The CoAP is an internet application protocol specifically designed for a resource-limited IoT environment. The CoAP permits internet-based wider communication with similar protocols among the resource-limited IoT devices. Hence, efficient security is needed to secure the communication between such resource-limited IoT devices. The Datagram Transport Layer Security (DTLS) is mainly used to secure the CoAP.
The CoAP security is mainly separated into four categories that are NoSec, PreSharedKey, RawPublicKey, and Certificate. In the NoSeC type, there is no security provided using DTLS. In PreSharedKey based security, a list of preshared keys with DTLS is exploited. Hence, each key incorporates a communicating node list used to establish communication. The nodes should have to support the AES chipper suite. In the RawPublicKey type, the DTLS is enabled, and the nodes utilize a pair of asymmetric keys without any certificated to establish successful communication. Hence, the nodes should have support elliptic curve cryptography and AES chipper suite to exchange the keys among the nodes. Finally, the nodes exploit X 509 certificates to enable communication with DTLS in certificate-based models.
The DTLS is mainly used to enable secure communication via CoAP. Even though the DTLS is used to provide secure and lightweight communication, the CoAP lacks in supporting some of the security requirements. The DTLS fails in satisfying multicast communication. Moreover, the DTLS handshake protocol tends to exhaustion attacks. It tends the nodes to lose their roles in the network and affects the entire IoT communication. Moreover, the security features used in DTLS fail to ensure secure communication against replay attacks in all scenarios. Thus, new security mechanisms have been designed for CoAP.