Ephemeral Diffie-Hellman Over COSE (EDHOC) is designed to be a compact and lightweight authenticated key exchange protocol, providing mutual authentication, forward secrecy, and identity protection. EDHOC aims at being suitable for low-power networks such as cellular IoT, 6TiSCH, and LoRaWAN. In this paper, we perform a security analysis of the last draft of EDHOC (draft 23). We analyse the full protocol including its four different authentication methods. Our results show that the security of the authenticated key exchange in EDHOC depends essentially on that of the authenticated encryption algorithm used during that phase. Finally, we provide more precise estimates of the computational security bounds for all authentication methods in EDHOC so that meaningful choices of quantitative parameters can be done to instantiate the protocol securely.