Technical report about content object security online
We published a study about "IoT Content Object Security with OSCORE and NDN: A First Experimental Comparison", including CoAP/DTLS as baseline.
News from Jan 24, 2020
- Cenk Gündogan, Christian Amsüss, Thomas C. Schmidt, Matthias Wählisch,
IoT Content Object Security with OSCORE and NDN: A First Experimental Comparison,
Open Archive: arXiv.org, Technical Report, No. arXiv:2001.08023, January 2020.
The emerging Internet of Things (IoT) challenges the end-to-end transport of the Internet by low power lossy links and gateways that perform protocol translations. Protocols such as CoAP or MQTT-SN are weakened by the overhead of DTLS sessions, which in common deployment protect content transfer only up to the gateway. To preserve end-to-end content security throughout gateways and proxies, the IETF CoRE working group recently developed OSCORE as an extension to CoAP, which adds content object security features commonly known from Information Centric Networks (ICN).
This paper presents a comparative analysis of protocol stacks that protect request-response transactions. We measure protocol performances of CoAP over DTLS, OSCORE, and the information-centric Named Data Networking (NDN) protocol on a large-scale IoT testbed in single- and multi-hop scenarios. Our findings indicate that (a) OSCORE improves on CoAP over DTLS in error-prone wireless regimes due to omitting the overhead of maintaining security sessions at endpoints, and (b) NDN attains superior robustness and reliability due to its intrinsic network caches and hop-wise retransmissions.