Skip to main content

DTLS-based Multicast Security for Low-Power and Lossy Networks (LLNs)

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Sye Keoh , Sandeep Kumar , Esko Dijk
Last updated 2013-04-18 (Latest revision 2012-10-15)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Wireless IP-based systems will be increasingly used for building control systems in the future where wireless devices interconnect with each other, forming low-power and lossy networks (LLNs). The CoAP/6LoWPAN standards are emerging as the de-facto protocols in this area for resource-constrained devices. Both multicast and security are key needs in these networks. This draft presents a method for securing multicast communication in LLNs based on the DTLS security protocol which is already present in CoAP devices. This is achieved by using unicast DTLS-protected communication channel to distribute keying material and security parameters to group members. Group keys consisting of a Traffic Encryption Key (TEK) and a Traffic Authentication Key (TAK) are generated by group members based on the keying material received. A group member uses its DTLS record layer implementation to encrypt a multicast message and provide message authentication using the group keys before sending the message via IP multicast to the group.


Sye Keoh
Sandeep Kumar
Esko Dijk

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)