TY - RPRT
T1 - Formal Analysis of EDHOC Key Establishment for Constrained IoT Devices
AU - Bruni, Alessandro
AU - Normann, Karl
AU - Sundararajan, Vaishnavi
PY - 2020/7/22
Y1 - 2020/7/22
N2 - The IETF is standardizing an authenticated key establishment (AKE) protocol named EDHOC for constrained IoT devices. In contrast to more powerful devices like web cameras and cars, which receive a lot of media attention, such devices operate under severe energy consumption and message size restrictions. EDHOC was first formally analyzed in 2018 by Bruni et al. Since then, the protocol has been significantly extended and now has three new key establishment methods. In this paper, we formally analyze all methods of EDHOC in a symbolic Dolev-Yao model, using the Tamarin verification tool. We show that the different methods provide sensible, but also rather heterogeneous security properties, and discuss various consequences of this. Our work has also led to improvements in the design and the specification of EDHOC.
AB - The IETF is standardizing an authenticated key establishment (AKE) protocol named EDHOC for constrained IoT devices. In contrast to more powerful devices like web cameras and cars, which receive a lot of media attention, such devices operate under severe energy consumption and message size restrictions. EDHOC was first formally analyzed in 2018 by Bruni et al. Since then, the protocol has been significantly extended and now has three new key establishment methods. In this paper, we formally analyze all methods of EDHOC in a symbolic Dolev-Yao model, using the Tamarin verification tool. We show that the different methods provide sensible, but also rather heterogeneous security properties, and discuss various consequences of this. Our work has also led to improvements in the design and the specification of EDHOC.
KW - Authenticated Key Establishment (AKE) Protocol
KW - Constrained IoT Devices
KW - Tamarin Verification Tool
KW - Symbolic Dolev-Yao Model
KW - EDHOC Security Analysis
KW - Authenticated Key Establishment (AKE) Protocol
KW - Constrained IoT Devices
KW - Tamarin Verification Tool
KW - Symbolic Dolev-Yao Model
KW - EDHOC Security Analysis
M3 - Report
BT - Formal Analysis of EDHOC Key Establishment for Constrained IoT Devices
ER -