Secure Two-Way DTLS-Based Group Communication in the IoT
draft-tiloca-dice-secure-groupcomm-00

Document Type Expired Internet-Draft (individual)
Last updated 2016-04-16 (latest revision 2015-10-14)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-tiloca-dice-secure-groupcomm-00.txt

Abstract

CoAP has emerged as the de-facto IoT standard for communication involving resource-constrained devices composing Low-power and Lossy Networks (LLNs). CoAP mandates the adoption of the DTLS protocol to secure unicast communication. However, in several IoT application scenarios involving a group of multiple devices, the adoption of CoAP multicast communication through IPv6 results in a number of advantages, especially in terms of performance and scalability. Yet, CoAP does not specify how to secure multicast group communication in an interoperable way. This draft presents a method to secure communication in a multicast group, through an adaptation of the DTLS record layer. In particular, group members rely on the same group keying material in order to secure both request messages sent via multicast and possible unicast messages sent as response. Since the group keying material is provided upon joining the group, all group members are not required to perform any DTLS handshake with each other. The proposed method makes it possible to provide either group authentication or source authentication of secured messages.

Authors

Marco Tiloca (marco@sics.se)
Shahid Raza (shahid@sics.se)
Kirill Nikitin (kirill.nikitin@epfl.ch)
Sandeep Kumar (sandeep.kumar@philips.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)