Zenoh Protocol Security Analysis

Zenoh is a communication protocol designed to efficiently facilitate data exchange, storage, and computation across diverse computing environments — from powerful servers in data centers to resource-constrained microcontrollers in IoT devices. Its primary objective is to enable seamless integration and operation of systems throughout the entire cloud-to-microcontroller continuum, overcoming limitations inherent to existing protocols that frequently create isolated "connectivity islands."
Given the critical nature of network protocols and technology infrastructures, it is essential to thoroughly analyze and comprehend Zenoh's security architecture. This article provides a security analysis of the Zenoh protocol, specifically within an automotive sector context, examining scenarios where data traverses nodes outside the direct control and trust boundaries of the OEM. The analysis leverages a lightweight threat modeling approach, accounting for adversaries with varying levels of access and capabilities. Additionally, the article includes a focused case study of a compromised router scenario, uncovering a security gap within Zenoh stemming from its current lack of support for End-to-End Encryption (E2EE).