one-byte CBOR encoding of an | |||
integer MUST be represented by the CBOR encoding of that integer. | integer MUST be represented by the CBOR encoding of that integer. | |||
Other byte strings are simply encoded as CBOR byte strings. | Other byte strings are simply encoded as CBOR byte strings. | |||
For example: | For example: | |||
* 0x21 is represented by 0x21 (CBOR encoding of the integer -2), not | * 0x21 is represented by 0x21 (CBOR encoding of the integer -2), not | |||
by 0x4121 (CBOR encoding of the byte string 0x21). | by 0x4121 (CBOR encoding of the byte string 0x21). | |||
* 0x0D is represented by 0x0D (CBOR encoding of the integer 13), not | * 0x0D is represented by 0x0D (CBOR encoding of the integer 13), not | |||
by 0x410D (CBOR encoding of the byte string 0x0D). | by 0x410D (CBOR encoding of the byte string 0x0D). | |||
skipping to change at page 12, line 12 ¶ | skipping to change at line 534 ¶ | |||
* 0x18 is represented by 0x4118 (CBOR encoding of the byte string | * 0x18 is represented by 0x4118 (CBOR encoding of the byte string | |||
0x18). | 0x18). | |||
* 0x38 is represented by 0x4138 (CBOR encoding of the byte string | * 0x38 is represented by 0x4138 (CBOR encoding of the byte string | |||
0x38). | 0x38). | |||
* 0xABCD is represented by 0x42ABCD (CBOR encoding of the byte | * 0xABCD is represented by 0x42ABCD (CBOR encoding of the byte | |||
string 0xABCD). | string 0xABCD). | |||
One may view this representation of byte strings as a transport | One may view this representation of byte strings as a transport | |||
encoding: a byte string which parses as the one-byte CBOR encoding of | encoding, i.e., a byte string that parses as the one-byte CBOR | |||
an integer (i.e., integer in the interval -24, ..., 23) is just | encoding of an integer (i.e., integer in the interval -24, ..., 23) | |||
copied directly into the message, a byte string which does not is | is just copied directly into the message, and a byte string that does | |||
encoded as a CBOR byte string during transport. | not is encoded as a CBOR byte string during transport. | |||
Implementation Note: When implementing the byte string identifier | | Implementation Note: When implementing the byte string | |||
representation, it can in some programming languages help to define a | | identifier representation, in some programming languages, it | |||
new type, or other data structure, which (in its user facing API) | | can help to define a new type or other data structure, which | |||
behaves like a byte string, but when serializing to CBOR produces a | | (in its user-facing API) behaves like a byte string but when | |||
CBOR byte string or a CBOR integer depending on its value. | | serializing to CBOR produces a CBOR byte string or a CBOR | |||
| integer depending on its value. | ||||
3.3.3. Use of Connection Identifiers with OSCORE | 3.3.3. Use of Connection Identifiers with OSCORE | |||
For OSCORE, the choice of connection identifier results in the | For OSCORE, the choice of connection identifier results in the | |||
endpoint selecting its Recipient ID, see Section 3.1 of [RFC8613], | endpoint selecting its Recipient ID (see Section 3.1 of [RFC8613]) | |||
for which certain uniqueness requirements apply, see Section 3.3 of | for which certain uniqueness requirements apply (see Section 3.3 of | |||
[RFC8613]. Therefore, the Initiator and the Responder MUST NOT | [RFC8613]). Therefore, the Initiator and Responder MUST NOT select | |||
select connection identifiers such that it results in the same OSCORE | connection identifiers such that it results in the same OSCORE | |||
Recipient ID. Since the connection identifier is a byte string, it | Recipient ID. Since the connection identifier is a byte string, it | |||
is converted to an OSCORE Recipient ID equal to the byte string. | is converted to an OSCORE Recipient ID equal to the byte string. | |||
Examples: | Examples: | |||
* A connection identifier 0xFF (represented in the EDHOC message as | * A connection identifier 0xFF (represented in the EDHOC message as | |||
0x41FF, see Section 3.3.2) is converted to the OSCORE Recipient ID | 0x41FF; see Section 3.3.2) is converted to the OSCORE Recipient ID | |||
0xFF. | 0xFF. | |||
* A connection identifier 0x21 (represented in the EDHOC message as | * A connection identifier 0x21 (represented in the EDHOC message as | |||
0x21, see Section 3.3.2) is converted to the OSCORE Recipient ID | 0x21; see Section 3.3.2) is converted to the OSCORE Recipient ID | |||
0x21. | 0x21. | |||
3.4. Transport | 3.4. Transport | |||
Cryptographically, EDHOC does not put requirements on the underlying | Cryptographically, EDHOC does not put requirements on the underlying | |||
layers. Received messages are processed as the expected next message | layers. Received messages are processed as the expected next message | |||
according to protocol state, see Section 5. If processing fails for | according to the protocol state; see Section 5. If processing fails | |||
any reason then, typically, an error message is attempted to be sent | for any reason, then typically an error message is attempted to be | |||
and the EDHOC session is aborted. | sent and the EDHOC session is aborted. | |||
EDHOC is not bound to a particular transport layer and can even be | EDHOC is not bound to a particular transport layer and can even be | |||
used in environments without IP. Ultimately, the application is free | used in environments without IP. Ultimately, the application is free | |||
to choose how to transport EDHOC messages including errors. In order | to choose how to transport EDHOC messages including errors. In order | |||
to avoid unnecessary message processing or protocol termination, it | to avoid unnecessary message processing or protocol termination, it | |||
is RECOMMENDED to use reliable transport, such as CoAP in reliable | is RECOMMENDED to use reliable transport, such as CoAP in reliable | |||
mode, which is the default transport, see Appendix A.2. In general, | mode, which is the default transport; see Appendix A.2. In general, | |||
the transport SHOULD handle: | the transport SHOULD handle: | |||
* message loss, | * message loss, | |||
* message duplication, see Section 7 for an alternative, | * message duplication (see Section 7 for an alternative), | |||
* flow control, | * flow control, | |||
* congestion control, | * congestion control, | |||
* fragmentation and reassembly, | * fragmentation and reassembly, | |||
* demultiplexing EDHOC messages from other types of messages, | * demultiplexing EDHOC messages from other types of messages, | |||
* denial-of-service mitigation, | * denial-of-service mitigation, and | |||
* message correlation, see Section 3.4.1. | * message correlation (see Section 3.4.1). | |||
EDHOC does not require error free transport since a change in message | EDHOC does not require error-free transport since a change in message | |||
content is detected through the transcript hashes in a subsequent | content is detected through the transcript hashes in a subsequent | |||
integrity verification, see Section 5. The transport does not | integrity verification; see Section 5. The transport does not | |||
require additional means to handle message reordering because of the | require additional means to handle message reordering because of the | |||
lockstep processing of EDHOC. | lockstep processing of EDHOC. | |||
EDHOC is designed to enable an authenticated key exchange with small | EDHOC is designed to enable an authenticated key exchange with small | |||
messages, where the minimum message sizes are of the order | messages, where the minimum message sizes are of the order | |||
illustrated in the first column of Figure 1. There is no maximum | illustrated in the first column of Table 1. There is no maximum | |||
message size specified by the protocol; this is for example dependent | message size specified by the protocol; for example, this is | |||
on the size of authentication credentials (if they are transported, | dependent on the size of the authentication credentials (if they are | |||
see Section 3.5). | transported, see Section 3.5). | |||
The use of transport is specified in the application profile, which | The use of transport is specified in the application profile, which | |||
in particular may specify limitations in message sizes, see | in particular, may specify limitations in message sizes; see | |||
Section 3.9. | Section 3.9. | |||
3.4.1. EDHOC Message Correlation | 3.4.1. EDHOC Message Correlation | |||
Correlation between EDHOC messages is needed to facilitate the | Correlation between EDHOC messages is needed to facilitate the | |||
retrieval of protocol state and security context during an EDHOC | retrieval of the protocol state and security context during an EDHOC | |||
session. It is also helpful for the Responder to get an indication | session. It is also helpful for the Responder to get an indication | |||
that a received EDHOC message is the beginning of a new EDHOC | that a received EDHOC message is the beginning of a new EDHOC | |||
session, such that no existing protocol state or security context | session, such that no existing protocol state or security context | |||
needs to be retrieved. | needs to be retrieved. | |||
Correlation may be based on existing mechanisms in the transport | Correlation may be based on existing mechanisms in the transport | |||
protocol, for example, the CoAP Token may be used to correlate EDHOC | protocol; for example, the CoAP Token may be used to correlate EDHOC | |||
messages in a CoAP response and in an associated CoAP request. The | messages in a CoAP response and in an associated CoAP request. The | |||
connection identifiers may also be used to correlate EDHOC messages. | connection identifiers may also be used to correlate EDHOC messages. | |||
If correlation between consecutive messages is not provided by other | If correlation between consecutive messages is not provided by other | |||
means then the transport binding SHOULD mandate prepending of an | means, then the transport binding SHOULD mandate prepending of an | |||
appropriate connection identifier (when available from the EDHOC | appropriate connection identifier (when available from the EDHOC | |||
protocol) to the EDHOC message. If message_1 indication is not | protocol) to the EDHOC message. If message_1 indication is not | |||
provided by other means, then the transport binding SHOULD mandate | provided by other means, then the transport binding SHOULD mandate | |||
prepending of message_1 with the CBOR simple value true (0xf5). | prepending of message_1 with the CBOR simple value true (0xf5). | |||
Transport of EDHOC in CoAP payloads is described in Appendix A.2, | Transport of EDHOC in CoAP payloads is described in Appendix A.2, | |||
including how to use connection identifiers and message_1 indication | including how to use connection identifiers and message_1 indication | |||
with CoAP. A similar construction is possible for other client- | with CoAP. A similar construction is possible for other client- | |||
server protocols. Protocols that do not provide any correlation at | server protocols. Protocols that do not provide any correlation at | |||
all can prescribe prepending of the peer's connection identifier to | all can prescribe prepending of the peer's connection identifier to | |||
all messages. | all messages. | |||
Note that correlation between EDHOC messages may be obtained without | Note that correlation between EDHOC messages may be obtained without | |||
transport support or connection identifiers, for example if the | transport support or connection identifiers, for example, if the | |||
endpoints only accept a single instance of the protocol at a time, | endpoints only accept a single instance of the protocol at a time and | |||
and execute conditionally on a correct sequence of messages. | execute conditionally on a correct sequence of messages. | |||
3.5. Authentication Parameters | 3.5. Authentication Parameters | |||
EDHOC supports various settings for how the other endpoint's | EDHOC supports various settings for how the other endpoint's | |||
authentication (public) key may be transported, identified, and | authentication (public) key may be transported, identified, and | |||
trusted. | trusted. | |||
EDHOC performs the following authentication related operations: | EDHOC performs the following authentication-related operations: | |||
* EDHOC transports information about credentials in ID_CRED_I and | * EDHOC transports information about credentials in ID_CRED_I and | |||
ID_CRED_R (described in Section 3.5.3). Based on this | ID_CRED_R (described in Section 3.5.3). Based on this | |||
information, the authentication credentials CRED_I and CRED_R | information, the authentication credentials CRED_I and CRED_R | |||
(described in Section 3.5.2) can be obtained. EDHOC may also | (described in Section 3.5.2) can be obtained. EDHOC may also | |||
transport certain authentication related information as External | transport certain authentication-related information as external | |||
Authorization Data (see Section 3.8). | authorization data (see Section 3.8). | |||
* EDHOC uses the authentication credentials in two ways (see | * EDHOC uses the authentication credentials in two ways (see | |||
Section 5.3.2 and Section 5.4.2): | Sections 5.3.2 and 5.4.2): | |||
- The authentication credential is input to the integrity | - The authentication credential is input to the integrity | |||
verification using the MAC fields. | verification using the MAC fields. | |||
- The authentication key of the authentication credential is used | - The authentication key of the authentication credential is used | |||
with the Signature_or_MAC field to verify proof-of-possession | with the Signature_or_MAC field to verify proof-of-possession | |||
of the private key. | of the private key. | |||
Other authentication related verifications are out of scope for | Other authentication-related verifications are out of scope for EDHOC | |||
EDHOC, and is the responsibility of the application. In particular, | and are the responsibility of the application. In particular, the | |||
the authentication credential needs to be validated in the context of | authentication credential needs to be validated in the context of the | |||
the connection for which EDHOC is used, see Appendix D. EDHOC MUST | connection for which EDHOC is used; see Appendix D. EDHOC MUST allow | |||
allow the application to read received information about credential | the application to read received information about credentials in | |||
(ID_CRED_R, ID_CRED_I). EDHOC MUST have access to the authentication | ID_CRED_R and ID_CRED_I. EDHOC MUST have access to the | |||
key and the authentication credential. | authentication key and the authentication credential. | |||
Note that the type of authentication key, authentication credential, | Note that the type of authentication key, the type of authentication | |||
and the identification of the credential have a large impact on the | credential, and the identification of the credential have a large | |||
message size. For example, the Signature_or_MAC field is much | impact on the message size. For example, the Signature_or_MAC field | |||
smaller with a static DH key than with a signature key. A CWT Claims | is much smaller with a static DH key than with a signature key. A | |||
Set (CCS) is much smaller than a self-signed certificate/CWT, but if | CWT Claims Set (CCS) is much smaller than a self-signed certificate / | |||
it is possible to reference the credential with a COSE header like | CWT, but if it is possible to reference the credential with a COSE | |||
'kid', then that is in turn much smaller than a CCS. | header like 'kid', then that is in turn much smaller than a CCS. | |||
3.5.1. Authentication Keys | 3.5.1. Authentication Keys | |||
The authentication key (i.e., the public key used for authentication) | The authentication key (i.e., the public key used for authentication) | |||
MUST be a signature key or static Diffie-Hellman key. The Initiator | MUST be a signature key or a static Diffie-Hellman key. The | |||
and the Responder MAY use different types of authentication keys, | Initiator and Responder MAY use different types of authentication | |||
e.g., one uses a signature key and the other uses a static Diffie- | keys, e.g., one uses a signature key and the other uses a static | |||
Hellman key. | Diffie-Hellman key. | |||
The authentication key algorithm needs to be compatible with the | The authentication key algorithm needs to be compatible with the | |||
method and the selected cipher suite (see Section 3.6). The | method and the selected cipher suite (see Section 3.6). The | |||
authentication key algorithm needs to be compatible with the EDHOC | authentication key algorithm needs to be compatible with the EDHOC | |||
key exchange algorithm when static Diffie-Hellman authentication is | key exchange algorithm when static Diffie-Hellman authentication is | |||
used, and compatible with the EDHOC signature algorithm when | used and compatible with the EDHOC signature algorithm when signature | |||
signature authentication is used. | authentication is used. | |||
Note that for most signature algorithms, the signature is determined | Note that for most signature algorithms, the signature is determined | |||
by the signature algorithm and the authentication key algorithm | by the signature algorithm and the authentication key algorithm | |||
together. When using static Diffie-Hellman keys the Initiator's and | together. When using static Diffie-Hellman keys, the Initiator's and | |||
Responder's private authentication keys are denoted as I and R, | the Responder's private authentication keys are denoted as I and R, | |||
respectively, and the public authentication keys are denoted G_I and | respectively, and the public authentication keys are denoted G_I and | |||
G_R, respectively. | G_R, respectively. | |||
For X.509 certificates the authentication key is represented by a | For X.509 certificates, the authentication key is represented by a | |||
SubjectPublicKeyInfo field. For CWT and CCS (see Section 3.5.2)) the | SubjectPublicKeyInfo field. For CWT and CCS (see Section 3.5.2), the | |||
authentication key is represented by a 'cnf' claim [RFC8747] | authentication key is represented by a 'cnf' claim [RFC8747] | |||
containing a COSE_Key [RFC9052]. In EDHOC, a raw public key (RPK) is | containing a COSE_Key [RFC9052]. In EDHOC, a raw public key (RPK) is | |||
an authentication key encoded as a COSE_Key wrapped in a CCS. | an authentication key encoded as a COSE_Key wrapped in a CCS. | |||
3.5.2. Authentication Credentials | 3.5.2. Authentication Credentials | |||
The authentication credentials, CRED_I and CRED_R, contains the | The authentication credentials, CRED_I and CRED_R, contain the public | |||
public authentication key of the Initiator and the Responder, | authentication key of the Initiator and Responder, respectively. We | |||
respectively. We use the notation CRED_x to refer to CRED_I or | use the notation CRED_x to refer to CRED_I or CRED_R. Requirements | |||
CRED_R. Requirements on CRED_x applies both to CRED_I and to CRED_R. | on CRED_x applies both to CRED_I and to CRED_R. The authentication | |||
The authentication credential typically also contains other | credential typically also contains other parameters that needs to be | |||
parameters that needs to be verified by the application, see | verified by the application (see Appendix D) and in particular | |||
Appendix D, and in particular information about the identity | information about the identity ("subject") of the endpoint to prevent | |||
("subject") of the endpoint to prevent misbinding attacks, see | misbinding attacks (see Appendix D.2). | |||
Appendix D.2. | ||||
EDHOC relies on COSE for identification of credentials (see | EDHOC relies on COSE for identification of credentials (see | |||
Section 3.5.3), for example X.509 certificates [RFC9360], C509 | Section 3.5.3), for example, X.509 certificates [RFC9360], C509 | |||
certificates [I-D.ietf-cose-cbor-encoded-cert], CWTs [RFC8392] and | certificates [C509-CERTS], CWTs [RFC8392], and CCSs [RFC8392]. When | |||
CWT Claims Sets (CCS) [RFC8392]. When the identified credential is a | the identified credential is a chain or a bag, the authentication | |||
chain or a bag, the authentication credential CRED_x is just the end | credential CRED_x is just the end entity X.509 or C509 certificate / | |||
entity X.509 or C509 certificate / CWT. In the choice between chain | CWT. In the choice between a chain or a bag, it is RECOMMENDED to | |||
or bag it is RECOMMENDED to use a chain, since the certificates in a | use a chain, since the certificates in a bag are unordered and may | |||
bag are unordered and may contain self-signed and extraneous | contain self-signed and extraneous certificates, which can add | |||
certificates, which can add complexity to the process of extracting | complexity to the process of extracting the end entity certificate. | |||
the end entity certificate. The Initiator and the Responder MAY use | The Initiator and Responder MAY use different types of authentication | |||
different types of authentication credentials, e.g., one uses an RPK | credentials, e.g., one uses an RPK and the other uses a public key | |||
and the other uses a public key certificate. | certificate. | |||
Since CRED_R is used in the integrity verification, see | Since CRED_R is used in the integrity verification (see | |||
Section 5.3.2, it needs to be specified such that it is identical | Section 5.3.2), it needs to be specified such that it is identical | |||
when used by Initiator or Responder. Similarly for CRED_I, see | when used by the Initiator or Responder. Similarly for CRED_I, see | |||
Section 5.4.2. The Initiator and Responder are expected to agree on | Section 5.4.2. The Initiator and Responder are expected to agree on | |||
the specific encoding of the authentication credentials, see | the specific encoding of the authentication credentials; see | |||
Section 3.9. It is RECOMMENDED that the COSE 'kid' parameter, when | Section 3.9. It is RECOMMENDED that the COSE 'kid' parameter, when | |||
used to identify the authentication credential, refers to a such a | used to identify the authentication credential, refers to such a | |||
specific encoding of the authentication credential. The Initiator | specific encoding of the authentication credential. The Initiator | |||
and Responder SHOULD use an available authentication credential | and Responder SHOULD use an available authentication credential | |||
(transported in EDHOC or otherwise provisioned) without re-encoding. | (transported in EDHOC or otherwise provisioned) without re-encoding. | |||
If for some reason re-encoding of an authentication credential passed | If for some reason re-encoding of an authentication credential passed | |||
by reference may occur, then a potential common encoding for CBOR | by reference may occur, then a potential common encoding for CBOR- | |||
based credentials is deterministically encoded CBOR as specified in | based credentials is deterministically encoded CBOR, as specified in | |||
Sections 4.2.1 and 4.2.2 of [RFC8949]. | Sections 4.2.1 and 4.2.2 of [RFC8949]. Authentication credentials | |||
passed by value are used as is without re-encoding. | ||||
* When the authentication credential is an X.509 certificate, CRED_x | * When the authentication credential is an X.509 certificate, CRED_x | |||
SHALL be the DER encoded certificate, encoded as a bstr [RFC9360]. | SHALL be the DER-encoded certificate, encoded as a bstr [RFC9360]. | |||
* When the authentication credential is a C509 certificate, CRED_x | * When the authentication credential is a C509 certificate, CRED_x | |||
SHALL be the C509Certificate [I-D.ietf-cose-cbor-encoded-cert]. | SHALL be the C509 certificate [C509-CERTS]. | |||
* When the authentication credential is a CWT including a COSE_Key, | * When the authentication credential is a CWT including a COSE_Key, | |||
CRED_x SHALL be the untagged CWT. | CRED_x SHALL be the untagged CWT. | |||
* When the authentication credential includes a COSE_Key but is not | * When the authentication credential includes a COSE_Key but is not | |||
in a CWT, CRED_x SHALL be an untagged CWT Claims Set (CCS). This | in a CWT, CRED_x SHALL be an untagged CCS. This is how RPKs are | |||
is how RPKs are encoded, see Figure 6 for an example. | encoded, see Figure 4 for an example. | |||
- Naked COSE_Keys are thus dressed as CCS when used in EDHOC, in | - Naked COSE_Keys are thus dressed as CCS when used in EDHOC in | |||
its simplest form by prefixing the COSE_Key with 0xA108A101 (a | its simplest form by prefixing the COSE_Key with 0xA108A101 (a | |||
map with a 'cnf' claim). In that case the resulting | map with a 'cnf' claim). In that case, the resulting | |||
authentication credential contains no other identity than the | authentication credential contains no other identity than the | |||
public key itself, see Appendix D.2. | public key itself; see Appendix D.2. | |||
An example of CRED_x is shown below: | An example of CRED_x is shown below: | |||
{ /CCS/ | { /CCS/ | |||
2 : "42-50-31-FF-EF-37-32-39", /sub/ | 2 : "42-50-31-FF-EF-37-32-39", /sub/ | |||
8 : { /cnf/ | 8 : { /cnf/ | |||
1 : { /COSE_Key/ | 1 : { /COSE_Key/ | |||
1 : 1, /kty/ | 1 : 1, /kty/ | |||
2 : h'00', /kid/ | 2 : h'00', /kid/ | |||
-1 : 4, /crv/ | -1 : 4, /crv/ | |||
-2 : h'b1a3e89460e88d3a8d54211dc95f0b90 /x/ | -2 : h'b1a3e89460e88d3a8d54211dc95f0b90 /x/ | |||
3ff205eb71912d6db8f4af980d2db83a' | 3ff205eb71912d6db8f4af980d2db83a' | |||
} | } | |||
} | } | |||
} | } | |||
Figure 6: CWT Claims Set (CCS) containing an X25519 static | Figure 4: CCS Containing an X25519 Static Diffie-Hellman Key and | |||
Diffie-Hellman key and an EUI-64 identity. | an EUI-64 Identity | |||
3.5.3. Identification of Credentials | 3.5.3. Identification of Credentials | |||
The ID_CRED fields, ID_CRED_R and ID_CRED_I, are transported in | The ID_CRED fields, ID_CRED_R and ID_CRED_I, are transported in | |||
message_2 and message_3, respectively, see Section 5.3.2 and | message_2 and message_3, respectively; see Sections 5.3.2 and 5.4.2. | |||
Section 5.4.2. We use the notation ID_CRED_x to refer to ID_CRED_I | We use the notation ID_CRED_x to refer to ID_CRED_I or ID_CRED_R. | |||
or ID_CRED_R. Requirements on ID_CRED_x applies both to ID_CRED_I | Requirements on ID_CRED_x applies both to ID_CRED_I and to ID_CRED_R. | |||
and to ID_CRED_R. The ID_CRED fields are used to identify and | The ID_CRED fields are used to identify and optionally transport | |||
optionally transport credentials: | credentials: | |||
* ID_CRED_R is intended to facilitate for the Initiator retrieving | * ID_CRED_R is intended to facilitate for the Initiator retrieving | |||
the authentication credential CRED_R and the authentication key of | the authentication credential CRED_R and the authentication key of | |||
R. | R. | |||
* ID_CRED_I is intended to facilitate for the Responder retrieving | * ID_CRED_I is intended to facilitate for the Responder retrieving | |||
the authentication credential CRED_I and the authentication key of | the authentication credential CRED_I and the authentication key of | |||
I. | I. | |||
ID_CRED_x may contain the authentication credential CRED_x, for x = I | ID_CRED_x may contain the authentication credential CRED_x, for x = I | |||
or R, but for many settings it is not necessary to transport the | or R, but for many settings, it is not necessary to transport the | |||
authentication credential within EDHOC. For example, it may be pre- | authentication credential within EDHOC. For example, it may be pre- | |||
provisioned or acquired out-of-band over less constrained links. | provisioned or acquired out-of-band over less constrained links. | |||
ID_CRED_I and ID_CRED_R do not have any cryptographic purpose in | ID_CRED_I and ID_CRED_R do not have any cryptographic purpose in | |||
EDHOC since the authentication credentials are integrity protected. | EDHOC since the authentication credentials are integrity protected by | |||
the Signature_or_MAC field. | ||||
EDHOC relies on COSE for identification of credentials and supports | EDHOC relies on COSE for identification of credentials and supports | |||
all credential types for which COSE header parameters are defined | all credential types for which COSE header parameters are defined, | |||
including X.509 certificates ([RFC9360]), C509 certificates | including X.509 certificates [RFC9360], C509 certificates | |||
([I-D.ietf-cose-cbor-encoded-cert]), CWT (see Section 3.5.3.1) and | [C509-CERTS], CWTs (Section 3.5.3.1) and CCSs (Section 3.5.3.1). | |||
CWT Claims Set (see Section 3.5.3.1). | ||||
ID_CRED_I and ID_CRED_R are of type COSE header_map, as defined in | ID_CRED_I and ID_CRED_R are of type COSE header_map, as defined in | |||
Section 3 of [RFC9052], and contains one or more COSE header | Section 3 of [RFC9052], and contain one or more COSE header | |||
parameters. If a map contains several header paramerers, the labels | parameters. If a map contains several header parameters, the labels | |||
do not need to be sorted in bytewise lexicographic order. ID_CRED_I | do not need to be sorted in bytewise lexicographic order. ID_CRED_I | |||
and ID_CRED_R MAY contain different header parameters. The header | and ID_CRED_R MAY contain different header parameters. The header | |||
parameters typically provide some information about the format of the | parameters typically provide some information about the format of the | |||
credential. | credential. | |||
Example: X.509 certificates can be identified by a hash value using | Example: X.509 certificates can be identified by a hash value using | |||
the 'x5t' parameter, see Section 2 of [RFC9360]: | the 'x5t' parameter; see Section 2 of [RFC9360]: | |||
* ID_CRED_x = { 34 : COSE_CertHash }, for x = I or R, | * ID_CRED_x = { 34 : COSE_CertHash }, for x = I or R | |||
Example: CWT or CCS can be identified by a key identifier using the | Example: CWT or CCS can be identified by a key identifier using the | |||
'kid' parameter, see Section 3.1 of [RFC9052]: | 'kid' parameter; see Section 3.1 of [RFC9052]: | |||
* ID_CRED_x = { 4 : kid_x }, where kid_x : kid, for x = I or R. | * ID_CRED_x = { 4 : kid_x }, where kid_x : kid, for x = I or R | |||
Note that COSE header parameters in ID_CRED_x are used to identify | Note that COSE header parameters in ID_CRED_x are used to identify | |||
the message sender's credential. There is therefore no reason to use | the message sender's credential. Therefore, there is no reason to | |||
the "-sender" header parameters, such as x5t-sender, defined in | use the "-sender" header parameters, such as x5t-sender, defined in | |||
Section 3 of [RFC9360]. Instead, the corresponding parameter without | Section 3 of [RFC9360]. Instead, the corresponding parameter without | |||
"-sender", such as x5t, SHOULD be used. | "-sender", such as x5t, SHOULD be used. | |||
As stated in Section 3.1 of [RFC9052], applications MUST NOT assume | As stated in Section 3.1 of [RFC9052], applications MUST NOT assume | |||
that 'kid' values are unique and several keys associated with a 'kid' | that 'kid' values are unique and several keys associated with a 'kid' | |||
may need to be checked before the correct one is found. Applications | may need to be checked before the correct one is found. Applications | |||
might use additional information such as 'kid context' or lower | might use additional information such as 'kid context' or lower | |||
layers to determine which key to try first. Applications should | layers to determine which key to try first. Applications should | |||
strive to make ID_CRED_x as unique as possible, since the recipient | strive to make ID_CRED_x as unique as possible, since the recipient | |||
may otherwise have to try several keys. | may otherwise have to try several keys. | |||
See Appendix C.3 for more examples. | See Appendix C.3 for more examples. | |||
3.5.3.1. COSE Header Parameters for CWT and CWT Claims Set | 3.5.3.1. COSE Header Parameters for CWT and CWT Claims Set | |||
This document registers two new COSE header parameters 'kcwt' and | This document registers two new COSE header parameters, 'kcwt' and | |||
'kccs' for use with CBOR Web Token (CWT, [RFC8392]) and CWT Claims | 'kccs', for use with CBOR Web Token (CWT) [RFC8392] and CWT Claims | |||
Set (CCS, [RFC8392]), respectively. The CWT/CCS MUST contain a | Set (CCS) [RFC8392], respectively. The CWT/CCS MUST contain a | |||
COSE_Key in a 'cnf' claim [RFC8747]. There may be any number of | COSE_Key in a 'cnf' claim [RFC8747]. There may be any number of | |||
additional claims present in the CWT/CCS. | additional claims present in the CWT/CCS. | |||
CWTs sent in 'kcwt' are protected using a MAC or a signature and are | CWTs sent in 'kcwt' are protected using a MAC or a signature and are | |||
similar to a certificate (when with public key cryptography) or a | similar to a certificate (when used with public key cryptography) or | |||
Kerberos ticket (when used with symmetric key cryptography). CCSs | a Kerberos ticket (when used with symmetric key cryptography). CCSs | |||
sent in 'kccs' are not protected and are therefore similar to raw | sent in 'kccs' are not protected and are therefore similar to raw | |||
public keys or self-signed certificates. | public keys or self-signed certificates. | |||
Security considerations for 'kcwt' and 'kccs' are made in | Security considerations for 'kcwt' and 'kccs' are made in | |||
Section 9.8. | Section 9.8. | |||
3.5.3.2. Compact Encoding of ID_CRED Fields for 'kid' | 3.5.3.2. Compact Encoding of ID_CRED Fields for 'kid' | |||
To comply with the LAKE message size requirements, see | To comply with the Lightweight Authenticated Key Exchange (LAKE) | |||
[I-D.ietf-lake-reqs], two optimizations are made for the case when | message size requirements (see [LAKE-REQS]), two optimizations are | |||
ID_CRED_x, for x = I or R, contains a single 'kid' parameter. | made for the case when ID_CRED_x, for x = I or R, contains a single | |||
'kid' parameter. | ||||
1. The CBOR map { 4 : kid_x } is replaced by the byte string kid_x. | 1. The CBOR map { 4 : kid_x } is replaced by the byte string kid_x. | |||
2. The representation of identifiers specified in Section 3.3.2 is | 2. The representation of identifiers specified in Section 3.3.2 is | |||
applied to kid_x. | applied to kid_x. | |||
These optimizations MUST be applied if and only if ID_CRED_x = { 4 : | These optimizations MUST be applied if and only if ID_CRED_x = { 4 : | |||
kid_x } and ID_CRED_x in PLAINTEXT_y of message_y, y = 2 or 3, see | kid_x } and ID_CRED_x in PLAINTEXT_y of message_y, y = 2 or 3; see | |||
Section 5.3.2 and Section 5.4.2. Note that these optimizations are | Sections 5.3.2 and 5.4.2. Note that these optimizations are not | |||
not applied to instances of ID_CRED_x which have no impact on message | applied to instances of ID_CRED_x that have no impact on message | |||
size, e.g., context_y, or the COSE protected header. Examples: | size, e.g., context_y, or the COSE protected header. For example: | |||
* For ID_CRED_x = { 4 : h'FF' }, the encoding in PLAINTEXT_y is not | * For ID_CRED_x = { 4 : h'FF' }, the encoding in PLAINTEXT_y is not | |||
the CBOR map 0xA10441FF but the CBOR byte string h'FF', i.e., | the CBOR map 0xA10441FF but the CBOR byte string h'FF', i.e., | |||
0x41FF. | 0x41FF. | |||
* For ID_CRED_x = { 4 : h'21' }, the encoding in PLAINTEXT_y is | * For ID_CRED_x = { 4 : h'21' }, the encoding in PLAINTEXT_y is | |||
neither the CBOR map 0xA1044121, nor the CBOR byte string h'21', | neither the CBOR map 0xA1044121 nor the CBOR byte string h'21', | |||
i.e., 0x4121, but the CBOR integer 0x21. | i.e., 0x4121, but the CBOR integer 0x21. | |||
3.6. Cipher Suites | 3.6. Cipher Suites | |||
An EDHOC cipher suite consists of an ordered set of algorithms from | An EDHOC cipher suite consists of an ordered set of algorithms from | |||
the "COSE Algorithms" and "COSE Elliptic Curves" registries as well | the "COSE Algorithms" and "COSE Elliptic Curves" registries as well | |||
as the EDHOC MAC length. All algorithm names and definitions follow | as the EDHOC MAC length. All algorithm names and definitions follow | |||
from COSE algorithms [RFC9053]. Note that COSE sometimes uses | COSE Algorithms [RFC9053]. Note that COSE sometimes uses peculiar | |||
peculiar names such as ES256 for ECDSA with SHA-256, A128 for AES- | names such as ES256 for Elliptic Curve Digital Signature Algorithm | |||
128, and Ed25519 for the curve edwards25519. Algorithms need to be | (ECDSA) with SHA-256, A128 for AES-128, and Ed25519 for the curve | |||
specified with enough parameters to make them completely determined. | edwards25519. Algorithms need to be specified with enough parameters | |||
The EDHOC MAC length MUST be at least 8 bytes. Any cryptographic | to make them completely determined. The EDHOC MAC length MUST be at | |||
algorithm used in the COSE header parameters in ID_CRED fields is | least 8 bytes. Any cryptographic algorithm used in the COSE header | |||
selected independently of the selected cipher suite. EDHOC is | parameters in ID_CRED fields is selected independently of the | |||
currently only specified for use with key exchange algorithms of type | selected cipher suite. EDHOC is currently only specified for use | |||
ECDH curves, but any Key Encapsulation Method (KEM), including Post- | with key exchange algorithms of type ECDH curves, but any Key | |||
Quantum Cryptography (PQC) KEMs, can be used in method 0, see | Encapsulation Mechanism (KEM), including Post-Quantum Cryptography | |||
Section 9.4. Use of other types of key exchange algorithms to | (PQC) KEMs, can be used in method 0; see Section 9.4. Use of other | |||
replace static DH authentication (method 1,2,3) would likely require | types of key exchange algorithms to replace static DH authentication | |||
a specification updating EDHOC with new methods. | (methods 1, 2, and 3) would likely require a specification updating | |||
EDHOC with new methods. | ||||
EDHOC supports all signature algorithms defined by COSE. Just like | EDHOC supports all signature algorithms defined by COSE. Just like | |||
in (D)TLS 1.3 [RFC8446][RFC9147] and IKEv2 [RFC7296], a signature in | in (D)TLS 1.3 [RFC8446] [RFC9147] and IKEv2 [RFC7296], a signature in | |||
COSE is determined by the signature algorithm and the authentication | COSE is determined by the signature algorithm and the authentication | |||
key algorithm together, see Section 3.5.1. The exact details of the | key algorithm together; see Section 3.5.1. The exact details of the | |||
authentication key algorithm depend on the type of authentication | authentication key algorithm depend on the type of authentication | |||
credential. COSE supports different formats for storing the public | credential. COSE supports different formats for storing the public | |||
authentication keys including COSE_Key and X.509, which use different | authentication keys including COSE_Key and X.509, which use different | |||
names and ways to represent the authentication key and the | names and ways to represent the authentication key and the | |||
authentication key algorithm. | authentication key algorithm. | |||
An EDHOC cipher suite consists of the following parameters: | An EDHOC cipher suite consists of the following parameters: | |||
* EDHOC AEAD algorithm | * EDHOC AEAD algorithm, | |||
* EDHOC hash algorithm | * EDHOC hash algorithm, | |||
* EDHOC MAC length in bytes (Static DH) | * EDHOC MAC length in bytes (Static DH), | |||
* EDHOC key exchange algorithm (ECDH curve) | * EDHOC key exchange algorithm (ECDH curve), | |||
* EDHOC signature algorithm | * EDHOC signature algorithm, | |||
* Application AEAD algorithm | * application AEAD algorithm, and | |||
* Application hash algorithm | * application hash algorithm. | |||
Each cipher suite is identified with a pre-defined integer label. | Each cipher suite is identified with a predefined integer label. | |||
EDHOC can be used with all algorithms and curves defined for COSE. | EDHOC can be used with all algorithms and curves defined for COSE. | |||
Implementations can either use any combination of COSE algorithms and | Implementations can either use any combination of COSE algorithms and | |||
parameters to define their own private cipher suite, or use one of | parameters to define their own private cipher suite or use one of the | |||
the pre-defined cipher suites. Private cipher suites can be | predefined cipher suites. Private cipher suites can be identified | |||
identified with any of the four values -24, -23, -22, -21. The pre- | with any of the four values: -24, -23, -22, and -21. The predefined | |||
defined cipher suites are listed in the IANA registry (Section 10.2) | cipher suites are listed in the IANA registry (Section 10.2) with the | |||
with initial content outlined here: | initial content outlined here: | |||
* Cipher suites 0-3, based on AES-CCM, are intended for constrained | * Cipher suites 0-3, based on AES-CCM, are intended for constrained | |||
IoT where message overhead is a very important factor. Note that | IoT where a message overhead is a very important factor. Note | |||
AES-CCM-16-64-128 and AES-CCM-16-128-128 are compatible with the | that AES-CCM-16-64-128 and AES-CCM-16-128-128 are compatible with | |||
IEEE CCM* mode. | the IEEE Counter with CBC-MAC (CCM)* mode. | |||
- Cipher suites 1 and 3 use a larger tag length (128-bit) in | - Cipher suites 1 and 3 use a larger tag length (128 bits) in | |||
EDHOC than in the Application AEAD algorithm (64-bit). | EDHOC than in the application AEAD algorithm (64 bits). | |||
* Cipher suites 4 and 5, based on ChaCha20, are intended for less | * Cipher suites 4 and 5, based on ChaCha20, are intended for less | |||
constrained applications and only use 128-bit tag lengths. | constrained applications and only use 128-bit tag lengths. | |||
* Cipher suite 6, based on AES-GCM, is for general non-constrained | * Cipher suite 6, based on AES-GCM, is for general non-constrained | |||
applications. It consists of high performance algorithms that are | applications. It consists of high-performance algorithms that are | |||
widely used in non-constrained applications. | widely used in non-constrained applications. | |||
* Cipher suites 24 and 25 are intended for high security | * Cipher suites 24 and 25 are intended for high security | |||
applications such as government use and financial applications. | applications such as government use and financial applications. | |||
These cipher suites do not share any algorithms. Cipher suite 24 | These cipher suites do not share any algorithms. Cipher suite 24 | |||
consists of algorithms from the CNSA 1.0 suite [CNSA]. | consists of algorithms from the Commercial National Security | |||
Algorithm (CNSA) 1.0 suite [CNSA]. | ||||
The different methods (Section 3.2) use the same cipher suites, but | The different methods (Section 3.2) use the same cipher suites, but | |||
some algorithms are not used in some methods. The EDHOC signature | some algorithms are not used in some methods. The EDHOC signature | |||
algorithm is not used in methods without signature authentication. | algorithm is not used in methods without signature authentication. | |||
The Initiator needs to have a list of cipher suites it supports in | The Initiator needs to have a list of cipher suites it supports in | |||
order of preference. The Responder needs to have a list of cipher | order of preference. The Responder needs to have a list of cipher | |||
suites it supports. SUITES_I contains cipher suites supported by the | suites it supports. SUITES_I contains cipher suites supported by the | |||
Initiator, formatted and processed as detailed in Section 5.2.1 to | Initiator and formatted and processed as detailed in Section 5.2.1 to | |||
secure the cipher suite negotiation. Examples of cipher suite | secure the cipher suite negotiation. Examples of cipher suite | |||
negotiation are given in Section 6.3.2. | negotiation are given in Section 6.3.2. | |||
3.7. Ephemeral Public Keys | 3.7. Ephemeral Public Keys | |||
