One of IoT's most emerging application protocols is Constrained Application Protocol (CoAP). The CoAP runs over UPD but not on the TCP, so it is suitable for resource-restricted IoT tiny devices. Link error causes network congestion and packet loss problems in IoT. It makes an impact on the CoAP performance. The basic design of CoAP aims at solving such challenges. However, some shortcomings in maintaining the network performance level, especially when the link error is high. There are various extensions are provided in CoAP, such as
1. Block Wise Transfer in CoAP.
2. CoAP over TCP, TLC, and Web Sockets.
3. Extended Tokens and Stateless Clients in CoAP.
Resource Observation using CoAP:
• One of the main applications of IoT deploying CoAP is environment resource observation. A temperature receiving server may act as a CoAP server, which successfully collects the temperature details from the environment.
• The CoAP client can utilize the RESTful methods for querying the CoAP server. CoAP clients send a request to the server to get a particular resource value. To improve the efficiency of resource observation, an efficient CoAP should be designed.
CoAP Communication in Different Applications:
• CoAP is employed in various applications, for example, designing an international healthcare platform in conjunction with some healthcare standards. The CoAP server acts as a healthcare data collector in healthcare, and in IIoT, it acts as an industrial server.
• CoAP enables the communication between medical sensors placed on the body of patients. CoAP is a lighter IoT protocol and helps implement the healthcare application without much CPU, battery, and memory resources.
• Healthcare sectors need high-quality communication to save patients' life. It is important to avoid packet loss due to network collision and congestion.
Binary Exponential Backoff (BEB):
Congestion control with default CoAP can be implemented using Binary Exponential Backoff (BEB) algorithm. With BEB, the CoAP congestion issue cannot be solved completely. However, it lacks in supporting the burst traffic scenarios. It is important to enhance the BEB on CoAP by considering the network dynamic conditions.
Using Bio-Inspired Algorithms:
It is essential to monitor the network congestion and adjust the congestion window size accordingly. It can be done using congestion ratio and loss ratio information metrics, and they need to be appended to the confirmable message.
Bio-inspired techniques, like the ACO technique, can effectively optimize the CoAP with congestion control scheme and reduce the consumption of node resources.
Leveraging Bandwidth-Delay Product for Congestion Control:
It estimates bottleneck bandwidth and round-trip propagation time in connection establishment and limits network congestion.
Rate-Based Congestion Control Mechanism:
As per the network dynamics, a suitable and effective data rate for each node is allocated to avoid network congestion and packet loss.
It varies the transmission rate instead of congestion window size and limits the network congestion control using a token bucket mechanism.
CoAP Congestion Control Scheme Considering Strong and Weak RTT:
This type of congestion control scheme incorporates three Round Trip Time (RTT) estimators: weak RTT estimator, strong RTT estimator, and failed RTT estimator. The strong and failed RTT denotes the successful packet delivery and dropping, respectively. The Weak RTT represents the node-level congestion delay.
CoAP congestion control scheme using message loss feedback:
A count of lost messages in the network is used to limit the network traffic and attempt to avoid network congestion.
Adaptive CoAP Congestion Control Algorithm Genetic Algorithm-based Congestion Control in CoAP:
RTT plays a vital role in CoAP congestion control. Using the genetic algorithm, RTT minimum is used instead of RTT maximum, and genetic algorithm-based congestion control takes communication decisions based on the RTT comparison between previous and current scenarios.
Delay gradient-based congestion control:
Gradient of RTT measurements over time is used as the congestion control factor in CoAP. It eliminates the need for strong and weak RTO and uses periodic information about delay gradients in congestion control.
Context-aware congestion control approach:
It differentiates the packet loss scenario induced by the bit error and congestion. It helps in making a correct decision on RTT measurement and congestion control.
Content Freshness-Based Congestion Control:
Based on the recently received acknowledgment, the content freshness-based congestion control measures RTT and avoids network congestion effectively.
Security is a critical issue in CoAP implementation. The CoAP is used to implement security services such as authentication, authorization, and access control.
The malicious users can spoof the identity of legitimate publishers and subscribers. CoAP solves this problem in default by configuring the features, such as user name and password, to each client separately. Authentication can be achieved using,
• Nonce and
• Randomly generated numbers
Authorization defines access rights to a resource. Without proper authorization, a user cannot access the messages from the CoAP server.
Confidentiality and Integrity:
Mostly, the CoAP is built on top of UDP, and it is used as the transport protocol in IoT. By default, it does not use encryption and hashing schemes. It means that an attacker can listen to the packets transmitted on the network.
