IETF recommends E+H’s Internet security protocol

CPace won a competition among submissions from several companies
Dec. 1, 2020

The cryptography working group in the Internet Engineering Task Force standards organization reported Oct. 27 that it picked CPace protocol from Endress+Hauser as a recommended method for use in Internet standards. After undergoing security analyses, CPace won a competition among submissions from several companies.

To use Bluetooth communications in industrial environments, security experts at Endress+Hauser identified a need for additional protection, and developed CPace, which is a password-authenticated key exchange (PAKE) method. Among other things, PAKE is used with German electronic ID cards to largely decouple cryptographic security levels from the length of a password. This allows the processing power of even the smallest field instrument to provide devices and industrial systems, with the best level of protection against cyberattacks. This gives CPace a high degree of acceptance among users because the desired level of security can be achieved without relying on long passwords.

Sign up for Control eNews
Get the latest news and updates