The ephemeral public keys in EDHOC (G_X and G_Y) use compact | The ephemeral public keys in EDHOC (G_X and G_Y) use compact | |||
representation of elliptic curve points, see Appendix B. In COSE, | representation of elliptic curve points; see Appendix B. In COSE, | |||
compact representation is achieved by formatting the ECDH ephemeral | compact representation is achieved by formatting the ECDH ephemeral | |||
public keys as COSE_Keys of type EC2 or OKP according to Sections 7.1 | public keys as COSE_Keys of type EC2 or Octet Key Pair (OKP) | |||
and 7.2 of [RFC9053], but only including the 'x' parameter in G_X and | according to Sections 7.1 and 7.2 of [RFC9053] but only including the | |||
G_Y. For Elliptic Curve Keys of type EC2, compact representation MAY | 'x' parameter in G_X and G_Y. For Elliptic Curve Keys of type EC2, | |||
be used also in the COSE_Key. COSE always uses compact output for | compact representation MAY be used also in the COSE_Key. COSE always | |||
Elliptic Curve Keys of type EC2. If the COSE implementation requires | uses compact output for Elliptic Curve Keys of type EC2. If the COSE | |||
a 'y' parameter, the value y = false or a calculated y-coordinate can | implementation requires a 'y' parameter, the value y = false or a | |||
be used, see Appendix B. | calculated y-coordinate can be used; see Appendix B. | |||
3.8. External Authorization Data (EAD) | 3.8. External Authorization Data (EAD) | |||
In order to reduce round trips and the number of messages, or to | In order to reduce round trips and the number of messages or to | |||
simplify processing, external security applications may be integrated | simplify processing, external security applications may be integrated | |||
into EDHOC by transporting authorization related data in the | into EDHOC by transporting authorization-related data in the | |||
messages. | messages. | |||
EDHOC allows processing of external authorization data (EAD) to be | EDHOC allows processing of external authorization data (EAD) to be | |||
defined in a separate specification, and sent in dedicated fields of | defined in a separate specification and sent in dedicated fields of | |||
the four EDHOC messages (EAD_1, EAD_2, EAD_3, EAD_4). EAD is opaque | the four EDHOC messages: EAD_1, EAD_2, EAD_3, and EAD_4. EAD is | |||
data to EDHOC. | opaque data to EDHOC. | |||
Each EAD field, EAD_x for x = 1, 2, 3 or 4, is a CBOR sequence (see | Each EAD field, EAD_x, for x = 1, 2, 3, or 4, is a CBOR sequence (see | |||
Appendix C.1) consisting of one or more EAD items. An EAD item ead | Appendix C.1) consisting of one or more EAD items. EAD item ead is a | |||
is a CBOR sequence of an ead_label and an optional ead_value, see | CBOR sequence of an ead_label and an optional ead_value; see Figure 5 | |||
Figure 7 and Appendix C.2 for the CDDL definitions. | and Appendix C.2 for the CDDL definitions. | |||
ead = ( | ead = ( | |||
ead_label : int, | ead_label : int, | |||
? ead_value : bstr, | ? ead_value : bstr, | |||
) | ) | |||
Figure 7: EAD item. | Figure 5: EAD Item | |||
A security application may register one or more EAD labels, see | A security application may register one or more EAD labels (see | |||
Section 10.5, and specify the associated processing and security | Section 10.5) and specify the associated processing and security | |||
considerations. The IANA registry contains the absolute value of the | considerations. The IANA registry contains the absolute value of the | |||
ead_label, |ead_label|; the same ead_value applies independently of | ead_label, |ead_label|; the same ead_value applies independently of | |||
sign of ead_label. | the sign of the ead_label. | |||
An EAD item can be either critical or non-critical, determined by the | An EAD item can be either critical or non-critical, determined by the | |||
sign of the ead_label in the EAD item transported in the EAD field. | sign of the ead_label in the EAD item transported in the EAD field. | |||
A negative value indicates that the EAD item is critical and a non- | A negative value indicates that the EAD item is critical, and a | |||
negative value indicates that the EAD item is non-critical. | nonnegative value indicates that the EAD item is non-critical. | |||
If an endpoint receives a critical EAD item it does not recognize, or | If an endpoint receives a critical EAD item it does not recognize or | |||
a critical EAD item that contains information that it cannot process, | a critical EAD item that contains information that it cannot process, | |||
then the endpoint MUST send an EDHOC error message back as defined in | then the endpoint MUST send an EDHOC error message back as defined in | |||
Section 6, and the EDHOC session MUST be aborted. The EAD item | Section 6, and the EDHOC session MUST be aborted. The EAD item | |||
specification defines the error processing. A non-critical EAD item | specification defines the error processing. A non-critical EAD item | |||
can be ignored. | can be ignored. | |||
The security application registering a new EAD item needs to describe | The security application registering a new EAD item needs to describe | |||
under what conditions the EAD item is critical or non-critical, and | under what conditions the EAD item is critical or non-critical, and | |||
thus whether the ead_label is used with negative or positive sign. | thus whether the ead_label is used with a negative or positive sign. | |||
ead_label = 0 is used for padding, see Section 3.8.1. | ead_label = 0 is used for padding; see Section 3.8.1. | |||
The security application may define multiple uses of certain EAD | The security application may define multiple uses of certain EAD | |||
items, e.g., the same EAD item may be used in different EDHOC | items, e.g., the same EAD item may be used in different EDHOC | |||
messages. Multiple occurrences of an EAD item in one EAD field may | messages. Multiple occurrences of an EAD item in one EAD field may | |||
also be specified, but the criticality of the repeated EAD item is | also be specified, but the criticality of the repeated EAD item is | |||
expected to be the same. | expected to be the same. | |||
The EAD fields of EDHOC MUST only be used with registered EAD items, | The EAD fields of EDHOC MUST only be used with registered EAD items; | |||
see Section 10.5. Examples of the use of EAD are provided in | see Section 10.5. Examples of the use of EAD are provided in | |||
Appendix E. | Appendix E. | |||
3.8.1. Padding | 3.8.1. Padding | |||
EDHOC message_1 and the plaintext of message_2, message_3 and | EDHOC message_1 and the plaintext of message_2, message_3, and | |||
message_4 can be padded with the use of the corresponding EAD_x | message_4 can be padded with the use of the corresponding EAD_x | |||
field, for x = 1, 2, 3, 4. Padding in EAD_1 mitigates amplification | field, for x = 1, 2, 3, or 4. Padding in EAD_1 mitigates | |||
attacks (see Section 9.7), and padding in EAD_2, EAD_3, and EAD_4 | amplification attacks (see Section 9.7), and padding in EAD_2, EAD_3, | |||
hides the true length of the plaintext (see Section 9.6). Padding | and EAD_4 hides the true length of the plaintext (see Section 9.6). | |||
MUST be ignored and discarded by the receiving application. | Padding MUST be ignored and discarded by the receiving application. | |||
Padding is obtained by using an EAD item with ead_label = 0 and a | Padding is obtained by using an EAD item with ead_label = 0 and a | |||
(pseudo-)randomly generated byte string of appropriate length as | (pseudo)randomly generated byte string of appropriate length as | |||
ead_value, noting that the ead_label and the CBOR encoding of | ead_value, noting that the ead_label and the CBOR encoding of | |||
ead_value also add bytes. Examples: | ead_value also add bytes. For example: | |||
* One byte padding (optional ead_value omitted): | * One-byte padding (optional ead_value omitted): | |||
- EAD_x = 0x00 | EAD_x = 0x00 | |||
* Two bytes padding, using the empty byte string (0x40) as | * Two-byte padding, using the empty byte string (0x40) as ead_value: | |||
ead_value: | ||||
- EAD_x = 0x0040 | EAD_x = 0x0040 | |||
* Three bytes padding, constructed from the pseudorandomly generated | * Three-byte padding, constructed from the pseudorandomly generated | |||
ead_value 0xe9 encoded as byte string: | ead_value 0xe9 encoded as byte string: | |||
- EAD_x = 0x0041e9 | EAD_x = 0x0041e9 | |||
Multiple occurrences of EAD items with ead_label = 0 are allowed. | Multiple occurrences of EAD items with ead_label = 0 are allowed. | |||
Certain padding lengths require the use of at least two such EAD | Certain padding lengths require the use of at least two such EAD | |||
items. | items. | |||
Note that padding is non-critical because the intended behaviour when | Note that padding is non-critical because the intended behavior when | |||
receiving is to ignore it. | receiving is to ignore it. | |||
3.9. Application Profile | 3.9. Application Profile | |||
EDHOC requires certain parameters to be agreed upon between Initiator | EDHOC requires certain parameters to be agreed upon between the | |||
and Responder. Some parameters can be negotiated through the | Initiator and Responder. Some parameters can be negotiated through | |||
protocol execution (specifically, cipher suite, see Section 3.6) but | the protocol execution (specifically, cipher suite; see Section 3.6), | |||
other parameters are only communicated and may not be negotiated | but other parameters are only communicated and may not be negotiated | |||
(e.g., which authentication method is used, see Section 3.2). Yet | (e.g., which authentication method is used; see Section 3.2). Yet, | |||
other parameters need to be known out-of-band to ensure successful | other parameters need to be known out-of-band to ensure successful | |||
completion, e.g., whether message_4 is used or not. The application | completion, e.g., whether message_4 is used or not. The application | |||
decides which endpoint is Initiator and which is Responder. | decides which endpoint is the Initiator and which is the Responder. | |||
The purpose of an application profile is to describe the intended use | The purpose of an application profile is to describe the intended use | |||
of EDHOC to allow for the relevant processing and verifications to be | of EDHOC to allow for the relevant processing and verifications to be | |||
made, including things like: | made, including things like the following: | |||
1. How the endpoint detects that an EDHOC message is received. This | 1. How the endpoint detects that an EDHOC message is received. This | |||
includes how EDHOC messages are transported, for example in the | includes how EDHOC messages are transported, for example, in the | |||
payload of a CoAP message with a certain Uri-Path or Content- | payload of a CoAP message with a certain Uri-Path or Content- | |||
Format; see Appendix A.2. | Format; see Appendix A.2. | |||
* The method of transporting EDHOC messages may also describe | The method of transporting EDHOC messages may also describe data | |||
data carried along with the messages that are needed for the | carried along with the messages that are needed for the transport | |||
transport to satisfy the requirements of Section 3.4, e.g., | to satisfy the requirements of Section 3.4, e.g., connection | |||
connection identifiers used with certain messages, see | identifiers used with certain messages; see Appendix A.2. | |||
Appendix A.2. | ||||
2. Authentication method (METHOD; see Section 3.2). | 2. Authentication method (METHOD; see Section 3.2). | |||
3. Profile for authentication credentials (CRED_I, CRED_R; see | 3. Profile for authentication credentials (CRED_I and CRED_R; see | |||
Section 3.5.2), e.g., profile for certificate or CCS, including | Section 3.5.2), e.g., profile for certificate or CCS, including | |||
supported authentication key algorithms (subject public key | supported authentication key algorithms (subject public key | |||
algorithm in X.509 or C509 certificate). | algorithm in X.509 or C509 certificate). | |||
4. Type used to identify credentials (ID_CRED_I, ID_CRED_R; see | 4. Type used to identify credentials (ID_CRED_I and ID_CRED_R; see | |||
Section 3.5.3). | Section 3.5.3). | |||
5. Use and type of external authorization data (EAD_1, EAD_2, EAD_3, | 5. Use and type of external authorization data (EAD_1, EAD_2, EAD_3, | |||
EAD_4; see Section 3.8). | and EAD_4; see Section 3.8). | |||
6. Identifier used as the identity of the endpoint; see | 6. Identifier used as the identity of the endpoint; see | |||
Appendix D.2. | Appendix D.2. | |||
7. If message_4 shall be sent/expected, and if not, how to ensure a | 7. If message_4 shall be sent/expected, and if not, how to ensure a | |||
protected application message is sent from the Responder to the | protected application message is sent from the Responder to the | |||
Initiator; see Section 5.5. | Initiator; see Section 5.5. | |||
The application profile may also contain information about supported | The application profile may also contain information about supported | |||
cipher suites. The procedure for selecting and verifying a cipher | cipher suites. The procedure for selecting and verifying a cipher | |||
suite is still performed as described in Section 5.2.1 and | suite is still performed as described in Sections 5.2.1 and 6.3, but | |||
Section 6.3, but it may become simplified by this knowledge. EDHOC | it may become simplified by this knowledge. EDHOC messages can be | |||
messages can be processed without the application profile, i.e., the | processed without the application profile, i.e., the EDHOC messages | |||
EDHOC messages includes information about the type and length of all | include information about the type and length of all fields. | |||
fields. | ||||
An example of an application profile is shown in Appendix F. | An example of an application profile is shown in Appendix F. | |||
For some parameters, like METHOD, type of ID_CRED field or EAD, the | For some parameters, like METHOD, the type of the ID_CRED field, or | |||
receiver of an EDHOC message is able to verify compliance with the | EAD, the receiver of an EDHOC message is able to verify compliance | |||
application profile, and if it needs to fail because of lack of | with the application profile and, if it needs to fail because of the | |||
compliance, to infer the reason why the EDHOC session failed. | lack of compliance, to infer the reason why the EDHOC session failed. | |||
For other encodings, like the profiling of CRED_x in the case that it | For other encodings, like the profiling of CRED_x in the case that it | |||
is not transported, it may not be possible to verify that lack of | is not transported, it may not be possible to verify that the lack of | |||
compliance with the application profile was the reason for failure: | compliance with the application profile was the reason for failure, | |||
Integrity verification in message_2 or message_3 may fail not only | i.e., integrity verification in message_2 or message_3 may fail not | |||
because of a wrong credential. For example, in case the Initiator | only because of a wrong credential. For example, in case the | |||
uses a public key certificate by reference (i.e., not transported | Initiator uses a public key certificate by reference (i.e., not | |||
within the protocol) then both endpoints need to use an identical | transported within the protocol), then both endpoints need to use an | |||
data structure as CRED_I or else the integrity verification will | identical data structure as CRED_I or else the integrity verification | |||
fail. | will fail. | |||
Note that it is not necessary for the endpoints to specify a single | Note that it is not necessary for the endpoints to specify a single | |||
transport for the EDHOC messages. For example, a mix of CoAP and | transport for the EDHOC messages. For example, a mix of CoAP and | |||
HTTP may be used along the path, and this may still allow correlation | HTTP may be used along the path, and this may still allow correlation | |||
between messages. | between messages. | |||
The application profile may be dependent on the identity of the other | The application profile may be dependent on the identity of the other | |||
endpoint, or other information carried in an EDHOC message, but it | endpoint or other information carried in an EDHOC message, but it | |||
then applies only to the later phases of the protocol when such | then applies only to the later phases of the protocol when such | |||
information is known. (The Initiator does not know the identity of | information is known. (The Initiator does not know the identity of | |||
the Responder before having verified message_2, and the Responder | the Responder before having verified message_2, and the Responder | |||
does not know the identity of the Initiator before having verified | does not know the identity of the Initiator before having verified | |||
message_3.) | message_3.) | |||
Other conditions may be part of the application profile, such as what | Other conditions may be part of the application profile, such as what | |||
is the target application or use (if there is more than one | is the target application or use (if there is more than one | |||
application/use) to the extent that EDHOC can distinguish between | application/use) to the extent that EDHOC can distinguish between | |||
them. In case multiple application profiles are used, the receiver | them. In case multiple application profiles are used, the receiver | |||
needs to be able to determine which is applicable for a given EDHOC | needs to be able to determine which is applicable for a given EDHOC | |||
session, for example based on URI to which the EDHOC message is sent, | session, for example, based on the URI to which the EDHOC message is | |||
or external authorization data type. | sent, or external authorization data type. | |||
4. Key Derivation | 4. Key Derivation | |||
4.1. Keys for EDHOC Message Processing | 4.1. Keys for EDHOC Message Processing | |||
EDHOC uses Extract-and-Expand [RFC5869] with the EDHOC hash algorithm | EDHOC uses Extract-and-Expand [RFC5869] with the EDHOC hash algorithm | |||
in the selected cipher suite to derive keys used in message | in the selected cipher suite to derive keys used in message | |||
processing. This section defines EDHOC_Extract (Section 4.1.1) and | processing. This section defines EDHOC_Extract (Section 4.1.1) and | |||
EDHOC_Expand (Section 4.1.2), and how to use them to derive PRK_out | EDHOC_Expand (Section 4.1.2) and how to use them to derive PRK_out | |||
(Section 4.1.3) which is the shared secret session key resulting from | (Section 4.1.3), which is the shared secret session key resulting | |||
a completed EDHOC session. | from a completed EDHOC session. | |||
EDHOC_Extract is used to derive fixed-length uniformly pseudorandom | EDHOC_Extract is used to derive fixed-length uniformly pseudorandom | |||
keys (PRK) from ECDH shared secrets. EDHOC_Expand is used to define | keys (PRKs) from ECDH shared secrets. EDHOC_Expand is used to define | |||
EDHOC_KDF for generating MACs and for deriving output keying material | EDHOC_KDF for generating MACs and for deriving output keying material | |||
(OKM) from PRKs. | (OKM) from PRKs. | |||
In EDHOC a specific message is protected with a certain pseudorandom | In EDHOC, a specific message is protected with a certain PRK, but how | |||
key, but how the key is derived depends on the authentication method | the key is derived depends on the authentication method | |||
(Section 3.2) as detailed in Section 5. | (Section 3.2), as detailed in Section 5. | |||
4.1.1. EDHOC_Extract | 4.1.1. EDHOC_Extract | |||
The pseudorandom keys (PRKs) used for EDHOC message processing are | The pseudorandom keys (PRKs) used for EDHOC message processing are | |||
derived using EDHOC_Extract: | derived using EDHOC_Extract: | |||
PRK = EDHOC_Extract( salt, IKM ) | PRK = EDHOC_Extract( salt, IKM ) | |||
where the input keying material (IKM) and salt are defined for each | where the input keying material (IKM) and salt are defined for each | |||
PRK below. | PRK below. | |||
The definition of EDHOC_Extract depends on the EDHOC hash algorithm | The definition of EDHOC_Extract depends on the EDHOC hash algorithm | |||
of the selected cipher suite: | of the selected cipher suite: | |||
* if the EDHOC hash algorithm is SHA-2, then EDHOC_Extract( salt, | * If the EDHOC hash algorithm is SHA-2, then EDHOC_Extract( salt, | |||
IKM ) = HKDF-Extract( salt, IKM ) [RFC5869] | IKM ) = HKDF-Extract( salt, IKM ) [RFC5869]. | |||
* if the EDHOC hash algorithm is SHAKE128, then EDHOC_Extract( salt, | * If the EDHOC hash algorithm is SHAKE128, then EDHOC_Extract( salt, | |||
IKM ) = KMAC128( salt, IKM, 256, "" ) | IKM ) = KMAC128( salt, IKM, 256, "" ). | |||
* if the EDHOC hash algorithm is SHAKE256, then EDHOC_Extract( salt, | * If the EDHOC hash algorithm is SHAKE256, then EDHOC_Extract( salt, | |||
IKM ) = KMAC256( salt, IKM, 512, "" ) | IKM ) = KMAC256( salt, IKM, 512, "" ). | |||
where the Keccak message authentication code (KMAC) is specified in | where the Keccak Message Authentication Code (KMAC) is specified in | |||
[SP800-185]. | [SP800-185]. | |||
The rest of the section defines the pseudorandom keys PRK_2e, | The rest of the section defines the pseudorandom keys PRK_2e, | |||
PRK_3e2m and PRK_4e3m; their use is shown in Figure 8. The index of | PRK_3e2m, and PRK_4e3m; their use is shown in Figure 6. The index of | |||
a PRK indicates its use or in what message protection operation it is | a PRK indicates its use or in what message protection operation it is | |||
involved. For example, PRK_3e2m is involved in the encryption of | involved. For example, PRK_3e2m is involved in the encryption of | |||
message 3 and in calculating the MAC of message 2. | message 3 and in calculating the MAC of message 2. | |||
4.1.1.1. PRK_2e | 4.1.1.1. PRK_2e | |||
The pseudorandom key PRK_2e is derived with the following input: | The pseudorandom key PRK_2e is derived with the following input: | |||
* The salt SHALL be TH_2. | * The salt SHALL be TH_2. | |||
* The IKM SHALL be the ephemeral-ephemeral ECDH shared secret G_XY | * The IKM SHALL be the ephemeral-ephemeral ECDH shared secret G_XY | |||
(calculated from G_X and Y or G_Y and X) as defined in | (calculated from G_X and Y or G_Y and X) as defined in | |||
Section 6.3.1 of [RFC9053]. The use of G_XY gives forward | Section 6.3.1 of [RFC9053]. The use of G_XY gives forward secrecy | |||
secrecy, in the sense that compromise of the private | in the sense that compromise of the private authentication keys | |||
authentication keys does not compromise past session keys. | does not compromise past session keys. | |||
Example: Assuming the use of curve25519, the ECDH shared secret G_XY | Example: Assuming the use of curve25519, the ECDH shared secret G_XY | |||
is the output of the X25519 function [RFC7748]: | is the output of the X25519 function [RFC7748]: | |||
G_XY = X25519( Y, G_X ) = X25519( X, G_Y ) | G_XY = X25519( Y, G_X ) = X25519( X, G_Y ) | |||
Example: Assuming the use of SHA-256 the extract phase of HKDF | Example: Assuming the use of SHA-256, the extract phase of the Key | |||
produces PRK_2e as follows: | Derivation Function (HKDF) produces PRK_2e as follows: | |||
PRK_2e = HMAC-SHA-256( TH_2, G_XY ) | PRK_2e = HMAC-SHA-256( TH_2, G_XY ) | |||
4.1.1.2. PRK_3e2m | 4.1.1.2. PRK_3e2m | |||
The pseudorandom key PRK_3e2m is derived as follows: | The pseudorandom key PRK_3e2m is derived as follows: | |||
If the Responder authenticates with a static Diffie-Hellman key, then | If the Responder authenticates with a static Diffie-Hellman key, then | |||
PRK_3e2m = EDHOC_Extract( SALT_3e2m, G_RX ), where | PRK_3e2m = EDHOC_Extract( SALT_3e2m, G_RX ), where | |||
* SALT_3e2m is derived from PRK_2e, see Section 4.1.2, and | * SALT_3e2m is derived from PRK_2e (see Section 4.1.2) and | |||
* G_RX is the ECDH shared secret calculated from G_R and X, or G_X | * G_RX is the ECDH shared secret calculated from G_R and X, or G_X | |||
and R (the Responder's private authentication key, see | and R (the Responder's private authentication key; see | |||
Section 3.5.1), | Section 3.5.1), | |||
else PRK_3e2m = PRK_2e. | else PRK_3e2m = PRK_2e. | |||
4.1.1.3. PRK_4e3m | 4.1.1.3. PRK_4e3m | |||
The pseudorandom key PRK_4e3m is derived as follows: | The pseudorandom key PRK_4e3m is derived as follows: | |||
If the Initiator authenticates with a static Diffie-Hellman key, then | If the Initiator authenticates with a static Diffie-Hellman key, then | |||
PRK_4e3m = EDHOC_Extract( SALT_4e3m, G_IY ), where | PRK_4e3m = EDHOC_Extract( SALT_4e3m, G_IY ), where | |||
* SALT_4e3m is derived from PRK_3e2m, see Section 4.1.2, and | * SALT_4e3m is derived from PRK_3e2m (see Section 4.1.2) and | |||
* G_IY is the ECDH shared secret calculated from G_I and Y, or G_Y | * G_IY is the ECDH shared secret calculated from G_I and Y, or G_Y | |||
and I (the Initiator's private authentication key, see | and I (the Initiator's private authentication key; see | |||
Section 3.5.1), | Section 3.5.1), | |||
else PRK_4e3m = PRK_3e2m. | else PRK_4e3m = PRK_3e2m. | |||
4.1.2. EDHOC_Expand and EDHOC_KDF | 4.1.2. EDHOC_Expand and EDHOC_KDF | |||
The output keying material (OKM) - including keys, IVs, and salts - | The output keying material (OKM) -- including keys, initialization | |||
are derived from the PRKs using the EDHOC_KDF, which is defined | vectors (IVs), and salts -- are derived from the PRKs using the | |||
through EDHOC_Expand: | EDHOC_KDF, which is defined through EDHOC_Expand: | |||
OKM = EDHOC_KDF( PRK, info_label, context, length ) | OKM = EDHOC_KDF( PRK, info_label, context, length ) | |||
= EDHOC_Expand( PRK, info, length ) | = EDHOC_Expand( PRK, info, length ) | |||
where info is encoded as the CBOR sequence | where info is encoded as the CBOR sequence: | |||
info = ( | info = ( | |||
info_label : int, | info_label : int, | |||
context : bstr, | context : bstr, | |||
length : uint, | length : uint, | |||
) | ) | |||
where | where: | |||
* info_label is an int | * info_label is an int, | |||
* context is a bstr | * context is a bstr, and | |||
* length is the length of OKM in bytes | * length is the length of OKM in bytes. | |||
When EDHOC_KDF is used to derive OKM for EDHOC message processing, | When EDHOC_KDF is used to derive OKM for EDHOC message processing, | |||
then context includes one of the transcript hashes TH_2, TH_3, or | then the context includes one of the transcript hashes, TH_2, TH_3, | |||
TH_4 defined in Sections 5.3.2 and 5.4.2. | or TH_4, defined in Sections 5.3.2 and 5.4.2. | |||
The definition of EDHOC_Expand depends on the EDHOC hash algorithm of | The definition of EDHOC_Expand depends on the EDHOC hash algorithm of | |||
the selected cipher suite: | the selected cipher suite: | |||
* if the EDHOC hash algorithm is SHA-2, then EDHOC_Expand( PRK, | * If the EDHOC hash algorithm is SHA-2, then EDHOC_Expand( PRK, | |||
info, length ) = HKDF-Expand( PRK, info, length ) [RFC5869] | info, length ) = HKDF-Expand( PRK, info, length ) [RFC5869]. | |||
* if the EDHOC hash algorithm is SHAKE128, then EDHOC_Expand( PRK, | * If the EDHOC hash algorithm is SHAKE128, then EDHOC_Expand( PRK, | |||
info, length ) = KMAC128( PRK, info, L, "" ) | info, length ) = KMAC128( PRK, info, L, "" ). | |||
* if the EDHOC hash algorithm is SHAKE256, then EDHOC_Expand( PRK, | * If the EDHOC hash algorithm is SHAKE256, then EDHOC_Expand( PRK, | |||
info, length ) = KMAC256( PRK, info, L, "" ) | info, length ) = KMAC256( PRK, info, L, "" ). | |||
where L = 8 ⋅ length, the output length in bits. | where L = 8 ⋅ length, the output length in bits. | |||
Figure 8 lists derivations made with EDHOC_KDF, where | Figure 6 lists derivations made with EDHOC_KDF, where: | |||
* hash_length - length of output size of the EDHOC hash algorithm of | * hash_length is the length of output size of the EDHOC hash | |||
the selected cipher suite | algorithm of the selected cipher suite, | |||
* key_length - length of the encryption key of the EDHOC AEAD | * key_length is the length of the encryption key of the EDHOC AEAD | |||
algorithm of the selected cipher suite | algorithm of the selected cipher suite, and | |||
* iv_length - length of the initialization vector of the EDHOC AEAD | * iv_length is the length of the initialization vector of the EDHOC | |||
algorithm of the selected cipher suite | AEAD algorithm of the selected cipher suite | |||
Further details of the key derivation and how the output keying | Further details of the key derivation and how the output keying | |||
material is used are specified in Section 5. | material is used are specified in Section 5. | |||
KEYSTREAM_2 = EDHOC_KDF( PRK_2e, 0, TH_2, plaintext_length ) | KEYSTREAM_2 = EDHOC_KDF( PRK_2e, 0, TH_2, plaintext_length ) | |||
SALT_3e2m = EDHOC_KDF( PRK_2e, 1, TH_2, hash_length ) | SALT_3e2m = EDHOC_KDF( PRK_2e, 1, TH_2, hash_length ) | |||
MAC_2 = EDHOC_KDF( PRK_3e2m, 2, context_2, mac_length_2 ) | MAC_2 = EDHOC_KDF( PRK_3e2m, 2, context_2, mac_length_2 ) | |||
K_3 = EDHOC_KDF( PRK_3e2m, 3, TH_3, key_length ) | K_3 = EDHOC_KDF( PRK_3e2m, 3, TH_3, key_length ) | |||
IV_3 = EDHOC_KDF( PRK_3e2m, 4, TH_3, iv_length ) | IV_3 = EDHOC_KDF( PRK_3e2m, 4, TH_3, iv_length ) | |||
SALT_4e3m = EDHOC_KDF( PRK_3e2m, 5, TH_3, hash_length ) | SALT_4e3m = EDHOC_KDF( PRK_3e2m, 5, TH_3, hash_length ) | |||
MAC_3 = EDHOC_KDF( PRK_4e3m, 6, context_3, mac_length_3 ) | MAC_3 = EDHOC_KDF( PRK_4e3m, 6, context_3, mac_length_3 ) | |||
PRK_out = EDHOC_KDF( PRK_4e3m, 7, TH_4, hash_length ) | PRK_out = EDHOC_KDF( PRK_4e3m, 7, TH_4, hash_length ) | |||
K_4 = EDHOC_KDF( PRK_4e3m, 8, TH_4, key_length ) | K_4 = EDHOC_KDF( PRK_4e3m, 8, TH_4, key_length ) | |||
IV_4 = EDHOC_KDF( PRK_4e3m, 9, TH_4, iv_length ) | IV_4 = EDHOC_KDF( PRK_4e3m, 9, TH_4, iv_length ) | |||
PRK_exporter = EDHOC_KDF( PRK_out, 10, h'', hash_length ) | PRK_exporter = EDHOC_KDF( PRK_out, 10, h'', hash_length ) | |||
Figure 8: Key derivations using EDHOC_KDF. h'' is CBOR diagnostic | Figure 6: Key Derivations Using EDHOC_KDF | |||
notation for the empty byte string, 0x40. | ||||
h'' is CBOR diagnostic notation for the empty byte string, 0x40. | ||||
4.1.3. PRK_out | 4.1.3. PRK_out | |||
The pseudorandom key PRK_out, derived as shown in Figure 8, is the | The pseudorandom key PRK_out, derived as shown in Figure 6, is the | |||
output session key of a completed EDHOC session. | output session key of a completed EDHOC session. | |||
Keys for applications are derived using EDHOC_Exporter (see | Keys for applications are derived using EDHOC_Exporter (see | |||
Section 4.2.1) from PRK_exporter, which in turn is derived from | Section 4.2.1) from PRK_exporter, which in turn is derived from | |||
PRK_out as shown in Figure 8. For the purpose of generating | PRK_out as shown in Figure 6. For the purpose of generating | |||
application keys, it is sufficient to store PRK_out or PRK_exporter. | application keys, it is sufficient to store PRK_out or PRK_exporter. | |||
(Note that the word "store" used here does not imply that the | (Note that the word "store" used here does not imply that the | |||
application has access to the plaintext PRK_out since that may be | application has access to the plaintext PRK_out since that may be | |||
reserved for code within a Trusted Execution Environment, see | reserved for code within a Trusted Execution Environment (TEE); see | |||
Section 9.8). | Section 9.8.) | |||
4.2. Keys for EDHOC Applications | 4.2. Keys for EDHOC Applications | |||
This section defines EDHOC_Exporter in terms of EDHOC_KDF and | This section defines EDHOC_Exporter in terms of EDHOC_KDF and | |||
PRK_exporter. A key update function is defined in Appendix H. | PRK_exporter. A key update function is defined in Appendix H. | |||
4.2.1. EDHOC_Exporter | 4.2.1. EDHOC_Exporter | |||
Keying material for the application can be derived using the | Keying material for the application can be derived using the | |||
EDHOC_Exporter interface defined as: | EDHOC_Exporter interface defined as: | |||
EDHOC_Exporter(exporter_label, context, length) | EDHOC_Exporter(exporter_label, context, length) | |||
= EDHOC_KDF(PRK_exporter, exporter_label, context, length) | = EDHOC_KDF(PRK_exporter, exporter_label, context, length) | |||
where | where: | |||
* exporter_label is a registered uint from the EDHOC_Exporter Label | * exporter_label is a registered uint from the "EDHOC Exporter | |||
registry (Section 10.1) | Labels" registry (Section 10.1), | |||
* context is a bstr defined by the application | * context is a bstr defined by the application, and | |||
* length is a uint defined by the application | * length is a uint defined by the application. | |||
The (exporter_label, context) pair used in EDHOC_Exporter must be | The (exporter_label, context) pair used in EDHOC_Exporter must be | |||
unique, i.e., an (exporter_label, context) MUST NOT be used for two | unique, i.e., an (exporter_label, context) MUST NOT be used for two | |||
different purposes. However, an application can re-derive the same | different purposes. However, an application can re-derive the same | |||
key several times as long as it is done securely. For example, in | key several times as long as it is done securely. For example, in | |||
most encryption algorithms the same key can be reused with different | most encryption algorithms, the same key can be reused with different | |||
nonces. The context can for example be the empty CBOR byte string. | nonces. The context can, for example, be the empty CBOR byte string. | |||
Examples of use of the EDHOC_Exporter are given in Appendix A. | Examples of use of the EDHOC_Exporter are given in Appendix A. | |||
5. Message Formatting and Processing | 5. Message Formatting and Processing | |||
This section specifies formatting of the messages and processing | This section specifies formatting of the messages and processing | |||
steps. Error messages are specified in Section 6. Annotated traces | steps. Error messages are specified in Section 6. Annotated traces | |||
of EDHOC sessions are provided in [I-D.ietf-lake-traces]. | of EDHOC sessions are provided in [RFC9529]. | |||
An EDHOC message is encoded as a sequence of CBOR data items (CBOR | An EDHOC message is encoded as a sequence of CBOR data items (CBOR | |||
Sequence, [RFC8742]). Additional optimizations are made to reduce | Sequence [RFC8742]). Additional optimizations are made to reduce | |||
message overhead. | message overhead. | |||
While EDHOC uses the COSE_Key, COSE_Sign1, and COSE_Encrypt0 | While EDHOC uses the COSE_Key, COSE_Sign1, and COSE_Encrypt0 | |||
structures, only a subset of the parameters is included in the EDHOC | structures, only a subset of the parameters is included in the EDHOC | |||
messages, see Appendix C.3. In order to recreate the COSE object, | messages; see Appendix C.3. In order to recreate the COSE object, | |||
the recipient endpoint may need to add parameters to the COSE headers | the recipient endpoint may need to add parameters to the COSE headers | |||
not included in the EDHOC message, for example the parameter 'alg' to | not included in the EDHOC message, for example, the parameter 'alg' | |||
COSE_Sign1 or COSE_Encrypt0. | to COSE_Sign1 or COSE_Encrypt0. | |||
5.1. EDHOC Message Processing Outline | 5.1. EDHOC Message Processing Outline | |||
For each new/ongoing EDHOC session, the endpoints are assumed to keep | For each new/ongoing EDHOC session, the endpoints are assumed to keep | |||
an associated protocol state containing identifiers, keying material, | an associated protocol state containing identifiers, keying material, | |||
etc. used for subsequent processing of protocol related data. The | etc. used for subsequent processing of protocol-related data. The | |||
protocol state is assumed to be associated with an application | protocol state is assumed to be associated with an application | |||
profile (Section 3.9) which provides the context for how messages are | profile (Section 3.9) that provides the context for how messages are | |||
transported, identified, and processed. | transported, identified, and processed. | |||
EDHOC messages SHALL be processed according to the current protocol | EDHOC messages SHALL be processed according to the current protocol | |||
state. The following steps are expected to be performed at reception | state. The following steps are expected to be performed at reception | |||
of an EDHOC message: | of an EDHOC message: | |||
1. Detect that an EDHOC message has been received, for example by | 1. Detect that an EDHOC message has been received, for example, by | |||
means of port number, URI, or media type (Section 3.9). | means of a port number, URI, or media type (Section 3.9). | |||
2. Retrieve the protocol state according to the message correlation, | 2. Retrieve the protocol state according to the message correlation; | |||
see Section 3.4.1. If there is no protocol state, in the case of | see Section 3.4.1. If there is no protocol state, in the case of | |||
message_1, a new protocol state is created. The Responder | message_1, a new protocol state is created. The Responder | |||
endpoint needs to make use of available denial-of-service | endpoint needs to make use of available denial-of-service | |||
mitigation (Section 9.7). | mitigation (Section 9.7). | |||
3. If the message received is an error message, then process it | 3. If the message received is an error message, then process it | |||
according to Section 6, else process it as the expected next | according to Section 6, else process it as the expected next | |||
message according to the protocol state. | message according to the protocol state. | |||
The message processing steps SHALL be processed in order, unless | The message processing steps SHALL be processed in order, unless | |||
otherwise stated. If the processing fails for some reason then, | otherwise stated. If the processing fails for some reason, then | |||
typically, an error message is sent, the EDHOC session is aborted, | typically an error message is sent, the EDHOC session is aborted, and | |||
and the protocol state erased. When the composition and sending of | the protocol state is erased. When the composition and sending of | |||
one message is completed and before the next message is received, | one message is completed and before the next message is received, | |||
error messages SHALL NOT be sent. | error messages SHALL NOT be sent. | |||
After having successfully processed the last message (message_3 or | After having successfully processed the last message (message_3 or | |||
message_4 depending on application profile) the EDHOC session is | message_4 depending on application profile), the EDHOC session is | |||
completed, after which no error messages are sent and EDHOC session | completed; after which, no error messages are sent and EDHOC session | |||
output MAY be maintained even if error messages are received. | output MAY be maintained even if error messages are received. | |||
Further details are provided in the following subsections and in | Further details are provided in the following subsections and in | |||
Section 6. | Section 6. | |||
Different instances of the same message MUST NOT be processed in one | Different instances of the same message MUST NOT be processed in one | |||
EDHOC session. Note that processing will fail if the same message | EDHOC session. Note that processing will fail if the same message | |||
appears a second time for EDHOC processing in the same EDHOC session | appears a second time for EDHOC processing in the same EDHOC session | |||
because the state of the protocol has moved on and now expects | because the state of the protocol has moved on and now expects | |||
something else. Message deduplication MUST be done by the transport | something else. Message deduplication MUST be done by the transport | |||
protocol (see Section 3.4) or, if not supported by the transport, as | protocol (see Section 3.4) or, if not supported by the transport, as | |||
described in Section 7. | described in Section 7. | |||
5.2. EDHOC Message 1 | 5.2. EDHOC Message 1 | |||
5.2.1. Formatting of Message 1 | 5.2.1. Formatting of Message 1 | |||
message_1 SHALL be a CBOR Sequence (see Appendix C.1) as defined | message_1 SHALL be a CBOR Sequence (see Appendix C.1), as defined | |||
below | below. | |||
message_1 = ( | message_1 = ( | |||
METHOD : int, | METHOD : int, | |||
SUITES_I : suites, | SUITES_I : suites, | |||
G_X : bstr, | G_X : bstr, | |||
C_I : bstr / -24..23, | C_I : bstr / -24..23, | |||
? EAD_1, | ? EAD_1, | |||
) | ) | |||
suites = [ 2* int ] / int | suites = [ 2* int ] / int | |||
EAD_1 = 1* ead | EAD_1 = 1* ead | |||
where: | where: | |||
* METHOD - authentication method, see Section 3.2. | * METHOD is an authentication method; see Section 3.2, | |||
* SUITES_I - array of cipher suites which the Initiator supports | * SUITES_I is an array of cipher suites that the Initiator supports | |||
constructed as specified in Section 5.2.2. | constructed as specified in Section 5.2.2, | |||
* G_X - the ephemeral public key of the Initiator | * G_X is the ephemeral public key of the Initiator, and | |||
* C_I - variable length connection identifier. Note that connection | * C_I is the variable-length connection identifier (note that | |||
identifiers are byte strings but certain values are represented as | connection identifiers are byte strings but certain values are | |||
integers in the message, see Section 3.3.2. | represented as integers in the message; see Section 3.3.2), and | |||
* EAD_1 - external authorization data, see Section 3.8. | * EAD_1 is the external authorization data; see Section 3.8. | |||
5.2.2. Initiator Composition of Message 1 | 5.2.2. Initiator Composition of Message 1 | |||
The processing steps are detailed below and in Section 6.3. | The processing steps are detailed below and in Section 6.3. | |||
The Initiator SHALL compose message_1 as follows: | The Initiator SHALL compose message_1 as follows: | |||
* Construct SUITES_I as an array of cipher suites supported by I in | * Construct SUITES_I as an array of cipher suites supported by I in | |||
order of preference by I with the first cipher suite in the array | order of preference by I with the first cipher suite in the array | |||
being the most preferred by I, and the last being the one selected | being the most preferred by I and the last being the one selected | |||
by I for this EDHOC session. If the cipher suite most preferred | by I for this EDHOC session. If the cipher suite most preferred | |||
by I is selected then SUITES_I contains only that cipher suite and | by I is selected, then SUITES_I contains only that cipher suite | |||
is encoded as an int. All cipher suites, if any, preferred by I | and is encoded as an int. All cipher suites, if any, preferred by | |||
over the selected one MUST be included. (See also Section 6.3.) | I over the selected one MUST be included. (See also Section 6.3.) | |||
- The selected suite is based on what the Initiator can assume to | - The selected suite is based on what the Initiator can assume to | |||
be supported by the Responder; if the Initiator previously | be supported by the Responder; if the Initiator previously | |||
received from the Responder an error message with error code 2 | received from the Responder has an error message with error | |||
containing SUITES_R (see Section 6.3) indicating cipher suites | code 2 containing SUITES_R (see Section 6.3) indicating cipher | |||
supported by the Responder, then the Initiator SHOULD select | suites supported by the Responder, then the Initiator SHOULD | |||
its most preferred supported cipher suite among those (bearing | select its most preferred supported cipher suite among those | |||
in mind that error messages may be forged). | (bearing in mind that error messages may be forged). | |||
- The Initiator MUST NOT change its order of preference for | - The Initiator MUST NOT change its order of preference for | |||
cipher suites, and MUST NOT omit a cipher suite preferred to | cipher suites and MUST NOT omit a cipher suite preferred to the | |||
the selected one because of previous error messages received | selected one because of previous error messages received from | |||
from the Responder. | the Responder. | |||
