Ephemeral Diffie-Hellman Over COSE
RFC 9528, “Ephemeral Diffie-Hellman Over COSE”, is a Proposed Standard document published in March 2024 by G. Selander, J. Preuß Mattsson, F. Palombini. The canonical text is published by the RFC Editor.
Abstract
This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a very compact and lightweight authenticated Diffie-Hellman key exchange with ephemeral keys. EDHOC provides mutual authentication, forward secrecy, and identity protection. EDHOC is intended for usage in constrained scenarios, and a main use case is to establish an Object Security for Constrained RESTful Environments (OSCORE) security context. By reusing CBOR Object Signing and Encryption (COSE) for cryptography, Concise Binary Object Representation (CBOR) for encoding, and Constrained Application Protocol (CoAP) for transport, the additional code size can be kept very low.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 9528 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9527 DHCPv6 Options for the Homenet Naming Authority
- RFC 9529 Traces of Ephemeral Diffie-Hellman Over COSE
- RFC 9526 Simple Provisioning of Public Names for Residential Networks
- RFC 9530 Digest Fields
- RFC 9531 Path Steering in Content-Centric Networking and Named Data Networking
- RFC 9524 Segment Routing Replication for Multipoint Service Delivery
- RFC 9532 HTTP Proxy-Status Parameter for Next-Hop Aliases
- RFC 9523 A Secure Selection and Filtering Mechanism for the Network Time Protocol with Khronos