Securing Application Layer Protocol CoAP using EDHOC and OSCORE under Contiki-NG OS

Authors

  • Rasha Ghadeer Tishreen University
  • Radwan Dandah Tishreen University
  • Ahmad Mahmoud Ahmad Tishreen University

Keywords:

Internet of Things, Constrained Application Protocol (CoAP), Security, Datagram Transport Layer Security (DTLS), OSCORE, EDHOC, Contiki-NG, Cooja.

Abstract

Securing the connection in IoT devices is an important research focus, Constrained Applications Protocol (CoAP) has received high attention as many IoT applications depend on it, but it suffers from some security vulnerabilities. Several protocols have been developed to protect CoAP, the most famous one is DTLS, which unfortunately imposes a great burden due to the limitations imposed on the capabilities of IoT devices. To overcome this problem, an alternative to DTLS protocol has recently been proposed. which consists of two novel protocols working side by side, the first one is Object Security for Constrained RESTful Environments (OSCORE) which provides authenticated encryption for the payload data, and the second is Ephemeral Diffie-Hellman Over COSE (EDHOC) which provides the symmetric session keys required for OSCORE. These protocols are relatively new and have few implementations.

This paper presents an implementation of EDHOC with OSCORE for CoAP protection under Contiki-NG OS, which is widely used for IoT restricted devices. The performance evaluation of the implementation is depicted on the Cooja simulator by comparing it with CoAP without protection from one hand and the use of DTLS from the other hand. The evaluation and comparison are effected in terms of latency and throughput. The results showed that the current implementation achieves key exchange for OSCORE protocol, and achieves the required protection for CoAP protocol, and gives lower latency and higher throughput compared to using DTLS.

Published

2022-08-02

How to Cite

1.
غدير ر, رضوان دنده, أحمد محمود أحمد. Securing Application Layer Protocol CoAP using EDHOC and OSCORE under Contiki-NG OS. Tuj-eng [Internet]. 2022Aug.2 [cited 2024Nov.23];44(3):169-87. Available from: https://journal.tishreen.edu.sy/index.php/engscnc/article/view/11748