IETF recommends E+H’s Internet security protocol

The cryptography working group in the Internet Engineering Task Force standards organization reported Oct. 27 that it picked CPace protocol from Endress+Hauser as a recommended method for use in Internet standards. After undergoing security analyses, CPace won a competition among submissions from several companies.

To use Bluetooth communications in industrial environments, security experts at Endress+Hauser identified a need for additional protection, and developed CPace, which is a password-authenticated key exchange (PAKE) method. Among other things, PAKE is used with German electronic ID cards to largely decouple cryptographic security levels from the length of a password. This allows the processing power of even the smallest field instrument to provide devices and industrial systems, with the best level of protection against cyberattacks. This gives CPace a high degree of acceptance among users because the desired level of security can be achieved without relying on long passwords.