The International Arab Journal of Information Technology (IAJIT)


Security-aware CoAP Application Layer Protocol for the Internet of Things using Elliptic-Curve

Currently, the concept of the Internet of Things (IoT) has become more noticeable where it is being used in all aspects of life, such as home automation, smart cities, military surveillance, security, agriculture, healthcare, etc., However, the heterogeneity of the constrained devices and the complexity of the internet bring up the need for a security system to secure all the communications, data and participating things. In this paper, This paper proposed a lightweight secure Constrained Application Protocol (CoAP) using Elliptic Curve Cryptography (ECC) to transport security between IoT objects and the Resource Directory (RD). The advantage of using ECC is its compact key size enabling it to utilize a smaller key size compared to the other identification methods such as Rivest-Shamir-Adleman (RSA). This work mainly has two parts; the first part implements the CoAP using ECC and using RSA algorithms where the results have proven that using ECC much better than RSA in terms of energy saving. The second part of this paper shows the proposed evaluation function and focuses on the security services that were applied in the proposed protocol. The results show that authentication achieved a 75.3% energy savings, data integrity had a 55.7% energy saving and confidentiality achieved a 47% energy saving.

[1] Ahrary A., Ludena D., Horibe N., and Yang W., Iot-Security Approach Analysis For The Novel Nutrition-Based Vegetable Production And Distribution System, in Proceedings of the 3rd International Conference on Advanced Applied Informatics, Kitakyushu, pp. 185-189, 2014.

[2] Albalas F., Al- Soud M., and Almomani O., A Proposed Secure And Energy-Effictive Coap Application Layer Protocol For The Internet Of Things, in Proceedings of the International Arab Conference on Information Technology, Yassmine Hammamet, 2017.

[3] Alghamdi T., Lasebae A., and Aiash M., Security Analysis of The Constrained Application Protocol In The Internet Of Things, in Proceedings of Second International Conference on Future Generation Communication Technology, London, pp. 163- 168, 2013.

[4] Bhattacharyya A., Bose T., Bandyopadhyay S., Ukil A., and Pal A., LESS: Lightweight Establishment of Secure Session: A Cross-Layer Approach Using CoAP and DTLS-PSK Channel Encryption, in Proceedings of IEEE 29th International Conference on Advanced Information Networking and Applications Workshops, Gwangiu, pp. 682-687, 2015.

[5] Brachmann M., Garcia-Morchon O., and Kirsche M., Security For Practical Coap Applications: Issues And Solution Approaches, Technical Report, 2011

[6] Cao Z., Kovatsch M., Tian H., and He X., Energy Efficient Implementation of IETF Constrained Protocol Suite Draft-Ietflwig- Energy-Efficient-00, Technical Report, 2014.

[7] Colitti, W., Steenhaut, K., and De Caro, N. Integrating Wireless Sensor Networks With The Web, in Proceedings of Extending the Internet to Low power and Lossy Networks, Chicago, 2011.

[8] Curtis B., Delivering Security By Design in the Internet of Things, in Proceedings of the IEEE International Test Conference, Seattle, pp. 1-1, 2014.

[9] Dunkels, A.,, Last Visited, 2017.

[10] Kinney P,, Last Visited, 2016.

[11] Kerasiotis F., Prayati A., Antonopoulos C., Koulamas C., and Papadopoulos G., Battery Lifetime Prediction Model for a WSN Platform, in Proceedings of the 4th International Conference on Sensor Technologies and Applications, Venice, pp. 525-530, 2010.

[12] Kothmayr T., Security Architecture for Wireless Sensor Networks Based on DTLS, M.S. Thesis, the University of Augsburg, 2011.

[13] Kothmayr T., Schmitt C., Hu W., Brunig M., and Carle G., DTLS Based Security and Two-Way Authentication for the Internet of Things, Ad Hoc Networks, vol. 11, no. 8, pp. 2710-2723, 2013.

[14] Park J. and Kang N., Lightweight Secure Communication for Coap-Enabled Internet of Things Using Delegated DTLS Handshake, in Proceedings of the International Conference on Information and Communication Technology Convergence, Busan, pp. 28-33, 2014.

[15] Rahman A. and Dijk E., Group Communication for Coap, Technical Report, 2013.

[16] Raza S., Trabalza D., and Voigt T., 6LoWPAN compressed DTLS for CoAP, in Proceedings of IEEE 8th International Conference on Distributed Computing in Sensor Systems, Hangzhou, pp. 287-289, 2012.

[17] Raza S., Shafagh H., Hewage K., Hummen R., and Voigt T., Lithe: Lightweight Secure Coap For The Internet Of Things, IEEE Sensors Journal, vol.13, no.10, pp. 3711-3720, 2013.

[18] Ukil A., Bandyopadhyay S., Bhattacharyya A., Pal A., and Bose T. Lightweight security scheme for IoT applications using CoAP, International Journal of Pervasive Computing And Comunications, vol. 10, no. 4, pp. 372-392, 2014. The International Arab Journal of Information Technology, Vol. 15, No. 3A, Special Issue 2018 555 Firas ALbalas is an Assistant Professor at the Department of Computer Science, Jordan University of Science and Technology, Irbid, Jordan. He received his PhD in Computer Science from Glamorgan (South Wales) University, Cardiff, UK in 2009. His current research interests include Internet of Things, mobile computing, ad hoc networks and wireless sensor networks. Majd Al-Soud received here M. Sc. in Computer Science with excellence, from Jordan University of Science and Technology, Jordan. She is a research assistant and a part time lecturer at the Department of Computer Science, Jordan University of Science and Technology, Irbid, Jordan. Here current research interests are Computer Networks, Data mining, Information Retrieval and Software Engineering. Before obtaining her Master s degree she has worked as Computer engineer in Bradford and a programmer in Epkss. Omar Almomani received his PhD degree in computer Science from university Utara Malaysia, Malaysia (2010). He is currently and associate professor at The World Islamic Sciences and Education University (WISE), Amman, Jordan. his current research interests include network performance, network quality of service, wireless sensor networks and Grid computing. Ammar Almomani received PhD degree from UniversitySains Malaysia (USM) in 2013. He has published more than 45 research papers in International Journals and Conferences of high repute. Currently he is assistant professor and senior lecturer at Dept. of Information Technology, Al-Huson University College, Al-Balqa Applied University, Jordan. His research interest includes advanced Internet security and monitoring.