Skip to main content

Lightweight Authenticated Key Exchange

The information below is for an older proposed charter
Document Proposed charter Lightweight Authenticated Key Exchange WG (lake) Snapshot
Title Lightweight Authenticated Key Exchange
Last updated 2019-09-25
State Start Chartering/Rechartering (Internal Steering Group/IAB Review) Rechartering
WG State Proposed
IESG Responsible AD Paul Wouters
Charter edit AD Benjamin Kaduk
Send notices to (None)


Constrained environments using OSCORE in network environments such as
NB-IoT, 6TiSCH, and LoRaWAN need a ‘lightweight’ authenticated key
exchange (LAKE) that enables forward security.  'Lightweight' refers to:

  * resource consumption, measured by number of round-trips to complete,
    bytes on the wire, wall-clock time to complete, or power consumption
  * the amount of new code required on end systems which already have an
    OSCORE stack

but the LAKE must still provide the security properties expected of IETF


This working group is intended to be a narrowly focused activity
intended to produce at most one LAKE for OSCORE usage and close.

The working group will collaborate and coordinate with other IETF WGs
such as ACE, CORE, 6TISCH, and LPWAN to understand and validate the
requirements and solution.  draft-selander-ace-cose-ecdhe is a candidate
starting point for the LAKE produced by the WG.  Any work available from
the TLS WG that satisfies the determined requirements will also be
evaluated for suitability.

Program of Work

The deliverables of this WG are:

1. Design requirements of the lightweight authenticated key exchange
protocol for OSCORE (this draft will not be published as an RFC but will be
used to drive WG consensus on the deliverable (2))

2. Specify a lightweight authenticated key exchange protocol suitable for
use in constrained environments using OSCORE