Certificate based keying scheme for DTLS secured IoT

Document Type Expired Internet-Draft (individual)
Authors Pawani Porambage , Pradeep Kumar  , Andrei Gurtov  , Mika Ylianttila  , Erkki Harjula 
Last updated 2014-06-12 (latest revision 2013-12-09)
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The IP-based Internet of Things (IoT) stands for the universal interconnection of smart objects and back end users with the help of IP protocols. Secure key management among the smart objects is an important aspect of IoT security. Due to the high levels of resource constraints of the devices in terms of memory, battery capacity and CPU power, and other network characteristics such as mobility, scalability, heterogeneity and limited bandwidth, the conventional security protocols cannot be directly deployed in IoT networks in their raw formats. We propose a lightweight DTLS-based keying mechanism for CoAP IoT smart objects which supports the scalability of the network and node mobility. In addition to the key establishment part the protocol also provides node authentication. The protocol consumes less device resources and minimum network bandwidth by incurring low message overhead. The smart objects can securely access the network and obtain certificates after an initial configuration irrespective of the manufacturer standards.


Pawani Porambage (pporamba@ee.oulu.fi)
Pradeep Kumar (pkumar@ee.oulu.fi)
Andrei Gurtov (gurtov@ee.oulu.fi)
Mika Ylianttila (mika.ylianttila@ee.oulu.fi)
Erkki Harjula (erkkih@ee.oulu.fi)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)