nRF51 IoT SDK
|
The Datagram Transport Layer Security (DTLS) defines transport layer security for datagram protocols thereby providing communications privacy for datagram protocols. The DTLS protocol is based on the Transport Layer Security (TLS) protocol and provides equivalent security guarantees. TLS assumes a reliable transport and breaks when re-hosted on an unreliable transport. DTLS aims at fixing this problem by proposing changes to allow reordering of packets and implement retransmission timers to handle packet loss.
CoAP defines DTLS bindings for secure communication. Just as HTTP is secured using Transport Layer Security (TLS) over TCP, CoAP is secured using Datagram TLS (DTLS) [RFC6347] over UDP (see Figure 1).
+----------------------+ | Application | +----------------------+ +----------------------+ | CoAP | +----------------------+ +----------------------+ | DTLS | +----------------------+ +----------------------+ | UDP | +----------------------+ Figure 1: DTLS-Secured CoAP
nRF51 IoT SDK uses tinyDTLS implementation 0.8.0 for DTLS. tinyDTLS provides a light-weight implementation of the DTLS protocol that can be used in devices with tight memory constraints. The cipher suites supported by tinydtls are limited to TLS_PSK_WITH_AES_128_CCM_8 and TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 that are mandatory-to-implement for CoAP. For more details, see http://tinydtls.sourceforge.net/
nRF51 IoT SDK includes examples enabling DTLS for both CoAP Server and Client Examples.
CoAP Server and Client Example applications detailed below: