# Background

Ephemeral Diffie-Hellman over COSE (EDHOC, RFC 9528) specifies a lightweight authenticated key exchange protocol between two peers. EDHOC is especially suited for constrained network environments such as NB-IoT, 6TiSCH, LoRaWAN and BLE. 

By publishing the base protocol specification, RFC 9528, and detailed protocol traces, RFC 9529, the LAKE working group has completed its initial goals. The initial design scope of EDHOC focused on asymmetric authentication credentials (e.g., raw public keys and public key certificates) in order to streamline the working group activities. This left the work on authentication using symmetric keys, rekeying as well as quantum resistance for a later stage. The working group will now tackle these points and continue to maintain and extend the EDHOC protocol.

# Scope

The working group will define a Standards Track EDHOC rekeying protocol reusing the protocol elements from the base specification that uses symmetric keys for authentication, to make those usable both during a key update and a first-time key exchange.

The scope also includes the work on evaluating, and potentially adopting, documents that define new methods or new cipher suites using COSE algorithms, provided they meet the criteria for IETF consensus. Works on specifying one or more EDHOC methods that are quantum-resistant, including where one or both parties are authenticated using a Key Encapsulation Mechanism (KEM), are in scope. Any such specified method must reuse the protocol elements from the base EDHOC specification. Potential algorithm candidates include algorithms evaluated by the CFRG, as well as those that have undergone public review and evaluation processes, such as the NIST Post-Quantum Cryptography (PQC) and Lightweight Cryptography (LWC) algorithms. 

The work on maintenance of EDHOC also includes any relevant updates to the base specification, in which case the working group will publish Standards Track document(s). This includes the work on continuing to reduce transport overhead, e.g., using references or new credential types, but also any security-relevant updates to the base specification.

Within each protocol message, EDHOC provides External Authorization Data (EAD) fields. These fields may be used by external security applications to reduce
the number of messages and round trips, or to simplify processing. The working group will specify Standards Track documents with the following uses of EAD fields to augment the EDHOC key exchange:

- 3rd party-assisted authorization of EDHOC peers.
- Remote attestation of EDHOC peers, reusing as much as possible available work from the RATS and TLS working groups.

The working group will also work on a Standard Track means for coordinating the use and discovery of EDHOC application profiles, the definition of well-known application profiles and processing extensions through EDHOC’s defined extension points, such as registering new schemes and new EAD registrations.

In addition, the working group will work on an Informational document gathering implementation considerations and guidance for the base protocol specification.

# Liaisons and Formal Analysis

The working group will work closely with other related working groups in the IETF. This includes for example CoRE, ACE, IOTOPS, PQUIP, COSE, CBOR, RATS, EMU. The group welcomes formal analysis to be performed on the documents that introduce cryptographically-relevant changes or additions to the EDHOC protocol.