Research On Lightweight IoT Secure Transport Protocol

The new round of Internet development is characterized by the Internet of Everything as the main feature.Io T terminals generally suffer from deficiencies and constraints in computing power,power supply and network bandwidth,making the traditional TCP and HTTP protocols of the PC Internet and mobile Internet encounter greater challenges.For this reason,the IETF has designed and developed the UDP-based CoAP protocol to support network communication of Io T devices,however,CoAP/UDP itself is not designed with security mechanisms to However,CoAP/UDP itself is not designed with security mechanisms to ensure the confidentiality and integrity of transmitted data.Under unicast communication scenarios,on the one hand,CoAP/UDP replaced by secure UDP protocol faces the constraint of excessive resource occupation of secure transport protocol DTLS;on the other hand,some parts of secure transport protocol DTLS are incompatible with multicast communication scenarios and restrict the authority of application layer,so the security of CoAP protocol under multicast communication cannot be guaranteed.To this end,this paper designs corresponding lightweight Io T secure transmission network communication protocols for different communication scenarios.The contributions of this paper are summarized as follows:(1)In response to the fact that the traditional DTLS protocol implementation process requires many computational resources and relies on a heavy public key infrastructure,this paper designs a lightweight DTLS protocol,CL-DTLS(Certificate Less DTLS),based on discrete logarithms for improved certificate-free public key ciphers.This protocol replaces the key negotiation process in the traditional DTLS handshake phase with a certificateless public key,eliminating the need for an authority to issue public key certificates and saving significant computing resources.In this paper,the code implementation of the protocol is carried out on Wolf SSL,an embedded SSL library.Based on the protocol implementation,the communication overhead and handshake connection time overhead of the protocol are compared with the traditional DTLS protocol based on public key certificates and DTLS protocol based on identity markers,and the efficiency of the CL-DTLS protocol is verified.(2)To address the problem that the key negotiation and session establishment aspects of DTLS in the CoAP protocol security model under unicast communication are incompatible with the multicast communication scenarios and restrict the application layer privileges,this paper designs a secure and improved CoAP protocol based on elliptic curve ciphers-S-CoAP(Secure Session for CoAP).The protocol enables two-way authentication and the establishment of secure sessions between the client and the server,with a series of question/response and encryption/decryption calculations between the client and the server based on lightweight elliptic curve ciphers.The correctness of the protocol was verified through HLPSL-based AVISPA simulations,and the efficiency of the S-CoAP protocol was verified by comparing the communication overhead and computational overhead of the protocol on the basis of a software implementation.