CoAP—Application Layer Connection-Less Lightweight Protocol for the Internet of Things (IoT) and CoAP-IPSEC Security with DTLS Supporting CoAP

Abstract

The Constrained Application Protocol (CoAP) is a standard web transfer protocol. The CoAP runs over UDP, resulting in an unreliable message transport. CoAP offers a request/response communication model among application endpoints. The Internet Protocol Security (IPsec) can offer various security services like limited traffic flow confidentiality, anti-replay mechanism, access control, confidentiality, connection-less integrity, and data origin authentication. One way to use IPSec to secure the CoAP transactions can be Encapsulating Security Payload Protocol [RFC 2406] (IPSec-ESP). It can be a special case, if the hardware provisions encryption at layer 2 (it is the situation with some IEEE 802.15.4 radio chips). Another way can be, the 6LowPAN (IPv6 over Low-power Wireless Personal Area Networks) extension, for using the IPSec with Authentication Header (AH) [RFC 2402] and Encapsulation Security Payload (ESP). To give more security to the major User Datagram Protocol (UDP) well-known applications, Datagram Transport Layer Security (DTLS) runs on top of UDP instead of Transmission Control Protocol (TCP). The DTLS offers automatic key management, confidentiality, authentication, and data integrity. It also provisions wide range of dissimilar cryptographic algorithms. We have found that providing end-to-end security is not so easy, so we have developed a Secure Hybrid RSA (SHRSA) cipher. At present, we are using it in personal messaging scheme, and it is able to provide end-to-end security with efficiency and lightweight features. Later, this cipher can be used in lightweight and efficient communication scenario of Internet of Things (IoT) and Internet of Everything (IoE).