Lightweight Authenticated Key Exchange (lake)
| WG | Name | Lightweight Authenticated Key Exchange | |
|---|---|---|---|
| Acronym | lake | ||
| Area | Security Area (sec) | ||
| State | Active | ||
| Charter | charter-ietf-lake-03 Approved | ||
| Document dependencies | |||
| Additional resources |
GitHub Page Webpage Zulip stream |
||
| Personnel | Chairs | Mališa Vučinić, Renzo Navas | |
| Area Director | Christopher Inacio | ||
| Mailing list | Address | lake@ietf.org | |
| To subscribe | https://www.ietf.org/mailman/listinfo/lake | ||
| Archive | https://mailarchive.ietf.org/arch/browse/lake/ | ||
| Chat | Room address | https://zulip.ietf.org/#narrow/stream/lake |
Charter for Working Group
Background
Ephemeral Diffie-Hellman over COSE (EDHOC, RFC 9528) specifies a lightweight authenticated key exchange protocol between two peers. EDHOC is especially suited for constrained network environments such as NB-IoT, 6TiSCH, LoRaWAN, IEEE 802.15.4 and BLE.
By publishing the base protocol specification, RFC 9528, and detailed protocol traces, RFC 9529, the LAKE working group has completed its initial goals. The initial design scope of EDHOC focused on asymmetric authentication credentials (e.g., raw public keys and public key certificates) in order to streamline the working group activities. This left the work on authentication using symmetric keys, rekeying, as well as quantum resistance for a later stage. The working group will now tackle these points and continue to maintain and extend the EDHOC protocol.
Scope
The working group will define a Standards Track EDHOC rekeying protocol reusing the protocol elements from the base specification that uses symmetric keys for authentication, to make those usable both during a key update and a first-time key exchange.
The scope also includes the work on evaluating, and potentially adopting, documents that define new methods or new cipher suites. Works on specifying one or more EDHOC methods that are quantum-resistant, including where one or both parties are authenticated using a Key Encapsulation Mechanism (KEM), are in scope. Any such specified method must reuse the protocol elements from the base EDHOC specification. Potential algorithm candidates include accepted COSE algorithms, algorithms evaluated by the CFRG, as well as those that have undergone public review and evaluation processes, such as the US NIST Post-Quantum Cryptography (PQC) and Lightweight Cryptography (LWC) algorithms.
The work on maintenance of EDHOC also includes any relevant updates to the base specification, in which case the working group will publish Standards Track document(s). This includes the work on continuing to reduce transport overhead, e.g., using references or new credential types, but also any security-relevant updates to the base specification.
Within each protocol message, EDHOC provides External Authorization Data (EAD) fields. These fields may be used by external security applications to reduce
the number of messages and round trips, or to simplify processing. The working group will specify Standards Track documents with the following uses of EAD fields to augment the EDHOC key exchange:
- 3rd party-assisted authorization of EDHOC peers.
- Remote attestation of EDHOC peers, reusing as much as possible available work from the RATS and TLS working groups.
The working group will also work on a Standard Track means for coordinating the use and discovery of EDHOC application profiles, the definition of well-known application profiles and processing extensions through EDHOC’s defined extension points, such as registering new schemes and new EAD registrations.
In addition, the working group will work on an Informational document gathering implementation considerations and guidance for the base protocol specification.
Liaisons and Formal Analysis
The working group will work closely with other related working groups in the IETF. This includes for example CoRE, ACE, IOTOPS, PQUIP, COSE, CBOR, RATS, EMU, TLS, SEAT and 6LO. The group welcomes formal analysis to be performed on the documents that introduce cryptographically-relevant changes or additions to the EDHOC protocol.
Milestones
| Date | Milestone | Associated documents |
|---|---|---|
| Dec 2026 | EDHOC quantum-resistant methods submitted to IESG as Proposed Standard | |
| Dec 2026 | 3rd party-assisted authorization of EDHOC submitted to IESG as Proposed Standard |
draft-ietf-lake-authz
|
| Jun 2026 | Application profiles document submitted to IESG as Proposed Standard |
draft-ietf-lake-app-profiles
|
| Jun 2026 | EDHOC rekeying protocol submitted to IESG as Proposed Standard |
draft-ietf-lake-edhoc-psk
|
| Jun 2026 | Implementation considerations and guidance submitted to IESG as Informational RFC |
draft-ietf-lake-edhoc-impl-cons
|
| Mar 2026 | Remote attestation of EDHOC peers submitted to IESG as Proposed Standard |
draft-ietf-lake-ra
|