A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Lightweight Establishment of Secure Session (LESS) on CoAP Authors : Abhijan Bhattacharyya Soma Bandyopadhyay Arijit Ukil Tulika Bose Arpan Pal Filename : draft-bhattacharyya-dice-less-on-coap-00.txt Pages : 15 Date : 2015-04-17 Abstract: This draft presents an experimental work proposing a lightweight secure session establishment scheme to mutually authenticate two endpoints and share the session key. It works on symmetric cryptosystem with pre-shared secret between the endpoints during provisioning. The main algorithm is proposed as a generic concept. This draft further describes how the generic concept can be modeled as simple CoAP request/response pairs. Thus the proposed scheme enables CoAP with inherent security which might be useful for object security without requiring any secure transport. Still further, this draft demonstrates how the scheme could be integrated with the record encryption mechanism of DTLS-PSK. It reuses the DTLS session parameter structure without any modification. Thus channel security for the whole application message can be provided. So the scheme is a cross-layer mechanism such that the session establishment is performed in CoAP and channel encryption is performed in the transport layer reusing only the record encryption mechanism of DTLS-PSK. The scheme uses all standard encryption libraries. The lightweight nature and performance improvement is demonstrated with some supporting comparative results. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-bhattacharyya-dice-less-on-coap/ There's also a htmlized version available at: http://tools.ietf.org/html/draft-bhattacharyya-dice-less-on-coap-00 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt