Investigate secure association and link protection #120
Description
For now, Mira has no security whatsoever. It would be interesting to investigate and build:
- a secure association mechanism, e.g., using EDHOC and ELA
- a secure frame protection layer, e.g. enveloping messages in a COSE_Encrpypt0 envelope with an AEAD algorithm
We could go further and expand (1) into:
1a. secure enrollment with EDHOC and ELA
2a. secure and fast (re-)association with EDHOC PSK (I am assuming we can re-use the session key obtained at (1a) and feed it as the PSK)
Other topics to discuss include:
- attestation over Mira, although that seems to be more of an application level issue (to be discussed)
- in the multi-gateway architecture, we don't want to execute enrollment (1a) for every handover; note that to achieve this, the gateways would need to sync the PSKs