* Generate an ephemeral ECDH key pair using the curve in the | * Generate an ephemeral ECDH key pair using the curve in the | |||
selected cipher suite and format it as a COSE_Key. Let G_X be the | selected cipher suite and format it as a COSE_Key. Let G_X be the | |||
'x' parameter of the COSE_Key. | 'x' parameter of the COSE_Key. | |||
* Choose a connection identifier C_I and store it during the EDHOC | * Choose a connection identifier C_I and store it during the EDHOC | |||
session. | session. | |||
* Encode message_1 as a sequence of CBOR encoded data items as | * Encode message_1 as a sequence of CBOR-encoded data items as | |||
specified in Section 5.2.1 | specified in Section 5.2.1 | |||
5.2.3. Responder Processing of Message 1 | 5.2.3. Responder Processing of Message 1 | |||
The Responder SHALL process message_1 in the following order: | The Responder SHALL process message_1 in the following order: | |||
* Decode message_1 (see Appendix C.1). | 1. Decode message_1 (see Appendix C.1). | |||
* Process message_1, in particular verify that the selected cipher | 2. Process message_1. In particular, verify that the selected | |||
suite is supported and that no prior cipher suite as ordered in | cipher suite is supported and that no prior cipher suite as | |||
SUITES_I is supported. | ordered in SUITES_I is supported. | |||
* If all processing completed successfully, and if EAD_1 is present, | 3. If all processing completed successfully, and if EAD_1 is | |||
then make it available to the application for EAD processing. | present, then make it available to the application for EAD | |||
processing. | ||||
If any processing step fails, then the Responder MUST send an EDHOC | If any processing step fails, then the Responder MUST send an EDHOC | |||
error message back as defined in Section 6, and the EDHOC session | error message back as defined in Section 6, and the EDHOC session | |||
MUST be aborted. | MUST be aborted. | |||
5.3. EDHOC Message 2 | 5.3. EDHOC Message 2 | |||
5.3.1. Formatting of Message 2 | 5.3.1. Formatting of Message 2 | |||
message_2 SHALL be a CBOR Sequence (see Appendix C.1) as defined | message_2 SHALL be a CBOR Sequence (see Appendix C.1), as defined | |||
below | below. | |||
message_2 = ( | message_2 = ( | |||
G_Y_CIPHERTEXT_2 : bstr, | G_Y_CIPHERTEXT_2 : bstr, | |||
) | ) | |||
where: | where: | |||
* G_Y_CIPHERTEXT_2 - the concatenation of G_Y (i.e., the ephemeral | * G_Y_CIPHERTEXT_2 is the concatenation of G_Y (i.e., the ephemeral | |||
public key of the Responder) and CIPHERTEXT_2. | public key of the Responder) and CIPHERTEXT_2. | |||
5.3.2. Responder Composition of Message 2 | 5.3.2. Responder Composition of Message 2 | |||
The Responder SHALL compose message_2 as follows: | The Responder SHALL compose message_2 as follows: | |||
* Generate an ephemeral ECDH key pair using the curve in the | * Generate an ephemeral ECDH key pair using the curve in the | |||
selected cipher suite and format it as a COSE_Key. Let G_Y be the | selected cipher suite and format it as a COSE_Key. Let G_Y be the | |||
'x' parameter of the COSE_Key. | 'x' parameter of the COSE_Key. | |||
* Choose a connection identifier C_R and store it for the length of | * Choose a connection identifier C_R and store it for the length of | |||
the EDHOC session. | the EDHOC session. | |||
* Compute the transcript hash TH_2 = H( G_Y, H(message_1) ) where | * Compute the transcript hash TH_2 = H( G_Y, H(message_1) ), where | |||
H() is the EDHOC hash algorithm of the selected cipher suite. The | H() is the EDHOC hash algorithm of the selected cipher suite. The | |||
input to the hash function is a CBOR Sequence. Note that | input to the hash function is a CBOR Sequence. Note that | |||
H(message_1) can be computed and cached already in the processing | H(message_1) can be computed and cached already in the processing | |||
of message_1. | of message_1. | |||
* Compute MAC_2 as in Section 4.1.2 with context_2 = << C_R, | * Compute MAC_2 as in Section 4.1.2 with context_2 = << C_R, | |||
ID_CRED_R, TH_2, CRED_R, ? EAD_2 >> (see Appendix C.1 for | ID_CRED_R, TH_2, CRED_R, ? EAD_2 >> (see Appendix C.1 for | |||
notation) | notation). | |||
- If the Responder authenticates with a static Diffie-Hellman key | - If the Responder authenticates with a static Diffie-Hellman key | |||
(method equals 1 or 3), then mac_length_2 is the EDHOC MAC | (method equals 1 or 3), then mac_length_2 is the EDHOC MAC | |||
length of the selected cipher suite. If the Responder | length of the selected cipher suite. If the Responder | |||
authenticates with a signature key (method equals 0 or 2), then | authenticates with a signature key (method equals 0 or 2), then | |||
mac_length_2 is equal to hash_length. | mac_length_2 is equal to hash_length. | |||
- C_R - variable length connection identifier. Note that | - C_R is a variable-length connection identifier. Note that | |||
connection identifiers are byte strings but certain values are | connection identifiers are byte strings but certain values are | |||
represented as integers in the message, see Section 3.3.2. | represented as integers in the message; see Section 3.3.2. | |||
- ID_CRED_R - identifier to facilitate the retrieval of CRED_R, | - ID_CRED_R is the identifier to facilitate the retrieval of | |||
see Section 3.5.3 | CRED_R; see Section 3.5.3. | |||
- CRED_R - CBOR item containing the authentication credential of | - CRED_R is the CBOR item containing the authentication | |||
the Responder, see Section 3.5.2 | credential of the Responder; see Section 3.5.2. | |||
- EAD_2 - external authorization data, see Section 3.8 | - EAD_2 is the external authorization data; see Section 3.8. | |||
* If the Responder authenticates with a static Diffie-Hellman key | * If the Responder authenticates with a static Diffie-Hellman key | |||
(method equals 1 or 3), then Signature_or_MAC_2 is MAC_2. If the | (method equals 1 or 3), then Signature_or_MAC_2 is MAC_2. If the | |||
Responder authenticates with a signature key (method equals 0 or | Responder authenticates with a signature key (method equals 0 or | |||
2), then Signature_or_MAC_2 is the 'signature' field of a | 2), then Signature_or_MAC_2 is the 'signature' field of a | |||
COSE_Sign1 object, computed as specified in Section 4.4 of | COSE_Sign1 object, computed as specified in Section 4.4 of | |||
[RFC9053] using the signature algorithm of the selected cipher | [RFC9052] and using the signature algorithm of the selected cipher | |||
suite, the private authentication key of the Responder, and the | suite, the private authentication key of the Responder, and the | |||
following parameters as input (see Appendix C.3 for an overview of | following parameters as input (see Appendix C.3 for an overview of | |||
COSE and Appendix C.1 for notation): | COSE and Appendix C.1 for notation): | |||
- protected = << ID_CRED_R >> | - protected = << ID_CRED_R >> | |||
- external_aad = << TH_2, CRED_R, ? EAD_2 >> | - external_aad = << TH_2, CRED_R, ? EAD_2 >> | |||
- payload = MAC_2 | - payload = MAC_2 | |||
* CIPHERTEXT_2 is calculated with a binary additive stream cipher, | * CIPHERTEXT_2 is calculated with a binary additive stream cipher, | |||
using a keystream generated with EDHOC_Expand, and the following | using a keystream generated with EDHOC_Expand and the following | |||
plaintext: | plaintext: | |||
- PLAINTEXT_2 = ( C_R, ID_CRED_R / bstr / -24..23, | - PLAINTEXT_2 = ( C_R, ID_CRED_R / bstr / -24..23, | |||
Signature_or_MAC_2, ? EAD_2 ) | Signature_or_MAC_2, ? EAD_2 ) | |||
o If ID_CRED_R contains a single 'kid' parameter, i.e., | o If ID_CRED_R contains a single 'kid' parameter, i.e., | |||
ID_CRED_R = { 4 : kid_R }, then the compact encoding is | ID_CRED_R = { 4 : kid_R }, then the compact encoding is | |||
applied, see Section 3.5.3.2. | applied; see Section 3.5.3.2. | |||
o C_R - variable length connection identifier. Note that | o C_R is the variable-length connection identifier. Note that | |||
connection identifiers are byte strings but certain values | connection identifiers are byte strings, but certain values | |||
are represented as integers in the message, see | are represented as integers in the message; see | |||
Section 3.3.2. | Section 3.3.2. | |||
- Compute KEYSTREAM_2 as in Section 4.1.2, where plaintext_length | - Compute KEYSTREAM_2 as in Section 4.1.2, where plaintext_length | |||
is the length of PLAINTEXT_2. For the case of plaintext_length | is the length of PLAINTEXT_2. For the case of plaintext_length | |||
exceeding the EDHOC_KDF output size, see Appendix G. | exceeding the EDHOC_KDF output size, see Appendix G. | |||
- CIPHERTEXT_2 = PLAINTEXT_2 XOR KEYSTREAM_2 | - CIPHERTEXT_2 = PLAINTEXT_2 XOR KEYSTREAM_2 | |||
* Encode message_2 as a sequence of CBOR encoded data items as | * Encode message_2 as a sequence of CBOR-encoded data items as | |||
specified in Section 5.3.1. | specified in Section 5.3.1. | |||
5.3.3. Initiator Processing of Message 2 | 5.3.3. Initiator Processing of Message 2 | |||
The Initiator SHALL process message_2 in the following order: | The Initiator SHALL process message_2 in the following order: | |||
* Decode message_2 (see Appendix C.1). | 1. Decode message_2 (see Appendix C.1). | |||
* Retrieve the protocol state using available message correlation | 2. Retrieve the protocol state using available message correlation | |||
(e.g., the CoAP Token, the 5-tuple, or the prepended C_I, see | (e.g., the CoAP Token, the 5-tuple, or the prepended C_I; see | |||
Section 3.4.1). | Section 3.4.1). | |||
* Decrypt CIPHERTEXT_2, see Section 5.3.2. | 3. Decrypt CIPHERTEXT_2; see Section 5.3.2. | |||
* If all processing completed successfully, then make ID_CRED_R and | 4. If all processing is completed successfully, then make ID_CRED_R | |||
(if present) EAD_2 available to the application for | and (if present) EAD_2 available to the application for | |||
authentication- and EAD processing. When and how to perform | authentication and EAD processing. When and how to perform | |||
authentication is up to the application. | authentication is up to the application. | |||
* Obtain the authentication credential (CRED_R) and the | 5. Obtain the authentication credential (CRED_R) and the | |||
authentication key of R from the application (or by other means). | authentication key of R from the application (or by other means). | |||
* Verify Signature_or_MAC_2 using the algorithm in the selected | 6. Verify Signature_or_MAC_2 using the algorithm in the selected | |||
cipher suite. The verification process depends on the method, see | cipher suite. The verification process depends on the method; | |||
Section 5.3.2. Make the result of the verification available to | see Section 5.3.2. Make the result of the verification available | |||
the application. | to the application. | |||
If any processing step fails, then the Initiator MUST send an EDHOC | If any processing step fails, then the Initiator MUST send an EDHOC | |||
error message back as defined in Section 6, and the EDHOC session | error message back as defined in Section 6, and the EDHOC session | |||
MUST be aborted. | MUST be aborted. | |||
5.4. EDHOC Message 3 | 5.4. EDHOC Message 3 | |||
5.4.1. Formatting of Message 3 | 5.4.1. Formatting of Message 3 | |||
message_3 SHALL be a CBOR Sequence (see Appendix C.1) as defined | message_3 SHALL be a CBOR Sequence (see Appendix C.1), as defined | |||
below | below. | |||
message_3 = ( | message_3 = ( | |||
CIPHERTEXT_3 : bstr, | CIPHERTEXT_3 : bstr, | |||
) | ) | |||
5.4.2. Initiator Composition of Message 3 | 5.4.2. Initiator Composition of Message 3 | |||
The Initiator SHALL compose message_3 as follows: | The Initiator SHALL compose message_3 as follows: | |||
* Compute the transcript hash TH_3 = H(TH_2, PLAINTEXT_2, CRED_R) | * Compute the transcript hash TH_3 = H(TH_2, PLAINTEXT_2, CRED_R), | |||
where H() is the EDHOC hash algorithm of the selected cipher | where H() is the EDHOC hash algorithm of the selected cipher | |||
suite. The input to the hash function is a CBOR Sequence. Note | suite. The input to the hash function is a CBOR Sequence. Note | |||
that TH_3 can be computed and cached already in the processing of | that TH_3 can be computed and cached already in the processing of | |||
message_2. | message_2. | |||
* Compute MAC_3 as in Section 4.1.2, with context_3 = << ID_CRED_I, | * Compute MAC_3 as in Section 4.1.2, with context_3 = << ID_CRED_I, | |||
TH_3, CRED_I, ? EAD_3 >> | TH_3, CRED_I, ? EAD_3 >> | |||
- If the Initiator authenticates with a static Diffie-Hellman key | - If the Initiator authenticates with a static Diffie-Hellman key | |||
(method equals 2 or 3), then mac_length_3 is the EDHOC MAC | (method equals 2 or 3), then mac_length_3 is the EDHOC MAC | |||
length of the selected cipher suite. If the Initiator | length of the selected cipher suite. If the Initiator | |||
authenticates with a signature key (method equals 0 or 1), then | authenticates with a signature key (method equals 0 or 1), then | |||
mac_length_3 is equal to hash_length. | mac_length_3 is equal to hash_length. | |||
- ID_CRED_I - identifier to facilitate the retrieval of CRED_I, | - ID_CRED_I is the identifier to facilitate the retrieval of | |||
see Section 3.5.3 | CRED_I; see Section 3.5.3. | |||
- CRED_I - CBOR item containing the authentication credential of | - CRED_I is the CBOR item containing the authentication | |||
the Initiator, see Section 3.5.2 | credential of the Initiator; see Section 3.5.2. | |||
- EAD_3 - external authorization data, see Section 3.8 | - EAD_3 is the external authorization data; see Section 3.8. | |||
* If the Initiator authenticates with a static Diffie-Hellman key | * If the Initiator authenticates with a static Diffie-Hellman key | |||
(method equals 2 or 3), then Signature_or_MAC_3 is MAC_3. If the | (method equals 2 or 3), then Signature_or_MAC_3 is MAC_3. If the | |||
Initiator authenticates with a signature key (method equals 0 or | Initiator authenticates with a signature key (method equals 0 or | |||
1), then Signature_or_MAC_3 is the 'signature' field of a | 1), then Signature_or_MAC_3 is the 'signature' field of a | |||
COSE_Sign1 object, computed as specified in Section 4.4 of | COSE_Sign1 object, computed as specified in Section 4.4 of | |||
[RFC9052] using the signature algorithm of the selected cipher | [RFC9052] and using the signature algorithm of the selected cipher | |||
suite, the private authentication key of the Initiator, and the | suite, the private authentication key of the Initiator, and the | |||
following parameters as input (see Appendix C.3): | following parameters as input (see Appendix C.3): | |||
- protected = << ID_CRED_I >> | - protected = << ID_CRED_I >> | |||
- external_aad = << TH_3, CRED_I, ? EAD_3 >> | - external_aad = << TH_3, CRED_I, ? EAD_3 >> | |||
- payload = MAC_3 | - payload = MAC_3 | |||
* Compute a COSE_Encrypt0 object as defined in Sections 5.2 and 5.3 | * Compute a COSE_Encrypt0 object as defined in Sections 5.2 and 5.3 | |||
skipping to change at page 37, line 50 ¶ | skipping to change at line 1752 ¶ | |||
- external_aad = TH_3 | - external_aad = TH_3 | |||
- K_3 and IV_3 are defined in Section 4.1.2 | - K_3 and IV_3 are defined in Section 4.1.2 | |||
- PLAINTEXT_3 = ( ID_CRED_I / bstr / -24..23, Signature_or_MAC_3, | - PLAINTEXT_3 = ( ID_CRED_I / bstr / -24..23, Signature_or_MAC_3, | |||
? EAD_3 ) | ? EAD_3 ) | |||
o If ID_CRED_I contains a single 'kid' parameter, i.e., | o If ID_CRED_I contains a single 'kid' parameter, i.e., | |||
ID_CRED_I = { 4 : kid_I }, then the compact encoding is | ID_CRED_I = { 4 : kid_I }, then the compact encoding is | |||
applied, see Section 3.5.3.2. | applied; see Section 3.5.3.2. | |||
CIPHERTEXT_3 is the 'ciphertext' of COSE_Encrypt0. | CIPHERTEXT_3 is the 'ciphertext' of COSE_Encrypt0. | |||
* Compute the transcript hash TH_4 = H(TH_3, PLAINTEXT_3, CRED_I) | * Compute the transcript hash TH_4 = H(TH_3, PLAINTEXT_3, CRED_I), | |||
where H() is the EDHOC hash algorithm of the selected cipher | where H() is the EDHOC hash algorithm of the selected cipher | |||
suite. The input to the hash function is a CBOR Sequence. | suite. The input to the hash function is a CBOR Sequence. | |||
* Calculate PRK_out as defined in Figure 8. The Initiator can now | * Calculate PRK_out as defined in Figure 6. The Initiator can now | |||
derive application keys using the EDHOC_Exporter interface, see | derive application keys using the EDHOC_Exporter interface; see | |||
Section 4.2.1. | Section 4.2.1. | |||
* Encode message_3 as a CBOR data item as specified in | * Encode message_3 as a CBOR data item as specified in | |||
Section 5.4.1. | Section 5.4.1. | |||
* Make the connection identifiers (C_I, C_R) and the application | * Make the connection identifiers (C_I and C_R) and the application | |||
algorithms in the selected cipher suite available to the | algorithms in the selected cipher suite available to the | |||
application. | application. | |||
After creating message_3, the Initiator can compute PRK_out, see | After creating message_3, the Initiator can compute PRK_out (see | |||
Section 4.1.3, and derive application keys using the EDHOC_Exporter | Section 4.1.3) and derive application keys using the EDHOC_Exporter | |||
interface, see Section 4.2.1. The Initiator SHOULD NOT persistently | interface (see Section 4.2.1). The Initiator SHOULD NOT persistently | |||
store PRK_out or application keys until the Initiator has verified | store PRK_out or application keys until the Initiator has verified | |||
message_4 or a message protected with a derived application key, such | message_4 or a message protected with a derived application key, such | |||
as an OSCORE message, from the Responder and the application has | as an OSCORE message, from the Responder and the application has | |||
authenticated the Responder. This is similar to waiting for an | authenticated the Responder. This is similar to waiting for an | |||
acknowledgment (ACK) in a transport protocol. The Initiator SHOULD | acknowledgment (ACK) in a transport protocol. The Initiator SHOULD | |||
NOT send protected application data until the application has | NOT send protected application data until the application has | |||
authenticated the Responder. | authenticated the Responder. | |||
5.4.3. Responder Processing of Message 3 | 5.4.3. Responder Processing of Message 3 | |||
The Responder SHALL process message_3 in the following order: | The Responder SHALL process message_3 in the following order: | |||
* Decode message_3 (see Appendix C.1). | 1. Decode message_3 (see Appendix C.1). | |||
* Retrieve the protocol state using available message correlation | 2. Retrieve the protocol state using available message correlation | |||
(e.g., the CoAP Token, the 5-tuple, or the prepended C_R, see | (e.g., the CoAP Token, the 5-tuple, or the prepended C_R; see | |||
Section 3.4.1). | Section 3.4.1). | |||
* Decrypt and verify the COSE_Encrypt0 as defined in Sections 5.2 | 3. Decrypt and verify the COSE_Encrypt0 as defined in Sections 5.2 | |||
and 5.3 of [RFC9052], with the EDHOC AEAD algorithm in the | and 5.3 of [RFC9052], with the EDHOC AEAD algorithm in the | |||
selected cipher suite, and the parameters defined in | selected cipher suite and the parameters defined in | |||
Section 5.4.2. | Section 5.4.2. | |||
* If all processing completed successfully, then make ID_CRED_I and | 4. If all processing completed successfully, then make ID_CRED_I and | |||
(if present) EAD_3 available to the application for | (if present) EAD_3 available to the application for | |||
authentication- and EAD processing. When and how to perform | authentication and EAD processing. When and how to perform | |||
authentication is up to the application. | authentication is up to the application. | |||
* Obtain the authentication credential (CRED_I) and the | 5. Obtain the authentication credential (CRED_I) and the | |||
authentication key of I from the application (or by other means). | authentication key of I from the application (or by other means). | |||
* Verify Signature_or_MAC_3 using the algorithm in the selected | 6. Verify Signature_or_MAC_3 using the algorithm in the selected | |||
cipher suite. The verification process depends on the method, see | cipher suite. The verification process depends on the method; | |||
Section 5.4.2. Make the result of the verification available to | see Section 5.4.2. Make the result of the verification available | |||
the application. | to the application. | |||
* Make the connection identifiers (C_I, C_R) and the application | 7. Make the connection identifiers (C_I and C_R) and the application | |||
algorithms in the selected cipher suite available to the | algorithms in the selected cipher suite available to the | |||
application. | application. | |||
After processing message_3, the Responder can compute PRK_out, see | After processing message_3, the Responder can compute PRK_out (see | |||
Section 4.1.3, and derive application keys using the EDHOC_Exporter | Section 4.1.3) and derive application keys using the EDHOC_Exporter | |||
interface, see Section 4.2.1. The Responder SHOULD NOT persistently | interface (see Section 4.2.1). The Responder SHOULD NOT persistently | |||
store PRK_out or application keys until the application has | store PRK_out or application keys until the application has | |||
authenticated the Initiator. The Responder SHOULD NOT send protected | authenticated the Initiator. The Responder SHOULD NOT send protected | |||
application data until the application has authenticated the | application data until the application has authenticated the | |||
Initiator. | Initiator. | |||
If any processing step fails, then the Responder MUST send an EDHOC | If any processing step fails, then the Responder MUST send an EDHOC | |||
error message back as defined in Section 6, and the EDHOC session | error message back as defined in Section 6, and the EDHOC session | |||
MUST be aborted. | MUST be aborted. | |||
5.5. EDHOC Message 4 | 5.5. EDHOC Message 4 | |||
This section specifies message_4 which is OPTIONAL to support. Key | This section specifies message_4, which is OPTIONAL to support. Key | |||
confirmation is normally provided by sending an application message | confirmation is normally provided by sending an application message | |||
from the Responder to the Initiator protected with a key derived with | from the Responder to the Initiator protected with a key derived with | |||
the EDHOC_Exporter, e.g., using OSCORE (see Appendix A). In | the EDHOC_Exporter, e.g., using OSCORE (see Appendix A). In | |||
deployments where no protected application message is sent from the | deployments where no protected application message is sent from the | |||
Responder to the Initiator, message_4 MUST be supported and MUST be | Responder to the Initiator, message_4 MUST be supported and MUST be | |||
used. Two examples of such deployments are: | used. Two examples of such deployments are: | |||
1. When EDHOC is only used for authentication and no application | 1. when EDHOC is only used for authentication and no application | |||
data is sent. | data is sent and | |||
2. When application data is only sent from the Initiator to the | 2. when application data is only sent from the Initiator to the | |||
Responder. | Responder. | |||
Further considerations about when to use message_4 are provided in | Further considerations about when to use message_4 are provided in | |||
Section 3.9 and Section 9.1. | Sections 3.9 and 9.1. | |||
5.5.1. Formatting of Message 4 | 5.5.1. Formatting of Message 4 | |||
message_4 SHALL be a CBOR Sequence (see Appendix C.1) as defined | message_4 SHALL be a CBOR Sequence (see Appendix C.1), as defined | |||
below | below. | |||
message_4 = ( | message_4 = ( | |||
CIPHERTEXT_4 : bstr, | CIPHERTEXT_4 : bstr, | |||
) | ) | |||
5.5.2. Responder Composition of Message 4 | 5.5.2. Responder Composition of Message 4 | |||
The Responder SHALL compose message_4 as follows: | The Responder SHALL compose message_4 as follows: | |||
* Compute a COSE_Encrypt0 as defined in Sections 5.2 and 5.3 of | * Compute a COSE_Encrypt0 as defined in Sections 5.2 and 5.3 of | |||
[RFC9052], with the EDHOC AEAD algorithm of the selected cipher | [RFC9052], with the EDHOC AEAD algorithm of the selected cipher | |||
suite, using the encryption key K_4, the initialization vector | suite, using the encryption key K_4, the initialization vector | |||
IV_4 (if used by the AEAD algorithm), the plaintext PLAINTEXT_4, | IV_4 (if used by the AEAD algorithm), the plaintext PLAINTEXT_4, | |||
and the following parameters as input (see Appendix C.3): | and the following parameters as input (see Appendix C.3): | |||
- protected = h'' | - protected = h'' | |||
- external_aad = TH_4 | - external_aad = TH_4 | |||
- K_4 and IV_4 are defined in Section 4.1.2 | - K_4 and IV_4 are defined in Section 4.1.2 | |||
- PLAINTEXT_4 = ( ? EAD_4 ) | - PLAINTEXT_4 = ( ? EAD_4 ) | |||
o EAD_4 - external authorization data, see Section 3.8. | o EAD_4 is the external authorization data; see Section 3.8. | |||
CIPHERTEXT_4 is the 'ciphertext' of COSE_Encrypt0. | CIPHERTEXT_4 is the 'ciphertext' of COSE_Encrypt0. | |||
* Encode message_4 as a CBOR data item as specified in | * Encode message_4 as a CBOR data item as specified in | |||
Section 5.5.1. | Section 5.5.1. | |||
5.5.3. Initiator Processing of Message 4 | 5.5.3. Initiator Processing of Message 4 | |||
The Initiator SHALL process message_4 as follows: | The Initiator SHALL process message_4 as follows: | |||
* Decode message_4 (see Appendix C.1). | * Decode message_4 (see Appendix C.1). | |||
* Retrieve the protocol state using available message correlation | * Retrieve the protocol state using available message correlation | |||
(e.g., the CoAP Token, the 5-tuple, or the prepended C_I, see | (e.g., the CoAP Token, the 5-tuple, or the prepended C_I; see | |||
Section 3.4.1). | Section 3.4.1). | |||
* Decrypt and verify the COSE_Encrypt0 as defined in Sections 5.2 | * Decrypt and verify the COSE_Encrypt0 as defined in Sections 5.2 | |||
and 5.3 of [RFC9052], with the EDHOC AEAD algorithm in the | and 5.3 of [RFC9052], with the EDHOC AEAD algorithm in the | |||
selected cipher suite, and the parameters defined in | selected cipher suite and the parameters defined in Section 5.5.2. | |||
Section 5.5.2. | ||||
* Make (if present) EAD_4 available to the application for EAD | * Make (if present) EAD_4 available to the application for EAD | |||
processing. | processing. | |||
If any processing step fails, then the Initiator MUST send an EDHOC | If any processing step fails, then the Initiator MUST send an EDHOC | |||
error message back as defined in Section 6, and the EDHOC session | error message back as defined in Section 6, and the EDHOC session | |||
MUST be aborted. | MUST be aborted. | |||
After verifying message_4, the Initiator is assured that the | After verifying message_4, the Initiator is assured that the | |||
Responder has calculated the key PRK_out (key confirmation) and that | Responder has calculated the key PRK_out (key confirmation) and that | |||
no other party can derive the key. | no other party can derive the key. | |||
6. Error Handling | 6. Error Handling | |||
This section defines the format for error messages, and the | This section defines the format for error messages and the processing | |||
processing associated with the currently defined error codes. | associated with the currently defined error codes. Additional error | |||
Additional error codes may be registered, see Section 10.4. | codes may be registered; see Section 10.4. | |||
Many kinds of errors that can occur during EDHOC processing. As in | Many kinds of errors can occur during EDHOC processing. As in CoAP, | |||
CoAP, an error can be triggered by errors in the received message or | an error can be triggered by errors in the received message or | |||
internal errors in the receiving endpoint. Except for processing and | internal errors in the receiving endpoint. Except for processing and | |||
formatting errors, it is up to the application when to send an error | formatting errors, it is up to the application when to send an error | |||
message. Sending error messages is essential for debugging but MAY | message. Sending error messages is essential for debugging but MAY | |||
be skipped if, for example, an EDHOC session cannot be found or due | be skipped if, for example, an EDHOC session cannot be found or due | |||
to denial-of-service reasons, see Section 9.7. Error messages in | to denial-of-service reasons; see Section 9.7. Error messages in | |||
EDHOC are always fatal. After sending an error message, the sender | EDHOC are always fatal. After sending an error message, the sender | |||
MUST abort the EDHOC session. The receiver SHOULD treat an error | MUST abort the EDHOC session. The receiver SHOULD treat an error | |||
message as an indication that the other party likely has aborted the | message as an indication that the other party likely has aborted the | |||
EDHOC session. But since error messages might be forged, the | EDHOC session. But since error messages might be forged, the | |||
receiver MAY try to continue the EDHOC session. | receiver MAY try to continue the EDHOC session. | |||
An EDHOC error message can be sent by either endpoint as a reply to | An EDHOC error message can be sent by either endpoint as a reply to | |||
any non-error EDHOC message. How errors at the EDHOC layer are | any non-error EDHOC message. How errors at the EDHOC layer are | |||
transported depends on lower layers, which need to enable error | transported depends on lower layers, which need to enable error | |||
messages to be sent and processed as intended. | messages to be sent and processed as intended. | |||
error SHALL be a CBOR Sequence (see Appendix C.1) as defined below | error SHALL be a CBOR Sequence (see Appendix C.1), as defined below. | |||
error = ( | error = ( | |||
ERR_CODE : int, | ERR_CODE : int, | |||
ERR_INFO : any, | ERR_INFO : any, | |||
) | ) | |||
Figure 9: EDHOC error message. | Figure 7: EDHOC Error Message | |||
where: | where: | |||
* ERR_CODE - error code encoded as an integer. The value 0 is | * ERR_CODE is an error code encoded as an integer. The value 0 is | |||
reserved for success and can only be used internally, all other | reserved for success and can only be used internally; all other | |||
values (negative or positive) indicate errors. | values (negative or positive) indicate errors. | |||
* ERR_INFO - error information. Content and encoding depend on | * ERR_INFO is the error information. Content and encoding depend on | |||
error code. | the error code. | |||
The remainder of this section specifies the currently defined error | The remainder of this section specifies the currently defined error | |||
codes, see Figure 10. Additional error codes and corresponding error | codes; see Table 3. Additional error codes and corresponding error | |||
information may be specified. | information may be specified. | |||
+----------+---------------+----------------------------------------+ | +==========+===============+===============================+ | |||
| ERR_CODE | ERR_INFO Type | Description | | | ERR_CODE | ERR_INFO Type | Description | | |||
+==========+===============+========================================+ | +==========+===============+===============================+ | |||
| 0 | | This value is reserved | | | 0 | | Reserved for success | | |||
+----------+---------------+----------------------------------------+ | +----------+---------------+-------------------------------+ | |||
| 1 | tstr | Unspecified error | | | 1 | tstr | Unspecified error | | |||
+----------+---------------+----------------------------------------+ | +----------+---------------+-------------------------------+ | |||
| 2 | suites | Wrong selected cipher suite | | | 2 | suites | Wrong selected cipher suite | | |||
+----------+---------------+----------------------------------------+ | +----------+---------------+-------------------------------+ | |||
| 3 | true | Unknown credential referenced | | | 3 | true | Unknown credential referenced | | |||
+----------+---------------+----------------------------------------+ | +----------+---------------+-------------------------------+ | |||
| 23 | | Reserved | | ||||
+----------+---------------+-------------------------------+ | ||||
Figure 10: EDHOC error codes and error information. | Table 3: EDHOC Error Codes and Error Information | |||
6.1. Success | 6.1. Success | |||
Error code 0 MAY be used internally in an application to indicate | Error code 0 MAY be used internally in an application to indicate | |||
success, i.e., as a standard value in case of no error, e.g., in | success, i.e., as a standard value in case of no error, e.g., in | |||
status reporting or log files. Error code 0 MUST NOT be used as part | status reporting or log files. Error code 0 MUST NOT be used as part | |||
of the EDHOC message exchange. If an endpoint receives an error | of the EDHOC message exchange. If an endpoint receives an error | |||
message with error code 0, then it MUST abort the EDHOC session and | message with error code 0, then it MUST abort the EDHOC session and | |||
MUST NOT send an error message. | MUST NOT send an error message. | |||
6.2. Unspecified Error | 6.2. Unspecified Error | |||
Error code 1 is used for errors that do not have a specific error | Error code 1 is used for errors that do not have a specific error | |||
code defined. ERR_INFO MUST be a text string containing a human- | code defined. ERR_INFO MUST be a text string containing a human- | |||
readable diagnostic message which SHOULD be written in English, for | readable diagnostic message that SHOULD be written in English, for | |||
example "Method not supported". The diagnostic text message is | example, "Method not supported". The diagnostic text message is | |||
mainly intended for software engineers that during debugging need to | mainly intended for software engineers who during debugging need to | |||
interpret it in the context of the EDHOC specification. The | interpret it in the context of the EDHOC specification. The | |||
diagnostic message SHOULD be provided to the calling application | diagnostic message SHOULD be provided to the calling application | |||
where it SHOULD be logged. | where it SHOULD be logged. | |||
6.3. Wrong Selected Cipher Suite | 6.3. Wrong Selected Cipher Suite | |||
Error code 2 MUST only be used when replying to message_1 in case the | Error code 2 MUST only be used when replying to message_1 in case the | |||
cipher suite selected by the Initiator is not supported by the | cipher suite selected by the Initiator is not supported by the | |||
Responder, or if the Responder supports a cipher suite more preferred | Responder or if the Responder supports a cipher suite more preferred | |||
by the Initiator than the selected cipher suite, see Section 5.2.3. | by the Initiator than the selected cipher suite; see Section 5.2.3. | |||
In this case, ERR_INFO = SUITES_R and is of type suites, see | In this case, ERR_INFO = SUITES_R and is of type suites; see | |||
Section 5.2.1. If the Responder does not support the selected cipher | Section 5.2.1. If the Responder does not support the selected cipher | |||
suite, then SUITES_R MUST include one or more supported cipher | suite, then SUITES_R MUST include one or more supported cipher | |||
suites. If the Responder supports a cipher suite in SUITES_I other | suites. If the Responder supports a cipher suite in SUITES_I other | |||
than the selected cipher suite (independently of if the selected | than the selected cipher suite (independently of if the selected | |||
cipher suite is supported or not) then SUITES_R MUST include the | cipher suite is supported or not), then SUITES_R MUST include the | |||
supported cipher suite in SUITES_I which is most preferred by the | supported cipher suite in SUITES_I, which is most preferred by the | |||
Initiator. SUITES_R MAY include a single cipher suite, in which case | Initiator. SUITES_R MAY include a single cipher suite; in which | |||
it is encoded as an int. If the Responder does not support any | case, it is encoded as an int. If the Responder does not support any | |||
cipher suite in SUITES_I, then it SHOULD include all its supported | cipher suite in SUITES_I, then it SHOULD include all its supported | |||
cipher suites in SUITES_R. | cipher suites in SUITES_R. | |||
In contrast to SUITES_I, the order of the cipher suites in SUITES_R | In contrast to SUITES_I, the order of the cipher suites in SUITES_R | |||
has no significance. | has no significance. | |||
6.3.1. Cipher Suite Negotiation | 6.3.1. Cipher Suite Negotiation | |||
After receiving SUITES_R, the Initiator can determine which cipher | After receiving SUITES_R, the Initiator can determine which cipher | |||
suite to select (if any) for the next EDHOC run with the Responder. | suite to select (if any) for the next EDHOC run with the Responder. | |||
If the Initiator intends to contact the Responder in the future, the | The Initiator needs to remember which selected cipher suite to use | |||
Initiator SHOULD remember which selected cipher suite to use until | until the next message_1 has been sent; otherwise, the Initiator and | |||
the next message_1 has been sent, otherwise the Initiator and | Responder will run into an infinite loop where the Initiator selects | |||
Responder will likely run into an infinite loop where the Initiator | its most preferred cipher suite and the Responder sends an error with | |||
selects its most preferred cipher suite and the Responder sends an | supported cipher suites. After a completed EDHOC session, the | |||
error with supported cipher suites. After a completed EDHOC session, | Initiator MAY remember the selected cipher suite to use in future | |||
the Initiator MAY remember the selected cipher suite to use in future | ||||
EDHOC sessions. Note that if the Initiator or Responder is updated | EDHOC sessions. Note that if the Initiator or Responder is updated | |||
with new cipher suite policies, any cached information may be | with new cipher suite policies, any cached information may be | |||
outdated. | outdated. | |||
Note that the Initiator's list of supported cipher suites and order | Note that the Initiator's list of supported cipher suites and order | |||
of preference is fixed (see Section 5.2.1 and Section 5.2.2). | of preference is fixed (see Sections 5.2.1 and 5.2.2). Furthermore, | |||
Furthermore, the Responder SHALL only accept message_1 if the | the Responder SHALL only accept message_1 if the selected cipher | |||
selected cipher suite is the first cipher suite in SUITES_I that the | suite is the first cipher suite in SUITES_I that the Responder also | |||
Responder also supports (see Section 5.2.3). Following this | supports (see Section 5.2.3). Following this procedure ensures that | |||
procedure ensures that the selected cipher suite is the most | the selected cipher suite is the most preferred (by the Initiator) | |||
preferred (by the Initiator) cipher suite supported by both parties. | cipher suite supported by both parties. For examples, see | |||
For examples, see Section 6.3.2. | Section 6.3.2. | |||
If the selected cipher suite is not the first cipher suite which the | If the selected cipher suite is not the first cipher suite that the | |||
Responder supports in SUITES_I received in message_1, then the | Responder supports in SUITES_I received in message_1, then the | |||
Responder MUST abort the EDHOC session, see Section 5.2.3. If | Responder MUST abort the EDHOC session; see Section 5.2.3. If | |||
SUITES_I in message_1 is manipulated, then the integrity verification | SUITES_I in message_1 is manipulated, then the integrity verification | |||
of message_2 containing the transcript hash TH_2 will fail and the | of message_2 containing the transcript hash TH_2 will fail and the | |||
Initiator will abort the EDHOC session. | Initiator will abort the EDHOC session. | |||
6.3.2. Examples | 6.3.2. Examples | |||
Assume that the Initiator supports the five cipher suites 5, 6, 7, 8, | Assume that the Initiator supports the five cipher suites, 5, 6, 7, | |||
and 9 in decreasing order of preference. Figures 11 and 12 show two | 8, and 9, in decreasing order of preference. Figures 8 and 9 show | |||
examples of how the Initiator can format SUITES_I and how SUITES_R is | two examples of how the Initiator can format SUITES_I and how | |||
used by Responders to give the Initiator information about the cipher | SUITES_R is used by Responders to give the Initiator information | |||
suites that the Responder supports. | about the cipher suites that the Responder supports. | |||
In Example 1 (Figure 11), the Responder supports cipher suite 6 but | In Example 1 (Figure 8), the Responder supports cipher suite 6 but | |||
not the initially selected cipher suite 5. The Responder rejects the | not the initially selected cipher suite 5. The Responder rejects the | |||
first message_1 with an error indicating support for suite 6 in | first message_1 with an error indicating support for suite 6 in | |||
SUITES_R. The Initiator also supports suite 6, and therefore selects | SUITES_R. The Initiator also supports suite 6 and therefore selects | |||
suite 6 in the second message_1. The Initiator prepends in SUITES_I | suite 6 in the second message_1. The Initiator prepends in SUITES_I | |||
the selected suite 6 with the more preferred suites, in this case | the selected suite 6 with the more preferred suites, in this case | |||
suite 5, to mitigate a potential attack on the cipher suite | suite 5, to mitigate a potential attack on the cipher suite | |||
negotiation. | negotiation. | |||
Initiator Responder | Initiator Responder | |||
| METHOD, SUITES_I = 5, G_X, C_I, EAD_1 | | | METHOD, SUITES_I = 5, G_X, C_I, EAD_1 | | |||
+------------------------------------------------------------------>| | +------------------------------------------------------------------>| | |||
| message_1 | | | message_1 | | |||
| | | | | | |||
| ERR_CODE = 2, SUITES_R = 6 | | | ERR_CODE = 2, SUITES_R = 6 | | |||
|<------------------------------------------------------------------+ | |<------------------------------------------------------------------+ | |||
| error | | | error | | |||
| | | | | | |||
| METHOD, SUITES_I = [5, 6], G_X, C_I, EAD_1 | | | METHOD, SUITES_I = [5, 6], G_X, C_I, EAD_1 | | |||
+------------------------------------------------------------------>| | +------------------------------------------------------------------>| | |||
| message_1 | | | message_1 | | |||
Figure 11: Cipher suite negotiation example 1. | Figure 8: Cipher Suite Negotiation Example 1 | |||
In Example 2 (Figure 12), the Responder supports cipher suites 8 and | In Example 2 (Figure 9), the Responder supports cipher suites 8 and 9 | |||
9 but not the more preferred (by the Initiator) cipher suites 5, 6 or | but not the more preferred (by the Initiator) cipher suites 5, 6 or | |||
7. To illustrate the negotiation mechanics we let the Initiator | 7. To illustrate the negotiation mechanics, we let the Initiator | |||
first make a guess that the Responder supports suite 6 but not suite | first make a guess that the Responder supports suite 6 but not suite | |||
5. Since the Responder supports neither 5 nor 6, it rejects the | 5. Since the Responder supports neither 5 nor 6, it rejects the | |||
first message_1 with an error indicating support for suites 8 and 9 | first message_1 with an error indicating support for suites 8 and 9 | |||
in SUITES_R (in any order). The Initiator also supports suites 8 and | in SUITES_R (in any order). The Initiator also supports suites 8 and | |||
9, and prefers suite 8, so selects suite 8 in the second message_1. | 9, and prefers suite 8, so it selects suite 8 in the second | |||
The Initiator prepends in SUITES_I the selected suite 8 with the more | message_1. The Initiator prepends in SUITES_I the selected suite 8 | |||
preferred suites in order of preference, in this case suites 5, 6 and | with the more preferred suites in order of preference, in this case, | |||
7, to mitigate a potential attack on the cipher suite negotiation. | suites 5, 6 and 7, to mitigate a potential attack on the cipher suite | |||
negotiation. | ||||
