Textdokument
Application Layer Security for the IoT
Lade...
Volltext URI
Dokumententyp
Dateien
Zusatzinformation
Datum
2021
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Quelle
Verlag
Gesellschaft für Informatik, Bonn
Zusammenfassung
Security for the mostly constrained devices forming the IoT is an active field of research. In this paper, we propose two CoAP Options, HMAC1/HMAC2 and Crypt1/Crypt2 complementing our previous work on Lightweight Capability Based Access Control (LCap). This results in a lightweight, flexible, and complete solution for application layer security for CoAP nodes with severely limited memory. In our evaluation, we show that a pure software implementation without cryptographic hardware acceleration is feasible for practical use on highly constrained IoT devices. Due to mostly idiomatic use of cryptography, existing security analyses apply to our proposal. Our security framework was designed with ample focus on reducing the complexity of the system, which allows lean implementations and simplifies security reviews. This makes LCap based security a good fit for security in the IoT.