Fraile, Lidia Pocero; Koulamas, Christos; Fournaris, Apostolos P
abstract
Several lightweight protocols are being developed to secure communication in resource-constrained environments. Ephemeral Diffie-Hellman over COSE (EDHOC) plays a key role in this lightweight protocol family by managing the key establishment process. However, due to the vulnerability of the discrete logarithm problem to Shor’s algorithm, a quantum-resistant replacement for Diffie-Hellman is required. This work examines the quantum-resistant transition of EDHOC, focusing on its multiple authentication methods as a step toward enabling robust post-quantum security for IoT devices. A novel authentication method for EDHOC is introduced, utilizing Key Encapsulation Mechanisms (KEMs) as a replacement for the static Diffie-Hellman (DH) authentication method, providing a post-quantum signature-free alternative. Among existing post-quantum algorithms for both KEMs and signatures, the NIST-standardized ML-KEM offers the fastest implementation at the lowest memory cost, both of which are crucial for resource-constrained devices. While compatible with various post-quantum KEMs, the method can exploit the computational efficiency of ML-KEM to bring a PQ Signature-free EDHOC to highly constrained devices, providing the same security guarantees as classical EDHOC once the handshake is complete. Additionally, an efficient three-message handshake KEM-based EDHOC Initiator Known Responder (IKR) variant is proposed for environments with pre-established peer awareness.