Note 1. If the Responder had supported suite 5, then the first | Note 1. If the Responder had supported suite 5, then the first | |||
message_1 would not have been accepted either, since the Responder | message_1 would not have been accepted either, since the | |||
observes that suite 5 is more preferred by the Initiator than the | Responder observes that suite 5 is more preferred by the | |||
selected suite 6. In that case the Responder would have included | Initiator than the selected suite 6. In that case, the | |||
suite 5 in SUITES_R of the response, and it would then have become | Responder would have included suite 5 in SUITES_R of the | |||
the selected and only suite in the second message_1. | response, and it would then have become the selected and | |||
only suite in the second message_1. | ||||
Note 2. For each message_1 the Initiator MUST generate a new | Note 2. For each message_1, the Initiator MUST generate a new | |||
ephemeral ECDH key pair matching the selected cipher suite. | ephemeral ECDH key pair matching the selected cipher suite. | |||
Initiator Responder | Initiator Responder | |||
| METHOD, SUITES_I = [5, 6], G_X, C_I, EAD_1 | | | METHOD, SUITES_I = [5, 6], G_X, C_I, EAD_1 | | |||
+------------------------------------------------------------------>| | +------------------------------------------------------------------>| | |||
| message_1 | | | message_1 | | |||
| | | | | | |||
| ERR_CODE = 2, SUITES_R = [9, 8] | | | ERR_CODE = 2, SUITES_R = [9, 8] | | |||
|<------------------------------------------------------------------+ | |<------------------------------------------------------------------+ | |||
| error | | | error | | |||
| | | | | | |||
| METHOD, SUITES_I = [5, 6, 7, 8], G_X, C_I, EAD_1 | | | METHOD, SUITES_I = [5, 6, 7, 8], G_X, C_I, EAD_1 | | |||
+------------------------------------------------------------------>| | +------------------------------------------------------------------>| | |||
| message_1 | | | message_1 | | |||
Figure 12: Cipher suite negotiation example 2. | Figure 9: Cipher Suite Negotiation Example 2 | |||
6.4. Unknown Credential Referenced | 6.4. Unknown Credential Referenced | |||
Error code 3 is used for errors due to a received credential | Error code 3 is used for errors due to a received credential | |||
identifier (ID_CRED_R in message_2 or ID_CRED_I message_3) containing | identifier (ID_CRED_R in message_2 or ID_CRED_I message_3) containing | |||
a reference to a credential which the receiving endpoint does not | a reference to a credential that the receiving endpoint does not have | |||
have access to. The intent with this error code is that the endpoint | access to. The intent with this error code is that the endpoint who | |||
who sent the credential identifier should for the next EDHOC session | sent the credential identifier should, for the next EDHOC session, | |||
try another credential identifier supported according to the | try another credential identifier supported according to the | |||
application profile. | application profile. | |||
For example, an application profile could list x5t and x5chain as | For example, an application profile could list x5t and x5chain as | |||
supported credential identifiers, and state that x5t should be used | supported credential identifiers and state that x5t should be used if | |||
if it can be assumed that the X.509 certificate is available at the | it can be assumed that the X.509 certificate is available at the | |||
receiving side. This error code thus enables the certificate chain | receiving side. This error code thus enables the certificate chain | |||
to be sent only when needed, bearing in mind that error messages are | to be sent only when needed, bearing in mind that error messages are | |||
not protected so an adversary can try to cause unnecessary large | not protected so an adversary can try to cause unnecessary, large | |||
credential identifiers. | credential identifiers. | |||
For the error code 3, the error information SHALL be the CBOR simple | For the error code 3, the error information SHALL be the CBOR simple | |||
value true (0xf5). Error code 3 MUST NOT be used when the received | value true (0xf5). Error code 3 MUST NOT be used when the received | |||
credential identifier type is not supported. | credential identifier type is not supported. | |||
7. EDHOC Message Deduplication | 7. EDHOC Message Deduplication | |||
EDHOC by default assumes that message duplication is handled by the | By default, EDHOC assumes that message duplication is handled by the | |||
transport, in this section exemplified with CoAP, see Appendix A.2. | transport (which is exemplified by CoAP in this section); see | |||
Appendix A.2. | ||||
Deduplication of CoAP messages is described in Section 4.5 of | Deduplication of CoAP messages is described in Section 4.5 of | |||
[RFC7252]. This handles the case when the same Confirmable (CON) | [RFC7252]. This handles the case when the same Confirmable (CON) | |||
message is received multiple times due to missing acknowledgment on | message is received multiple times due to missing acknowledgment on | |||
the CoAP messaging layer. The recommended processing in [RFC7252] is | the CoAP messaging layer. The recommended processing in [RFC7252] is | |||
that the duplicate message is acknowledged (ACK), but the received | that the duplicate message is acknowledged, but the received message | |||
message is only processed once by the CoAP stack. | is only processed once by the CoAP stack. | |||
Message deduplication is resource demanding and therefore not | Message deduplication is resource demanding and therefore not | |||
supported in all CoAP implementations. Since EDHOC is targeting | supported in all CoAP implementations. Since EDHOC is targeting | |||
constrained environments, it is desirable that EDHOC can optionally | constrained environments, it is desirable that EDHOC can optionally | |||
support transport layers which do not handle message duplication. | support transport layers that do not handle message duplication. | |||
Special care is needed to avoid issues with duplicate messages, see | Special care is needed to avoid issues with duplicate messages; see | |||
Section 5.1. | Section 5.1. | |||
The guiding principle here is similar to the deduplication processing | The guiding principle here is similar to the deduplication processing | |||
on the CoAP messaging layer: a received duplicate EDHOC message SHALL | on the CoAP messaging layer, i.e., a received duplicate EDHOC message | |||
NOT result in another instance of the next EDHOC message. The result | SHALL NOT result in another instance of the next EDHOC message. The | |||
MAY be that a duplicate next EDHOC message is sent, provided it is | result MAY be that a duplicate next EDHOC message is sent, provided | |||
still relevant with respect to the current protocol state. In any | it is still relevant with respect to the current protocol state. In | |||
case, the received message MUST NOT be processed more than once in | any case, the received message MUST NOT be processed more than once | |||
the same EDHOC session. This is called "EDHOC message | in the same EDHOC session. This is called "EDHOC message | |||
deduplication". | deduplication". | |||
An EDHOC implementation MAY store the previously sent EDHOC message | An EDHOC implementation MAY store the previously sent EDHOC message | |||
to be able to resend it. | to be able to resend it. | |||
In principle, if the EDHOC implementation would deterministically | In principle, if the EDHOC implementation would deterministically | |||
regenerate the identical EDHOC message previously sent, it would be | regenerate the identical EDHOC message previously sent, it would be | |||
possible to instead store the protocol state to be able to recreate | possible to instead store the protocol state to be able to recreate | |||
and resend the previously sent EDHOC message. However, even if the | and resend the previously sent EDHOC message. However, even if the | |||
protocol state is fixed, the message generation may introduce | protocol state is fixed, the message generation may introduce | |||
differences which compromise security. For example, in the | differences that compromise security. For example, in the generation | |||
generation of message_3, if I is performing a (non-deterministic) | of message_3, if I is performing a (non-deterministic) ECDSA | |||
ECDSA signature (say, method 0 or 1, cipher suite 2 or 3) then | signature (say, method 0 or 1 and cipher suite 2 or 3), then | |||
PLAINTEXT_3 is randomized, but K_3 and IV_3 are the same, leading to | PLAINTEXT_3 is randomized, but K_3 and IV_3 are the same, leading to | |||
a key and nonce reuse. | a key and nonce reuse. | |||
The EDHOC implementation MUST NOT store previous protocol state and | The EDHOC implementation MUST NOT store the previous protocol state | |||
regenerate an EDHOC message if there is a risk that the same key and | and regenerate an EDHOC message if there is a risk that the same key | |||
IV are used for two (or more) distinct messages. | and IV are used for two (or more) distinct messages. | |||
The previous message or protocol state MUST NOT be kept longer than | The previous message or protocol state MUST NOT be kept longer than | |||
what is required for retransmission, for example, in the case of CoAP | what is required for retransmission, for example, in the case of CoAP | |||
transport, no longer than the EXCHANGE_LIFETIME (see Section 4.8.2 of | transport, no longer than the EXCHANGE_LIFETIME (see Section 4.8.2 of | |||
[RFC7252]). | [RFC7252]). | |||
8. Compliance Requirements | 8. Compliance Requirements | |||
In the absence of an application profile specifying otherwise: | In the absence of an application profile specifying otherwise: | |||
An implementation MAY support only Initiator or only Responder. | * An implementation MAY support only an Initiator or only a | |||
Responder. | ||||
An implementation MAY support only a single method. None of the | * An implementation MAY support only a single method. None of the | |||
methods are mandatory-to-implement. | methods are mandatory to implement. | |||
Implementations MUST support 'kid' parameters. None of the other | * Implementations MUST support 'kid' parameters. None of the other | |||
COSE header parameters are mandatory-to-implement. | COSE header parameters are mandatory to implement. | |||
An implementation MAY support only a single credential type (CCS, | * An implementation MAY support only a single credential type (CCS, | |||
CWT, X.509, C509). None of the credential types are mandatory-to- | CWT, X.509, or C509). None of the credential types are mandatory | |||
implement. | to implement. | |||
Implementations MUST support the EDHOC_Exporter. | * Implementations MUST support the EDHOC_Exporter. | |||
Implementations MAY support message_4. Error codes (ERR_CODE) 1 and | * Implementations MAY support message_4. Error codes (ERR_CODE) 1 | |||
2 MUST be supported. | and 2 MUST be supported. | |||
Implementations MUST support EAD. | * Implementations MUST support EAD. | |||
Implementations MUST support cipher suite 2 and 3. Cipher suites 2 | * Implementations MUST support cipher suites 2 and 3. Cipher suites | |||
(AES-CCM-16-64-128, SHA-256, 8, P-256, ES256, AES-CCM-16-64-128, SHA- | 2 (AES-CCM-16-64-128, SHA-256, 8, P-256, ES256, AES-CCM-16-64-128, | |||
256) and 3 (AES-CCM-16-128-128, SHA-256, 16, P-256, ES256, AES-CCM- | SHA-256) and 3 (AES-CCM-16-128-128, SHA-256, 16, P-256, ES256, | |||
16-64-128, SHA-256) only differ in the size of the MAC length, so | AES-CCM-16-64-128, SHA-256) only differ in the size of the MAC | |||
supporting one or both of these is not significantly different. | length, so supporting one or both of these is not significantly | |||
Implementations only need to implement the algorithms needed for | different. Implementations only need to implement the algorithms | |||
their supported methods. | needed for their supported methods. | |||
9. Security Considerations | 9. Security Considerations | |||
9.1. Security Properties | 9.1. Security Properties | |||
EDHOC has similar security properties as can be expected from the | EDHOC has similar security properties as can be expected from the | |||
theoretical SIGMA-I protocol [SIGMA] and the Noise XX pattern | theoretical SIGMA-I protocol [SIGMA] and the Noise XX pattern | |||
[Noise], which are similar to methods 0 and 3, respectively. Proven | [Noise], which are similar to methods 0 and 3, respectively. Proven | |||
security properties are detailed in the security analysis | security properties are detailed in the security analysis | |||
publications referenced at the end of this section. | publications referenced at the end of this section. | |||
Using the terminology from [SIGMA], EDHOC provides forward secrecy, | Using the terminology from [SIGMA], EDHOC provides forward secrecy, | |||
mutual authentication with aliveness, consistency, and peer | mutual authentication with aliveness, consistency, and peer | |||
awareness. As described in [SIGMA], message_3 provides peer | awareness. As described in [SIGMA], message_3 provides peer | |||
awareness to the Responder while message_4 provides peer awareness to | awareness to the Responder, while message_4 provides peer awareness | |||
the Initiator. By including the authentication credentials in the | to the Initiator. By including the authentication credentials in the | |||
transcript hash, EDHOC protects against Duplicate Signature Key | transcript hash, EDHOC protects against an identity misbinding attack | |||
Selection (DSKS)-like identity mis-binding attack that the MAC-then- | like the Duplicate Signature Key Selection (DSKS) that the MAC-then- | |||
Sign variant of SIGMA-I is otherwise vulnerable to. | Sign variant of SIGMA-I is otherwise vulnerable to. | |||
As described in [SIGMA], different levels of identity protection are | As described in [SIGMA], different levels of identity protection are | |||
provided to the Initiator and the Responder. EDHOC provides identity | provided to the Initiator and Responder. EDHOC provides identity | |||
protection of the Initiator against active attacks and identity | protection of the Initiator against active attacks and identity | |||
protection of the Responder against passive attacks. An active | protection of the Responder against passive attacks. An active | |||
attacker can get the credential identifier of the Responder by | attacker can get the credential identifier of the Responder by | |||
eavesdropping on the destination address used for transporting | eavesdropping on the destination address used for transporting | |||
message_1 and then sending its own message_1 to the same address. | message_1 and then sending its own message_1 to the same address. | |||
The roles should be assigned to protect the most sensitive identity/ | The roles should be assigned to protect the most sensitive identity/ | |||
identifier, typically that which is not possible to infer from | identifier, typically that which is not possible to infer from | |||
routing information in the lower layers. | routing information in the lower layers. | |||
EDHOC messages might change in transit due to a noisy channel or | EDHOC messages might change in transit due to a noisy channel or | |||
through modification by an attacker. Changes in message_1 and | through modification by an attacker. Changes in message_1 and | |||
message_2 (except Signature_or_MAC_2 when the signature scheme is not | message_2 (except Signature_or_MAC_2 when the signature scheme is not | |||
strongly unforgeable) are detected when verifying Signature_or_MAC_2. | strongly unforgeable) are detected when verifying Signature_or_MAC_2. | |||
Changes to not strongly unforgeable Signature_or_MAC_2, and message_3 | Changes to not strongly unforgeable Signature_or_MAC_2 and message_3 | |||
are detected when verifying CIPHERTEXT_3. Changes to message_4 are | are detected when verifying CIPHERTEXT_3. Changes to message_4 are | |||
detected when verifying CIPHERTEXT_4. | detected when verifying CIPHERTEXT_4. | |||
Compared to [SIGMA], EDHOC adds an explicit method type and expands | Compared to [SIGMA], EDHOC adds an explicit method type and expands | |||
the message authentication coverage to additional elements such as | the message authentication coverage to additional elements such as | |||
algorithms, external authorization data, and previous plaintext | algorithms, external authorization data, and previous plaintext | |||
messages. This protects against an attacker replaying messages or | messages. This protects against an attacker replaying messages or | |||
injecting messages from another EDHOC session. | injecting messages from another EDHOC session. | |||
EDHOC also adds selection of connection identifiers and downgrade | EDHOC also adds a selection of connection identifiers and downgrades | |||
protected negotiation of cryptographic parameters, i.e., an attacker | protected negotiation of cryptographic parameters, i.e., an attacker | |||
cannot affect the negotiated parameters. A single session of EDHOC | cannot affect the negotiated parameters. A single session of EDHOC | |||
does not include negotiation of cipher suites, but it enables the | does not include negotiation of cipher suites, but it enables the | |||
Responder to verify that the selected cipher suite is the most | Responder to verify that the selected cipher suite is the most | |||
preferred cipher suite by the Initiator which is supported by both | preferred cipher suite by the Initiator that is supported by both the | |||
the Initiator and the Responder, and to abort the EDHOC session if | Initiator and Responder and to abort the EDHOC session if not. | |||
not. | ||||
As required by [RFC7258], IETF protocols need to mitigate pervasive | As required by [RFC7258], IETF protocols need to mitigate pervasive | |||
monitoring when possible. EDHOC therefore only supports methods with | monitoring when possible. Therefore, EDHOC only supports methods | |||
ephemeral Diffie-Hellman and provides a key update function (see | with ephemeral Diffie-Hellman and provides a key update function (see | |||
Appendix H) for lightweight application protocol rekeying. Either of | Appendix H) for lightweight application protocol rekeying. Either of | |||
these provides forward secrecy, in the sense that compromise of the | these provides forward secrecy, in the sense that compromise of the | |||
private authentication keys does not compromise past session keys | private authentication keys does not compromise past session keys | |||
(PRK_out), and compromise of a session key does not compromise past | (PRK_out) and compromise of a session key does not compromise past | |||
session keys. Frequently re-running EDHOC with ephemeral Diffie- | session keys. Frequently re-running EDHOC with ephemeral Diffie- | |||
Hellman forces attackers to perform dynamic key exfiltration where | Hellman forces attackers to perform dynamic key exfiltration where | |||
the attacker must have continuous interactions with the collaborator, | the attacker must have continuous interactions with the collaborator, | |||
which is a significant sustained attack. | which is a significant sustained attack. | |||
To limit the effect of breaches, it is important to limit the use of | To limit the effect of breaches, it is important to limit the use of | |||
symmetric group keys for bootstrapping. EDHOC therefore strives to | symmetric group keys for bootstrapping. Therefore, EDHOC strives to | |||
make the additional cost of using raw public keys and self-signed | make the additional cost of using raw public keys and self-signed | |||
certificates as small as possible. Raw public keys and self-signed | certificates as small as possible. Raw public keys and self-signed | |||
certificates are not a replacement for a public key infrastructure | certificates are not a replacement for a public key infrastructure | |||
but SHOULD be used instead of symmetric group keys for bootstrapping. | but SHOULD be used instead of symmetric group keys for bootstrapping. | |||
Compromise of the long-term keys (private signature or static DH | Compromise of the long-term keys (private signature or static DH | |||
keys) does not compromise the security of completed EDHOC sessions. | keys) does not compromise the security of completed EDHOC sessions. | |||
Compromising the private authentication keys of one party lets an | Compromising the private authentication keys of one party lets an | |||
active attacker impersonate that compromised party in EDHOC sessions | active attacker impersonate that compromised party in EDHOC sessions | |||
with other parties but does not let the attacker impersonate other | with other parties but does not let the attacker impersonate other | |||
parties in EDHOC sessions with the compromised party. Compromise of | parties in EDHOC sessions with the compromised party. Compromise of | |||
the long-term keys does not enable a passive attacker to compromise | the long-term keys does not enable a passive attacker to compromise | |||
future session keys (PRK_out). Compromise of the HDKF input | future session keys (PRK_out). Compromise of the HKDF input | |||
parameters (ECDH shared secret) leads to compromise of all session | parameters (ECDH shared secret) leads to compromise of all session | |||
keys derived from that compromised shared secret. Compromise of one | keys derived from that compromised shared secret. Compromise of one | |||
session key does not compromise other session keys. Compromise of | session key does not compromise other session keys. Compromise of | |||
PRK_out leads to compromise of all keying material derived with the | PRK_out leads to compromise of all keying material derived with the | |||
EDHOC_Exporter. | EDHOC_Exporter. | |||
Based on the cryptographic algorithms requirements Section 9.3, EDHOC | Based on the cryptographic algorithm requirements (Section 9.3), | |||
provides a minimum of 64-bit security against online brute force | EDHOC provides a minimum of 64-bit security against online brute | |||
attacks and a minimum of 128-bit security against offline brute force | force attacks and a minimum of 128-bit security against offline brute | |||
attacks. To break 64-bit security against online brute force an | force attacks. To break 64-bit security against online brute force, | |||
attacker would on average have to send 4.3 billion messages per | an attacker would on average have to send 4.3 billion messages per | |||
second for 68 years, which is infeasible in constrained IoT radio | second for 68 years, which is infeasible in constrained IoT radio | |||
technologies. A forgery against a 64-bit MAC in EDHOC breaks the | technologies. A forgery against a 64-bit MAC in EDHOC breaks the | |||
security of all future application data, while a forgery against a | security of all future application data, while a forgery against a | |||
64-bit MAC in the subsequent application protocol (e.g., OSCORE | 64-bit MAC in the subsequent application protocol (e.g., OSCORE | |||
[RFC8613]) typically only breaks the security of the data in the | [RFC8613]) typically only breaks the security of the data in the | |||
forged packet. | forged packet. | |||
As the EDHOC session is aborted when verification fails, the security | As the EDHOC session is aborted when verification fails, the security | |||
against online attacks is given by the sum of the strength of the | against online attacks is given by the sum of the strength of the | |||
verified signatures and MACs (including MAC in AEAD). As an example, | verified signatures and MACs (including MAC in AEAD). As an example, | |||
if EDHOC is used with method 3, cipher suite 2, and message_4, the | if EDHOC is used with method 3, cipher suite 2, and message_4, the | |||
Responder is authenticated with 128-bit security against online | Responder is authenticated with 128-bit security against online | |||
attacks (the sum of the 64-bit MACs in message_2 and message_4). The | attacks (the sum of the 64-bit MACs in message_2 and message_4). The | |||
same principle applies for MACs in an application protocol keyed by | same principle applies for MACs in an application protocol keyed by | |||
EDHOC as long as EDHOC is rerun when verification of the first MACs | EDHOC as long as EDHOC is re-run when verification of the first MACs | |||
in the application protocol fails. As an example, if EDHOC with | in the application protocol fails. As an example, if EDHOC with | |||
method 3 and cipher suite 2 is used as in Figure 2 of | method 3 and cipher suite 2 is used as in Figure 2 of | |||
[I-D.ietf-core-oscore-edhoc], 128-bit mutual authentication against | [EDHOC-CoAP-OSCORE], 128-bit mutual authentication against online | |||
online attacks can be achieved after completion of the first OSCORE | attacks can be achieved after completion of the first OSCORE request | |||
request and response. | and response. | |||
After sending message_3, the Initiator is assured that no other party | After sending message_3, the Initiator is assured that no other party | |||
than the Responder can compute the key PRK_out. While the Initiator | than the Responder can compute the key PRK_out. While the Initiator | |||
can securely send protected application data, the Initiator SHOULD | can securely send protected application data, the Initiator SHOULD | |||
NOT persistently store the keying material PRK_out until the | NOT persistently store the keying material PRK_out until the | |||
Initiator has verified message_4 or a message protected with a | Initiator has verified message_4 or a message protected with a | |||
derived application key, such as an OSCORE message, from the | derived application key, such as an OSCORE message, from the | |||
Responder. After verifying message_3, the Responder is assured that | Responder. After verifying message_3, the Responder is assured that | |||
an honest Initiator has computed the key PRK_out. The Responder can | an honest Initiator has computed the key PRK_out. The Responder can | |||
securely derive and store the keying material PRK_out, and send | securely derive and store the keying material PRK_out and send | |||
protected application data. | protected application data. | |||
External authorization data sent in message_1 (EAD_1) or message_2 | External authorization data sent in message_1 (EAD_1) or message_2 | |||
(EAD_2) should be considered unprotected by EDHOC, see Section 9.5. | (EAD_2) should be considered unprotected by EDHOC; see Section 9.5. | |||
EAD_2 is encrypted but the Responder has not yet authenticated the | EAD_2 is encrypted, but the Responder has not yet authenticated the | |||
Initiator and the encryption does not provide confidentiality against | Initiator and the encryption does not provide confidentiality against | |||
active attacks. | active attacks. | |||
External authorization data sent in message_3 (EAD_3) or message_4 | External authorization data sent in message_3 (EAD_3) or message_4 | |||
(EAD_4) is protected between Initiator and Responder by the protocol, | (EAD_4) is protected between the Initiator and Responder by the | |||
but note that EAD fields may be used by the application before the | protocol, but note that EAD fields may be used by the application | |||
message verification is completed, see Section 3.8. Designing a | before the message verification is completed; see Section 3.8. | |||
secure mechanism that uses EAD is not necessarily straightforward. | Designing a secure mechanism that uses EAD is not necessarily | |||
This document only provides the EAD transport mechanism, but the | straightforward. This document only provides the EAD transport | |||
problem of agreeing on the surrounding context and the meaning of the | mechanism, but the problem of agreeing on the surrounding context and | |||
information passed to and from the application remains. Any new uses | the meaning of the information passed to and from the application | |||
of EAD should be subject to careful review. | remains. Any new uses of EAD should be subject to careful review. | |||
Key compromise impersonation (KCI): In EDHOC authenticated with | Key Compromise Impersonation (KCI): In EDHOC authenticated with | |||
signature keys, EDHOC provides KCI protection against an attacker | signature keys, EDHOC provides KCI protection against an attacker | |||
having access to the long-term key or the ephemeral secret key. With | having access to the long-term key or the ephemeral secret key. | |||
static Diffie-Hellman key authentication, KCI protection would be | With static Diffie-Hellman key authentication, KCI protection | |||
provided against an attacker having access to the long-term Diffie- | would be provided against an attacker having access to the long- | |||
Hellman key, but not to an attacker having access to the ephemeral | term Diffie-Hellman key but not to an attacker having access to | |||
secret key. Note that the term KCI has typically been used for | the ephemeral secret key. Note that the term KCI has typically | |||
compromise of long-term keys, and that an attacker with access to the | been used for compromise of long-term keys and that an attacker | |||
ephemeral secret key can only attack that specific EDHOC session. | with access to the ephemeral secret key can only attack that | |||
specific EDHOC session. | ||||
Repudiation: If an endpoint authenticates with a signature, the other | Repudiation: If an endpoint authenticates with a signature, the | |||
endpoint can prove that the endpoint performed a run of the protocol | other endpoint can prove that the endpoint performed a run of the | |||
by presenting the data being signed as well as the signature itself. | protocol by presenting the data being signed as well as the | |||
With static Diffie-Hellman key authentication, the authenticating | signature itself. With static Diffie-Hellman key authentication, | |||
endpoint can deny having participated in the protocol. | the authenticating endpoint can deny having participated in the | |||
protocol. | ||||
Earlier versions of EDHOC have been formally analyzed [Bruni18] | Earlier versions of EDHOC have been formally analyzed [Bruni18] | |||
[Norrman20] [CottierPointcheval22] [Jacomme23] [GuentherIlunga22] and | [Norrman20] [CottierPointcheval22] [Jacomme23] [GuentherIlunga22], | |||
the specification has been updated based on the analysis. | and the specification has been updated based on the analysis. | |||
9.2. Cryptographic Considerations | 9.2. Cryptographic Considerations | |||
The SIGMA protocol requires that the encryption of message_3 provides | The SIGMA protocol requires that the encryption of message_3 provides | |||
confidentiality against active attackers and EDHOC message_4 relies | confidentiality against active attackers and EDHOC message_4 relies | |||
on the use of authenticated encryption. Hence, the message | on the use of authenticated encryption. Hence, the message | |||
authenticating functionality of the authenticated encryption in EDHOC | authenticating functionality of the authenticated encryption in EDHOC | |||
is critical: authenticated encryption MUST NOT be replaced by plain | is critical, i.e., authenticated encryption MUST NOT be replaced by | |||
encryption only, even if authentication is provided at another level | plain encryption only, even if authentication is provided at another | |||
or through a different mechanism. | level or through a different mechanism. | |||
To reduce message overhead EDHOC does not use explicit nonces and | To reduce message overhead, EDHOC does not use explicit nonces and | |||
instead relies on the ephemeral public keys to provide randomness to | instead relies on the ephemeral public keys to provide randomness to | |||
each EDHOC session. A good amount of randomness is important for the | each EDHOC session. A good amount of randomness is important for the | |||
key generation, to provide liveness, and to protect against | key generation to provide liveness and to protect against | |||
interleaving attacks. For this reason, the ephemeral keys MUST NOT | interleaving attacks. For this reason, the ephemeral keys MUST NOT | |||
be used in more than one EDHOC message, and both parties SHALL | be used in more than one EDHOC message, and both parties SHALL | |||
generate fresh random ephemeral key pairs. Note that an ephemeral | generate fresh, random ephemeral key pairs. Note that an ephemeral | |||
key may be used to calculate several ECDH shared secrets. When | key may be used to calculate several ECDH shared secrets. When | |||
static Diffie-Hellman authentication is used the same ephemeral key | static Diffie-Hellman authentication is used, the same ephemeral key | |||
is used in both ephemeral-ephemeral and ephemeral-static ECDH. | is used in both ephemeral-ephemeral and ephemeral-static ECDH. | |||
As discussed in [SIGMA], the encryption of message_2 does only need | As discussed in [SIGMA], the encryption of message_2 only needs to | |||
to protect against passive attacker as active attackers can always | protect against a passive attacker since active attackers can always | |||
get the Responder's identity by sending their own message_1. EDHOC | get the Responder's identity by sending their own message_1. EDHOC | |||
uses the EDHOC_Expand function (typically HKDF-Expand) as a binary | uses the EDHOC_Expand function (typically HKDF-Expand) as a binary | |||
additive stream cipher which is proven secure as long as the expand | additive stream cipher that is proven secure as long as the expand | |||
function is a PRF. HKDF-Expand is not often used as a stream cipher | function is a Pseudorandom Function (PRF). HKDF-Expand is not often | |||
as it is slow on long messages, and most applications require both | used as a stream cipher as it is slow on long messages, and most | |||
confidentiality with indistinguishability under chosen ciphertext | applications require both confidentiality with indistinguishability | |||
(IND-CCA) as well as integrity protection. For the encryption of | under adaptive chosen ciphertext attack (IND-CCA2) as well as | |||
message_2, any speed difference is negligible, IND-CCA does not | integrity protection. For the encryption of message_2, any speed | |||
increase security, and integrity is provided by the inner MAC (and | difference is negligible, IND-CCA2 does not increase security, and | |||
signature depending on method). | integrity is provided by the inner MAC (and signature depending on | |||
method). | ||||
Requirements for how to securely generate, validate, and process the | Requirements for how to securely generate, validate, and process the | |||
public keys depend on the elliptic curve. For X25519 and X448, the | public keys depend on the elliptic curve. For X25519 and X448, the | |||
requirements are defined in [RFC7748]. For X25519 and X448, the | requirements are defined in [RFC7748]. For X25519 and X448, the | |||
check for all-zero output as specified in Section 6 of [RFC7748] MUST | check for all-zero output as specified in Section 6 of [RFC7748] MUST | |||
be done. For secp256r1, secp384r1, and secp521r1, the requirements | be done. For secp256r1, secp384r1, and secp521r1, the requirements | |||
are defined in Section 5 of [SP-800-56A]. For secp256r1, secp384r1, | are defined in Section 5 of [SP-800-56A]. For secp256r1, secp384r1, | |||
and secp521r1, at least partial public-key validation MUST be done. | and secp521r1, at least partial public key validation MUST be done. | |||
The same authentication credential MAY be used for both the Initiator | The same authentication credential MAY be used for both the Initiator | |||
and Responder roles. As noted in Section 12 of [RFC9052] the use of | and Responder roles. As noted in Section 12 of [RFC9052], the use of | |||
a single key for multiple algorithms is strongly discouraged unless | a single key for multiple algorithms is strongly discouraged unless | |||
proven secure by a dedicated cryptographic analysis. In particular | proven secure by a dedicated cryptographic analysis. In particular, | |||
this recommendation applies to using the same private key for static | this recommendation applies to using the same private key for static | |||
Diffie-Hellman authentication and digital signature authentication. | Diffie-Hellman authentication and digital signature authentication. | |||
A preliminary conjecture is that a minor change to EDHOC may be | A preliminary conjecture is that a minor change to EDHOC may be | |||
sufficient to fit the analysis of secure shared signature and ECDH | sufficient to fit the analysis of a secure shared signature and ECDH | |||
key usage in [Degabriele11] and [Thormarker21]. | key usage in [Degabriele11] and [Thormarker21]. Note that | |||
Section 5.6.3.2 of [SP-800-56A] allows a key agreement key pair to be | ||||
used with a signature algorithm in certificate requests. | ||||
The property that a completed EDHOC session implies that another | The property that a completed EDHOC session implies that another | |||
identity has been active is upheld as long as the Initiator does not | identity has been active is upheld as long as the Initiator does not | |||
have its own identity in the set of Responder identities it is | have its own identity in the set of Responder identities it is | |||
allowed to communicate with. In Trust on first use (TOFU) use cases, | allowed to communicate with. In trust-on-first-use (TOFU) use cases | |||
see Appendix D.5, the Initiator should verify that the Responder's | (see Appendix D.5), the Initiator should verify that the Responder's | |||
identity is not equal to its own. Any future EDHOC methods using | identity is not equal to its own. Any future EDHOC methods using, | |||
e.g., pre-shared keys might need to mitigate this in other ways. | e.g., PSKs might need to mitigate this in other ways. However, an | |||
However, an active attacker can gain information about the set of | active attacker can gain information about the set of identities an | |||
identities an Initiator is willing to communicate with. If the | Initiator is willing to communicate with. If the Initiator is | |||
Initiator is willing to communicate with all identities except its | willing to communicate with all identities except its own, an | |||
own an attacker can determine that a guessed Initiator identity is | attacker can determine that a guessed Initiator identity is correct. | |||
correct. To not leak any long-term identifiers, using a freshly | To not leak any long-term identifiers, using a freshly generated | |||
generated authentication key as identity in each initial TOFU session | authentication key as an identity in each initial TOFU session is | |||
is RECOMMENDED. | RECOMMENDED. | |||
NIST SP 800-56A [SP-800-56A] forbids deriving secret and non-secret | NIST SP 800-56A [SP-800-56A] forbids deriving secret and non-secret | |||
randomness from the same KDF instance, but this decision has been | randomness from the same Key Derivation Function (KDF) instance, but | |||
criticized by Krawczyk [HKDFpaper] and doing so is common practice. | this decision has been criticized by Krawczyk in [HKDFpaper] and | |||
In addition to IVs, other examples are the challenge in EAP-TTLS, the | doing so is common practice. In addition to IVs, other examples are | |||
RAND in 3GPP AKAs, and the Session-Id in EAP-TLS 1.3. Note that part | the challenge in Extensible Authentication Protocol Tunneled | |||
of KEYSTREAM_2 is also non-secret randomness as it is known or | Transport Layer Security (EAP-TTLS), the RAND in 3GPP Authentication | |||
predictable to an attacker. The more recent NIST SP 800-108 | and Key Agreement (AKA), and the Session-Id in EAP-TLS 1.3. Note | |||
[SP-800-108] aligns with [HKDFpaper] and states that for a secure | that part of KEYSTREAM_2 is also non-secret randomness, as it is | |||
known or predictable to an attacker. The more recent NIST SP 800-108 | ||||
[SP-800-108] aligns with [HKDFpaper] and states that, for a secure | ||||
KDF, the revelation of one portion of the derived keying material | KDF, the revelation of one portion of the derived keying material | |||
must not degrade the security of any other portion of that keying | must not degrade the security of any other portion of that keying | |||
material. | material. | |||
9.3. Cipher Suites and Cryptographic Algorithms | 9.3. Cipher Suites and Cryptographic Algorithms | |||
When using private cipher suite or registering new cipher suites, the | When using a private cipher suite or registering new cipher suites, | |||
choice of key length used in the different algorithms needs to be | the choice of the key length used in the different algorithms needs | |||
harmonized, so that a sufficient security level is maintained for | to be harmonized so that a sufficient security level is maintained | |||
authentication credentials, the EDHOC session, and the protection of | for authentication credentials, the EDHOC session, and the protection | |||
application data. The Initiator and the Responder should enforce a | of application data. The Initiator and Responder should enforce a | |||
minimum security level. | minimum security level. | |||
The output size of the EDHOC hash algorithm MUST be at least | The output size of the EDHOC hash algorithm MUST be at least 256 | |||
256-bits, i.e., the hash algorithms SHA-1 and SHA-256/64 (SHA-256 | bits, i.e., the hash algorithms SHA-1 and SHA-256/64 (SHA-256 | |||
truncated to 64-bits) SHALL NOT be supported for use in EDHOC except | truncated to 64 bits) SHALL NOT be supported for use in EDHOC except | |||
for certificate identification with x5t and c5t. For security | for certificate identification with x5t and c5t. For security | |||
considerations of SHA-1, see [RFC6194]. As EDHOC integrity protects | considerations of SHA-1, see [RFC6194]. As EDHOC integrity protects | |||
the whole authentication credentials, the choice of hash algorithm in | all the authentication credentials, the choice of hash algorithm in | |||
x5t and c5t does not affect security, and using the same hash | x5t and c5t does not affect security and using the same hash | |||
algorithm as in the cipher suite, but with as much truncation as | algorithm as in the cipher suite, but with as much truncation as | |||
possible, is RECOMMENDED. That is, when the EDHOC hash algorithm is | possible, is RECOMMENDED. That is, when the EDHOC hash algorithm is | |||
SHA-256, using SHA-256/64 in x5t and c5t is RECOMMENDED. The EDHOC | SHA-256, using SHA-256/64 in x5t and c5t is RECOMMENDED. The EDHOC | |||
MAC length MUST be at least 8 bytes and the tag length of the EDHOC | MAC length MUST be at least 8 bytes and the tag length of the EDHOC | |||
AEAD algorithm MUST be at least 64-bits. Note that secp256k1 is only | AEAD algorithm MUST be at least 64 bits. Note that secp256k1 is only | |||
defined for use with ECDSA and not for ECDH. Note that some COSE | defined for use with ECDSA and not for ECDH. Note that some COSE | |||
algorithms are marked as not recommended in the COSE IANA registry. | algorithms are marked as not recommended in the COSE IANA registry. | |||
9.4. Post-Quantum Considerations | 9.4. Post-Quantum Considerations | |||
As of the publication of this specification, it is unclear when or | As of the publication of this specification, it is unclear when or | |||
even if a quantum computer of sufficient size and power to exploit | even if a quantum computer of sufficient size and power to exploit | |||
public key cryptography will exist. Deployments that need to | public key cryptography will exist. Deployments that need to | |||
consider risks decades into the future should transition to Post- | consider risks decades into the future should transition to Post- | |||
Quantum Cryptography (PQC) in the not-too-distant future. Many other | Quantum Cryptography (PQC) in the not-too-distant future. Many other | |||
systems should take a slower wait-and-see approach where PQC is | systems should take a slower wait-and-see approach where PQC is | |||
phased in when the quantum threat is more imminent. Current PQC | phased in when the quantum threat is more imminent. Current PQC | |||
algorithms have limitations compared to Elliptic Curve Cryptography | algorithms have limitations compared to Elliptic Curve Cryptography | |||
