Abstract: CoAP (Constrained Application Protocol) is a lightweight web services-based protocol like HTTP for IoT devices. CoAP requires proxies or gateways for the deployment of a fully end-to-end paradigm between end-clients (Web-browsers) and end-nodes (Sensors/Actuators). A proxy acts as a CoAP endpoint to perform communication on behalf of the client with the existing Internet, where translation between the two protocol schemes i.e. HTTPs and CoAPs occurs. If CoAP Proxy is compromised, various attacks are possible which can lead to loss of Confidentiality and Integrity of the IoT system. To provide the customized security to CoAP Proxy, End-to-End Encryption between CoAPs client and HTTPs server is used. To enforce access control mechanism the server stores the access details of the clients during the installation itself. In the next step the server verifies the identity of the client and exchanges its public key to continue the session. Public Key Cryptography is used for encryption and the identifiers are provided through X.509 certificates. The implementation is resistant to various attacks like replay attacks, meet-in-the-middle attack, etc. For encryption, we use Elliptic Curve Cryptography (ECC), which provides a higher-level security compared to the existing encryption techniques like RSA, AES, etc. by using shorter key length and thus, resulting in less computational overhead. A Java-based system is developed to study and evaluate the proposed mechanism. It is also verified for various claims (attacks) using a popular security protocol verification tool, namely, Scyther.
Keywords: CoAP, CoAP Proxy, ECC, Scyther.
Title: An End to End Lightweight Encryption Scheme at CoAP Proxy in an IoT Environment
Author: Swapnika Dulam, Ramanaiah O.B.V
International Journal of Computer Science and Information Technology Research
ISSN 2348-1196 (print), ISSN 2348-120X (online)
Research Publish Journals