Protect your IoT Communication with OSCORE & EDHOC

Unlock the potential of IETF Technology with Open Source.

Did you know?
Recognizing the limitations of (D)TLS is crucial in IoT settings.

Constrained Application Protocol (CoAP) is a RESTful protocol tailored for IoT devices with restricted computing and communication capabilities. CoAP applies different approaches, such as using proxies, to achieve these characteristics.However, the use of proxies requires the termination of (D)TLS channels between clients and servers, resulting in the incapacity to establish end-to-end confidentiality, integrity, and authenticity for the exchanged data.In addition, many (D)TLS implementations require a large amount of memory, processing capability, and storage, making them unsuitable for smaller IoT devices based on constrained microcontrollers.

Do we have a solution?

To tackle this challenges, the Internet Engineering Task Force (IETF) has recently introduced an innovative solution. This solution consists of two new protocols.

Object Security for Constrained RESTful Environments (OSCORE)

OSCORE provides authenticated encryption on top of CoAP. It allows proxy operations and translations between different transport protocols without exposing sensitive payload.

Ephemeral Diffie-Hellman over COSE (EDHOC)

EDHOC is a mutually authenticated key exchange protocol utilized for generating symmetric keys for OSCORE. It supports pre-shared public keys, X.509 certificates, CBOR-encoded certificates, CWT and CSS.

What do we deliver?
Full-service offering.

Software features

Eriptic Technologies has developed and maintains an open-source implementation of OSCORE and EDHOC, called uoscore-uedhoc specifically tailored for constrained microcontrollers. The uoscore-uedhoc has the following features:

  1. A permissive software license (MIT or Apache 2), allowing commercial use.

  2. Small message sizes, starting at approximately 100 Bytes for a complete handshake.

  3. Minimal footprint of around 40 KBytes, inclusive of the crypto library.

  4. Low RAM requirements of approximately 5 KBytes.

  5. Swift execution times, beginning from about 1 second for a full handshake using X.509 certificates on a Cortex M4 @ 64MHz.

  6. Flexible integration of various crypto-engines, such as MbedTLS, Tynycrypt, on-chip crypto-accelerators and discrete secure elements.

Expert guidance

Eriptic Technologies provides specialized consultancy services in IoT security, with a particular emphasis on uoscore-uedhoc. Our offerings encompass:

  1. Tailored threat analysis for unique customer use cases.

  2. Designing security architecture for embedded systems.

  3. Developing custom embedded security solutions.

  4. Integration of uoscore-uedhoc to designated customer platforms.

Get in touch

Do you have any questions? Are you interested in learning more about strengthening your IoT communication with OSCORE and EDHOC? Or perhaps you just want to share your thoughts with us.
In any case, feel free to reach out !

© Eriptic Technologies. All rights reserved.