Multicast communication has been recently supported by the constrained application protocol (CoAP), for the purpose of managing and controlling a group of homogeneous sensor devices. It can improve the efficiency… Click to show full abstract
Multicast communication has been recently supported by the constrained application protocol (CoAP), for the purpose of managing and controlling a group of homogeneous sensor devices. It can improve the efficiency of communication and reduce bandwidth requirements for several Internet of Things (IoT) and industrial IoT (IIoT) applications. To prevent unauthorized access to the sensing/actuating devices, both unicast and multicast CoAP messages should be secured to guarantee both confidentiality and integrity. For unicast CoAP applications, the datagram TLS (DTLS) Handshake can be applied for mutual authentication and session key derivation. However, it cannot be used for multicast CoAP applications since it is basically applied between two CoAP endpoints. Especially, two kinds of keys, a group key and a set of pairwise keys, are required to secure the multicast CoAP messages. In this article, the security architecture and associated protocols for multicast CoAP security are proposed. With the exchange of a pair of multicast CoAP messages, the group key and the set of pairwise keys can be established between a CoAP client and a set of CoAP servers without employing the DTLS Handshake. The security and performance analysis show that it is a viable solution for multicast CoAP applications even over the unreliable user datagram protocol.
               
Click one of the above tabs to view related content.