Symmetric (AES, PRESENT, DES, and FBC) and asymmetric methods (RSA and ECC) have been used for MQTT in IoT.
⮚ CoAP Security Using DTLS
• A widely used security protocol with Constrained Application Protocol (CoAP) is Datagram Transport Layer Security (DTLS).
• Compression techniques used in DTLS ensure more security in CoAP.
• A secure handshake process is provided using a secure service manager.
⮚ Optimized Version of DTLS
• It improves the basic cookie exchange strength during the handshake process in CoAP/DTLS.
• It takes a decision based on the capacity of devices at the server before allocating the resources to the smart sensor.
• It explores Elliptic Curve Cryptography (ECC) optimizations and minimizes ROM occupancy.
⮚ Enhanced DTLS for CoAP Security
• An enhanced DTLS separates DTLS Handshaking and Encryption and improves the CoAP security.
• AES is used for data encryption and decryption process.
• It reduces the delay, especially during the handshake process.
⮚ Smart Gateway Based Authentication in DTLS/CoAP
• The DTLS protocol includes a base protocol, record layer, handshake protocol, ChangeCipherSpec, and alert protocol.
• Smart gateway is responsible for authorization and authentication by incorporating the heartbeat extension.
• It can improve communication security and reliability.
⮚ Simplified Handshake protocol of DTLS (DTLShps)
• DTLShps explores the advantages of software-defined networking and mitigates the computational overhead of the Smart sensors significantly.
• It involves the controller for generating symmetric keys and the distribution of keys to the communicating Smart sensors.
• A powerful controller is used in the process of certificate verification.
• The controller replaces the DTLS server for exchanging the cookies with the DTLS sensor device.
Symmetric Key based CoAP Security:
• AES is applied to CoAP security, and the payload embedded method reduces the overhead of secure CoAP protocol.
• It uses the Cipher Block Chaining (CBC) mode.
• Auth-lite-based CoAP security protects the CoAP from DoS attacks, replay attacks, man-in-the-middle attacks, and information disclosure attacks.
Flexible ECC Based CoAP Security:
• A flexible ECC-based CoAP solves the issues related to the key management and insecure communication channel.
• It establishes secure session communication using public and private keys.
• It explores small size secret keys for encryption, reducing the ciphertext length.
DES Algorithm for CoAP Security:
• Data Encryption Standard (DES) applies symmetric key block cipher with Feistel structure.
• The plaintext and key sizes are 64-bit and 56 bits, respectively, and the number of rounds are 26.
• DES algorithm does not provide flexibility in Feistel structure and does not support any modification to support various IoT applications.
M-SSE Based CoAP Security:
• M-SSE is a complex algorithm, and it is difficult to break such an algorithm by attackers.
• It involves many-valued logic and variable block length in the encryption algorithm.
• The total number of rounds is five, and each round performs different operations.
• The first round performs the gamma and permutations procedures, and others do substitution and gamma procedures.
Super Encryption for CoAP Security:
• Super-encryption cryptography combines the International Data Encryption Algorithm (IDEA) and Word Auto Key Encryption (WAKE) algorithm.
• The super encryption technique consists of two or more symmetric cryptographic algorithms to ensure more security for IoT data.
TEA Based CoAP Security:
• The Tiny Encryption Algorithm (TEA) is famous for resource-restricted IoT communication.
• A novel tiny symmetric encryption algorithm (NTSA) improves the TEA and security of IoT networks by providing additional key confusion for each round of encryption.
Blockchain technique for CoAP Security:
• Distributed blockchain and centralized Blockchain are used in CoAP security scheme provisioning.
• In the way of data storage, the Blockchain provides secure data storage for both servers and clients.
• It helps in improving data confidentiality and integrity.
• Protecting only the payload paves to malicious attacks and impacts CoAP message security.
• MAC provides distinction between header parts of CoAP is needed, and it differentiates meta-data from the payload.
• Ciphertext–policy attribute-based encryption scheme-The CP-ABE associates the node's secret key with íts corresponding attributes and ciphertext with an access policy.
• The receiving nodes can decrypt the ciphertext only when the access policy satisfies the defined one.
• Key-Policy attribute-based encryption scheme enables the senders to encrypt messages with attributes and secret keys associated with access structures that denote the ciphertext to be decrypted by the key holder.
The performance of the CoAP protocol is evaluated using the metrics of Packet Delivery Ratio, Packet Loss, Throughput, Control Overhead, Message Size Overhead, Delay, and Energy Consumption.