Lithe: Lightweight Secure CoAP for the Internet of Things
1 like802 views
This document presents a master's thesis on a lightweight and secure CoAP protocol for the Internet of Things, focusing on mitigating issues related to limited processing power, storage, and bandwidth. It discusses a new header compression scheme for DTLS in 6LoWPAN environments, aiming to reduce overhead and improve efficiency without compromising security. The evaluation demonstrates significant reductions in packet size and resource requirements, enhancing performance in IoT applications.
Lithe: Lightweight Secure CoAP for the Internet of Things
- 1. Lithe: Lightweight Secure CoAP for the Internet of Things Master’s Degree 29th Park. Joon-young
- 2. Contents • Introduction • Backgrounds • Scheme • Implementation • Evaluation • Conclusion • Question & Answer
- 3. Introduction Limited Processing Power Limited Storage Low Bandwidth Inefficient Energy Sensors will have..
- 4. Backgrounds IPv6 over Low-power Wireless Personal Area Network IEEE 802.15.4 / a.k.a Zigbee UDP Based IPHC / NHC (IP/Next Header Compression) Well-designed Header Compression Automatic Key Management Data Encryption Integrity Protection Authentication DTLS is Heavy (Not suitable for IoT) 6LoWPAN CoAP / DTLS
- 5. CoAP • Substitutes HTTP’s RESTful structure on UDP • GET, POST, PUT, DELETE.. • Cacheing, Proxing
- 6. DTLS
- 7. DTLS
- 8. DTLS-6LoWPAN • Define a new NHC for UDP with different ID bits. • Extension to the 6LoWPAN standard. • UDP payloads contains compressed DTLS Headers
- 9. 6LoWPAN-NHC-RHS / R • Version (V) • Epoch (EC) • Sequence Number (SN) • Fragment (F) Record + Handshake / Record only
- 10. 6LoWPAN-NHC-CH • Session ID (SI) • Cookie (C) • Cipher Suites (CS) • Compression Methods (CM) ClientHello
- 12. 6LoWPAN-NHC-SH • Session ID (SI) • Cookie (C) • Cipher Suites (CS) • Compression Methods (CM) ServerHello
- 13. 6LoWPAN-NHC • ServerHelloDone / ClientKeyExchange / Finish have no fields to be compressed. • ServerKeyExchange is mostly not sent Other Messages
- 14. Integration • OS - Contiki • tinyDTLS - TLS_PSK_WITH_AES_128_CCM_8 • Platform - WiSMote
- 15. Contiki • OpenSource OS since 2002 • For networked, memory- constrained system (IoT) • needs 10k RAM / 30k ROM
- 16. Integration • pre-configured default DTLS port is used • DTLS Port • ID bits in NHC-for-UDP • NHC for DTLS headers Input Packets Output Packets Distinguishing packets whether DTLS or not
- 17. Evaluation - Packet Size Reduction
- 18. Evaluation - RAM & ROM Requirement
- 21. Evaluation - Run-Time Performance RTT(Radio Trip Time) / RDC(Radio Duty Cycling)
- 22. Conclusion • Reducing overhead of DTLS using 6LoWPAN header compression • The first DTLS header compression specificatino for 6LoWPAN • Reduce the CoAPs overhead and gain efficiency for energy consumption and network-wide response time. • Avoid 6LoWPAN fragmentation, we did not compromised against possible attacks.