Implementation and Evaluation of Datagram Transport Layer Security (DTLS) for the Android Operating System
Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Smartphones are nowadays a tool that everyone posses. With the replacement of the IPv4 with the IPv6 it is possible to connect to the Internet an extremely large number of electronic devices. Those two factors are the premises to use smartphones to access those devices over a hybrid network, composed of Wireless Sensor Networks, IPv6-based Internet of Things, constrained networks and the conventional Internet. Some of these networks are very lossy and use the UDP protocol, hence the most suitable protocol to access resources is CoAP, a connection-less variant of the HTTP protocol, standardized as web protocol for the Internet of Things. The sensitivity of information and the Machine-to-Machine interaction as well as the presence of humans make the End-to-End security one of the requirements of the IPv6 Internet of Things. Secure CoAP (CoAPS) provide security for the CoAP protocol in this context. In this thesis secure CoAP for Android smartphones is designed implemented
and evaluated, which is at the moment the rst work that enables CoAPS for smartphones. All the cryptographic cipher suites proposed in the CoAP protocol, among which the pre-shared key and certicate-based authentications are implemented, using the Elliptic Curve Cryptography and the AES algorithm in the CCM mode. The feasibility of this implementation is evaluated on a Nexus phone, which takes the handshake time in order to exchange parameters to secure the connection to about ve seconds, and an increase from one to three seconds of the DTLS retransmission timer. A part for this initial delays the performances us-ing secure CoAP are comparable to the performances obtained using the same protocol without security. The implementation allows also to secure the UDP transport thanks to the DTLS implementation, allowing any potential application to exchange secure data and have mutual authentication.
Place, publisher, year, edition, pages
2013. , 61 p.
EES Examensarbete / Master Thesis
Electrical Engineering, Electronic Engineering, Information Engineering
IdentifiersURN: urn:nbn:se:kth:diva-119825OAI: oai:DiVA.org:kth-119825DiVA: diva2:612634
Master of Science - Information and Communication Systems Security