Abstract: Authenticated key exchange protocols play a crucial role in the communication security stack of an Internet-of-Things (IoT) device: they authenticate the communicating parties and establish a shared symmetric secret between them. Following a large debate in the community, the Internet Engineering Task Force (IETF) has recently standardized a new protocol called EDHOC for authenticated key exchange targeting IoT environments. The EDHOC protocol performs a compact Diffie-Hellman key exchange handshake, requiring several times less bytes-over-the-air than the de-facto solution used in the Internet, the (D)TLS protocol. In this paper, we study how this reduction in message size correlates with the usage of other scarce resources in IoT environments: time, energy, and memory. We evaluate EDHOC and DTLS with different authentication configurations over two IoT radio technologies. First, we measure the EDHOC and DTLS handshakes on constrained hardware over an IEEE 802.15.4 radio. We observe that EDHOC achieves ×6 to ×14 reduction in packet sizes, ×1.44 improvement in handshake duration and ×2.79 reduction in energy consumed. Next, we simulate time on air on LoRaWAN networks and find that, in the most restrictive configuration (SF=12), DTLS uses at least ×7 more time on air than EDHOC. Finally, we measure flash memory and RAM usage, with the EDHOC implementation achieving a ×4 reduction in both.

Read the article : https://hal.science/hal-04382397