Requirements for a Lightweight AKE for OSCORE: IETF Internet Draft

draft-ietf-lake-reqs-04This document compiles the requirements for a lightweight authenticated key exchange protocol for OSCORE. This draft has completed a working group last call (WGLC) in the LAKE working group. Post-WGLC, the requirements are considered sufficiently stable for the working group to proceed with its work. It is not currently planned to publish this draft as an RFC

RFC9031: Constrained Join Protocol (CoJP) for 6TiSCH

International audienceThis document describes the minimal framework required for a new device, called a "pledge", to securely join a 6TiSCH (IPv6 over the Time-Slotted Channel Hopping mode of IEEE 802.15.4) network. The framework requires that the pledge and the JRC (Join Registrar/Coordinator, a central entity), share a symmetric key. How this key is provisioned is out of scope of this document. Through a single CoAP (Constrained Application Protocol) request-response exchange secured by OSCORE (Object Security for Constrained RESTful Environments), the pledge requests admission into the network, and the JRC configures it with link-layer keying material and other parameters. The JRC may at any time update the parameters through another request-response exchange secured by OSCORE. This specification defines the Constrained Join Protocol and its CBOR (Concise Binary Object Representation) data structures, and it describes how to configure the rest of the 6TiSCH communication stack for this join process to occur in a secure manner. Additional security mechanisms may be added on top of this minimal framework

Trickle-D: High Fairness and Low Transmission Load with Dynamic Redundancy

International audienceEmbedded devices of the Internet of Things form the so-called low-power and lossy networks. In these networks, nodes are constrained in terms of energy, memory and processing. Links are lossy and exhibit a transient behavior. From the point of view of energy expenditure, governing control overhead emission is crucial and is the role of the Trickle algorithm. We address Trickle's fairness problem to evenly distribute the transmission load across the network, while keeping the total message count low. First, we analytically analyze two underlying causes of unfairness in Trickle networks: desynchronization among nodes and non-uniform topologies. Based on our analysis, we propose a first algorithm whose performance and parameters we study in an emulated environment. From this feedback, we design a second algorithm TrickleD that adapts the redundancy parameter to achieve high fairness while keeping the transmission load low. We validate TrickleD in real-life conditions using a large scale experimental testbed. TrickleD requires minimal changes to Trickle, zero user input, emits 17.7% less messages than state-of-the-art and 37.2% less messages than state-of-practice, while guaranteeing high fairness across the network

Lightweight Authorization for Authenticated Key Exchange: IETF Internet Draft

draft-selander-ace-ake-authz-04This document describes a procedure for augmenting the authenticated Diffie-Hellman key exchange EDHOC with third party assisted authorization targeting constrained IoT deployments (RFC 7228)

Protecting EST Payloads with OSCORE: IETF Internet Draft

draft-selander-ace-coap-est-oscore-04This document specifies public-key certificate enrollment procedures protected with lightweight application-layer security protocols suitable for Internet of Things (IoT) deployments. The protocols leverage payload formats defined in Enrollment over Secure Transport (EST) and existing IoT standards including the Constrained Application Protocol (CoAP), Concise Binary Object Representation (CBOR) and the CBOR Object Signing and Encryption (COSE) format

6TiSCH Minimal Scheduling Function: Performance Evaluation

International audience6TiSCH is a standardization group within the Internet Engineering Task Force (IETF) that works on IPv6-enabled Time-slotted Channel Hopping (TSCH) networks. The 6TiSCH protocol stack, designed by the standardization work at the IETF, has direct applicability to low-power Internet of Things (IoT) use cases, including smart factory, building, infrastructure and home applications. A key component of the 6TiSCH stack is the Minimal Scheduling Function (MSF). MSF implements a traffic adaptation algorithm which allocates link-layer resources, i.e. cells in the TSCH schedule, according to the traffic load. MAX_NUMCELL is an important parameter defined in the MSF draft standard which determines the length of the running window used to measure cell usage. MSF draft standard does not recommend a value of MAX_NUMCELL to use. This paper provides recommendations on how to choose the value of MAX_NUMCELL, validated through simulation. For periodic traffic , setting MAX_NUMCELL to at least 4 times the traffic load is recommended to increase efficiency. For bursty traffic, we show that setting MAX_NUMCELL to a small value achieves a low end-to-end latency but at high communication overhead. In addition, an improved version of MSF is implemented and tested, which shows a 44% reduction in the communication overhead, considering MAX_NUMCELL = 4, while maintaining the same end-to-end latency

Key Performance Indicators of the Reference 6TiSCH Implementation in Internet-of-Things Scenarios

International audienceTens of thousands of wireless industrial monitoring deployments exist today, logging more than 18 billion operating hours. These solutions have been around for over a decade and are based on standards such as WirelessHART and ISA100.11a to provide performance guarantees to the applications. The new trend in industry deployments is the convergence of operational and information technologies happening through the Industrial Internet of Things (IIoT) paradigm. The challenge is to bridge the performance of these well-proven industrial standards with the interoperability of IP-based systems. The Internet Engineering Task Force (IETF), the organization behind most of the technical solutions of the Internet, has produced a set of specifications with this requirement in mind. The output of this effort is the 6TiSCH protocol stack based on open standards, such as those that have played a key role in the Internet's ubiquitous adoption. The standardization of 6TiSCH is done. The state-of-the-art research work focus is on important, but niche, optimizations and performance evaluations of the 6TiSCH stack. This paper takes a different approach-it evaluates the performance of the standards-compliant 6TiSCH solution from the end user point of view. It does so on two experimental testbeds, in typical IoT test scenarios based on a well-defined experimentation methodology. We provide a set of Key Performance Indicators (KPIs) useful for the end user to decide whether the 6TiSCH technology is a good fit performance-wise for a particular use case. We demonstrate reliability of a vanilla open-source implementation of 6TiSCH above 99.99%, upstream latency on the order of a second and radio duty cycle well below 1%

Industrial IoT with Crystal-Free Mote-on-Chip

International audienc

Academic tutor

681 rue de la Passerelle Bernard TOURANCHEA

Lightweight Authenticated Key Exchange with EDHOC

International audienceThe Internet Engineering Task Force (IETF) and its Lightweight Authenticated Key Exchange working group have produced a solution that enables public-key based authenticated key exchange over the most constrained Internet of Things radio communication technologies.We describe the Ephemeral Diffie-Hellman over COSE (EDHOC) protocol, its expected security properties, and invite the community for a formal study