(ECC) and the data sizes would be problematic in many constrained IoT | (ECC), and the data sizes would be problematic in many constrained | |||
systems. | IoT systems. | |||
Symmetric algorithms used in EDHOC such as SHA-256 and AES-CCM- | Symmetric algorithms used in EDHOC, such as SHA-256 and AES-CCM- | |||
16-64-128 are practically secure against even large quantum | 16-64-128, are practically secure against even large quantum | |||
computers. Two of NIST's security levels for quantum-resistant | computers. Two of NIST's security levels for quantum-resistant | |||
public-key cryptography are based on AES-128 and SHA-256. Quantum | public key cryptography are based on AES-128 and SHA-256. A quantum | |||
computer will likely be expensive, slow due to heavy error | computer will likely be expensive and slow due to heavy error | |||
correction, and Grover’s algorithm, which is proven to be optimal, | correction. Grover's algorithm, which is proven to be optimal, | |||
cannot effectively be parallelized. Grover’s algorithm will provide | cannot effectively be parallelized. It will provide little or no | |||
little or no advantage in attacking AES, and AES-128 will remain | advantage in attacking AES, and AES-128 will remain secure for | |||
secure for decades to come [NISTPQC]. | decades to come [NISTPQC]. | |||
EDHOC supports all signature algorithms defined by COSE, including | EDHOC supports all signature algorithms defined by COSE, including | |||
PQC signature algorithms such as HSS-LMS. EDHOC is currently only | PQC signature algorithms such as HSS-LMS. EDHOC is currently only | |||
specified for use with key exchange algorithms of type ECDH curves, | specified for use with key exchange algorithms of type ECDH curves, | |||
but any Key Encapsulation Method (KEM), including PQC KEMs, can be | but any Key Encapsulation Method (KEM), including PQC KEMs, can be | |||
used in method 0. While the key exchange in method 0 is specified | used in method 0. While the key exchange in method 0 is specified | |||
with terms of the Diffie-Hellman protocol, the key exchange adheres | with the terms of the Diffie-Hellman protocol, the key exchange | |||
to a KEM interface: G_X is then the public key of the Initiator, G_Y | adheres to a KEM interface: G_X is then the public key of the | |||
is the encapsulation, and G_XY is the shared secret. Use of PQC KEMs | Initiator, G_Y is the encapsulation, and G_XY is the shared secret. | |||
to replace static DH authentication would likely require a | Use of PQC KEMs to replace static DH authentication would likely | |||
specification updating EDHOC with new methods. | require a specification updating EDHOC with new methods. | |||
9.5. Unprotected Data and Privacy | 9.5. Unprotected Data and Privacy | |||
The Initiator and the Responder must make sure that unprotected data | The Initiator and Responder must make sure that unprotected data and | |||
and metadata do not reveal any sensitive information. This also | metadata do not reveal any sensitive information. This also applies | |||
applies for encrypted data sent to an unauthenticated party. In | for encrypted data sent to an unauthenticated party. In particular, | |||
particular, it applies to EAD_1, ID_CRED_R, EAD_2, and error | it applies to EAD_1, ID_CRED_R, EAD_2, and error messages. Using the | |||
messages. Using the same EAD_1 in several EDHOC sessions allows | same EAD_1 in several EDHOC sessions allows passive eavesdroppers to | |||
passive eavesdroppers to correlate the different sessions. Note that | correlate the different sessions. Note that even if ead_value is | |||
even if ead_value is encrypted outside of EDHOC, the ead_labels in | encrypted outside of EDHOC, the ead_labels in EAD_1 is revealed to | |||
EAD_1 is revealed to passive attackers and the ead_labels in EAD_2 is | passive attackers and the ead_labels in EAD_2 is revealed to active | |||
revealed to active attackers. Another consideration is that the list | attackers. Another consideration is that the list of supported | |||
of supported cipher suites may potentially be used to identify the | cipher suites may potentially be used to identify the application. | |||
application. The Initiator and the Responder must also make sure | The Initiator and Responder must also make sure that unauthenticated | |||
that unauthenticated data does not trigger any harmful actions. In | data does not trigger any harmful actions. In particular, this | |||
particular, this applies to EAD_1 and error messages. | applies to EAD_1 and error messages. | |||
An attacker observing network traffic may use connection identifiers | An attacker observing network traffic may use connection identifiers | |||
sent in clear in EDHOC or the subsequent application protocol to | sent in clear in EDHOC or the subsequent application protocol to | |||
correlate packets sent on different paths or at different times. The | correlate packets sent on different paths or at different times. The | |||
attacker may use this information for traffic flow analysis or to | attacker may use this information for traffic flow analysis or to | |||
track an endpoint. Application protocols using connection | track an endpoint. Application protocols using connection | |||
identifiers from EDHOC SHOULD provide mechanisms to update the | identifiers from EDHOC SHOULD provide mechanisms to update the | |||
connection identifiers and MAY provide mechanisms to issue several | connection identifiers and MAY provide mechanisms to issue several | |||
simultaneously active connection identifiers. See [RFC9000] for a | simultaneously active connection identifiers. See [RFC9000] for a | |||
non-constrained example of such mechanisms. Connection identifiers | non-constrained example of such mechanisms. Connection identifiers | |||
can e.g., be chosen randomly among the set of unused 1-byte | can, e.g., be chosen randomly among the set of unused 1-byte | |||
connection identifiers. Connection identity privacy mechanisms are | connection identifiers. Connection identity privacy mechanisms are | |||
only useful when there are not fixed identifiers such as IP address | only useful when there are not fixed identifiers, such as IP address | |||
or MAC address in the lower layers. | or MAC address in the lower layers. | |||
9.6. Updated Internet Threat Model Considerations | 9.6. Updated Internet Threat Model Considerations | |||
Since the publication of [RFC3552] there has been an increased | Since the publication of [RFC3552], there has been an increased | |||
awareness of the need to protect against endpoints that are | awareness of the need to protect against endpoints that are | |||
compromised, malicious, or whose interests simply do not align with | compromised or malicious or whose interests simply do not align with | |||
the interests of users | the interests of users [THREAT-MODEL-GUIDANCE]. [RFC7624] describes | |||
[I-D.arkko-arch-internet-threat-model-guidance]. [RFC7624] describes | an updated threat model for Internet confidentiality; see | |||
an updated threat model for Internet confidentiality, see | Section 9.1. [THREAT-MODEL-GUIDANCE] further expands the threat | |||
Section 9.1. [I-D.arkko-arch-internet-threat-model-guidance] further | model. Implementations and users should take these threat models | |||
expands the threat model. Implementations and users should take | into account and consider actions to reduce the risk of tracking by | |||
these threat models into account and consider actions to reduce the | other endpoints. In particular, even data sent protected to the | |||
risk of tracking by other endpoints. In particular, even data sent | other endpoint, such as ID_CRED fields and EAD fields, can be used | |||
protected to the other endpoint such as ID_CRED fields and EAD fields | for tracking; see Section 2.7 of [THREAT-MODEL-GUIDANCE]. | |||
can be used for tracking, see Section 2.7 of | ||||
[I-D.arkko-arch-internet-threat-model-guidance]. | ||||
The fields ID_CRED_I, ID_CRED_R, EAD_2, EAD_3, and EAD_4 have | The fields ID_CRED_I, ID_CRED_R, EAD_2, EAD_3, and EAD_4 have | |||
variable length, and information regarding the length may leak to an | variable length, and information regarding the length may leak to an | |||
attacker. A passive attacker may, e.g., be able to differentiate | attacker. A passive attacker may, e.g., be able to differentiate | |||
endpoints using identifiers of different length. To mitigate this | endpoints using identifiers of different length. To mitigate this | |||
information leakage an implementation may ensure that the fields have | information leakage, an implementation may ensure that the fields | |||
fixed length or use padding. An implementation may, e.g., only use | have a fixed length or use padding. An implementation may, e.g., | |||
fixed length identifiers like 'kid' of length 1. Alternatively, | only use fixed length identifiers like 'kid' of length 1. | |||
padding may be used (see Section 3.8.1) to hide the true length of, | Alternatively, padding may be used (see Section 3.8.1) to hide the | |||
e.g., certificates by value in 'x5chain' or 'c5c'. | true length of, e.g., certificates by value in 'x5chain' or 'c5c'. | |||
9.7. Denial-of-Service | 9.7. Denial of Service | |||
EDHOC itself does not provide countermeasures against denial-of- | EDHOC itself does not provide countermeasures against denial-of- | |||
service attacks. In particular, by sending a number of new or | service attacks. In particular, by sending a number of new or | |||
replayed message_1 an attacker may cause the Responder to allocate | replayed message_1, an attacker may cause the Responder to allocate | |||
state, perform cryptographic operations, and amplify messages. To | the state, perform cryptographic operations, and amplify messages. | |||
mitigate such attacks, an implementation SHOULD make use of available | To mitigate such attacks, an implementation SHOULD make use of | |||
lower layer mechanisms. For instance, when EDHOC is transferred as | available lower layer mechanisms. For instance, when EDHOC is | |||
an exchange of CoAP messages, the CoAP server can use the Echo option | transferred as an exchange of CoAP messages, the CoAP server can use | |||
defined in [RFC9175] which forces the CoAP client to demonstrate | the Echo option defined in [RFC9175], which forces the CoAP client to | |||
reachability at its apparent network address. To avoid an additional | demonstrate reachability at its apparent network address. To avoid | |||
roundtrip the Initiator can reduce the amplification factor by | an additional round trip, the Initiator can reduce the amplification | |||
padding message_1, i.e., using EAD_1, see Section 3.8.1. Note that | factor by padding message_1, i.e., using EAD_1; see Section 3.8.1. | |||
while the Echo option mitigates some resource exhaustion aspects of | Note that while the Echo option mitigates some resource exhaustion | |||
spoofing, it does not protect against a distributed denial-of-service | aspects of spoofing, it does not protect against a distributed | |||
attack made by real, potentially compromised, clients. Similarly, | denial-of-service attack made by real, potentially compromised, | |||
limiting amplification only reduces the impact, which still may be | clients. Similarly, limiting amplification only reduces the impact, | |||
significant because of a large number of clients engaged in the | which still may be significant because of a large number of clients | |||
attack. | engaged in the attack. | |||
An attacker can also send faked message_2, message_3, message_4, or | An attacker can also send a faked message_2, message_3, message_4, or | |||
error in an attempt to trick the receiving party to send an error | error in an attempt to trick the receiving party to send an error | |||
message and abort the EDHOC session. EDHOC implementations MAY | message and abort the EDHOC session. EDHOC implementations MAY | |||
evaluate if a received message is likely to have been forged by an | evaluate if a received message is likely to have been forged by an | |||
attacker and ignore it without sending an error message or aborting | attacker and ignore it without sending an error message or aborting | |||
the EDHOC session. | the EDHOC session. | |||
9.8. Implementation Considerations | 9.8. Implementation Considerations | |||
The availability of a secure random number generator is essential for | The availability of a secure random number generator is essential for | |||
the security of EDHOC. If no true random number generator is | the security of EDHOC. If no true random number generator is | |||
available, a random seed MUST be provided from an external source and | available, a random seed MUST be provided from an external source and | |||
used with a cryptographically secure pseudorandom number generator. | used with a cryptographically secure pseudorandom number generator. | |||
As each pseudorandom number must only be used once, an implementation | As each pseudorandom number must only be used once, an implementation | |||
needs to get a unique input to the pseudorandom number generator | needs to get a unique input to the pseudorandom number generator | |||
after reboot, or continuously store state in nonvolatile memory. | after reboot or continuously store state in nonvolatile memory. | |||
Appendix B.1.1 in [RFC8613] describes issues and solution approaches | Appendix B.1.1 of [RFC8613] describes issues and solution approaches | |||
for writing to nonvolatile memory. Intentionally or unintentionally | for writing to nonvolatile memory. Intentionally or unintentionally | |||
weak or predictable pseudorandom number generators can be abused or | weak or predictable pseudorandom number generators can be abused or | |||
exploited for malicious purposes. [RFC8937] describes a way for | exploited for malicious purposes. [RFC8937] describes a way for | |||
security protocol implementations to augment their (pseudo)random | security protocol implementations to augment their (pseudo)random | |||
number generators using a long-term private key and a deterministic | number generators using a long-term private key and a deterministic | |||
signature function. This improves randomness from broken or | signature function. This improves randomness from broken or | |||
otherwise subverted random number generators. The same idea can be | otherwise subverted random number generators. The same idea can be | |||
used with other secrets and functions such as a Diffie-Hellman | used with other secrets and functions, such as a Diffie-Hellman | |||
function or a symmetric secret and a PRF like HMAC or KMAC. It is | function or a symmetric secret, and a PRF like HMAC or KMAC. It is | |||
RECOMMENDED to not trust a single source of randomness and to not put | RECOMMENDED to not trust a single source of randomness and to not put | |||
unaugmented random numbers on the wire. | unaugmented random numbers on the wire. | |||
For many constrained IoT devices it is problematic to support several | For many constrained IoT devices, it is problematic to support | |||
crypto primitives. Existing devices can be expected to support | several crypto primitives. Existing devices can be expected to | |||
either ECDSA or EdDSA. If ECDSA is supported, "deterministic ECDSA" | support either ECDSA or Edwards-curve Digital Signature Algorithm | |||
as specified in [RFC6979] MAY be used. Pure deterministic elliptic- | (EdDSA). If ECDSA is supported, "deterministic ECDSA", as specified | |||
curve signatures such as deterministic ECDSA and EdDSA have gained | in [RFC6979], MAY be used. Pure deterministic elliptic-curve | |||
popularity over randomized ECDSA as their security do not depend on a | signatures, such as deterministic ECDSA and EdDSA, have gained | |||
source of high-quality randomness. Recent research has however found | popularity over randomized ECDSA as their security does not depend on | |||
that implementations of these signature algorithms may be vulnerable | a source of high-quality randomness. Recent research has however | |||
to certain side-channel and fault injection attacks due to their | found that implementations of these signature algorithms may be | |||
determinism. See e.g., Section 1 of | vulnerable to certain side-channel and fault injection attacks due to | |||
[I-D.irtf-cfrg-det-sigs-with-noise] for a list of attack papers. As | their determinism. For example, see Section 1 of [HEDGED-ECC-SIGS] | |||
suggested in Section 2.1.1 of [RFC9053] this can be addressed by | for a list of attack papers. As suggested in Section 2.1.1 of | |||
combining randomness and determinism. | [RFC9053], this can be addressed by combining randomness and | |||
determinism. | ||||
Appendix D of [I-D.ietf-lwig-curve-representations] describes how | Appendix D of [CURVE-REPR] describes how Montgomery curves, such as | |||
Montgomery curves such as X25519 and X448 and (twisted) Edwards | X25519 and X448, and (twisted) Edwards curves, such as Ed25519 and | |||
curves as curves such as Ed25519 and Ed448 can be mapped to and from | Ed448, can be mapped to and from short-Weierstrass form for | |||
short-Weierstrass form for implementation on platforms that | implementations on platforms that accelerate elliptic curve group | |||
accelerate elliptic curve group operations in short-Weierstrass form. | operations in short-Weierstrass form. | |||
All private keys, symmetric keys, and IVs MUST be secret. Only the | All private keys, symmetric keys, and IVs MUST be secret. Only the | |||
Responder SHALL have access to the Responder's private authentication | Responder SHALL have access to the Responder's private authentication | |||
key and only the Initiator SHALL have access to the Initiator's | key, and only the Initiator SHALL have access to the Initiator's | |||
private authentication key. Implementations should provide | private authentication key. Implementations should provide | |||
countermeasures to side-channel attacks such as timing attacks. | countermeasures to side-channel attacks, such as timing attacks. | |||
Intermediate computed values such as ephemeral ECDH keys and ECDH | Intermediate computed values, such as ephemeral ECDH keys and ECDH | |||
shared secrets MUST be deleted after key derivation is completed. | shared secrets, MUST be deleted after key derivation is completed. | |||
The Initiator and the Responder are responsible for verifying the | The Initiator and Responder are responsible for verifying the | |||
integrity and validity of certificates. Verification of validity may | integrity and validity of certificates. Verification of validity may | |||
require the use of a Real-Time Clock (RTC). The selection of trusted | require the use of a Real-Time Clock (RTC). The selection of trusted | |||
CAs should be done very carefully and certificate revocation should | certification authorities (CAs) should be done very carefully and | |||
be supported. The choice of revocation mechanism is left to the | certificate revocation should be supported. The choice of revocation | |||
application. For example, in case of X.509 certificates, Certificate | mechanism is left to the application. For example, in case of X.509 | |||
Revocation Lists [RFC5280] or OCSP [RFC6960] may be used. | certificates, Certificate Revocation Lists [RFC5280] or the Online | |||
Certificate Status Protocol (OCSP) [RFC6960] may be used. | ||||
Similar considerations as for certificates are needed for CWT/CCS. | Similar considerations as for certificates are needed for CWT/CCS. | |||
The endpoints are responsible for verifying the integrity and | The endpoints are responsible for verifying the integrity and | |||
validity of CWT/CCS, and to handle revocation. The application needs | validity of CWT/CCS and to handle revocation. The application needs | |||
to determine what trust anchors are relevant, and have a well-defined | to determine what trust anchors are relevant and have a well-defined | |||
trust-establishment process. A self-signed certificate/CWT or CCS | trust-establishment process. A self-signed certificate / CWT or CCS | |||
appearing in the protocol cannot be a trigger to modify the set of | appearing in the protocol cannot be a trigger to modify the set of | |||
trust anchors. One common way for a new trust anchor to be added to | trust anchors. One common way for a new trust anchor to be added to | |||
(or removed from) a device is by means firmware upgrade. See | (or removed from) a device is by means firmware upgrade. See | |||
[RFC9360] for a longer discussion on trust and validation in | [RFC9360] for a longer discussion on trust and validation in | |||
constrained devices. | constrained devices. | |||
Just like for certificates, the contents of the COSE header | Just like for certificates, the contents of the COSE header | |||
parameters 'kcwt' and 'kccs' defined in Section 10.6 must be | parameters 'kcwt' and 'kccs' defined in Section 10.6 must be | |||
processed as untrusted input. Endpoints that intend to rely on the | processed as untrusted inputs. Endpoints that intend to rely on the | |||
assertions made by a CWT/CCS obtained from any of these methods need | assertions made by a CWT/CCS obtained from any of these methods need | |||
to validate the contents. For 'kccs', which enables transport of raw | to validate the contents. For 'kccs', which enables transport of raw | |||
public keys, the data structure used does not include any protection | public keys, the data structure used does not include any protection | |||
or verification data. 'kccs' may be used for unauthenticated | or verification data. 'kccs' may be used for unauthenticated | |||
operations, e.g. trust on first use, with the limitations and caveats | operations, e.g., trust on first use, with the limitations and | |||
entailed, see Appendix D.5. | caveats entailed; see Appendix D.5. | |||
The Initiator and the Responder are allowed to select the connection | The Initiator and Responder are allowed to select connection | |||
identifier C_I and C_R, respectively, for the other party to use in | identifiers C_I and C_R, respectively, for the other party to use in | |||
the ongoing EDHOC session as well as in a subsequent application | the ongoing EDHOC session as well as in a subsequent application | |||
protocol (e.g., OSCORE [RFC8613]). The choice of connection | protocol (e.g., OSCORE [RFC8613]). The choice of the connection | |||
identifier is not security critical in EDHOC but intended to simplify | identifier is not security critical in EDHOC but intended to simplify | |||
the retrieval of the right security context in combination with using | the retrieval of the right security context in combination with using | |||
short identifiers. If the wrong connection identifier of the other | short identifiers. If the wrong connection identifier of the other | |||
party is used in a protocol message it will result in the receiving | party is used in a protocol message, it will result in the receiving | |||
party not being able to retrieve a security context (which will abort | party not being able to retrieve a security context (which will abort | |||
the EDHOC session) or retrieve the wrong security context (which also | the EDHOC session) or retrieve the wrong security context (which also | |||
aborts the EDHOC session as the message cannot be verified). | aborts the EDHOC session as the message cannot be verified). | |||
If two nodes unintentionally initiate two simultaneous EDHOC sessions | If two nodes unintentionally initiate two simultaneous EDHOC sessions | |||
with each other even if they only want to complete a single EDHOC | with each other, even if they only want to complete a single EDHOC | |||
session, they MAY abort the EDHOC session with the lexicographically | session, they MAY abort the EDHOC session with the lexicographically | |||
smallest G_X. Note that in cases where several EDHOC sessions with | smallest G_X. Note that in cases where several EDHOC sessions with | |||
different parameter sets (method, COSE headers, etc.) are used, an | different parameter sets (method, COSE headers, etc.) are used, an | |||
attacker can affect which parameter set will be used by blocking some | attacker can affect which parameter set will be used by blocking some | |||
of the parameter sets. | of the parameter sets. | |||
If supported by the device, it is RECOMMENDED that at least the long- | If supported by the device, it is RECOMMENDED that at least the long- | |||
term private keys are stored in a Trusted Execution Environment (TEE, | term private keys are stored in a Trusted Execution Environment (TEE) | |||
see for example [RFC9397]) and that sensitive operations using these | (for example, see [RFC9397]) and that sensitive operations using | |||
keys are performed inside the TEE. To achieve even higher security | these keys are performed inside the TEE. To achieve even higher | |||
it is RECOMMENDED that additional operations such as ephemeral key | security, it is RECOMMENDED that additional operations such as | |||
generation, all computations of shared secrets, and storage of the | ephemeral key generation, all computations of shared secrets, and | |||
PRK keys can be done inside the TEE. The use of a TEE aims at | storage of the PRK keys can be done inside the TEE. The use of a TEE | |||
preventing code within that environment to be tampered with, and | aims at preventing code within that environment to be tampered with | |||
preventing data used by such code to be read or tampered with by code | and preventing data used by such code to be read or tampered with by | |||
outside that environment. | code outside that environment. | |||
Note that HKDF-Expand has a relatively small maximum output length of | Note that HKDF-Expand has a relatively small maximum output length of | |||
255 ⋅ hash_length, where hash_length is the output size in bytes of | 255 ⋅ hash_length, where hash_length is the output size in bytes of | |||
the EDHOC hash algorithm of the selected cipher suite. This means | the EDHOC hash algorithm of the selected cipher suite. This means | |||
that when SHA-256 is used as hash algorithm, PLAINTEXT_2 cannot be | that when SHA-256 is used as a hash algorithm, PLAINTEXT_2 cannot be | |||
longer than 8160 bytes. This is probably not a limitation for most | longer than 8160 bytes. This is probably not a limitation for most | |||
intended applications, but to be able to support for example long | intended applications, but to be able to support, for example, long | |||
certificate chains or large external authorization data, there is a | certificate chains or large external authorization data, there is a | |||
backwards compatible method specified in Appendix G. | backwards compatible method specified in Appendix G. | |||
The sequence of transcript hashes in EDHOC (TH_2, TH_3, TH_4) does | The sequence of transcript hashes in EDHOC (TH_2, TH_3, and TH_4) | |||
not make use of a so-called running hash. This is a design choice as | does not make use of a so-called running hash. This is a design | |||
running hashes are often not supported on constrained platforms. | choice, as running hashes are often not supported on constrained | |||
platforms. | ||||
When parsing a received EDHOC message, implementations MUST abort the | When parsing a received EDHOC message, implementations MUST abort the | |||
EDHOC session if the message does not comply with the CDDL for that | EDHOC session if the message does not comply with the CDDL for that | |||
message. Implementations are not required to support non- | message. Implementations are not required to support non- | |||
deterministic encodings and MAY abort the EDHOC session if the | deterministic encodings and MAY abort the EDHOC session if the | |||
received EDHOC message is not encoded using deterministic CBOR. | received EDHOC message is not encoded using deterministic CBOR. | |||
Implementations MUST abort the EDHOC session if validation of a | Implementations MUST abort the EDHOC session if validation of a | |||
received public key fails or if any cryptographic field has the wrong | received public key fails or if any cryptographic field has the wrong | |||
length. | length. It is RECOMMENDED to abort the EDHOC session if the received | |||
EDHOC message is not encoded using deterministic CBOR. | ||||
10. IANA Considerations | 10. IANA Considerations | |||
This Section gives IANA Considerations and, unless otherwise noted, | This section gives IANA considerations and, unless otherwise noted, | |||
conforms with [RFC8126]. | conforms with [RFC8126]. | |||
10.1. EDHOC Exporter Label Registry | 10.1. EDHOC Exporter Label Registry | |||
IANA is requested to create a new registry under the new registry | IANA has created a new registry under the new registry group | |||
group "Ephemeral Diffie-Hellman Over COSE (EDHOC)" as follows: | "Ephemeral Diffie-Hellman Over COSE (EDHOC)" as follows: | |||
Registry Name: EDHOC Exporter Label | ||||
Reference: [[this document]] | ||||
+-------------+------------------------------+-------------------+ | ||||
| Label | Description | Reference | | ||||
+=============+==============================+===================+ | ||||
| 0 | Derived OSCORE Master Secret | [[this document]] | | ||||
+-------------+------------------------------+-------------------+ | ||||
| 1 | Derived OSCORE Master Salt | [[this document]] | | ||||
+-------------+------------------------------+-------------------+ | ||||
| 2-22 | Unassigned | | | ||||
+-------------+------------------------------+-------------------+ | ||||
| 23 | Reserved | [[this document]] | | ||||
+-------------+------------------------------+-------------------+ | ||||
| 24-32767 | Unassigned | | | ||||
+-------------+------------------------------+-------------------+ | ||||
| 32768-65535 | Private Use | | | ||||
+-------------+------------------------------+-------------------+ | ||||
Figure 13: EDHOC exporter label. | ||||
+-------------+-------------------------------------+ | ||||
| Range | Registration Procedures | | ||||
+=============+=====================================+ | ||||
| 0 to 23 | Standards Action | | ||||
+-------------+-------------------------------------+ | ||||
| 24 to 32767 | Expert Review | | ||||
+-------------+-------------------------------------+ | ||||
10.2. EDHOC Cipher Suites Registry | ||||
IANA is requested to create a new registry under the new registry | ||||
group "Ephemeral Diffie-Hellman Over COSE (EDHOC)" as follows: | ||||
Registry Name: EDHOC Cipher Suites | Registry Name: EDHOC Exporter Labels | |||
Reference: [[this document]] | Reference: RFC 9528 | |||
The columns of the registry are Value, Array and Description, where | +=============+==============================+===========+ | |||
Value is an integer and the other columns are text strings. The | | Label | Description | Reference | | |||
initial contents of the registry are: | +=============+==============================+===========+ | |||
| 0 | Derived OSCORE Master Secret | RFC 9528 | | ||||
+-------------+------------------------------+-----------+ | ||||
| 1 | Derived OSCORE Master Salt | RFC 9528 | | ||||
+-------------+------------------------------+-----------+ | ||||
| 2-22 | Unassigned | | | ||||
+-------------+------------------------------+-----------+ | ||||
| 23 | Reserved | RFC 9528 | | ||||
+-------------+------------------------------+-----------+ | ||||
| 24-32767 | Unassigned | | | ||||
+-------------+------------------------------+-----------+ | ||||
| 32768-65535 | Reserved for Private Use | | | ||||
+-------------+------------------------------+-----------+ | ||||
Value: -24 | Table 4: EDHOC Exporter Labels | |||
Array: N/A | ||||
Description: Private Use | ||||
Reference: [[this document]] | ||||
Value: -23 | This registry also has a "Change Controller" field. For | |||
Array: N/A | registrations made by IETF documents, the IETF is listed. | |||
Description: Private Use | ||||
Reference: [[this document]] | ||||
Value: -22 | ||||
Array: N/A | ||||
Description: Private Use | ||||
Reference: [[this document]] | ||||
Value: -21 | +=============+=========================+ | |||
Array: N/A | | Range | Registration Procedures | | |||
Description: Private Use | +=============+=========================+ | |||
Reference: [[this document]] | | 0-23 | Standards Action | | |||
+-------------+-------------------------+ | ||||
| 24-32767 | Expert Review | | ||||
+-------------+-------------------------+ | ||||
| 32768-65535 | Private Use | | ||||
+-------------+-------------------------+ | ||||
Value: 0 | Table 5: Registration Procedures for | |||
Array: 10, -16, 8, 4, -8, 10, -16 | EDHOC Exporter Labels | |||
Description: AES-CCM-16-64-128, SHA-256, 8, X25519, EdDSA, | ||||
AES-CCM-16-64-128, SHA-256 | ||||
Reference: [[this document]] | ||||
Value: 1 | 10.2. EDHOC Cipher Suites Registry | |||
Array: 30, -16, 16, 4, -8, 10, -16 | ||||
Description: AES-CCM-16-128-128, SHA-256, 16, X25519, EdDSA, | ||||
AES-CCM-16-64-128, SHA-256 | ||||
Reference: [[this document]] | ||||
Value: 2 | IANA has created a new registry under the new registry group | |||
Array: 10, -16, 8, 1, -7, 10, -16 | "Ephemeral Diffie-Hellman Over COSE (EDHOC)" as follows: | |||
Description: AES-CCM-16-64-128, SHA-256, 8, P-256, ES256, | ||||
AES-CCM-16-64-128, SHA-256 | ||||
Reference: [[this document]] | ||||
Value: 3 | Registry Name: EDHOC Cipher Suites | |||
Array: 30, -16, 16, 1, -7, 10, -16 | ||||
Description: AES-CCM-16-128-128, SHA-256, 16, P-256, ES256, | ||||
AES-CCM-16-64-128, SHA-256 | ||||
Reference: [[this document]] | ||||
Value: 4 | Reference: RFC 9528 | |||
Array: 24, -16, 16, 4, -8, 24, -16 | ||||
Description: ChaCha20/Poly1305, SHA-256, 16, X25519, EdDSA, | ||||
ChaCha20/Poly1305, SHA-256 | ||||
Reference: [[this document]] | ||||
Value: 5 | The columns of the registry are Value, Array, Description, and | |||
Array: 24, -16, 16, 1, -7, 24, -16 | Reference, where Value is an integer and the other columns are text | |||
Description: ChaCha20/Poly1305, SHA-256, 16, P-256, ES256, | strings. The initial contents of the registry are: | |||
ChaCha20/Poly1305, SHA-256 | ||||
Reference: [[this document]] | ||||
Value: 6 | ||||
Array: 1, -16, 16, 4, -7, 1, -16 | ||||
Description: A128GCM, SHA-256, 16, X25519, ES256, | ||||
A128GCM, SHA-256 | ||||
Reference: [[this document]] | ||||
Value: 23 | +=======+================+=============================+===========+ | |||
Reserved | | Value | Array | Description | Reference | | |||
Reference: [[this document]] | +=======+================+=============================+===========+ | |||
| -24 | N/A | Private Use | RFC 9528 | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| -23 | N/A | Private Use | RFC 9528 | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| -22 | N/A | Private Use | RFC 9528 | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| -21 | N/A | Private Use | RFC 9528 | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| 0 | 10, -16, 8, 4, | AES-CCM-16-64-128, SHA-256, | RFC 9528 | | ||||
| | -8, 10, -16 | 8, X25519, EdDSA, | | | ||||
| | | AES-CCM-16-64-128, SHA-256 | | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| 1 | 30, -16, 16, | AES-CCM-16-128-128, | RFC 9528 | | ||||
| | 4, -8, 10, -16 | SHA-256, 16, X25519, EdDSA, | | | ||||
| | | AES-CCM-16-64-128, SHA-256 | | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| 2 | 10, -16, 8, 1, | AES-CCM-16-64-128, SHA-256, | RFC 9528 | | ||||
| | -7, 10, -16 | 8, P-256, ES256, | | | ||||
| | | AES-CCM-16-64-128, SHA-256 | | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| 3 | 30, -16, 16, | AES-CCM-16-128-128, | RFC 9528 | | ||||
| | 1, -7, 10, -16 | SHA-256, 16, P-256, ES256, | | | ||||
| | | AES-CCM-16-64-128, SHA-256 | | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| 4 | 24, -16, 16, | ChaCha20/Poly1305, SHA-256, | RFC 9528 | | ||||
| | 4, -8, 24, -16 | 16, X25519, EdDSA, | | | ||||
| | | ChaCha20/Poly1305, SHA-256 | | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| 5 | 24, -16, 16, | ChaCha20/Poly1305, SHA-256, | RFC 9528 | | ||||
| | 1, -7, 24, -16 | 16, P-256, ES256, | | | ||||
| | | ChaCha20/Poly1305, SHA-256 | | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| 6 | 1, -16, 16, 4, | A128GCM, SHA-256, 16, | RFC 9528 | | ||||
| | -7, 1, -16 | X25519, ES256, A128GCM, | | | ||||
| | | SHA-256 | | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| 23 | Reserved | | RFC 9528 | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| 24 | 3, -43, 16, 2, | A256GCM, SHA-384, 16, | RFC 9528 | | ||||
| | -35, 3, -43 | P-384, ES384, A256GCM, | | | ||||
| | | SHA-384 | | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
| 25 | 24, -45, 16, | ChaCha20/Poly1305, | RFC 9528 | | ||||
| | 5, -8, 24, -45 | SHAKE256, 16, X448, EdDSA, | | | ||||
| | | ChaCha20/Poly1305, SHAKE256 | | | ||||
+-------+----------------+-----------------------------+-----------+ | ||||
Value: 24 | Table 6: EDHOC Cipher Suites | |||
Array: 3, -43, 16, 2, -35, 3, -43 | ||||
Description: A256GCM, SHA-384, 16, P-384, ES384, | ||||
A256GCM, SHA-384 | ||||
Reference: [[this document]] | ||||
Value: 25 | +===============+=====================================+ | |||
Array: 24, -45, 16, 5, -8, 24, -45 | | Range | Registration Procedures | | |||
Description: ChaCha20/Poly1305, SHAKE256, 16, X448, EdDSA, | +===============+=====================================+ | |||
ChaCha20/Poly1305, SHAKE256 | | -65536 to -25 | Specification Required | | |||
Reference: [[this document]] | +---------------+-------------------------------------+ | |||
| -24 to -21 | Private Use | | ||||
+---------------+-------------------------------------+ | ||||
| -20 to 23 | Standards Action with Expert Review | | ||||
+---------------+-------------------------------------+ | ||||
| 24 to 65535 | Specification Required | | ||||
+---------------+-------------------------------------+ | ||||
+----------------+-------------------------------------+ | Table 7: Registration Procedures for EDHOC Cipher | |||
| Range | Registration Procedures | | Suites | |||
+================+=====================================+ | ||||
| -65536 to -25 | Specification Required | | ||||
+----------------+-------------------------------------+ | ||||
| -20 to 23 | Standards Action with Expert Review | | ||||
+----------------+-------------------------------------+ | ||||
| 24 to 65535 | Specification Required | | ||||
+----------------+-------------------------------------+ | ||||
10.3. EDHOC Method Type Registry | 10.3. EDHOC Method Type Registry | |||
IANA is requested to create a new registry under the new registry | IANA has created a new registry under the new registry group | |||
group "Ephemeral Diffie-Hellman Over COSE (EDHOC)" as follows: | "Ephemeral Diffie-Hellman Over COSE (EDHOC)" as follows: | |||
Registry Name: EDHOC Method Type | Registry Name: EDHOC Method Types | |||
Reference: [[this document]] | Reference: RFC 9528 | |||
The columns of the registry are Value, Initiator Authentication Key, | The columns of the registry are Value, Initiator Authentication Key, | |||
and Responder Authentication Key, and Reference, where Value is an | Responder Authentication Key, and Reference, where Value is an | |||
integer and the key columns are text strings describing the | integer and the key columns are text strings describing the | |||
authentication keys. | authentication keys. | |||
The initial contents of the registry are shown in Figure 4. Method | The initial contents of the registry are shown in Table 2. Method 23 | |||
23 is Reserved. | is Reserved. | |||
+----------------+-------------------------------------+ | +===============+=====================================+ | |||
| Range | Registration Procedures | | | Range | Registration Procedures | | |||
+================+=====================================+ | +===============+=====================================+ | |||
| -65536 to -25 | Specification Required | | | -65536 to -25 | Specification Required | | |||
+----------------+-------------------------------------+ | +---------------+-------------------------------------+ | |||
| -24 to 23 | Standards Action with Expert Review | | | -24 to 23 | Standards Action with Expert Review | | |||
+----------------+-------------------------------------+ | +---------------+-------------------------------------+ | |||
| 24 to 65535 | Specification Required | | | 24 to 65535 | Specification Required | | |||
+----------------+-------------------------------------+ | +---------------+-------------------------------------+ | |||
Table 8: Registration Procedures for EDHOC Method Types | ||||
10.4. EDHOC Error Codes Registry | 10.4. EDHOC Error Codes Registry | |||
IANA is requested to create a new registry under the new registry | IANA has created a new registry under the new registry group | |||
group "Ephemeral Diffie-Hellman Over COSE (EDHOC)" as follows: | "Ephemeral Diffie-Hellman Over COSE (EDHOC)" as follows: | |||
Registry Name: EDHOC Error Codes | Registry Name: EDHOC Error Codes | |||
Reference: [[this document]] | Reference: RFC 9528 | |||
The columns of the registry are ERR_CODE, ERR_INFO Type, Description, | The columns of the registry are ERR_CODE, ERR_INFO Type, Description, | |||
and Reference, where ERR_CODE is an integer, ERR_INFO is a CDDL | Change Controller, and Reference, where ERR_CODE is an integer, | |||
defined type, and Description is a text string. The initial contents | ERR_INFO is a CDDL defined type, and Description is a text string. | |||
of the registry are shown in Figure 10. Error code 23 is Reserved. | The initial contents of the registry are shown in Table 3. Error | |||
code 23 is Reserved. This registry also has a "Change Controller" | ||||
field. For registrations made by IETF documents, the IETF is listed. | ||||
+----------------+-------------------------------------+ | +===============+=========================+ | |||
| Range | Registration Procedures | | | Range | Registration Procedures | | |||
+================+=====================================+ | +===============+=========================+ | |||
| -65536 to -25 | Expert Review | | | -65536 to -25 | Expert Review | | |||
+----------------+-------------------------------------+ | +---------------+-------------------------+ | |||
| -24 to 23 | Standards Action | | | -24 to 23 | Standards Action | | |||
+----------------+-------------------------------------+ | +---------------+-------------------------+ | |||
| 24 to 65535 | Expert Review | | | 24 to 65535 | Expert Review | | |||
+----------------+-------------------------------------+ | +---------------+-------------------------+ | |||
Table 9: Registration Procedures for | ||||
EDHOC Error Codes | ||||
10.5. EDHOC External Authorization Data Registry | 10.5. EDHOC External Authorization Data Registry | |||
IANA is requested to create a new registry under the new registry | IANA has created a new registry under the new registry group | |||
group "Ephemeral Diffie-Hellman Over COSE (EDHOC)" as follows: | "Ephemeral Diffie-Hellman Over COSE (EDHOC)" as follows: | |||
Registry Name: EDHOC External Authorization Data | Registry Name: EDHOC External Authorization Data | |||
Reference: [[this document]] | Reference: RFC 9528 | |||
The columns of the registry are Name, Label, Description, and | The columns of the registry are Name, Label, Description, and | |||
Reference, where Label is a non-negative integer and the other | Reference, where Label is a nonnegative integer and the other columns | |||
columns are text strings. The initial contents of the registry is | are text strings. The initial contents of the registry are shown in | |||
shown in Figure 14. EAD label 23 is Reserved. | Table 10. EAD label 23 is Reserved. | |||
+-----------+-------+------------------------+-------------------+ | +=========+=======+====================+===============+ | |||
| Name | Label | Description | Reference | | | Name | Label | Description | Reference | | |||
+===========+=======+========================+===================+ | +=========+=======+====================+===============+ | |||
| Padding | 0 | Randomly generated | [[this document]] | | | Padding | 0 | Randomly generated | RFC 9528, | | |||
| | | CBOR byte string | Section 3.8.1 | | | | | CBOR byte string | Section 3.8.1 | | |||
