Lakers: production-grade EDHOC for the IoT, in Rust

Mon, 30 Sep 2024 00:00:00 +0000

What it is

Lakers is a Rust implementation of EDHOC (RFC 9528) — a compact authenticated key-exchange protocol designed for constrained IoT devices. Lakers runs both on full systems (Linux/macOS) and on baremetal microcontrollers (Nordic nRF52/nRF53), with bindings in C (lakers-c) and Python (lakers-python). It also implements ELA, the IETF draft I co-author for zero-touch IoT enrollment.

What I built

I have driven Lakers as primary maintainer from April 2023 to October 2024, contributing the bulk of the design, code, and releases:

Refactor Core EDHOC engine — flexibilize message processing and parsing, add EAD support and error handling, keep it no_std compatible
C FFI (lakers-c) for embedding in C/C++ projects, with auto-generated headers via cbindgen
Python bindings (lakers-python) via PyO3 + maturin, multiplatform CI/CD publishing wheels to PyPI
Reference implementation of ELA — used to demo zero-touch IoT enrollment at IETF 119 (Brisbane)
Crypto agility — maintaining pluggable backends: pure-Rust, ARM PSA, Nordic CryptoCell
Formal verification with Hax / F* (collaboration with Inria Prosecco and Cryspen) - proving panic-freedom and parser robustness
Integration adoption — used by aiocoap (the canonical Python CoAP library) and RIOT-rs (CoAP+EDHOC+OSCORE on embedded Rust)

Why it’s hard

EDHOC is a concise protocol on paper but a hard one to ship well:

It must fit into a few kB of RAM on a microcontroller while staying robust against parser bugs
It must compile to both std (servers, tests) and no_std baremetal targets
It must be callable from C and Python without leaking a memory-safety mess across the FFI boundary
The Rust embedded crypto ecosystem is fragmented — different backends, different APIs, different platforms
Formal verification of the parser was a multi-month collaboration with type-theory experts to make the Rust code amenable to F* proofs

Numbers

80k+ downloads across crates.io and PyPI
Used in 5+ academic papers
3 language bindings: Rust, C (incl. C++ via Brian Sipos, Johns Hopkins), Python
3 crypto backends: pure-Rust, PSA, Nordic CryptoCell
Production users: aiocoap, RIOT-rs

Publications

Performance Comparison of EDHOC and DTLS 1.3 in Internet-of-Things Environments. G. Fedrecheski, M. Vučinić, T. Watteyne. IEEE WCNC 2024, Dubai. [Paper] — used Lakers to show ×6–14 smaller packets, ×1.4 faster handshakes, ×2.8 less energy than DTLS 1.3.