+-----------+-------+------------------------+-------------------+ | +---------+-------+--------------------+---------------+ | |||
| | 23 | Reserved | RFC 9528 | | ||||
+---------+-------+--------------------+---------------+ | ||||
Figure 14: EAD labels. | Table 10: EDHOC EAD Labels | |||
+-------------+-------------------------------------+ | +=============+=====================================+ | |||
| Range | Registration Procedures | | | Range | Registration Procedures | | |||
+=============+=====================================+ | +=============+=====================================+ | |||
| 0 to 23 | Standards Action with Expert Review | | | 0 to 23 | Standards Action with Expert Review | | |||
+-------------+-------------------------------------+ | +-------------+-------------------------------------+ | |||
| 24 to 65535 | Specification Required | | | 24 to 65535 | Specification Required | | |||
+-------------+-------------------------------------+ | +-------------+-------------------------------------+ | |||
Table 11: Registration procedures for EDHOC EAD | ||||
Labels | ||||
10.6. COSE Header Parameters Registry | 10.6. COSE Header Parameters Registry | |||
IANA is requested to register the following entries in the "COSE | IANA has registered the following entries in the "COSE Header | |||
Header Parameters" registry under the registry group "CBOR Object | Parameters" registry under the registry group "CBOR Object Signing | |||
Signing and Encryption (COSE)" (see Figure 15): The value of the | and Encryption (COSE)" (see Table 12). The value of the 'kcwt' | |||
'kcwt' header parameter is a COSE Web Token (CWT) [RFC8392], and the | header parameter is a COSE Web Token (CWT) [RFC8392], and the value | |||
value of the 'kccs' header parameter is a CWT Claims Set (CCS), see | of the 'kccs' header parameter is a CWT Claims Set (CCS); see | |||
Section 1.4. The CWT/CCS must contain a COSE_Key in a 'cnf' claim | Section 1.4. The CWT/CCS must contain a COSE_Key in a 'cnf' claim | |||
[RFC8747]. The Value Registry for this item is empty and omitted | [RFC8747]. The Value Registry column for this item is empty and | |||
from the table below. | omitted from the table below. | |||
+------+-------+---------------+------------------------------------+ | +======+=======+===============+===============================+ | |||
| Name | Label | Value Type | Description | | | Name | Label | Value Type | Description | | |||
+======+=======+===============+====================================+ | +======+=======+===============+===============================+ | |||
| kcwt | TBD1 | COSE_Messages | A CBOR Web Token (CWT) containing | | | kcwt | 13 | COSE_Messages | A CBOR Web Token (CWT) | | |||
| | | | a COSE_Key in a 'cnf' claim and | | | | | | containing a COSE_Key in a | | |||
| | | | possibly other claims. CWT is | | | | | | 'cnf' claim and possibly | | |||
| | | | defined in RFC 8392. COSE_Messages | | | | | | other claims. CWT is defined | | |||
| | | | is defined in RFC 9052. | | | | | | in RFC 8392. COSE_Messages | | |||
+------+-------+---------------+------------------------------------+ | | | | | is defined in RFC 9052. | | |||
| kccs | TBD2 | map | A CWT Claims Set (CCS) containing | | +------+-------+---------------+-------------------------------+ | |||
| | | | a COSE_Key in a 'cnf' claim and | | | kccs | 14 | map | A CWT Claims Set (CCS) | | |||
| | | | possibly other claims. CCS is | | | | | | containing a COSE_Key in a | | |||
| | | | defined in RFC 8392. | | | | | | 'cnf' claim and possibly | | |||
+------+-------+---------------+------------------------------------+ | | | | | other claims. CCS is defined | | |||
| | | | in RFC 8392. | | ||||
+------+-------+---------------+-------------------------------+ | ||||
Figure 15: COSE header parameter labels. | Table 12: COSE Header Parameter Labels | |||
10.7. The Well-Known URI Registry | 10.7. Well-Known URI Registry | |||
IANA is requested to add the well-known URI "edhoc" to the "Well- | IANA has added the well-known URI "edhoc" to the "Well-Known URIs" | |||
Known URIs" registry. | registry. | |||
* URI suffix: edhoc | URI Suffix: edhoc | |||
* Change controller: IETF | Change Controller: IETF | |||
* Specification document(s): [[this document]] | Reference: RFC 9528 | |||
* Related information: None | Related Information: None | |||
10.8. Media Types Registry | 10.8. Media Types Registry | |||
IANA is requested to add the media types "application/edhoc+cbor-seq" | IANA has added the media types "application/edhoc+cbor-seq" and | |||
and "application/cid-edhoc+cbor-seq" to the "Media Types" registry. | "application/cid-edhoc+cbor-seq" to the "Media Types" registry. | |||
10.8.1. application/edhoc+cbor-seq Media Type Registration | 10.8.1. application/edhoc+cbor-seq Media Type Registration | |||
* Type name: application | Type name: application | |||
* Subtype name: edhoc+cbor-seq | Subtype name: edhoc+cbor-seq | |||
* Required parameters: N/A | Required parameters: N/A | |||
* Optional parameters: N/A | Optional parameters: N/A | |||
* Encoding considerations: binary | Encoding considerations: binary | |||
* Security considerations: See Section 7 of this document. | Security considerations: See Section 7 of RFC 9528. | |||
* Interoperability considerations: N/A | Interoperability considerations: N/A | |||
* Published specification: [[this document]] (this document) | Published specification: RFC 9528 | |||
* Applications that use this media type: To be identified | Applications that use this media type: To be identified | |||
* Fragment identifier considerations: N/A | Fragment identifier considerations: N/A | |||
* Additional information: | Additional information: | |||
- Magic number(s): N/A | Magic number(s): N/A | |||
- File extension(s): N/A | File extension(s): N/A | |||
- Macintosh file type code(s): N/A | Macintosh file type code(s): N/A | |||
* Person & email address to contact for further information: See | Person & email address to contact for further information: See | |||
"Authors' Addresses" section. | "Authors' Addresses" section in RFC 9528. | |||
* Intended usage: COMMON | Intended usage: COMMON | |||
* Restrictions on usage: N/A | Restrictions on usage: N/A | |||
* Author: See "Authors' Addresses" section. | Author: See "Authors' Addresses" section. | |||
* Change Controller: IESG | Change Controller: IETF | |||
10.8.2. application/cid-edhoc+cbor-seq Media Type Registration | 10.8.2. application/cid-edhoc+cbor-seq Media Type Registration | |||
* Type name: application | Type name: application | |||
* Subtype name: cid-edhoc+cbor-seq | Subtype name: cid-edhoc+cbor-seq | |||
* Required parameters: N/A | Required parameters: N/A | |||
* Optional parameters: N/A | Optional parameters: N/A | |||
* Encoding considerations: binary | Encoding considerations: binary | |||
* Security considerations: See Section 7 of this document. | Security considerations: See Section 7 of RFC 9528. | |||
* Interoperability considerations: N/A | Interoperability considerations: N/A | |||
* Published specification: [[this document]] (this document) | Published specification: RFC 9528 | |||
* Applications that use this media type: To be identified | Applications that use this media type: To be identified | |||
* Fragment identifier considerations: N/A | Fragment identifier considerations: N/A | |||
* Additional information: | Additional information: | |||
- Magic number(s): N/A | Magic number(s): N/A | |||
- File extension(s): N/A | File extension(s): N/A | |||
- Macintosh file type code(s): N/A | Macintosh file type code(s): N/A | |||
* Person & email address to contact for further information: See | Person & email address to contact for further information: See | |||
"Authors' Addresses" section. | "Authors' Addresses" section in RFC 9528. | |||
* Intended usage: COMMON | Intended usage: COMMON | |||
* Restrictions on usage: N/A | Restrictions on usage: N/A | |||
* Author: See "Authors' Addresses" section. | ||||
* Change Controller: IESG | Author: See "Authors' Addresses" section. | |||
Change Controller: IETF | ||||
10.9. CoAP Content-Formats Registry | 10.9. CoAP Content-Formats Registry | |||
IANA is requested to add the media types "application/edhoc+cbor-seq" | IANA has added the media types "application/edhoc+cbor-seq" and | |||
and "application/cid-edhoc+cbor-seq" to the "CoAP Content-Formats" | "application/cid-edhoc+cbor-seq" to the "CoAP Content-Formats" | |||
registry under the registry group "Constrained RESTful Environments | registry under the registry group "Constrained RESTful Environments | |||
(CoRE) Parameters". | (CoRE) Parameters". | |||
+--------------------------------+----------+------+-------------------+ | +================================+================+====+===========+ | |||
| Media Type | Encoding | ID | Reference | | | Content Type | Content Coding | ID | Reference | | |||
+================================+==========+======+===================+ | +================================+================+====+===========+ | |||
| application/edhoc+cbor-seq | - | TBD5 | [[this document]] | | | application/edhoc+cbor-seq | - | 64 | RFC 9528 | | |||
| application/cid-edhoc+cbor-seq | - | TBD6 | [[this document]] | | +--------------------------------+----------------+----+-----------+ | |||
+--------------------------------+----------+------+-------------------+ | | application/cid-edhoc+cbor-seq | - | 65 | RFC 9528 | | |||
+--------------------------------+----------------+----+-----------+ | ||||
Figure 16: CoAP Content-Format IDs | Table 13: CoAP Content-Format IDs | |||
10.10. Resource Type (rt=) Link Target Attribute Values Registry | 10.10. Resource Type (rt=) Link Target Attribute Values Registry | |||
IANA is requested to add the resource type "core.edhoc" to the | IANA has added the resource type "core.edhoc" to the "Resource Type | |||
"Resource Type (rt=) Link Target Attribute Values" registry under the | (rt=) Link Target Attribute Values" registry under the registry group | |||
registry group "Constrained RESTful Environments (CoRE) Parameters". | "Constrained RESTful Environments (CoRE) Parameters". | |||
* Value: "core.edhoc" | Value: "core.edhoc" | |||
* Description: EDHOC resource. | Description: EDHOC resource. | |||
* Reference: [[this document]] | Reference: RFC 9528 | |||
10.11. Expert Review Instructions | 10.11. Expert Review Instructions | |||
The IANA Registries established in this document are defined as | The IANA registries established in this document are defined as | |||
"Expert Review", "Specification Required" or "Standards Action with | "Expert Review", "Specification Required", or "Standards Action with | |||
Expert Review". This section gives some general guidelines for what | Expert Review". This section gives some general guidelines for what | |||
the experts should be looking for, but they are being designated as | the experts should be looking for, but they are being designated as | |||
experts for a reason so they should be given substantial latitude. | experts for a reason so they should be given substantial latitude. | |||
Expert reviewers should take into consideration the following points: | Expert reviewers should take into consideration the following points: | |||
* Clarity and correctness of registrations. Experts are expected to | * The clarity and correctness of registrations. Experts are | |||
check the clarity of purpose and use of the requested entries. | expected to check the clarity of purpose and use of the requested | |||
Expert needs to make sure the values of algorithms are taken from | entries. Expert needs to make sure the values of algorithms are | |||
the right registry, when that is required. Experts should | taken from the right registry when that is required. Experts | |||
consider requesting an opinion on the correctness of registered | should consider requesting an opinion on the correctness of | |||
parameters from relevant IETF working groups. Encodings that do | registered parameters from relevant IETF working groups. | |||
not meet these objective of clarity and completeness should not be | Encodings that do not meet these objectives of clarity and | |||
registered. | completeness should not be registered. | |||
* Experts should take into account the expected usage of fields when | * The expected usage of fields when approving code point assignment. | |||
approving code point assignment. The length of the encoded value | The length of the encoded value should be weighed against how many | |||
should be weighed against how many code points of that length are | code points of that length are left, the size of device it will be | |||
left, the size of device it will be used on, and the number of | used on, and the number of code points left that encode to that | |||
code points left that encode to that size. | size. | |||
* Even for "Expert Review" specifications are recommended. When | * The fact that even "Expert Review" specifications are recommended. | |||
specifications are not provided for a request where Expert Review | When specifications are not provided for a request where Expert | |||
is the assignment policy, the description provided needs to have | Review is the assignment policy, the description provided needs to | |||
sufficient information to verify the code points above. | have sufficient information to verify the code points above. | |||
11. References | 11. References | |||
11.1. Normative References | 11.1. Normative References | |||
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
<https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
skipping to change at page 71, line 19 ¶ | skipping to change at line 3284 ¶ | |||
11.2. Informative References | 11.2. Informative References | |||
[Bruni18] Bruni, A., Sahl Jørgensen, T., Grønbech Petersen, T., and | [Bruni18] Bruni, A., Sahl Jørgensen, T., Grønbech Petersen, T., and | |||
C. Schürmann, "Formal Verification of Ephemeral Diffie- | C. Schürmann, "Formal Verification of Ephemeral Diffie- | |||
Hellman Over COSE (EDHOC)", November 2018, | Hellman Over COSE (EDHOC)", November 2018, | |||
<https://www.springerprofessional.de/en/formal- | <https://www.springerprofessional.de/en/formal- | |||
verification-of-ephemeral-diffie-hellman-over-cose- | verification-of-ephemeral-diffie-hellman-over-cose- | |||
edhoc/16284348>. | edhoc/16284348>. | |||
[CborMe] Bormann, C., "CBOR Playground", May 2018, | [C509-CERTS] | |||
<https://cbor.me/>. | Preuß Mattsson, J., Selander, G., Raza, S., Höglund, J., | |||
and M. Furuhed, "CBOR Encoded X.509 Certificates (C509 | ||||
[CNSA] NSA, "Commercial National Security Algorithm Suite", | ||||
August 2015, <https://en.wikipedia.org/wiki/ | ||||
Commercial_National_Security_Algorithm_Suite>. | ||||
[CottierPointcheval22] | ||||
Cottier, B. and D. Pointcheval, "Security Analysis of the | ||||
EDHOC protocol", September 2022, | ||||
<https://arxiv.org/abs/2209.03599>. | ||||
[Degabriele11] | ||||
Degabriele, J. P., Lehmann, A., Paterson, K. G., Smart, N. | ||||
P., and M. Strefler, "On the Joint Security of Encryption | ||||
and Signature in EMV", December 2011, | ||||
<https://eprint.iacr.org/2011/615>. | ||||
[GuentherIlunga22] | ||||
Günther, F. and M. Ilunga, "Careful with MAc-then-SIGn: A | ||||
Computational Analysis of the EDHOC Lightweight | ||||
Authenticated Key Exchange Protocol", December 2022, | ||||
<https://eprint.iacr.org/2022/1705>. | ||||
[HKDFpaper] | ||||
Krawczyk, H., "Cryptographic Extraction and Key | ||||
Derivation: The HKDF Scheme", May 2010, | ||||
<https://eprint.iacr.org/2010/264.pdf>. | ||||
[I-D.arkko-arch-internet-threat-model-guidance] | ||||
Arkko, J. and S. Farrell, "Internet Threat Model | ||||
Guidance", Work in Progress, Internet-Draft, draft-arkko- | ||||
arch-internet-threat-model-guidance-00, 12 July 2021, | ||||
<https://datatracker.ietf.org/doc/html/draft-arkko-arch- | ||||
internet-threat-model-guidance-00>. | ||||
[I-D.ietf-core-oscore-edhoc] | ||||
Palombini, F., Tiloca, M., Höglund, R., Hristozov, S., and | ||||
G. Selander, "Using Ephemeral Diffie-Hellman Over COSE | ||||
(EDHOC) with the Constrained Application Protocol (CoAP) | ||||
and Object Security for Constrained RESTful Environments | ||||
(OSCORE)", Work in Progress, Internet-Draft, draft-ietf- | ||||
core-oscore-edhoc-10, 29 November 2023, | ||||
<https://datatracker.ietf.org/doc/html/draft-ietf-core- | ||||
oscore-edhoc-10>. | ||||
[I-D.ietf-core-oscore-key-update] | ||||
Höglund, R. and M. Tiloca, "Key Update for OSCORE | ||||
(KUDOS)", Work in Progress, Internet-Draft, draft-ietf- | ||||
core-oscore-key-update-06, 23 October 2023, | ||||
<https://datatracker.ietf.org/doc/html/draft-ietf-core- | ||||
oscore-key-update-06>. | ||||
[I-D.ietf-cose-cbor-encoded-cert] | ||||
Mattsson, J. P., Selander, G., Raza, S., Höglund, J., and | ||||
M. Furuhed, "CBOR Encoded X.509 Certificates (C509 | ||||
Certificates)", Work in Progress, Internet-Draft, draft- | Certificates)", Work in Progress, Internet-Draft, draft- | |||
ietf-cose-cbor-encoded-cert-07, 20 October 2023, | ietf-cose-cbor-encoded-cert-07, 20 October 2023, | |||
<https://datatracker.ietf.org/doc/html/draft-ietf-cose- | <https://datatracker.ietf.org/doc/html/draft-ietf-cose- | |||
cbor-encoded-cert-07>. | cbor-encoded-cert-07>. | |||
[I-D.ietf-iotops-security-protocol-comparison] | [CborMe] Bormann, C., "CBOR Playground", <https://cbor.me/>. | |||
[CNSA] Wikipedia, "Commercial National Security Algorithm Suite", | ||||
October 2023, <https://en.wikipedia.org/w/index.php?title= | ||||
Commercial_National_Security_Algorithm_Suite&oldid=1181333 | ||||
611>. | ||||
[CoAP-SEC-PROT] | ||||
Mattsson, J. P., Palombini, F., and M. Vučinić, | Mattsson, J. P., Palombini, F., and M. Vučinić, | |||
"Comparison of CoAP Security Protocols", Work in Progress, | "Comparison of CoAP Security Protocols", Work in Progress, | |||
Internet-Draft, draft-ietf-iotops-security-protocol- | Internet-Draft, draft-ietf-iotops-security-protocol- | |||
comparison-03, 23 October 2023, | comparison-04, 4 March 2024, | |||
<https://datatracker.ietf.org/doc/html/draft-ietf-iotops- | <https://datatracker.ietf.org/doc/html/draft-ietf-iotops- | |||
security-protocol-comparison-03>. | security-protocol-comparison-04>. | |||
[I-D.ietf-lake-reqs] | ||||
Vučinić, M., Selander, G., Mattsson, J. P., and D. Garcia- | ||||
Carillo, "Requirements for a Lightweight AKE for OSCORE", | ||||
Work in Progress, Internet-Draft, draft-ietf-lake-reqs-04, | ||||
8 June 2020, <https://datatracker.ietf.org/doc/html/draft- | ||||
ietf-lake-reqs-04>. | ||||
[I-D.ietf-lake-traces] | [CottierPointcheval22] | |||
Selander, G., Mattsson, J. P., Serafin, M., Tiloca, M., | Cottier, B. and D. Pointcheval, "Security Analysis of the | |||
and M. Vučinić, "Traces of EDHOC", Work in Progress, | EDHOC protocol", September 2022, | |||
Internet-Draft, draft-ietf-lake-traces-08, 22 September | <https://arxiv.org/abs/2209.03599>. | |||
2023, <https://datatracker.ietf.org/doc/html/draft-ietf- | ||||
lake-traces-08>. | ||||
[I-D.ietf-lwig-curve-representations] | [CURVE-REPR] | |||
Struik, R., "Alternative Elliptic Curve Representations", | Struik, R., "Alternative Elliptic Curve Representations", | |||
Work in Progress, Internet-Draft, draft-ietf-lwig-curve- | Work in Progress, Internet-Draft, draft-ietf-lwig-curve- | |||
representations-23, 21 January 2022, | representations-23, 21 January 2022, | |||
<https://datatracker.ietf.org/doc/html/draft-ietf-lwig- | <https://datatracker.ietf.org/doc/html/draft-ietf-lwig- | |||
curve-representations-23>. | curve-representations-23>. | |||
[I-D.ietf-rats-eat] | [Degabriele11] | |||
Lundblade, L., Mandyam, G., O'Donoghue, J., and C. | Degabriele, J., Lehmann, A., Paterson, K., Smart, N., and | |||
M. Strefler, "On the Joint Security of Encryption and | ||||
Signature in EMV", December 2011, | ||||
<https://eprint.iacr.org/2011/615>. | ||||
[EAT] Lundblade, L., Mandyam, G., O'Donoghue, J., and C. | ||||
Wallace, "The Entity Attestation Token (EAT)", Work in | Wallace, "The Entity Attestation Token (EAT)", Work in | |||
Progress, Internet-Draft, draft-ietf-rats-eat-25, 15 | Progress, Internet-Draft, draft-ietf-rats-eat-25, 15 | |||
January 2024, <https://datatracker.ietf.org/doc/html/ | January 2024, <https://datatracker.ietf.org/doc/html/ | |||
draft-ietf-rats-eat-25>. | draft-ietf-rats-eat-25>. | |||
[I-D.irtf-cfrg-det-sigs-with-noise] | [EDHOC-CoAP-OSCORE] | |||
Mattsson, J. P., Thormarker, E., and S. Ruohomaa, | Palombini, F., Tiloca, M., Höglund, R., Hristozov, S., and | |||
G. Selander, "Using Ephemeral Diffie-Hellman Over COSE | ||||
(EDHOC) with the Constrained Application Protocol (CoAP) | ||||
and Object Security for Constrained RESTful Environments | ||||
(OSCORE)", Work in Progress, Internet-Draft, draft-ietf- | ||||
core-oscore-edhoc-10, 29 November 2023, | ||||
<https://datatracker.ietf.org/doc/html/draft-ietf-core- | ||||
oscore-edhoc-10>. | ||||
[GuentherIlunga22] | ||||
Günther, F. and M. Mukendi, "Careful with MAc-then-SIGn: A | ||||
Computational Analysis of the EDHOC Lightweight | ||||
Authenticated Key Exchange Protocol", December 2022, | ||||
<https://eprint.iacr.org/2022/1705>. | ||||
[HEDGED-ECC-SIGS] | ||||
Preuß Mattsson, J., Thormarker, E., and S. Ruohomaa, | ||||
"Deterministic ECDSA and EdDSA Signatures with Additional | "Deterministic ECDSA and EdDSA Signatures with Additional | |||
Randomness", Work in Progress, Internet-Draft, draft-irtf- | Randomness", Work in Progress, Internet-Draft, draft-irtf- | |||
cfrg-det-sigs-with-noise-00, 8 August 2022, | cfrg-det-sigs-with-noise-00, 8 August 2022, | |||
<https://datatracker.ietf.org/doc/html/draft-irtf-cfrg- | <https://datatracker.ietf.org/doc/html/draft-irtf-cfrg- | |||
det-sigs-with-noise-00>. | det-sigs-with-noise-00>. | |||
[I-D.selander-lake-authz] | [HKDFpaper] | |||
Selander, G., Mattsson, J. P., Vučinić, M., Richardson, | Krawczyk, H., "Cryptographic Extraction and Key | |||
M., and A. Schellenbaum, "Lightweight Authorization using | Derivation: The HKDF Scheme", May 2010, | |||
Ephemeral Diffie-Hellman Over COSE", Work in Progress, | <https://eprint.iacr.org/2010/264.pdf>. | |||
Internet-Draft, draft-selander-lake-authz-03, 7 July 2023, | ||||
<https://datatracker.ietf.org/doc/html/draft-selander- | ||||
lake-authz-03>. | ||||
[Jacomme23] | [Jacomme23] | |||
Jacomme, C., Klein, E., Kremer, S., and M. Racouchot, "A | Jacomme, C., Klein, E., Kremer, S., and M. Racouchot, "A | |||
comprehensive, formal and automated analysis of the EDHOC | comprehensive, formal and automated analysis of the EDHOC | |||
protocol", October 2022, | protocol", October 2022, | |||
<https://hal.inria.fr/hal-03810102/>. | <https://hal.inria.fr/hal-03810102/>. | |||
[NISTPQC] "Post-Quantum Cryptography FAQs", August 2023, | [KUDOS] Höglund, R. and M. Tiloca, "Key Update for OSCORE | |||
(KUDOS)", Work in Progress, Internet-Draft, draft-ietf- | ||||
core-oscore-key-update-07, 4 March 2024, | ||||
<https://datatracker.ietf.org/doc/html/draft-ietf-core- | ||||
oscore-key-update-07>. | ||||
[LAKE-AUTHZ] | ||||
Selander, G., Mattsson, J. P., Vučinić, M., Fedrecheski, | ||||
G., and M. Richardson, "Lightweight Authorization using | ||||
Ephemeral Diffie-Hellman Over COSE", Work in Progress, | ||||
Internet-Draft, draft-ietf-lake-authz-01, 4 March 2024, | ||||
<https://datatracker.ietf.org/doc/html/draft-ietf-lake- | ||||
authz-01>. | ||||
[LAKE-REQS] | ||||
Vučinić, M., Selander, G., Preuß Mattsson, J., and D. | ||||
Garcia-Carillo, "Requirements for a Lightweight AKE for | ||||
OSCORE", Work in Progress, Internet-Draft, draft-ietf- | ||||
lake-reqs-04, 8 June 2020, | ||||
<https://datatracker.ietf.org/doc/html/draft-ietf-lake- | ||||
reqs-04>. | ||||
[NISTPQC] National Institute Standards and Technology (NIST), "Post- | ||||
Quantum Cryptography FAQs", | ||||
<https://csrc.nist.gov/Projects/post-quantum-cryptography/ | <https://csrc.nist.gov/Projects/post-quantum-cryptography/ | |||
faqs>. | faqs>. | |||
[Noise] Perrin, T., "The Noise Protocol Framework, Revision 34", | [Noise] Perrin, T., "The Noise Protocol Framework", Revision 34, | |||
July 2018, <https://noiseprotocol.org/noise.html>. | July 2018, <https://noiseprotocol.org/noise.html>. | |||
[Norrman20] | [Norrman20] | |||
Norrman, K., Sundararajan, V., and A. Bruni, "Formal | Norrman, K., Sundararajan, V., and A. Bruni, "Formal | |||
Analysis of EDHOC Key Establishment for Constrained IoT | Analysis of EDHOC Key Establishment for Constrained IoT | |||
Devices", September 2020, | Devices", September 2020, | |||
<https://arxiv.org/abs/2007.11427>. | <https://arxiv.org/abs/2007.11427>. | |||
[RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification | [RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification | |||
Request Syntax Specification Version 1.7", RFC 2986, | Request Syntax Specification Version 1.7", RFC 2986, | |||
skipping to change at page 75, line 43 ¶ | skipping to change at line 3477 ¶ | |||
[RFC9176] Amsüss, C., Ed., Shelby, Z., Koster, M., Bormann, C., and | [RFC9176] Amsüss, C., Ed., Shelby, Z., Koster, M., Bormann, C., and | |||
P. van der Stok, "Constrained RESTful Environments (CoRE) | P. van der Stok, "Constrained RESTful Environments (CoRE) | |||
Resource Directory", RFC 9176, DOI 10.17487/RFC9176, April | Resource Directory", RFC 9176, DOI 10.17487/RFC9176, April | |||
2022, <https://www.rfc-editor.org/info/rfc9176>. | 2022, <https://www.rfc-editor.org/info/rfc9176>. | |||
[RFC9397] Pei, M., Tschofenig, H., Thaler, D., and D. Wheeler, | [RFC9397] Pei, M., Tschofenig, H., Thaler, D., and D. Wheeler, | |||
"Trusted Execution Environment Provisioning (TEEP) | "Trusted Execution Environment Provisioning (TEEP) | |||
Architecture", RFC 9397, DOI 10.17487/RFC9397, July 2023, | Architecture", RFC 9397, DOI 10.17487/RFC9397, July 2023, | |||
<https://www.rfc-editor.org/info/rfc9397>. | <https://www.rfc-editor.org/info/rfc9397>. | |||
[SECG] "Standards for Efficient Cryptography 1 (SEC 1)", May | [RFC9529] Selander, G., Preuß Mattsson, J., Serafin, M., Tiloca, M., | |||
2009, <https://www.secg.org/sec1-v2.pdf>. | and M. Vučinić, "Traces of Ephemeral Diffie-Hellman Over | |||
COSE (EDHOC)", RFC RFC9529, DOI 10.17487/RFC9529, March | ||||
2024, <https://www.rfc-editor.org/info/rfc9529>. | ||||
[SIGMA] Krawczyk, H., "SIGMA - The 'SIGn-and-MAc' Approach to | [SECG] Certicom Research, "SEC 1: Elliptic Curve Cryptography", | |||
Standards for Efficient Cryptography, May 2009, | ||||
<https://www.secg.org/sec1-v2.pdf>. | ||||
[SIGMA] Krawczyk, H., "SIGMA: the 'SIGn-and-MAc' Approach to | ||||
Authenticated Diffie-Hellman and Its Use in the IKE- | Authenticated Diffie-Hellman and Its Use in the IKE- | |||
Protocols", June 2003, | Protocols", June 2003, | |||
<https://www.iacr.org/cryptodb/archive/2003/ | <https://www.iacr.org/cryptodb/archive/2003/ | |||
CRYPTO/1495/1495.pdf>. | CRYPTO/1495/1495.pdf>. | |||
[SP-800-108] | [SP-800-108] | |||
Chen, L., "Recommendation for Key Derivation Using | Chen, L., "Recommendation for Key Derivation Using | |||
Pseudorandom Functions", NIST Special Publication 800-108 | Pseudorandom Functions", NIST Special Publication 800-108 | |||
Revision 1, August 2022, | Revision 1, DOI 10.6028/NIST.SP.800-108r1-upd1, August | |||
<https://doi.org/10.6028/NIST.SP.800-108r1>. | 2022, <https://doi.org/10.6028/NIST.SP.800-108r1-upd1>. | |||
[SP-800-56A] | [SP-800-56A] | |||
Barker, E., Chen, L., Roginsky, A., Vassilev, A., and R. | Barker, E., Chen, L., Roginsky, A., Vassilev, A., and R. | |||
Davis, "Recommendation for Pair-Wise Key-Establishment | Davis, "Recommendation for Pair-Wise Key-Establishment | |||
Schemes Using Discrete Logarithm Cryptography", | Schemes Using Discrete Logarithm Cryptography", | |||
NIST Special Publication 800-56A Revision 3, April 2018, | NIST Special Publication 800-56A Revision 3, | |||
DOI 10.6028/NIST.SP.800-56Ar3, April 2018, | ||||
<https://doi.org/10.6028/NIST.SP.800-56Ar3>. | <https://doi.org/10.6028/NIST.SP.800-56Ar3>. | |||
[SP800-185] | [SP800-185] | |||
John Kelsey, Shu-jen Chang, and Ray Perlner, "SHA-3 | Kelsey, J., Chang, S., and R. Perlner, "SHA-3 Derived | |||
Derived Functions cSHAKE, KMAC, TupleHash and | Functions cSHAKE, KMAC, TupleHash and ParallelHash", | |||
ParallelHash", NIST Special Publication 800-185, December | NIST Special Publication 800-185, | |||
2016, <https://doi.org/10.6028/NIST.SP.800-185>. | DOI 10.6028/NIST.SP.800-185, December 2016, | |||
<https://doi.org/10.6028/NIST.SP.800-185>. | ||||
[Thormarker21] | [Thormarker21] | |||
Thormarker, E., "On using the same key pair for Ed25519 | Thormarker, E., "On using the same key pair for Ed25519 | |||
and an X25519 based KEM", April 2021, | and an X25519 based KEM", April 2021, | |||
<https://eprint.iacr.org/2021/509.pdf>. | <https://eprint.iacr.org/2021/509.pdf>. | |||
[THREAT-MODEL-GUIDANCE] | ||||
Arkko, J. and S. Farrell, "Internet Threat Model | ||||
Guidance", Work in Progress, Internet-Draft, draft-arkko- | ||||
arch-internet-threat-model-guidance-00, 12 July 2021, | ||||
<https://datatracker.ietf.org/doc/html/draft-arkko-arch- | ||||
internet-threat-model-guidance-00>. | ||||
Appendix A. Use with OSCORE and Transfer over CoAP | Appendix A. Use with OSCORE and Transfer over CoAP | |||
This appendix describes how to derive an OSCORE security context when | This appendix describes how to derive an OSCORE security context when | |||
EDHOC is used to key OSCORE, and how to transfer EDHOC messages over | EDHOC is used to key OSCORE and how to transfer EDHOC messages over | |||
CoAP. The use of CoAP or OSCORE with EDHOC is optional, but if you | CoAP. The use of CoAP or OSCORE with EDHOC is optional, but if you | |||
are using CoAP or OSCORE, then certain normative requirements apply | are using CoAP or OSCORE, then certain normative requirements apply | |||
as detailed in the subsections. | as detailed in the subsections. | |||
A.1. Deriving the OSCORE Security Context | A.1. Deriving the OSCORE Security Context | |||
This section specifies how to use EDHOC output to derive the OSCORE | This section specifies how to use EDHOC output to derive the OSCORE | |||
security context. | security context. | |||
After successful processing of EDHOC message_3, Client and Server | After successful processing of EDHOC message_3, the Client and Server | |||
derive Security Context parameters for OSCORE as follows (see | derive security context parameters for OSCORE as follows (see | |||
Section 3.2 of [RFC8613]): | Section 3.2 of [RFC8613]): | |||
* The Master Secret and Master Salt SHALL be derived by using the | * The Master Secret and Master Salt SHALL be derived by using the | |||
EDHOC_Exporter interface, see Section 4.2.1: | EDHOC_Exporter interface (see Section 4.2.1): | |||
- The EDHOC Exporter Labels for deriving the OSCORE Master Secret | - The EDHOC Exporter Labels for deriving the OSCORE Master Secret | |||
and the OSCORE Master Salt, are the uints 0 and 1, | and OSCORE Master Salt are the uints 0 and 1, respectively. | |||
respectively. | ||||
- The context parameter is h'' (0x40), the empty CBOR byte | - The context parameter is h'' (0x40), the empty CBOR byte | |||
string. | string. | |||
- By default, oscore_key_length is the key length (in bytes) of | - By default, oscore_key_length is the key length (in bytes) of | |||
the application AEAD Algorithm of the selected cipher suite for | the application AEAD algorithm of the selected cipher suite for | |||
the EDHOC session. Also by default, oscore_salt_length has | the EDHOC session. Also by default, oscore_salt_length has | |||
value 8. The Initiator and Responder MAY agree out-of-band on | value 8. The Initiator and Responder MAY agree out-of-band on | |||
a longer oscore_key_length than the default, and on shorter or | a longer oscore_key_length than the default and on shorter or | |||
longer than the default oscore_salt_length. | longer than the default oscore_salt_length. | |||
Master Secret = EDHOC_Exporter( 0, h'', oscore_key_length ) | Master Secret = EDHOC_Exporter( 0, h'', oscore_key_length ) | |||
Master Salt = EDHOC_Exporter( 1, h'', oscore_salt_length ) | Master Salt = EDHOC_Exporter( 1, h'', oscore_salt_length ) | |||
* The AEAD Algorithm SHALL be the application AEAD algorithm of the | * The AEAD algorithm SHALL be the application AEAD algorithm of the | |||
selected cipher suite for the EDHOC session. | selected cipher suite for the EDHOC session. | |||
* The HKDF Algorithm SHALL be the one based on the application hash | * The HKDF algorithm SHALL be the one based on the application hash | |||
algorithm of the selected cipher suite for the EDHOC session. For | algorithm of the selected cipher suite for the EDHOC session. For | |||
example, if SHA-256 is the application hash algorithm of the | example, if SHA-256 is the application hash algorithm of the | |||
selected cipher suite, HKDF SHA-256 is used as HKDF Algorithm in | selected cipher suite, HKDF SHA-256 is used as the HKDF algorithm | |||
the OSCORE Security Context. | in the OSCORE security context. | |||
* The relationship between identifiers in OSCORE and EDHOC is | * The relationship between identifiers in OSCORE and EDHOC is | |||
specified in Section 3.3.3. The OSCORE Sender ID and Recipient ID | specified in Section 3.3.3. The OSCORE Sender ID and Recipient ID | |||
SHALL be determined by the EDHOC connection identifiers C_R and | SHALL be determined by EDHOC connection identifiers C_R and C_I | |||
C_I for the EDHOC session as shown in Figure 17. | for the EDHOC session as shown in Table 14. | |||
+-----------------+------------------+---------------------+ | +=================+==================+=====================+ | |||
| | OSCORE Sender ID | OSCORE Recipient ID | | | | OSCORE Sender ID | OSCORE Recipient ID | | |||
+=================+==================+=====================+ | +=================+==================+=====================+ | |||
| EDHOC Initiator | C_R | C_I | | | EDHOC Initiator | C_R | C_I | | |||
+-----------------+------------------+---------------------+ | +-----------------+------------------+---------------------+ | |||
| EDHOC Responder | C_I | C_R | | | EDHOC Responder | C_I | C_R | | |||
+-----------------+------------------+---------------------+ | +-----------------+------------------+---------------------+ | |||
Figure 17: Usage of connection identifiers in OSCORE. | Table 14: Usage of Connection Identifiers in OSCORE | |||
Client and Server SHALL use the parameters above to establish an | The Client and Server SHALL use the parameters above to establish an | |||
OSCORE Security Context, as per Section 3.2.1 of [RFC8613]. | OSCORE security context, as per Section 3.2.1 of [RFC8613]. | |||
From then on, Client and Server retrieve the OSCORE protocol state | From then on, the Client and Server retrieve the OSCORE protocol | |||
using the Recipient ID, and optionally other transport information | state using the Recipient ID and optionally other transport | |||
such as the 5-tuple. | information such as the 5-tuple. | |||
A.2. Transferring EDHOC over CoAP | A.2. Transferring EDHOC over CoAP | |||
This section specifies how EDHOC can be transferred as an exchange of | This section specifies how EDHOC can be transferred as an exchange of | |||
CoAP [RFC7252] messages. CoAP provides a reliable transport that can | CoAP [RFC7252] messages. CoAP provides a reliable transport that can | |||
preserve packet ordering, provides flow and congestion control, and | preserve packet ordering, provides flow and congestion control, and | |||
handles message duplication. CoAP can also perform fragmentation and | handles message duplication. CoAP can also perform fragmentation and | |||
mitigate certain denial-of-service attacks. The underlying CoAP | mitigate certain denial-of-service attacks. The underlying CoAP | |||
transport should be used in reliable mode, in particular when | transport should be used in reliable mode, in particular, when | |||
fragmentation is used, to avoid, e.g., situations with hanging | fragmentation is used, to avoid, e.g., situations with hanging | |||
endpoints waiting for each other. | endpoints waiting for each other. | |||
EDHOC may run with the Initiator either being CoAP client or CoAP | EDHOC may run with the Initiator either being a CoAP client or CoAP | |||
server. We denote the former by the "forward message flow" (see | server. We denote the former by the "forward message flow" (see | |||
Appendix A.2.1) and the latter by the "reverse message flow" (see | Appendix A.2.1) and the latter by the "reverse message flow" (see | |||
Appendix A.2.2). By default, we assume the forward message flow, but | Appendix A.2.2). By default, we assume the forward message flow, but | |||
the roles SHOULD be chosen to protect the most sensitive identity, | the roles SHOULD be chosen to protect the most sensitive identity; | |||
see Section 9. | see Section 9. | |||
According to this specification, EDHOC is transferred in POST | According to this specification, EDHOC is transferred in POST | |||
requests to the Uri-Path: "/.well-known/edhoc" (see Section 10.7), | requests to the Uri-Path: "/.well-known/edhoc" (see Section 10.7) and | |||
and 2.04 (Changed) responses. An application may define its own path | 2.04 (Changed) responses. An application may define its own path | |||
that can be discovered, e.g., using a resource directory [RFC9176]. | that can be discovered, e.g., using a resource directory [RFC9176]. | |||
Client applications can use the resource type "core.edhoc" to | Client applications can use the resource type "core.edhoc" to | |||
discover a server's EDHOC resource, i.e., where to send a request for | discover a server's EDHOC resource, i.e., where to send a request for | |||
executing the EDHOC protocol, see Section 10.10. An alternative | executing the EDHOC protocol; see Section 10.10. An alternative | |||
transfer of the forward message flow is specified in | transfer of the forward message flow is specified in | |||
[I-D.ietf-core-oscore-edhoc]. | [EDHOC-CoAP-OSCORE]. | |||
In order for the server to correlate a message received from a client | In order for the server to correlate a message received from a client | |||
to a message previously sent in the same EDHOC session over CoAP, | to a message previously sent in the same EDHOC session over CoAP, | |||
messages sent by the client SHALL be prepended with the CBOR | messages sent by the client SHALL be prepended with the CBOR | |||
serialization of the connection identifier which the server has | serialization of the connection identifier that the server has | |||
selected, see Section 3.4.1. This applies both to the forward and | selected; see Section 3.4.1. This applies both to the forward and | |||
the reverse message flows. To indicate a new EDHOC session in the | the reverse message flows. To indicate a new EDHOC session in the | |||
forward message flow, message_1 SHALL be prepended with the CBOR | forward message flow, message_1 SHALL be prepended with the CBOR | |||
simple value true (0xf5). Even if CoAP is carried over a reliable | simple value true (0xf5). Even if CoAP is carried over a reliable | |||
transport protocol such as TCP, the prepending of identifiers | transport protocol, such as TCP, the prepending of identifiers | |||
specified here SHALL be practiced to enable interoperability | specified here SHALL be practiced to enable interoperability | |||
independent of how CoAP is transported. | independent of how CoAP is transported. | |||
The prepended identifiers are encoded in CBOR and thus self- | The prepended identifiers are encoded in CBOR and thus self- | |||
delimiting. The representation of identifiers described in | delimiting. The representation of identifiers described in | |||
Section 3.3.2 SHALL be used. They are sent in front of the actual | Section 3.3.2 SHALL be used. They are sent in front of the actual | |||
EDHOC message to keep track of messages in an EDHOC session, and only | EDHOC message to keep track of messages in an EDHOC session, and only | |||
the part of the body following the identifier is used for EDHOC | the part of the body following the identifier is used for EDHOC | |||
processing. In particular, the connection identifiers within the | processing. In particular, the connection identifiers within the | |||
EDHOC messages are not impacted by the prepended identifiers. | EDHOC messages are not impacted by the prepended identifiers. | |||
An EDHOC message has media type application/edhoc+cbor-seq, whereas | An EDHOC message has media type "application/edhoc+cbor-seq", whereas | |||
an EDHOC message prepended by a connection identifier has media type | an EDHOC message prepended by a connection identifier has media type | |||
application/cid-edhoc+cbor-seq, see Section 10.9. | "application/cid-edhoc+cbor-seq"; see Section 10.9. | |||
To mitigate certain denial-of-service attacks, the CoAP server MAY | To mitigate certain denial-of-service attacks, the CoAP server MAY | |||
respond to the first POST request with a 4.01 (Unauthorized) | respond to the first POST request with a 4.01 (Unauthorized) | |||
containing an Echo option [RFC9175]. This forces the Initiator to | containing an Echo option [RFC9175]. This forces the Initiator to | |||
demonstrate reachability at its apparent network address. If message | demonstrate reachability at its apparent network address. If message | |||
fragmentation is needed, the EDHOC messages may be fragmented using | fragmentation is needed, the EDHOC messages may be fragmented using | |||
the CoAP Block-Wise Transfer mechanism [RFC7959]. | the CoAP Block-Wise Transfer mechanism [RFC7959]. | |||
EDHOC error messages need to be transported in response to a message | EDHOC error messages need to be transported in response to a message | |||
that failed (see Section 6). EDHOC error messages transported with | that failed (see Section 6). EDHOC error messages transported with | |||
skipping to change at page 79, line 32 ¶ | skipping to change at line 3667 ¶ | |||
* The client prepends the connection identifier selected by the | * The client prepends the connection identifier selected by the | |||
server (or, for message_1, the CBOR simple value true) to any | server (or, for message_1, the CBOR simple value true) to any | |||
request message it sends. | request message it sends. | |||
* The server does not send any such indicator, as responses are | * The server does not send any such indicator, as responses are | |||
matched to request by the client-server protocol design. | matched to request by the client-server protocol design. | |||
A.2.1. The Forward Message Flow | A.2.1. The Forward Message Flow | |||
In the forward message flow the CoAP client is the Initiator and the | In the forward message flow, the CoAP client is the Initiator and the | |||
CoAP server is the Responder. This flow protects the client identity | CoAP server is the Responder. This flow protects the client identity | |||
against active attackers and the server identity against passive | against active attackers and the server identity against passive | |||
attackers. | attackers. | |||
In the forward message flow, the CoAP Token enables correlation on | In the forward message flow, the CoAP Token enables correlation on | |||
the Initiator (client) side, and the prepended C_R enables | the Initiator (client) side, and the prepended C_R enables | |||
correlation on the Responder (server) side. | correlation on the Responder (server) side. | |||
* EDHOC message_1 is sent in the payload of a POST request from the | * EDHOC message_1 is sent in the payload of a POST request from the | |||
client to the server's resource for EDHOC, prepended with the | client to the server's resource for EDHOC, prepended with the | |||
identifier true (0xf5) indicating a new EDHOC session. | identifier true (0xf5), indicating a new EDHOC session. | |||
* EDHOC message_2 or the EDHOC error message is sent from the server | * EDHOC message_2 or the EDHOC error message is sent from the server | |||
to the client in the payload of the response, in the former case | to the client in the payload of the response, in the former case | |||
with response code 2.04 (Changed), in the latter with response | with response code 2.04 (Changed) and in the latter with response | |||
code as specified in Appendix A.2.3. | code as specified in Appendix A.2.3. | |||
* EDHOC message_3 or the EDHOC error message is sent from the client | * EDHOC message_3 or the EDHOC error message is sent from the client | |||
to the server's resource in the payload of a POST request, | to the server's resource in the payload of a POST request, | |||
prepended with the connection identifier C_R. | prepended with connection identifier C_R. | |||
* If EDHOC message_4 is used, or in case of an error message, it is | * If EDHOC message_4 is used, or in case of an error message, it is | |||
sent from the server to the client in the payload of the response, | sent from the server to the client in the payload of the response, | |||
with response codes analogously to message_2. In case of an error | with response codes analogously to message_2. In case of an error | |||
message sent in response to message_4, it is sent analogously to | message sent in response to message_4, it is sent analogously to | |||
error message sent in response to message_2. | the error message sent in response to message_2. | |||
An example of a completed EDHOC session over CoAP in the forward | An example of a completed EDHOC session over CoAP in the forward | |||
message flow is shown in Figure 18. | message flow is shown in Figure 10. | |||
Client Server | Client Server | |||
| | | | | | |||
+--------->| Header: POST (Code=0.02) | +--------->| Header: POST (Code=0.02) | |||
| POST | Uri-Path: "/.well-known/edhoc" | | POST | Uri-Path: "/.well-known/edhoc" | |||
| | Content-Format: application/cid-edhoc+cbor-seq | | | Content-Format: application/cid-edhoc+cbor-seq | |||
| | Payload: true, EDHOC message_1 | | | Payload: true, EDHOC message_1 | |||
| | | | | | |||
|<---------+ Header: 2.04 Changed | |<---------+ Header: 2.04 Changed | |||
| 2.04 | Content-Format: application/edhoc+cbor-seq | | 2.04 | Content-Format: application/edhoc+cbor-seq | |||
skipping to change at page 80, line 35 ¶ | skipping to change at line 3719 ¶ | |||
+--------->| Header: POST (Code=0.02) | +--------->| Header: POST (Code=0.02) | |||
| POST | Uri-Path: "/.well-known/edhoc" | | POST | Uri-Path: "/.well-known/edhoc" | |||
| | Content-Format: application/cid-edhoc+cbor-seq | | | Content-Format: application/cid-edhoc+cbor-seq | |||
| | Payload: C_R, EDHOC message_3 | | | Payload: C_R, EDHOC message_3 | |||
| | | | | | |||
|<---------+ Header: 2.04 Changed | |<---------+ Header: 2.04 Changed | |||
| 2.04 | Content-Format: application/edhoc+cbor-seq | | 2.04 | Content-Format: application/edhoc+cbor-seq | |||
| | Payload: EDHOC message_4 | | | Payload: EDHOC message_4 | |||
| | | | | | |||
Figure 18: Example of the forward message flow. | Figure 10: Example of the Forward Message Flow | |||
The forward message flow of EDHOC can be combined with an OSCORE | The forward message flow of EDHOC can be combined with an OSCORE | |||
exchange in a total of two round-trips, see | exchange in a total of two round trips; see [EDHOC-CoAP-OSCORE]. | |||
[I-D.ietf-core-oscore-edhoc]. | ||||
A.2.2. The Reverse Message Flow | A.2.2. The Reverse Message Flow | |||
In the reverse message flow the CoAP client is the Responder and the | In the reverse message flow, the CoAP client is the Responder and the | |||
CoAP server is the Initiator. This flow protects the server identity | CoAP server is the Initiator. This flow protects the server identity | |||
against active attackers and the client identity against passive | against active attackers and the client identity against passive | |||
attackers. | attackers. | |||
In the reverse message flow, the CoAP Token enables correlation on | In the reverse message flow, the CoAP Token enables correlation on | |||
the Responder (client) side, and the prepended C_I enables | the Responder (client) side, and the prepended C_I enables | |||
correlation on the Initiator (server) side. | correlation on the Initiator (server) side. | |||
* To trigger a new EDHOC session, the client makes an empty POST | * To trigger a new EDHOC session, the client makes an empty POST | |||
request to the server's resource for EDHOC. | request to the server's resource for EDHOC. | |||
* EDHOC message_1 is sent from the server to the client in the | * EDHOC message_1 is sent from the server to the client in the | |||
payload of the response with response code 2.04 (Changed). | payload of the response with response code 2.04 (Changed). | |||
* EDHOC message_2 or the EDHOC error message is sent from the client | * EDHOC message_2 or the EDHOC error message is sent from the client | |||
to the server's resource in the payload of a POST request, | to the server's resource in the payload of a POST request, | |||
prepended with the connection identifier C_I. | prepended with connection identifier C_I. | |||
* EDHOC message_3 or the EDHOC error message is sent from the server | * EDHOC message_3 or the EDHOC error message is sent from the server | |||
to the client in the payload of the response, in the former case | to the client in the payload of the response, in the former case | |||
with response code 2.04 (Changed), in the latter with response | with response code 2.04 (Changed) and in the latter with response | |||
code as specified in Appendix A.2.3. | code as specified in Appendix A.2.3. | |||
* If EDHOC message_4 is used, or in case of an error message, it is | * If EDHOC message_4 is used, or in case of an error message, it is | |||
sent from the client to the server's resource in the payload of a | sent from the client to the server's resource in the payload of a | |||
POST request, prepended with the connection identifier C_I. In | POST request, prepended with connection identifier C_I. In case | |||
case of an error message sent in response to message_4, it is sent | of an error message sent in response to message_4, it is sent | |||
analogously to an error message sent in response to message_2. | analogously to an error message sent in response to message_2. | |||
An example of a completed EDHOC session over CoAP in the reverse | An example of a completed EDHOC session over CoAP in the reverse | |||
message flow is shown in Figure 19. | message flow is shown in Figure 11. | |||
Client Server | Client Server | |||
| | | | | | |||
+--------->| Header: POST (Code=0.02) | +--------->| Header: POST (Code=0.02) | |||
| POST | Uri-Path: "/.well-known/edhoc" | | POST | Uri-Path: "/.well-known/edhoc" | |||
| | | | | | |||
|<---------+ Header: 2.04 Changed | |<---------+ Header: 2.04 Changed | |||
| 2.04 | Content-Format: application/edhoc+cbor-seq | | 2.04 | Content-Format: application/edhoc+cbor-seq | |||
| | Payload: EDHOC message_1 | | | Payload: EDHOC message_1 | |||
| | | | | | |||
+--------->| Header: POST (Code=0.02) | +--------->| Header: POST (Code=0.02) | |||
| POST | Uri-Path: "/.well-known/edhoc" | | POST | Uri-Path: "/.well-known/edhoc" | |||
| | Content-Format: application/cid-edhoc+cbor-seq | | | Content-Format: application/cid-edhoc+cbor-seq | |||
| | Payload: C_I, EDHOC message_2 | | | Payload: C_I, EDHOC message_2 | |||
| | | | | | |||
|<---------+ Header: 2.04 Changed | |<---------+ Header: 2.04 Changed | |||
| 2.04 | Content-Format: application/edhoc+cbor-seq | | 2.04 | Content-Format: application/edhoc+cbor-seq | |||
| | Payload: EDHOC message_3 | | | Payload: EDHOC message_3 | |||
| | | | | | |||
Figure 19: Example of the reverse message flow. | Figure 11: Example of the Reverse Message Flow | |||
A.2.3. Errors in EDHOC over CoAP | A.2.3. Errors in EDHOC over CoAP | |||
When using EDHOC over CoAP, EDHOC error messages sent as CoAP | When using EDHOC over CoAP, EDHOC error messages sent as CoAP | |||
responses MUST be sent in the payload of error responses, i.e., they | responses MUST be sent in the payload of error responses, i.e., they | |||
MUST specify a CoAP error response code. In particular, it is | MUST specify a CoAP error response code. In particular, it is | |||
RECOMMENDED that such error responses have response code either 4.00 | RECOMMENDED that such error responses have response code either 4.00 | |||
(Bad Request) in case of client error (e.g., due to a malformed EDHOC | (Bad Request) in case of client error (e.g., due to a malformed EDHOC | |||
message), or 5.00 (Internal Server Error) in case of server error | message) or 5.00 (Internal Server Error) in case of server error | |||
(e.g., due to failure in deriving EDHOC keying material). The | (e.g., due to failure in deriving EDHOC keying material). The | |||
Content-Format of the error response MUST be set to application/ | Content-Format of the error response MUST be set to "application/ | |||
edhoc+cbor-seq, see Section 10.9. | edhoc+cbor-seq"; see Section 10.9. | |||
Appendix B. Compact Representation | Appendix B. Compact Representation | |||
This section defines a format for compact representation based on the | This section defines a format for compact representation based on the | |||
Elliptic-Curve-Point-to-Octet-String Conversion defined in | Elliptic-Curve-Point-to-Octet-String Conversion defined in | |||
Section 2.3.3 of [SECG]. | Section 2.3.3 of [SECG]. | |||
As described in Section 4.2 of [RFC6090] the x-coordinate of an | As described in Section 4.2 of [RFC6090], the x-coordinate of an | |||
elliptic curve public key is a suitable representative for the entire | elliptic curve public key is a suitable representative for the entire | |||
point whenever scalar multiplication is used as a one-way function. | point whenever scalar multiplication is used as a one-way function. | |||
One example is ECDH with compact output, where only the x-coordinate | One example is ECDH with compact output, where only the x-coordinate | |||
of the computed value is used as the shared secret. | of the computed value is used as the shared secret. | |||
In EDHOC, compact representation is used for the ephemeral public | In EDHOC, compact representation is used for the ephemeral public | |||
keys (G_X and G_Y), see Section 3.7. Using the notation from [SECG], | keys (G_X and G_Y); see Section 3.7. Using the notation from [SECG], | |||
the output is an octet string of length ceil( (log2 q) / 8 ), where | the output is an octet string of length ceil( (log2 q) / 8 ), where | |||
ceil(x) is the smallest integer not less than x. See [SECG] for a | ceil(x) is the smallest integer not less than x. See [SECG] for a | |||
definition of q, M, X, xp, and ~yp. The steps in Section 2.3.3 of | definition of q, M, X, xp, and ~yp. The steps in Section 2.3.3 of | |||
[SECG] are replaced by: | [SECG] are replaced with the following steps: | |||
1. Convert the field element xp to an octet string X of length ceil( | 1. Convert the field element xp to an octet string X of length ceil( | |||
(log2 q) / 8 ) octets using the conversion routine specified in | (log2 q) / 8 ) octets using the conversion routine specified in | |||
Section 2.3.5 of [SECG]. | Section 2.3.5 of [SECG]. | |||
2. Output M = X | 2. Output M = X. | |||
The encoding of the point at infinity is not supported. | The encoding of the point at infinity is not supported. | |||
Compact representation does not change any requirements on | Compact representation does not change any requirements on | |||
validation, see Section 9.2. Using compact representation has some | validation; see Section 9.2. Using compact representation has some | |||
security benefits. An implementation does not need to check that the | security benefits. An implementation does not need to check that the | |||
point is not the point at infinity (the identity element). | point is not the point at infinity (the identity element). | |||
Similarly, as not even the sign of the y-coordinate is encoded, | Similarly, as not even the sign of the y-coordinate is encoded, | |||
compact representation trivially avoids so-called "benign | compact representation trivially avoids so-called "benign | |||
malleability" attacks where an attacker changes the sign, see [SECG]. | malleability" attacks where an attacker changes the sign; see [SECG]. | |||
The following may be needed for validation or compatibility with APIs | The following may be needed for validation or compatibility with APIs | |||
that do not support compact representation or do not support the full | that do not support compact representation or do not support the full | |||
[SECG] format: | [SECG] format: | |||
* If a compressed y-coordinate is required, then the value ~yp set | * If a compressed y-coordinate is required, then the value ~yp set | |||
to zero can be used. The compact representation described above | to zero can be used. In such a case, the compact representation | |||
can in such a case be transformed into the SECG point compressed | described above can be transformed into the Standards for | |||
format by prepending it with the single byte 0x02 (i.e., M = | Efficient Cryptography Group (SECG) point-compressed format by | |||
0x02 || X). | prepending it with the single byte 0x02 (i.e., M = 0x02 || X). | |||
* If an uncompressed y-coordinate is required, then a y-coordinate | * If an uncompressed y-coordinate is required, then a y-coordinate | |||
has to be calculated following Section 2.3.4 of [SECG] or | has to be calculated following Section 2.3.4 of [SECG] or | |||
Appendix C of [RFC6090]. Any of the square roots (see [SECG] or | Appendix C of [RFC6090]. Any of the square roots (see [SECG] or | |||
[RFC6090]) can be used. The uncompressed SECG format is M = | [RFC6090]) can be used. The uncompressed SECG format is M = | |||
0x04 || X || Y. | 0x04 || X || Y. | |||
For example: The curve P-256 has the parameters (using the notation | For example: The curve P-256 has the parameters (using the notation | |||
in [RFC6090]) | in [RFC6090]): | |||
* p = 2^256 − 2^224 + 2^192 + 2^96 − 1 | * p = 2^256 - 2^224 + 2^192 + 2^96 - 1 | |||
* a = -3 | * a = -3 | |||
* b = 410583637251521421293261297800472684091144410159937255 | * b = 410583637251521421293261297800472684091144410159937255 | |||
54835256314039467401291 | 54835256314039467401291 | |||
Given an example x: | Given an example x: | |||
* x = 115792089183396302095546807154740558443406795108653336 | * x = 115792089183396302095546807154740558443406795108653336 | |||
398970697772788799766525 | 398970697772788799766525 | |||
we can calculate y as the square root w = (x^3 + a ⋅ x + b)^((p + | We can calculate y as the square root w = (x^3 + a ⋅ x + b)^((p + | |||
1)/4) (mod p) | 1)/4) (mod p). | |||
* y = 834387180070192806820075864918626005281451259964015754 | * y = 834387180070192806820075864918626005281451259964015754 | |||
16632522940595860276856 | 16632522940595860276856 | |||
Note that this does not guarantee that (x, y) is on the correct | Note that this does not guarantee that (x, y) is on the correct | |||
elliptic curve. A full validation according to Section 5.6.2.3.3 of | elliptic curve. A full validation according to Section 5.6.2.3.3 of | |||
[SP-800-56A] can be achieved by also checking that 0 ≤ x < p and that | [SP-800-56A] is done by also checking that 0 ≤ x < p and that y^2 ≡ | |||
y^2 ≡ x^3 + a ⋅ x + b (mod p). | x^3 + a ⋅ x + b (mod p). | |||
Appendix C. Use of CBOR, CDDL, and COSE in EDHOC | Appendix C. Use of CBOR, CDDL, and COSE in EDHOC | |||
This Appendix is intended to help implementors not familiar with CBOR | This appendix is intended to help implementors not familiar with CBOR | |||
[RFC8949], CDDL [RFC8610], COSE [RFC9052], and HKDF [RFC5869]. | [RFC8949], CDDL [RFC8610], COSE [RFC9052], and HKDF [RFC5869]. | |||
C.1. CBOR and CDDL | C.1. CBOR and CDDL | |||
The Concise Binary Object Representation (CBOR) [RFC8949] is a data | The Concise Binary Object Representation (CBOR) [RFC8949] is a data | |||
format designed for small code size and small message size. CBOR | format designed for small code size and small message size. CBOR | |||
builds on the JSON data model but extends it by e.g., encoding binary | builds on the JSON data model but extends it by, e.g., encoding | |||
data directly without base64 conversion. In addition to the binary | binary data directly without base64 conversion. In addition to the | |||
CBOR encoding, CBOR also has a diagnostic notation that is readable | binary CBOR encoding, CBOR also has a diagnostic notation that is | |||
and editable by humans. The Concise Data Definition Language (CDDL) | readable and editable by humans. The Concise Data Definition | |||
[RFC8610] provides a way to express structures for protocol messages | Language (CDDL) [RFC8610] provides a way to express structures for | |||
and APIs that use CBOR. [RFC8610] also extends the diagnostic | protocol messages and APIs that use CBOR. [RFC8610] also extends the | |||
notation. | diagnostic notation. | |||
CBOR data items are encoded to or decoded from byte strings using a | CBOR data items are encoded to or decoded from byte strings using a | |||
type-length-value encoding scheme, where the three highest order bits | type-length-value encoding scheme, where the three highest order bits | |||
of the initial byte contain information about the major type. CBOR | of the initial byte contain information about the major type. CBOR | |||
supports several types of data items, in addition to integers (int, | supports several types of data items, integers (int, uint), simple | |||
uint), simple values, byte strings (bstr), and text strings (tstr), | values, byte strings (bstr), and text strings (tstr). CBOR also | |||
CBOR also supports arrays [] of data items, maps {} of pairs of data | supports arrays [] of data items, maps {} of pairs of data items, and | |||
items, and sequences [RFC8742] of data items. Some examples are | sequences [RFC8742] of data items. Some examples are given below. | |||
given below. | ||||
The EDHOC specification sometimes use CDDL names in CBOR diagnostic | The EDHOC specification sometimes use CDDL names in CBOR diagnostic | |||
notation as in e.g., << ID_CRED_R, ? EAD_2 >>. This means that EAD_2 | notation as in, e.g., << ID_CRED_R, ? EAD_2 >>. This means that | |||
is optional and that ID_CRED_R and EAD_2 should be substituted with | EAD_2 is optional and that ID_CRED_R and EAD_2 should be substituted | |||
their values before evaluation. I.e., if ID_CRED_R = { 4 : h'' } and | with their values before evaluation. That is, if ID_CRED_R = { 4 : | |||
EAD_2 is omitted then << ID_CRED_R, ? EAD_2 >> = << { 4 : h'' } >>, | h'' } and EAD_2 is omitted, then << ID_CRED_R, ? EAD_2 >> = << { 4 : | |||
which encodes to 0x43a10440. We also make use of the occurrence | h'' } >>, which encodes to 0x43a10440. We also make use of the | |||
symbol "*", like in e.g., 2* int, meaning two or more CBOR integers. | occurrence symbol "*", like in, e.g., 2* int, meaning two or more | |||
CBOR integers. | ||||
For a complete specification and more examples, see [RFC8949] and | For a complete specification and more examples, see [RFC8949] and | |||
[RFC8610]. We recommend implementors get used to CBOR by using the | [RFC8610]. We recommend implementors get used to CBOR by using the | |||
CBOR playground [CborMe]. | CBOR playground [CborMe]. | |||
Diagnostic Encoded Type | +==================+==============+==================+ | |||
----------------------------------------------------------- | | Diagnostic | Encoded | Type | | |||
1 0x01 unsigned integer | +==================+==============+==================+ | |||
24 0x1818 unsigned integer | | 1 | 0x01 | unsigned integer | | |||
-24 0x37 negative integer | +------------------+--------------+------------------+ | |||
-25 0x3818 negative integer | | 24 | 0x1818 | unsigned integer | | |||
true 0xf5 simple value | +------------------+--------------+------------------+ | |||
h'' 0x40 byte string | | -24 | 0x37 | negative integer | | |||
h'12cd' 0x4212cd byte string | +------------------+--------------+------------------+ | |||
'12cd' 0x4431326364 byte string | | -25 | 0x3818 | negative integer | | |||
"12cd" 0x6431326364 text string | +------------------+--------------+------------------+ | |||
{ 4 : h'cd' } 0xa10441cd map | | true | 0xf5 | simple value | | |||
<< 1, 2, true >> 0x430102f5 byte string | +------------------+--------------+------------------+ | |||
[ 1, 2, true ] 0x830102f5 array | | h'' | 0x40 | byte string | | |||
( 1, 2, true ) 0x0102f5 sequence | +------------------+--------------+------------------+ | |||
1, 2, true 0x0102f5 sequence | | h'12cd' | 0x4212cd | byte string | | |||
----------------------------------------------------------- | +------------------+--------------+------------------+ | |||
| '12cd' | 0x4431326364 | byte string | | ||||
+------------------+--------------+------------------+ | ||||
| "12cd" | 0x6431326364 | text string | | ||||
+------------------+--------------+------------------+ | ||||
| { 4 : h'cd' } | 0xa10441cd | map | | ||||
+------------------+--------------+------------------+ | ||||
| << 1, 2, true >> | 0x430102f5 | byte string | | ||||
+------------------+--------------+------------------+ | ||||
| [ 1, 2, true ] | 0x830102f5 | array | | ||||
+------------------+--------------+------------------+ | ||||
| ( 1, 2, true ) | 0x0102f5 | sequence | | ||||
+------------------+--------------+------------------+ | ||||
| 1, 2, true | 0x0102f5 | sequence | | ||||
+------------------+--------------+------------------+ | ||||
Figure 20: Examples of use of CBOR and CDDL. | Table 15: Examples of Use of CBOR and CDDL | |||
C.2. CDDL Definitions | C.2. CDDL Definitions | |||
This section compiles the CDDL definitions for ease of reference. | This section compiles the CDDL definitions for ease of reference. | |||
suites = [ 2* int ] / int | suites = [ 2* int ] / int | |||
ead = ( | ead = ( | |||
ead_label : int, | ead_label : int, | |||
? ead_value : bstr, | ? ead_value : bstr, | |||
skipping to change at page 86, line 43 ¶ | skipping to change at line 4008 ¶ | |||
info = ( | info = ( | |||
info_label : int, | info_label : int, | |||
context : bstr, | context : bstr, | |||
length : uint, | length : uint, | |||
) | ) | |||
C.3. COSE | C.3. COSE | |||
CBOR Object Signing and Encryption (COSE) [RFC9052] describes how to | CBOR Object Signing and Encryption (COSE) [RFC9052] describes how to | |||
create and process signatures, message authentication codes, and | create and process signatures, MACs, and encryptions using CBOR. | |||
encryption using CBOR. COSE builds on JOSE, but is adapted to allow | COSE builds on JSON Object Signing and Encryption (JOSE) but is | |||
more efficient processing in constrained devices. EDHOC makes use of | adapted to allow more efficient processing in constrained devices. | |||
COSE_Key, COSE_Encrypt0, and COSE_Sign1 objects in the message | EDHOC makes use of COSE_Key, COSE_Encrypt0, and COSE_Sign1 objects in | |||
processing: | the message processing: | |||
* ECDH ephemeral public keys of type EC2 or OKP in message_1 and | * ECDH ephemeral public keys of type EC2 or OKP in message_1 and | |||
message_2 consist of the COSE_Key parameter named 'x', see | message_2 consist of the COSE_Key parameter named 'x'; see | |||
Section 7.1 and 7.2 of [RFC9053] | Sections 7.1 and 7.2 of [RFC9053]. | |||
* The ciphertexts in message_3 and message_4 consist of a subset of | * The ciphertexts in message_3 and message_4 consist of a subset of | |||
the single recipient encrypted data object COSE_Encrypt0, which is | the single recipient encrypted data object COSE_Encrypt0, which is | |||
described in Sections 5.2-5.3 of [RFC9052]. The ciphertext is | described in Sections 5.2 and 5.3 of [RFC9052]. The ciphertext is | |||
computed over the plaintext and associated data, using an | computed over the plaintext and associated data, using an | |||
encryption key and an initialization vector. The associated data | encryption key and an initialization vector. The associated data | |||
is an Enc_structure consisting of protected headers and externally | is an Enc_structure consisting of protected headers and externally | |||
supplied data (external_aad). COSE constructs the input to the | supplied data (external_aad). COSE constructs the input to the | |||
AEAD [RFC5116] for message_i (i = 3 or 4, see Section 5.4 and | AEAD [RFC5116] for message_i (i = 3 or 4; see Sections 5.4 and | |||
Section 5.5, respectively) as follows: | 5.5, respectively) as follows: | |||
- Secret key K = K_i | - Secret key K = K_i | |||
- Nonce N = IV_i | - Nonce N = IV_i | |||
- Plaintext P for message_i | - Plaintext P for message_i | |||
- Associated Data A = [ "Encrypt0", h'', TH_i ] | - Associated Data A = [ "Encrypt0", h'', TH_i ] | |||
* Signatures in message_2 of method 0 and 2, and in message_3 of | * Signatures in message_2 of method 0 and 2, and in message_3 of | |||
method 0 and 1, consist of a subset of the single signer data | method 0 and 1, consist of a subset of the single signer data | |||
object COSE_Sign1, which is described in Sections 4.2-4.4 of | object COSE_Sign1, which is described in Sections 4.2 and 4.4 of | |||
[RFC9052]. The signature is computed over a Sig_structure | [RFC9052]. The signature is computed over a Sig_structure | |||
containing payload, protected headers and externally supplied data | containing payload, protected headers and externally supplied data | |||
(external_aad) using a private signature key and verified using | (external_aad) using a private signature key, and verified using | |||
the corresponding public signature key. For COSE_Sign1, the | the corresponding public signature key. For COSE_Sign1, the | |||
message to be signed is: | message to be signed is: | |||
[ "Signature1", protected, external_aad, payload ] | [ "Signature1", protected, external_aad, payload ] | |||
where protected, external_aad and payload are specified in | where protected, external_aad, and payload are specified in | |||
Section 5.3 and Section 5.4. | Sections 5.3 and 5.4. | |||
Different header parameters to identify X.509 or C509 certificates by | Different header parameters to identify X.509 or C509 certificates by | |||
reference are defined in [RFC9360] and | reference are defined in [RFC9360] and [C509-CERTS]: | |||
[I-D.ietf-cose-cbor-encoded-cert]: | ||||
* by a hash value with the 'x5t' or 'c5t' parameters, respectively: | * by a hash value with the 'x5t' or 'c5t' parameters, respectively: | |||
- ID_CRED_x = { 34 : COSE_CertHash }, for x = I or R, | - ID_CRED_x = { 34 : COSE_CertHash }, for x = I or R and | |||
- ID_CRED_x = { TBD3 : COSE_CertHash }, for x = I or R; | - ID_CRED_x = { 22 : COSE_CertHash }, for x = I or R, | |||
* or by a URI with the 'x5u' or 'c5u' parameters, respectively: | * or by a URI with the 'x5u' or 'c5u' parameters, respectively: | |||
- ID_CRED_x = { 35 : uri }, for x = I or R, | - ID_CRED_x = { 35 : uri }, for x = I or R, and | |||
- ID_CRED_x = { TBD4 : uri }, for x = I or R. | - ID_CRED_x = { 23 : uri }, for x = I or R. | |||
When ID_CRED_x does not contain the actual credential, it may be very | When ID_CRED_x does not contain the actual credential, it may be very | |||
short, e.g., if the endpoints have agreed to use a key identifier | short, e.g., if the endpoints have agreed to use a key identifier | |||
parameter 'kid': | parameter 'kid': | |||
* ID_CRED_x = { 4 : kid_x }, where kid_x : kid, for x = I or R. For | * ID_CRED_x = { 4 : kid_x }, where kid_x : kid, for x = I or R. For | |||
further optimization, see Section 3.5.3. | further optimization, see Section 3.5.3. | |||
Note that ID_CRED_x can contain several header parameters, for | Note that ID_CRED_x can contain several header parameters, for | |||
example { x5u, x5t } or { kid, kid_context }. | example, { x5u, x5t } or { kid, kid_context }. | |||
ID_CRED_x MAY also identify the credential by value. For example, a | ID_CRED_x MAY also identify the credential by value. For example, a | |||
certificate chain can be transported in an ID_CRED field with COSE | certificate chain can be transported in an ID_CRED field with COSE | |||
header parameter c5c or x5chain, defined in | header parameter c5c or x5chain, as defined in [C509-CERTS] and | |||
[I-D.ietf-cose-cbor-encoded-cert] and [RFC9360] and credentials of | [RFC9360]. Credentials of type CWT and CCS can be transported with | |||
type CWT and CCS can be transported with the COSE header parameters | the COSE header parameters registered in Section 10.6. | |||
registered in Section 10.6. | ||||
Appendix D. Authentication Related Verifications | Appendix D. Authentication-Related Verifications | |||
EDHOC performs certain authentication related operations, see | EDHOC performs certain authentication-related operations (see | |||
Section 3.5, but in general it is necessary to make additional | Section 3.5), but in general, it is necessary to make additional | |||
verifications beyond EDHOC message processing. Which verifications | verifications beyond EDHOC message processing. Which verifications | |||
that are needed depend on the deployment, in particular the trust | that are needed depend on the deployment, in particular, the trust | |||
model and the security policies, but most commonly it can be | model and the security policies, but most commonly, it can be | |||
expressed in terms of verifications of credential content. | expressed in terms of verifications of credential content. | |||
EDHOC assumes the existence of mechanisms (certification authority or | EDHOC assumes the existence of mechanisms (certification authority or | |||
other trusted third party, pre-provisioning, etc.) for generating and | other trusted third party, pre-provisioning, etc.) for generating and | |||
distributing authentication credentials and other credentials, as | distributing authentication credentials and other credentials, as | |||
well as the existence of trust anchors (CA certificates, trusted | well as the existence of trust anchors (CA certificates, trusted | |||
public keys, etc.). For example, a public key certificate or CWT may | public keys, etc.). For example, a public key certificate or CWT may | |||
rely on a trusted third party whose public key is pre-provisioned, | rely on a trusted third party whose public key is pre-provisioned, | |||
whereas a CCS or a self-signed certificate/CWT may be used when trust | whereas a CCS or a self-signed certificate / CWT may be used when | |||
in the public key can be achieved by other means, or in the case of | trust in the public key can be achieved by other means, or in the | |||
Trust on first use, see Appendix D.5. | case of trust on first use, see Appendix D.5. | |||
In this section we provide some examples of such verifications. | In this section, we provide some examples of such verifications. | |||
These verifications are the responsibility of the application but may | These verifications are the responsibility of the application but may | |||
be implemented as part of an EDHOC library. | be implemented as part of an EDHOC library. | |||
D.1. Validating the Authentication Credential | D.1. Validating the Authentication Credential | |||
The authentication credential may contain, in addition to the | In addition to the authentication key, the authentication credential | |||
authentication key, other parameters that needs to be verified. For | may contain other parameters that need to be verified. For example: | |||
example: | ||||
* In X.509 and C509 certificates, signature keys typically have key | * In X.509 and C509 certificates, signature keys typically have key | |||
usage "digitalSignature" and Diffie-Hellman public keys typically | usage "digitalSignature", and Diffie-Hellman public keys typically | |||
have key usage "keyAgreement" [RFC3279][RFC8410]. | have key usage "keyAgreement" [RFC3279] [RFC8410]. | |||
* In X.509 and C509 certificates validity is expressed using Not | * In X.509 and C509 certificates, validity is expressed using Not | |||
After and Not Before. In CWT and CCS, the “exp” and “nbf” claims | After and Not Before. In CWT and CCS, the "exp" and "nbf" claims | |||
have similar meanings. | have similar meanings. | |||
D.2. Identities | D.2. Identities | |||
The application must decide on allowing a connection or not depending | The application must decide on allowing a connection or not, | |||
on the intended endpoint, and in particular whether it is a specific | depending on the intended endpoint, and in particular whether it is a | |||
identity or in a set of identities. To prevent misbinding attacks, | specific identity or in a set of identities. To prevent misbinding | |||
the identity of the endpoint is included in a MAC verified through | attacks, the identity of the endpoint is included in a MAC verified | |||
the protocol. More details and examples are provided in this | through the protocol. More details and examples are provided in this | |||
section. | section. | |||
Policies for what connections to allow are typically set based on the | Policies for what connections to allow are typically set based on the | |||
identity of the other endpoint, and endpoints typically only allow | identity of the other endpoint, and endpoints typically only allow | |||
connections from a specific identity or a small restricted set of | connections from a specific identity or a small restricted set of | |||
identities. For example, in the case of a device connecting to a | identities. For example, in the case of a device connecting to a | |||
network, the network may only allow connections from devices which | network, the network may only allow connections from devices that | |||
authenticate with certificates having a particular range of serial | authenticate with certificates having a particular range of serial | |||
numbers and signed by a particular CA. Conversely, a device may only | numbers and signed by a particular CA. Conversely, a device may only | |||
be allowed to connect to a network which authenticates with a | be allowed to connect to a network that authenticates with a | |||
particular public key. | particular public key. | |||
* When a Public Key Infrastructure (PKI) is used with certificates, | * When a Public Key Infrastructure (PKI) is used with certificates, | |||
the identity is the subject whose unique name, e.g., a domain | the identity is the subject whose unique name, e.g., a domain | |||
name, a Network Access Identifier (NAI), or an Extended Unique | name, a Network Access Identifier (NAI), or an Extended Unique | |||
Identifier (EUI), is included in the endpoint's certificate. | Identifier (EUI), is included in the endpoint's certificate. | |||
* Similarly, when a PKI is used with CWTs, the identity is the | * Similarly, when a PKI is used with CWTs, the identity is the | |||
subject identified by the relevant claim(s), such as 'sub' | subject identified by the relevant claim(s), such as 'sub' | |||
(subject). | (subject). | |||
* When PKI is not used (e.g., CCS, self-signed certificate/CWT) the | * When PKI is not used (e.g., CCS, self-signed certificate / CWT), | |||
identity is typically directly associated with the authentication | the identity is typically directly associated with the | |||
key of the other party. For example, if identities can be | authentication key of the other party. For example, if identities | |||
expressed in the form of unique subject names assigned to public | can be expressed in the form of unique subject names assigned to | |||
keys, then a binding to identity is achieved by including both | public keys, then a binding to identity is achieved by including | |||
public key and associated subject name in the authentication | both the public key and associated subject name in the | |||
credential: CRED_I or CRED_R may be a self-signed certificate/CWT | authentication credential. CRED_I or CRED_R may be a self-signed | |||
or CCS containing the authentication key and the subject name, see | certificate / CWT or CCS containing the authentication key and the | |||
Section 3.5.2. Each endpoint thus needs to know the specific | subject name; see Section 3.5.2. Thus, each endpoint needs to | |||
authentication key/unique associated subject name, or set of | know the specific authentication key / unique associated subject | |||
public authentication keys/unique associated subject names, which | name or set of public authentication keys / unique associated | |||
it is allowed to communicate with. | subject names, which it is allowed to communicate with. | |||
To prevent misbinding attacks in systems where an attacker can | To prevent misbinding attacks in systems where an attacker can | |||
register public keys without proving knowledge of the private key, | register public keys without proving knowledge of the private key, | |||
SIGMA [SIGMA] enforces a MAC to be calculated over the "identity". | SIGMA [SIGMA] enforces a MAC to be calculated over the "identity". | |||
EDHOC follows SIGMA by calculating a MAC over the whole | EDHOC follows SIGMA by calculating a MAC over the whole | |||
authentication credential, which in case of an X.509 or C509 | authentication credential, which in case of an X.509 or C509 | |||
certificate includes the "subject" and "subjectAltName" fields, and | certificate, includes the "subject" and "subjectAltName" fields and, | |||
in the case of CWT or CCS includes the "sub" claim. | in the case of CWT or CCS, includes the "sub" claim. | |||
(While the SIGMA paper only focuses on the identity, the same | (While the SIGMA paper only focuses on the identity, the same | |||
principle is true for other information such as policies associated | principle is true for other information such as policies associated | |||
with the public key.) | with the public key.) | |||
D.3. Certification Path and Trust Anchors | D.3. Certification Path and Trust Anchors | |||
When a Public Key Infrastructure (PKI) is used with certificates, the | When a Public Key Infrastructure (PKI) is used with certificates, the | |||
trust anchor is a Certification Authority (CA) certificate. Each | trust anchor is a certification authority (CA) certificate. Each | |||
party needs at least one CA public key certificate, or just the CA | party needs at least one CA public key certificate or just the CA | |||
public key. The certification path contains proof that the subject | public key. The certification path contains proof that the subject | |||
of the certificate owns the public key in the certificate. Only | of the certificate owns the public key in the certificate. Only | |||
validated public-key certificates are to be accepted. | validated public key certificates are to be accepted. | |||
Similarly, when a PKI is used with CWTs, each party needs to have at | Similarly, when a PKI is used with CWTs, each party needs to have at | |||
least one trusted third party public key as trust anchor to verify | least one trusted third-party public key as a trust anchor to verify | |||
the end entity CWTs. The trusted third party public key can, e.g., | the end entity CWTs. The trusted third-party public key can, e.g., | |||
be stored in a self-signed CWT or in a CCS. | be stored in a self-signed CWT or in a CCS. | |||
The signature of the authentication credential needs to be verified | The signature of the authentication credential needs to be verified | |||
with the public key of the issuer. X.509 and C509 certificates | with the public key of the issuer. X.509 and C509 certificates | |||
includes the “Issuer” field. In CWT and CCS, the “iss” claim has a | includes the "Issuer" field. In CWT and CCS, the "iss" claim has a | |||
similar meaning. The public key is either a trust anchor or the | similar meaning. The public key is either a trust anchor or the | |||
public key in another valid and trusted credential in a certification | public key in another valid and trusted credential in a certification | |||
path from trust anchor to authentication credential. | path from the trust anchor to the authentication credential. | |||
Similar verifications as made with the authentication credential (see | Similar verifications as made with the authentication credential (see | |||
Appendix D.1) are also needed for the other credentials in the | Appendix D.1) are also needed for the other credentials in the | |||
certification path. | certification path. | |||
When PKI is not used (CCS, self-signed certificate/CWT), the trust | When PKI is not used (CCS and self-signed certificate / CWT), the | |||
anchor is the authentication key of the other party, in which case | trust anchor is the authentication key of the other party; in which | |||
there is no certification path. | case, there is no certification path. | |||
D.4. Revocation Status | D.4. Revocation Status | |||
The application may need to verify that the credentials are not | The application may need to verify that the credentials are not | |||
revoked, see Section 9.8. Some use cases may be served by short- | revoked; see Section 9.8. Some use cases may be served by short- | |||
lived credentials, for example, where the validity of the credential | lived credentials, for example, where the validity of the credential | |||
is on par with the interval between revocation checks. But, in | is on par with the interval between revocation checks. But, in | |||
general, credential lifetime and revocation checking are | general, credential lifetime and revocation checking are | |||
complementary measures to control credential status. Revocation | complementary measures to control credential status. Revocation | |||
information may be transported as External Authentication Data (EAD), | information may be transported as External Authorization Data (EAD); | |||
see Appendix E. | see Appendix E. | |||
D.5. Unauthenticated Operation | D.5. Unauthenticated Operation | |||
EDHOC might be used without authentication by allowing the Initiator | EDHOC might be used without authentication by allowing the Initiator | |||
or Responder to communicate with any identity except its own. Note | or Responder to communicate with any identity except its own. Note | |||
that EDHOC without mutual authentication is vulnerable to active on- | that EDHOC without mutual authentication is vulnerable to active on- | |||
path attacks and therefore unsafe for general use. However, it is | path attacks and therefore unsafe for general use. However, it is | |||
possible to later establish a trust relationship with an unknown or | possible to later establish a trust relationship with an unknown or | |||
not-yet-trusted endpoint. Some examples: | not-yet-trusted endpoint. Some examples are listed below: | |||
* The EDHOC authentication credential can be verified out-of-band at | * The EDHOC authentication credential can be verified out-of-band at | |||
a later stage. | a later stage. | |||
* The EDHOC session key can be bound to an identity out-of-band at a | * The EDHOC session key can be bound to an identity out-of-band at a | |||
later stage. | later stage. | |||
* Trust on first use (TOFU) can be used to verify that several EDHOC | * Trust on first use (TOFU) can be used to verify that several EDHOC | |||
connections are made to the same identity. TOFU combined with | connections are made to the same identity. TOFU combined with | |||
proximity is a common IoT deployment model which provides good | proximity is a common IoT deployment model that provides good | |||
security if done correctly. Note that secure proximity based on | security if done correctly. Note that secure proximity based on | |||
short range wireless technology requires very low signal strength | short range wireless technology requires very low signal strength | |||
or very low latency. | or very low latency. | |||
Appendix E. Use of External Authorization Data | Appendix E. Use of External Authorization Data | |||
In order to reduce the number of messages and round trips, or to | In order to reduce the number of messages and round trips, or to | |||
simplify processing, external security applications may be integrated | simplify processing, external security applications may be integrated | |||
into EDHOC by transporting related external authorization data (EAD) | into EDHOC by transporting related external authorization data (EAD) | |||
in the messages. | in the messages. | |||
The EAD format is specified in Section 3.8, this section contains | The EAD format is specified in Section 3.8. This section contains | |||
examples and further details of how EAD may be used with an | examples and further details of how EAD may be used with an | |||
appropriate accompanying specification. | appropriate accompanying specification. | |||
* One example is third party assisted authorization, requested with | * One example is third-party-assisted authorization, requested with | |||
EAD_1, and an authorization artifact (“voucher”, cf. [RFC8366]) | EAD_1, and an authorization artifact ("voucher", cf. [RFC8366]) | |||
returned in EAD_2, see [I-D.selander-lake-authz]. | returned in EAD_2; see [LAKE-AUTHZ]. | |||
* Another example is remote attestation, requested in EAD_2, and an | * Another example is remote attestation, requested in EAD_2, and an | |||
Entity Attestation Token (EAT, [I-D.ietf-rats-eat]) returned in | Entity Attestation Token (EAT) [EAT] returned in EAD_3. | |||
EAD_3. | ||||
* A third example is certificate enrolment, where a Certificate | * A third example is certificate enrollment, where a Certificate | |||
Signing Request (CSR, [RFC2986]) is included EAD_3, and the issued | Signing Request (CSR) [RFC2986] is included in EAD_3, and the | |||
public key certificate (X.509 [RFC5280], C509 | issued public key certificate (X.509 [RFC5280] and C509 | |||
[I-D.ietf-cose-cbor-encoded-cert]) or a reference thereof is | [C509-CERTS]) or a reference thereof is returned in EAD_4. | |||
returned in EAD_4. | ||||
External authorization data should be considered unprotected by | External authorization data should be considered unprotected by | |||
EDHOC, and the protection of EAD is the responsibility of the | EDHOC, and the protection of EAD is the responsibility of the | |||
security application (third party authorization, remote attestation, | security application (third-party authorization, remote attestation, | |||
certificate enrolment, etc.). The security properties of the EAD | certificate enrollment, etc.). The security properties of the EAD | |||
fields (after EDHOC processing) are discussed in Section 9.1. | fields (after EDHOC processing) are discussed in Section 9.1. | |||
The content of the EAD field may be used in the EDHOC processing of | The content of the EAD field may be used in the EDHOC processing of | |||
the message in which they are contained. For example, authentication | the message in which they are contained. For example, | |||
related information like assertions and revocation information, | authentication-related information, like assertions and revocation | |||
transported in EAD fields may provide input about trust anchors or | information, transported in EAD fields may provide input about trust | |||
validity of credentials relevant to the authentication processing. | anchors or validity of credentials relevant to the authentication | |||
The EAD fields (like ID_CRED fields) are therefore made available to | processing. The EAD fields (like ID_CRED fields) are therefore made | |||
the application before the message is verified, see details of | available to the application before the message is verified; see | |||
message processing in Section 5. In the first example above, a | details of message processing in Section 5. In the first example | |||
voucher in EAD_2 made available to the application can enable the | above, a voucher in EAD_2 made available to the application can | |||
Initiator to verify the identity or public key of the Responder | enable the Initiator to verify the identity or the public key of the | |||
before verifying the signature. An application allowing EAD fields | Responder before verifying the signature. An application allowing | |||
containing authentication information thus may need to handle | EAD fields containing authentication information thus may need to | |||
authentication related verifications associated with EAD processing. | handle authentication-related verifications associated with EAD | |||
processing. | ||||
Conversely, the security application may need to wait for EDHOC | Conversely, the security application may need to wait for EDHOC | |||
message verification to complete. In the third example above, the | message verification to complete. In the third example above, the | |||
validation of a CSR carried in EAD_3 is not started by the Responder | validation of a CSR carried in EAD_3 is not started by the Responder | |||
before EDHOC has successfully verified message_3 and proven the | before EDHOC has successfully verified message_3 and proven the | |||
possession of the private key of the Initiator. | possession of the private key of the Initiator. | |||
The security application may reuse EDHOC protocol fields which | The security application may reuse EDHOC protocol fields that | |||
therefore need to be available to the application. For example, the | therefore need to be available to the application. For example, the | |||
security application may use the same crypto algorithms as in the | security application may use the same crypto algorithms as in the | |||
EDHOC session and therefore needs access to the selected cipher suite | EDHOC session and therefore needs access to the selected cipher suite | |||
(or the whole SUITES_I). The application may use the ephemeral | (or the whole SUITES_I). The application may use the ephemeral | |||
public keys G_X and G_Y, as ephemeral keys or as nonces, see | public keys G_X and G_Y as ephemeral keys or as nonces; see | |||
[I-D.selander-lake-authz]. | [LAKE-AUTHZ]. | |||
The processing of the EAD item (ead_label, ? ead_value) by the | The processing of the EAD item (ead_label, ? ead_value) by the | |||
security application needs to be described in the specification where | security application needs to be described in the specification where | |||
the ead_label is registered, see Section 10.5, including the optional | the ead_label is registered (see Section 10.5), including the | |||
ead_value for each message and actions in case of errors. An | optional ead_value for each message and actions in case of errors. | |||
application may support multiple security applications that make use | An application may support multiple security applications that make | |||
of EAD, which may result in multiple EAD items in one EAD field, see | use of EAD, which may result in multiple EAD items in one EAD field; | |||
Section 3.8. Any dependencies on security applications with | see Section 3.8. Any dependencies on security applications with | |||
previously registered EAD items needs to be documented, and the | previously registered EAD items need to be documented, and the | |||
processing needs to consider their simultaneous use. | processing needs to consider their simultaneous use. | |||
Since data carried in EAD may not be protected, or be processed by | Since data carried in EAD may not be protected, or processed by the | |||
the application before the EDHOC message is verified, special | application before the EDHOC message is verified, special | |||
considerations need to be made such that it does not violate security | considerations need to be made such that it does not violate security | |||
and privacy requirements of the service which uses this data, see | and privacy requirements of the service that uses this data; see | |||
Section 9.5. The content in an EAD item may impact the security | Section 9.5. The content in an EAD item may impact the security | |||
properties provided by EDHOC. Security applications making use of | properties provided by EDHOC. Security applications making use of | |||
the EAD items must perform the necessary security analysis. | the EAD items must perform the necessary security analysis. | |||
Appendix F. Application Profile Example | Appendix F. Application Profile Example | |||
This appendix contains a rudimentary example of an application | This appendix contains a rudimentary example of an application | |||
profile, see Section 3.9. | profile; see Section 3.9. | |||
For use of EDHOC with application X the following assumptions are | For use of EDHOC with application X, the following assumptions are | |||
made: | made: | |||
1. Transfer in CoAP as specified in Appendix A.2 with requests | 1. Transfer in CoAP as specified in Appendix A.2 with requests | |||
expected by the CoAP server (= Responder) at /app1-edh, no | expected by the CoAP server (= Responder) at /app1-edh, no | |||
Content-Format needed. | Content-Format needed. | |||
2. METHOD = 1 (I uses signature key, R uses static DH key.) | 2. METHOD = 1 (I uses signature key; R uses static DH key.) | |||
3. CRED_I is an IEEE 802.1AR IDevID encoded as a C509 certificate of | 3. CRED_I is encoded with IEEE 802.1AR IDevID as a C509 certificate | |||
type 0 [I-D.ietf-cose-cbor-encoded-cert]. | of type 0 [C509-CERTS]. | |||
* R acquires CRED_I out-of-band, indicated in EAD_1. | * R acquires CRED_I out-of-band, indicated in EAD_1. | |||
* ID_CRED_I = {4: h''} is a 'kid' with value the empty CBOR byte | * ID_CRED_I = {4: h''} is a 'kid' with the value of the empty | |||
string. | CBOR byte string. | |||
4. CRED_R is a CCS of type OKP as specified in Section 3.5.2. | 4. CRED_R is a CCS of type OKP as specified in Section 3.5.2. | |||
* The CBOR map has parameters 1 (kty), -1 (crv), and -2 | * The CBOR map has parameters 1 (kty), -1 (crv), and -2 | |||
(x-coordinate). | (x-coordinate). | |||
* ID_CRED_R is {TBD2 : CCS}. Editor's note: TBD2 is the COSE | * ID_CRED_R is {14 : CCS}. | |||
header parameter value of 'kccs', see Section 10.6 | ||||
5. External authorization data is defined and processed as specified | 5. External authorization data is defined and processed as specified | |||
in [I-D.selander-lake-authz]. | in [LAKE-AUTHZ]. | |||
6. EUI-64 is used as the identity of the endpoint (see example in | 6. EUI-64 is used as the identity of the endpoint (see an example in | |||
Section 3.5.2). | Section 3.5.2). | |||
7. No use of message_4: the application sends protected messages | 7. No use of message_4. The application sends protected messages | |||
from R to I. | from R to I. | |||
Appendix G. Long PLAINTEXT_2 | Appendix G. Long PLAINTEXT_2 | |||
By the definition of encryption of PLAINTEXT_2 with KEYSTREAM_2, it | By the definition of encryption of PLAINTEXT_2 with KEYSTREAM_2, it | |||
is limited to lengths of PLAINTEXT_2 not exceeding the output of | is limited to lengths of PLAINTEXT_2 not exceeding the output of | |||
EDHOC_KDF, see Section 4.1.2. If the EDHOC hash algorithm is SHA-2 | EDHOC_KDF; see Section 4.1.2. If the EDHOC hash algorithm is SHA-2, | |||
then HKDF-Expand is used, which limits the length of the EDHOC_KDF | then HKDF-Expand is used, which limits the length of the EDHOC_KDF | |||
output to 255 ⋅ hash_length, where hash_length is the length of the | output to 255 ⋅ hash_length, where hash_length is the length of the | |||
output of the EDHOC hash algorithm given by the cipher suite. For | output of the EDHOC hash algorithm given by the cipher suite. For | |||
example, with SHA-256 as EDHOC hash algorithm, the length of the hash | example, with SHA-256 as an EDHOC hash algorithm, the length of the | |||
output is 32 bytes and the maximum length of PLAINTEXT_2 is 255 ⋅ 32 | hash output is 32 bytes and the maximum length of PLAINTEXT_2 is 255 | |||
= 8160 bytes. | ⋅ 32 = 8160 bytes. | |||
While PLAINTEXT_2 is expected to be much shorter than 8 kB for the | While PLAINTEXT_2 is expected to be much shorter than 8 kB for the | |||
intended use cases, it seems nevertheless prudent to specify a | intended use cases, it seems nevertheless prudent to specify a | |||
solution for the event that this should turn out to be a limitation. | solution for the event that this should turn out to be a limitation. | |||
A potential work-around is to use a cipher suite with a different | A potential work-around is to use a cipher suite with a different | |||
hash function. In particular, the use of KMAC removes all practical | hash function. In particular, the use of KMAC removes all practical | |||
limitations in this respect. | limitations in this respect. | |||
This section specifies a solution which works with any hash function, | This section specifies a solution that works with any hash function | |||
by making use of multiple invocations of HKDF-Expand and negative | by making use of multiple invocations of HKDF-Expand and negative | |||
values of info_label. | values of info_label. | |||
Consider the PLAINTEXT_2 partitioned in parts P(i) of length equal to | Consider the PLAINTEXT_2 partitioned in parts P(i) of length equal to | |||
M = 255 ⋅ hash_length, except possibly the last part P(last) which | M = 255 ⋅ hash_length, except possibly the last part P(last), which | |||
has 0 < length ≤ M. | has 0 < length ≤ M. | |||
PLAINTEXT_2 = P(0) | P(1) | ... | P(last) | PLAINTEXT_2 = P(0) | P(1) | ... | P(last) | |||
where | indicates concatenation. | where "|" indicates concatenation. | |||
The object is to define a matching KEYSTREAM_2 of the same length and | The object is to define a matching KEYSTREAM_2 of the same length and | |||
perform the encryption in the same way as defined in Section 5.3.2: | perform the encryption in the same way as defined in Section 5.3.2: | |||
CIPHERTEXT_2 = PLAINTEXT_2 XOR KEYSTREAM_2 | CIPHERTEXT_2 = PLAINTEXT_2 XOR KEYSTREAM_2 | |||
Define the keystream as: | Define the keystream as: | |||
KEYSTREAM_2 = OKM(0) | OKM(1) | ... | OKM(last) | KEYSTREAM_2 = OKM(0) | OKM(1) | ... | OKM(last) | |||
where | where: | |||
OKM(i) = EDHOC_KDF( PRK_2e, -i, TH_2, length(P(i)) ) | OKM(i) = EDHOC_KDF( PRK_2e, -i, TH_2, length(P(i)) ) | |||
Note that if length(PLAINTEXT_2) ≤ M then P(0) = PLAINTEXT_2 and the | Note that if length(PLAINTEXT_2) ≤ M, then P(0) = PLAINTEXT_2 and the | |||
definition of KEYSTREAM_2 = OKM(0) coincides with Figure 8. | definition of KEYSTREAM_2 = OKM(0) coincides with Figure 6. | |||
This describes the processing of the Responder when sending | This describes the processing of the Responder when sending | |||
message_2. The Initiator makes the same calculations when receiving | message_2. The Initiator makes the same calculations when receiving | |||
message_2, but interchanging PLAINTEXT_2 and CIPHERTEXT_2. | message_2 but interchanging PLAINTEXT_2 and CIPHERTEXT_2. | |||
An application profile may specify if it supports or not the method | An application profile may specify if it supports or does not support | |||
described in this appendix. | the method described in this appendix. | |||
Appendix H. EDHOC_KeyUpdate | Appendix H. EDHOC_KeyUpdate | |||
To provide forward secrecy in an even more efficient way than re- | To provide forward secrecy in an even more efficient way than re- | |||
running EDHOC, this section specifies the optional function | running EDHOC, this section specifies the optional function | |||
EDHOC_KeyUpdate in terms of EDHOC_KDF and PRK_out. | EDHOC_KeyUpdate in terms of EDHOC_KDF and PRK_out. | |||
When EDHOC_KeyUpdate is called, a new PRK_out is calculated as a | When EDHOC_KeyUpdate is called, a new PRK_out is calculated as the | |||
"hash" of the old PRK_out using the EDHOC_Expand function as | output of the EDHOC_Expand function with the old PRK_out as input. | |||
illustrated by the following pseudocode. The change of PRK_out | The change of PRK_out causes a change to PRK_exporter, which enables | |||
causes a change to PRK_exporter which enables the derivation of new | the derivation of new application keys superseding the old ones, | |||
application keys superseding the old ones, using EDHOC_Exporter, see | using EDHOC_Exporter; see Section 4.2.1. The process is illustrated | |||
Section 4.2.1. | by the following pseudocode. | |||
EDHOC_KeyUpdate( context ): | EDHOC_KeyUpdate( context ): | |||
new PRK_out = EDHOC_KDF( old PRK_out, 11, context, hash_length ) | new PRK_out = EDHOC_KDF( old PRK_out, 11, context, hash_length ) | |||
new PRK_exporter = EDHOC_KDF( new PRK_out, 10, h'', hash_length ) | new PRK_exporter = EDHOC_KDF( new PRK_out, 10, h'', hash_length ) | |||
where hash_length denotes the output size in bytes of the EDHOC hash | where hash_length denotes the output size in bytes of the EDHOC hash | |||
algorithm of the selected cipher suite. | algorithm of the selected cipher suite. | |||
The EDHOC_KeyUpdate takes a context as input to enable binding of the | The EDHOC_KeyUpdate takes the context as input to enable binding of | |||
updated PRK_out to some event that triggered the key update. The | the updated PRK_out to some event that triggered the key update. The | |||
Initiator and the Responder need to agree on the context, which can, | Initiator and Responder need to agree on the context, which can, | |||
e.g., be a counter, a pseudorandom number, or a hash. To provide | e.g., be a counter, a pseudorandom number, or a hash. To provide | |||
forward secrecy the old PRK_out and keys derived from it (old | forward secrecy, the old PRK_out and keys derived from it (old | |||
PRK_exporter and old application keys) must be deleted as soon as | PRK_exporter and old application keys) must be deleted as soon as | |||
they are not needed. When to delete the old keys and how to verify | they are not needed. When to delete the old keys and how to verify | |||
that they are not needed is up to the application. | that they are not needed is up to the application. Note that the | |||
security properties depend on the type of context and the number of | ||||
KeyUpdate iterations. | ||||
An application using EDHOC_KeyUpdate needs to store PRK_out. | An application using EDHOC_KeyUpdate needs to store PRK_out. | |||
Compromise of PRK_out leads to compromise of all keying material | Compromise of PRK_out leads to compromise of all keying material | |||
derived with the EDHOC_Exporter since the last invocation of the | derived with the EDHOC_Exporter since the last invocation of the | |||
EDHOC_KeyUpdate function. | EDHOC_KeyUpdate function. | |||
While this key update method provides forward secrecy it does not | While this key update method provides forward secrecy, it does not | |||
give as strong security properties as re-running EDHOC. | give as strong security properties as re-running EDHOC. | |||
EDHOC_KeyUpdate can be used to meet cryptographic limits and provide | EDHOC_KeyUpdate can be used to meet cryptographic limits and provide | |||
partial protection against key leakage, but it provides significantly | partial protection against key leakage, but it provides significantly | |||
weaker security properties than re-running EDHOC with ephemeral | weaker security properties than re-running EDHOC with ephemeral | |||
Diffie-Hellman. Even with frequent use of EDHOC_KeyUpdate, | Diffie-Hellman. Even with frequent use of EDHOC_KeyUpdate, | |||
compromise of one session key compromises all future session keys, | compromise of one session key compromises all future session keys, | |||
and an attacker therefore only needs to perform static key | and an attacker therefore only needs to perform static key | |||
exfiltration [RFC7624], which is less complicated and has a lower | exfiltration [RFC7624], which is less complicated and has a lower | |||
risk profile than the dynamic case, see Section 9.1. | risk profile than the dynamic case; see Section 9.1. | |||
A similar method to do key update for OSCORE is KUDOS, see | A similar method to do a key update for OSCORE is KUDOS; see [KUDOS]. | |||
[I-D.ietf-core-oscore-key-update]. | ||||
Appendix I. Example Protocol State Machine | Appendix I. Example Protocol State Machine | |||
This appendix describes an example protocol state machine for the | This appendix describes an example protocol state machine for the | |||
Initiator and for the Responder. States are denoted in all capitals | Initiator and Responder. States are denoted in all capitals, and | |||
and parentheses denote actions taken only in some circumstances. | parentheses denote actions taken only in some circumstances. | |||
Note that this state machine is just an example, and that details of | Note that this state machine is just an example, and that details of | |||
processing are omitted, for example: | processing are omitted. For example: | |||
* When error messages are being sent (with one exception) | * when error messages are being sent (with one exception); | |||
* How credentials and EAD are processed by EDHOC and the application | * how credentials and EAD are processed by EDHOC and the application | |||
in the RCVD state | in the RCVD state; and | |||
* What verifications are made, which includes not only MACs and | * what verifications are made, which includes not only MACs and | |||
signatures | signatures. | |||
I.1. Initiator State Machine | I.1. Initiator State Machine | |||
The Initiator sends message_1, triggering the state machine to | The Initiator sends message_1, triggering the state machine to | |||
transition from START to WAIT_M2, and waits for message_2. | transition from START to WAIT_M2, and waits for message_2. | |||
If the incoming message is an error message then the Initiator | If the incoming message is an error message, then the Initiator | |||
transitions from WAIT_M2 to ABORTED. In case of error code 2 (Wrong | transitions from WAIT_M2 to ABORTED. In case of error code 2 (Wrong | |||
Selected Cipher Suite), the Initiator remembers the supported cipher | Selected Cipher Suite), the Initiator remembers the supported cipher | |||
suites for this particular Responder and transitions from ABORTED to | suites for this particular Responder and transitions from ABORTED to | |||
START. The message_1 that the Initiator subsequently sends takes | START. The message_1 that the Initiator subsequently sends takes | |||
into account the cipher suites supported by the Responder. | into account the cipher suites supported by the Responder. | |||
Upon receiving a non-error message, the Initiator transitions from | Upon receiving a non-error message, the Initiator transitions from | |||
WAIT_M2 to RCVD_M2 and processes the message. If a processing error | WAIT_M2 to RCVD_M2 and processes the message. If a processing error | |||
occurs on message_2, then the Initiator transitions from RCVD_M2 to | occurs on message_2, then the Initiator transitions from RCVD_M2 to | |||
ABORTED. In case of successful processing of message_2, the | ABORTED. In case of successful processing of message_2, the | |||
Initiator transitions from RCVD_M2 to VRFD_M2. | Initiator transitions from RCVD_M2 to VRFD_M2. | |||
The Initiator prepares and processes message_3 for sending. If any | The Initiator prepares and processes message_3 for sending. If any | |||
processing error is encountered, the Initiator transitions from | processing error is encountered, the Initiator transitions from | |||
VRFD_M2 to ABORTED. If message_3 is successfully sent, the Initiator | VRFD_M2 to ABORTED. If message_3 is successfully sent, the Initiator | |||
transitions from VRFD_M2 to COMPLETED. | transitions from VRFD_M2 to COMPLETED. | |||
If the application profile includes message_4, then the Initiator | If the application profile includes message_4, then the Initiator | |||
waits for message_4. If the incoming message is an error message | waits for message_4. If the incoming message is an error message, | |||
then the Initiator transitions from COMPLETED to ABORTED. Upon | then the Initiator transitions from COMPLETED to ABORTED. Upon | |||
receiving a non-error message, the Initiator transitions from | receiving a non-error message, the Initiator transitions from | |||
COMPLETED (="WAIT_M4") to RCVD_M4 and processes the message. If a | COMPLETED (="WAIT_M4") to RCVD_M4 and processes the message. If a | |||
processing error occurs on message_4, then the Initiator transitions | processing error occurs on message_4, then the Initiator transitions | |||
from RCVD_M4 to ABORTED. In case of successful processing of | from RCVD_M4 to ABORTED. In case of successful processing of | |||
message_4, the Initiator transitions from RCVD_M4 to PERSISTED | message_4, the Initiator transitions from RCVD_M4 to PERSISTED | |||
(="VRFD_M4"). | (="VRFD_M4"). | |||
If the application profile does not include message_4, then the | If the application profile does not include message_4, then the | |||
Initiator waits for an incoming application message. If the | Initiator waits for an incoming application message. If the | |||
skipping to change at page 98, line 37 ¶ | skipping to change at line 4537 ¶ | |||
| | (Receive message_4) | | | | (Receive message_4) | | |||
| | | | | | | | |||
| (Processing error) v | (Verify | | (Processing error) v | (Verify | |||
+------------------- (RCVD_M4) | application | +------------------- (RCVD_M4) | application | |||
| | message) | | | message) | |||
| (Verify message_4) | | | (Verify message_4) | | |||
| | | | | | |||
v | | v | | |||
PERSISTED <---------------+ | PERSISTED <---------------+ | |||
Figure 12: Initiator State Machine | ||||
I.2. Responder State Machine | I.2. Responder State Machine | |||
Upon receiving message_1, the Responder transitions from START to | Upon receiving message_1, the Responder transitions from START to | |||
RCVD_M1. | RCVD_M1. | |||
If a processing error occurs on message_1, the Responder transitions | If a processing error occurs on message_1, the Responder transitions | |||
from RCVD_M1 to ABORTED. This includes sending error message with | from RCVD_M1 to ABORTED. This includes sending an error message with | |||
error code 2 (Wrong Selected Cipher Suite) if the selected cipher | error code 2 (Wrong Selected Cipher Suite) if the selected cipher | |||
suite in message_1 is not supported. In case of successful | suite in message_1 is not supported. In case of successful | |||
processing of message_1, the Responder transitions from RCVD_M1 to | processing of message_1, the Responder transitions from RCVD_M1 to | |||
VRFD_M1. | VRFD_M1. | |||
The Responder prepares and processes message_2 for sending. If any | The Responder prepares and processes message_2 for sending. If any | |||
processing error is encountered, the Responder transitions from | processing error is encountered, the Responder transitions from | |||
VRFD_M1 to ABORTED. If message_2 is successfully sent, the Initiator | VRFD_M1 to ABORTED. If message_2 is successfully sent, the Initiator | |||
transitions from VRFD_M2 to WAIT_M3, and waits for message_3. | transitions from VRFD_M2 to WAIT_M3 and waits for message_3. | |||
If the incoming message is an error message then the Responder | If the incoming message is an error message, then the Responder | |||
transitions from WAIT_M3 to ABORTED. | transitions from WAIT_M3 to ABORTED. | |||
Upon receiving message_3, the Responder transitions from WAIT_M3 to | Upon receiving message_3, the Responder transitions from WAIT_M3 to | |||
RCVD_M3. If a processing error occurs on message_3, the Responder | RCVD_M3. If a processing error occurs on message_3, the Responder | |||
transitions from RCVD_M3 to ABORTED. In case of successful | transitions from RCVD_M3 to ABORTED. In case of successful | |||
processing of message_3, the Responder transitions from RCVD_M3 to | processing of message_3, the Responder transitions from RCVD_M3 to | |||
COMPLETED (="VRFD_M3"). | COMPLETED (="VRFD_M3"). | |||
If the application profile includes message_4, the Responder prepares | If the application profile includes message_4, the Responder prepares | |||
and processes message_4 for sending. If any processing error is | and processes message_4 for sending. If any processing error is | |||
skipping to change at page 100, line 5 ¶ | skipping to change at line 4605 ¶ | |||
| | Verify message_3 | | | Verify message_3 | |||
| | | | | | |||
| (Processing error) v | | (Processing error) v | |||
+------------------- COMPLETED | +------------------- COMPLETED | |||
| | | | |||
| (Send message_4) | | (Send message_4) | |||
| | | | |||
v | v | |||
PERSISTED | PERSISTED | |||
Appendix J. Change Log | Figure 13: Responder State Machine | |||
RFC Editor: Please remove this appendix. | ||||
* From -21 to -22 | ||||
- Normative text on transport capabilities. | ||||
* From -20 to -21 | ||||
- Recommendation to use chain instead of bag | ||||
- Improved text about | ||||
o denial-of-service | ||||
o deriving secret and non-secret randomness from the same KDF | ||||
instance | ||||
o practical security against quantum computers | ||||
- Clarifications, including | ||||
o several updates section 3.4. Transport | ||||
o descriptions in COSE IANA registration | ||||
o encoding in Figure 5, reading of Figure 17 | ||||
- Removed term "dummy" | ||||
- Harmonizing captions | ||||
- Updated references | ||||
- Acknowledgments | ||||
* From -19 to -20 | ||||
- C_R encrypted in message_2 | ||||
- C_R removed from TH_2 | ||||
- Error code for unknown referenced credential | ||||
- Error code 0 (success) explicitly reserved | ||||
- Message deduplication section moved from appendix to body | ||||
- Terminology | ||||
o discontinued -> aborted | ||||
o protocol run / exchange -> session | ||||
- Clarifications, in particular | ||||
o when to derive application keys | ||||
o the role of the application for authentication | ||||
- Security considerations for kccs and kcwt | ||||
- Updated references | ||||
* From -18 to -19 | ||||
- Clarifications: | ||||
o Relation to SIGMA | ||||
o Role of Static DH | ||||
o Initiator and Responder roles | ||||
o Transport properties | ||||
o Construction of SUITES_I | ||||
o Message correlation, new subsection 3.4.1, replacing former | ||||
appendix H | ||||
o Role of description about long PLAINTEXT_2 | ||||
o ead_label and ead_value | ||||
o Message processing (Section 5) | ||||
o Padding | ||||
o Cipher suite negotiation example | ||||
- Other updates: | ||||
o Improved and stricter normative text in Appendix A | ||||
o Naming and separate sections for the two message flows in | ||||
Appendix A: Forward/Reverse message flow, | ||||
o Table index style captions | ||||
o Aligning with COSE terminology: header map -> header_map | ||||
o Aligning terminology, use of "_" instead of "-" | ||||
o Prefixing "EDHOC_" to functions | ||||
o Updated list of security analysis papers | ||||
o New appendix with example state machine | ||||
o Acknowledgements | ||||
o Language improvements by native English speakers | ||||
o Updated IANA section with registration procedures | ||||
o New and updated references | ||||
o Removed appendix H | ||||
* From -17 to -18 | ||||
- Padding realised as EAD with ead_label = 0, PAD fields removed | ||||
- Revised EAD syntax; ead is now EAD item; ead_value is now | ||||
optional | ||||
- Clarifications of | ||||
o Identifier representation | ||||
o Authentication credentials | ||||
o RPK | ||||
o Encoding of ID_CRED with kid | ||||
o Representation of public keys, y-coordinate of ephemeral | ||||
keys and validation | ||||
o Processing after completed protocol | ||||
o Making verifications available to the application | ||||
o Relation between EDHOC and OSCORE identifiers | ||||
- Terminology alignment in particular session / protocol; | ||||
discontinue / terminate | ||||
- Updated CDDL | ||||
- Additional unicode encodings | ||||
- Large number of nits from WGLC | ||||
* From -16 to -17 | ||||
- EDHOC-KeyUpdate moved to appendix | ||||
- Updated peer awareness properties based on SIGMA | ||||
- Clarify use of random connection identifiers | ||||
- Editorials related to appendix about messages with long | ||||
PLAINTEXT_2 | ||||
- Updated acknowledgments (have we forgotten someone else? please | ||||
send email) | ||||
* From -15 to -16 | ||||
- TH_2 used as salt in the derivation of PRK_2e | ||||
- CRED_R/CRED_I included in TH_3/TH_4 | ||||
- Distinguish label used in info, exporter or elsewhere | ||||
- New appendix for optional handling arbitrarily large message_2 | ||||
o info_label type changed to int to support this | ||||
- Updated security considerations | ||||
- Implementation note about identifiers which are bstr/int | ||||
- Clarifications, especifically about compact representation | ||||
- Type bug fix in CDDL section | ||||
* From -14 to -15 | ||||
- Connection identifiers and key identifiers are now byte strings | ||||
o Represented as CBOR bstr in the EDHOC message | ||||
+ Unless they happen to encode a one-byte CBOR int | ||||
o More examples | ||||
- EAD updates and details | ||||
o Definition of EAD item | ||||
o Definition of critical / non-critical EAD item | ||||
- New section in Appendix D: Unauthenticated Operation | ||||
- Clarifications | ||||
o Lengths used in EDHOC-KDF | ||||
o Key derivation from PRK_out | ||||
+ EDHOC-KeyUpdate and EDHOC-Exporter | ||||
o Padding | ||||
- Security considerations | ||||
o When a change in a message is detected | ||||
o Confidentiality in case of active attacks | ||||
o Connection identifiers should be unpredictable | ||||
o Maximum length of message_2 | ||||
- Minor bugs | ||||
* From -13 to -14 | ||||
- Merge of section 1.1 and 1.2 | ||||
- Connection and key identifiers restricted to be byte strings | ||||
- Representation of byte strings as one-byte CBOR ints (-24..23) | ||||
- Simplified mapping between EDHOC and OSCORE identifiers | ||||
- Rewrite of 3.5 | ||||
o Clarification of authentication related operations performed | ||||
by EDHOC | ||||
o Authentication related verifications, including old section | ||||
3.5.1, moved to new appendix D | ||||
- Rewrite of 3.8 | ||||
o Move content about use of EAD to new appendix E | ||||
o ead_value changed to bstr | ||||
- EDHOC-KDF updated | ||||
o transcript_hash argument removed | ||||
o TH included in context argument | ||||
o label argument is now type uint, all labels replaced | ||||
- Key schedule updated | ||||
o New salts derived to avoid reuse of same key with expand and | ||||
extract | ||||
o PRK_4x3m renamed PRK_4e3m | ||||
o K_4 and IV_4 derived from PRK_4e3m | ||||
o New PRK: PRK_out derived from PRK_4e3m and TH_4 | ||||
o Clarified main output of EDHOC is the shared secret PRK_out | ||||
o Exporter defined by EDHOC-KDF and new PRK PRK_exporter | ||||
derived from PRK_out | ||||
o Key update defined by Expand instead of Extract | ||||
- All applications of EDHOC-KDF in one place | ||||
- Update of processing | ||||
o EAD and ID_CRED passed to application when available | ||||
o identity verification and credential retrieval omitted in | ||||
protocol description | ||||
o Transcript hash defined by plaintext messages instead of | ||||
ciphertext | ||||
o Changed order of input to TH_2 | ||||
o Removed general G_X checking against selfie-attacks | ||||
- Support for padding of plaintext | ||||
- Updated compliance requirements | ||||
- Updated security considerations | ||||
o Updated and more clear requirements on MAC length | ||||
o Clarification of key confirmation | ||||
o Forbid use of same key for signature and static DH | ||||
- Updated appendix on message deduplication | ||||
- Clarifications of | ||||
o connection identifiers | ||||
o cipher suites, including negotiation | ||||
o EAD | ||||
o Error messages | ||||
- Updated media types | ||||
- Applicability template renamed application profile | ||||
- Editorials | ||||
* From -12 to -13 | ||||
- no changes | ||||
* From -12: | ||||
- Shortened labels to derive OSCORE key and salt | ||||
- ead_value changed to bstr | ||||
- Removed general G_X checking against selfie-attacks | ||||
- Updated and more clear requirements on MAC length | ||||
- Clarifications from Kathleen, Stephen, Marco, Sean, Stefan, | ||||
- Authentication Related Verifications moved to appendix | ||||
- Updated MTI section and cipher suite | ||||
- Updated security considerations | ||||
* From -11 to -12: | ||||
- Clarified applicability to KEMs | ||||
- Clarified use of COSE header parameters | ||||
- Updates on MTI | ||||
- Updated security considerations | ||||
- New section on PQC | ||||
- Removed duplicate definition of cipher suites | ||||
- Explanations of use of COSE moved to Appendix C.3 | ||||
- Updated internal references | ||||
* From -10 to -11: | ||||
- Restructured section on authentication parameters | ||||
- Changed UCCS to CCS | ||||
- Changed names and description of COSE header parameters for | ||||
CWT/CCS | ||||
- Changed several of the KDF and Exporter labels | ||||
- Removed edhoc_aead_id from info (already in transcript_hash) | ||||
- Added MTI section | ||||
- EAD: changed CDDL names and added value type to registry | ||||
- Updated Figures 1, 2, and 3 | ||||
- Some correction and clarifications | ||||
- Added core.edhoc to CoRE Resource Type registry | ||||
* From -09 to -10: | ||||
- SUITES_I simplified to only contain the selected and more | ||||
preferred suites | ||||
- Info is a CBOR sequence and context is a bstr | ||||
- Added kid to UCCS example | ||||
- Separate header parameters for CWT and UCCS | ||||
- CWT Confirmation Method kid extended to bstr / int | ||||
* From -08 to -09: | ||||
- G_Y and CIPHERTEXT_2 are now included in one CBOR bstr | ||||
- MAC_2 and MAC_3 are now generated with EDHOC-KDF | ||||
- Info field “context” is now general and explicit in EDHOC-KDF | ||||
- Restructured Section 4, Key Derivation | ||||
- Added EDHOC MAC length to cipher suite for use with static DH | ||||
- More details on the use of CWT and UCCS | ||||
- Restructured and clarified Section 3.5, Authentication | ||||
Parameters | ||||
- Replaced 'kid2' with extension of 'kid' | ||||
- EAD encoding now supports multiple ead types in one message | ||||
- Clarified EAD type | ||||
- Updated message sizes | ||||
- Replaced “perfect forward secrecy” with “forward secrecy” | ||||
- Updated security considerations | ||||
- Replaced prepended 'null' with 'true' in the CoAP transport of | ||||
message_1 | ||||
- Updated CDDL definitions | ||||
- Expanded on the use of COSE | ||||
* From -07 to -08: | ||||
- Prepended C_x moved from the EDHOC protocol itself to the | ||||
transport mapping | ||||
- METHOD_CORR renamed to METHOD, corr removed | ||||
- Removed bstr_identifier and use bstr / int instead; C_x can now | ||||
be int without any implied bstr semantics | ||||
- Defined COSE header parameter 'kid2' with value type bstr / int | ||||
for use with ID_CRED_x | ||||
- Updated message sizes | ||||
- New cipher suites with AES-GCM and ChaCha20 / Poly1305 | ||||
- Changed from one- to two-byte identifier of CNSA compliant | ||||
suite | ||||
- Separate sections on transport and connection id with further | ||||
sub-structure | ||||
- Moved back key derivation for OSCORE from draft-ietf-core- | ||||
oscore-edhoc | ||||
- OSCORE and CoAP specific processing moved to new appendix | ||||
- Message 4 section moved to message processing section | ||||
* From -06 to -07: | ||||
- Changed transcript hash definition for TH_2 and TH_3 | ||||
- Removed "EDHOC signature algorithm curve" from cipher suite | ||||
- New IANA registry "EDHOC Exporter Label" | ||||
- New application defined parameter "context" in EDHOC-Exporter | ||||
- Changed normative language for failure from MUST to SHOULD send | ||||
error | ||||
- Made error codes non-negative and 0 for success | ||||
- Added detail on success error code | ||||
- Aligned terminology "protocol instance" -> "session" | ||||
- New appendix on compact EC point representation | ||||
- Added detail on use of ephemeral public keys | ||||
- Moved key derivation for OSCORE to draft-ietf-core-oscore-edhoc | ||||
- Additional security considerations | ||||
- Renamed "Auxililary Data" as "External Authorization Data" | ||||
- Added encrypted EAD_4 to message_4 | ||||
* From -05 to -06: | ||||
- New section 5.2 "Message Processing Outline" | ||||
- Optional inital byte C_1 = null in message_1 | ||||
- New format of error messages, table of error codes, IANA | ||||
registry | ||||
- Change of recommendation transport of error in CoAP | ||||
- Merge of content in 3.7 and appendix C into new section 3.7 | ||||
"Applicability Statement" | ||||
- Requiring use of deterministic CBOR | ||||
- New section on message deduplication | ||||
- New appendix containin all CDDL definitions | ||||
- New appendix with change log | ||||
- Removed section "Other Documents Referencing EDHOC" | ||||
- Clarifications based on review comments | ||||
* From -04 to -05: | ||||
- EDHOC-Rekey-FS -> EDHOC-KeyUpdate | ||||
- Clarification of cipher suite negotiation | ||||
- Updated security considerations | ||||
- Updated test vectors | ||||
- Updated applicability statement template | ||||
* From -03 to -04: | ||||
- Restructure of section 1 | ||||
- Added references to C509 Certificates | ||||
- Change in CIPHERTEXT_2 -> plaintext XOR KEYSTREAM_2 (test | ||||
vector not updated) | ||||
- "K_2e", "IV_2e" -> KEYSTREAM_2 | ||||
- Specified optional message 4 | ||||
- EDHOC-Exporter-FS -> EDHOC-Rekey-FS | ||||
- Less constrained devices SHOULD implement both suite 0 and 2 | ||||
- Clarification of error message | ||||
- Added exporter interface test vector | ||||
* From -02 to -03: | ||||
- Rearrangements of section 3 and beginning of section 4 | ||||
- Key derivation new section 4 | ||||
- Cipher suites 4 and 5 added | ||||
- EDHOC-EXPORTER-FS - generate a new PRK_4x3m from an old one | ||||
- Change in CIPHERTEXT_2 -> COSE_Encrypt0 without tag (no change | ||||
to test vector) | ||||
- Clarification of error message | ||||
- New appendix C applicability statement | ||||
* From -01 to -02: | ||||
- New section 1.2 Use of EDHOC | ||||
- Clarification of identities | ||||
- New section 4.3 clarifying bstr_identifier | ||||
- Updated security considerations | ||||
- Updated text on cipher suite negotiation and key confirmation | ||||
- Test vector for static DH | ||||
* From -00 to -01: | ||||
- Removed PSK method | ||||
- Removed references to certificate by value | ||||
Acknowledgments | Acknowledgments | |||
The authors want to thank Christian Amsüss, Alessandro Bruni, | The authors want to thank Christian Amsüss, Karthikeyan Bhargavan, | |||
Karthikeyan Bhargavan, Carsten Bormann, Timothy Claeys, Baptiste | Carsten Bormann, Alessandro Bruni, Timothy Claeys, Baptiste Cottier, | |||
Cottier, Roman Danyliw, Martin Disch, Martin Duke, Donald Eastlake, | Roman Danyliw, Martin Disch, Martin Duke, Donald Eastlake 3rd, Lars | |||
Lars Eggert, Stephen Farrell, Loïc Ferreira, Theis Grønbech Petersen, | Eggert, Stephen Farrell, Loïc Ferreira, Theis Grønbech Petersen, | |||
Felix Günther, Dan Harkins, Klaus Hartke, Russ Housley, Stefan | Felix Günther, Dan Harkins, Klaus Hartke, Russ Housley, Stefan | |||
Hristozov, Marc Ilunga, Charlie Jacomme, Elise Klein, Erik Kline, | Hristozov, Marc Ilunga, Charlie Jacomme, Elise Klein, Erik Kline, | |||
Steve Kremer, Alexandros Krontiris, Ilari Liusvaara, Rafa Marín- | Steve Kremer, Alexandros Krontiris, Ilari Liusvaara, Rafa Marín- | |||
López, Kathleen Moriarty, David Navarro, Karl Norrman, Salvador | López, Kathleen Moriarty, David Navarro, Karl Norrman, Salvador | |||
Pérez, Radia Perlman, David Pointcheval, Maïwenn Racouchot, Eric | Pérez, Radia Perlman, David Pointcheval, Maïwenn Racouchot, Eric | |||
Rescorla, Michael Richardson, Thorvald Sahl Jørgensen, Zaheduzzaman | Rescorla, Michael Richardson, Thorvald Sahl Jørgensen, Zaheduzzaman | |||
Sarker, Jim Schaad, Michael Scharf, Carsten Schürmann, John Scudder, | Sarker, Jim Schaad, Michael Scharf, Carsten Schürmann, John Scudder, | |||
Ludwig Seitz, Brian Sipos, Stanislav Smyshlyaev, Valery Smyslov, | Ludwig Seitz, Brian Sipos, Stanislav Smyshlyaev, Valery Smyslov, | |||
Peter van der Stok, Rene Struik, Vaishnavi Sundararajan, Erik | Peter van der Stok, Rene Struik, Vaishnavi Sundararajan, Erik | |||
Thormarker, Marco Tiloca, Sean Turner, Michel Veillette, Mališa | Thormarker, Marco Tiloca, Sean Turner, Michel Veillette, Mališa | |||
Vučinić, Paul Wouters, and Lei Yan for reviewing and commenting on | Vučinić, Paul Wouters, and Lei Yan for reviewing and commenting on | |||
intermediate versions of the draft. We are especially indebted to | intermediate draft versions of this document. We are especially | |||
the late Jim Schaad for his continuous reviewing and implementation | indebted to the late Jim Schaad for his continuous reviewing and | |||
of early versions of this and other drafts. | implementation of early draft versions of this document. | |||
Work on this document has in part been supported by the H2020 project | Work on this document has in part been supported by the H2020 project | |||
SIFIS-Home (grant agreement 952652). | SIFIS-Home (grant agreement 952652). | |||
Authors' Addresses | Authors' Addresses | |||
Göran Selander | Göran Selander | |||
Ericsson AB | Ericsson AB | |||
SE-164 80 Stockholm | SE-164 80 Stockholm | |||
Sweden | Sweden | |||
End of changes. 665 change blocks. | ||||
2296 lines changed or deleted | 1758 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. |