Hi,
I wish to study security protocols in IoT and how the impact the performance of constrained devices. My goal is to compare CoAP vs CoAPs (secured with DTLS). Recently I stumbled upon libcoap and I’ve tested in my Ubuntu the unsecured version
https://github.com/obgm/libcoap/tree/master
And the secured version (though it is seems really outdated)
https://github.com/obgm/libcoap/tree/dtls
Capturing the traffic using wireshark listening on the loopback interface, in the coap example it captured 2 packets the GET and the ACK with the resource, in the coaps example it captured a multitude of packets bounded to the handshake protocol.
Now I need to test in a constrained environment, I have some cc2538 motes, and the goal is to test using RIOT pushing the code in the motes (1 client-mote and 1 server-mote) studying the performance.
So basically I’m asking how can I integrate libcoap in RIOT OS and replicate the the above coap/coaps client-server example using RIOT (can’t find any libcoap examples inside RIOT/examples folder, though in RIOT/pkg there is the libcoap app).
If libcoap is not fit for the task can you suggest other implementations of CoAP client-server and CoAPs client-server? I’m really struggling to find DTLS implementation of CoAP.
For CoAPs/DTLS, please check in with @rfuentess or @moenoel. See their PRs – 9446 and 8610, respectively. As I understand it, the goal is to manage DTLS at the transport layer.
For libcoap, you should be able to just use that package in a project. I would try using one of the other examples as a template. Maybe someone else can point to a project they have created to get you started.
RIOT includes a couple of other related implementations, nanocoap and gcoap. See the examples folder and my overview [1]. Neither of them include specific DTLS adaptations, and I have not tried to use them with the PRs above.
Actually, I just noticed PR 9450, which discusses use of nanocoap and gcoap with DTLS. I need to follow-up on that PR myself. I’d say the timing of your question is pretty good.
For libcoap, you should be able to just use that package in a project. I would try using one of the other examples as a template. Maybe someone else can point to a project they have created to get you started.
Currently RIOT has support for tinyDTLS (used by libcoap) but I will suggest to use PR #7615 [1] instead of the current master. Libcoap is already included in RIOT as a package, so you can take that as a base for adding the secured version. However, issue #6038 [2] is of interest.
If you want to save some time you can try Moenoel’s work (PR #8610 [3]) as is already using er-coap (from contiki) and tinyDTLS (again, consider to use #7615). Yet, this is a LwM2M implementation.
Another alternative, is my old PR #7177 [4] (I think you are already using it), but the version used for tinyDTLS is not very stable, which is easy to fix. However, updating gcoap would be hard.
Finally and as Ken suggested, there is (the recently released) PR #9450 [5] which is making use of #7615. Nanocoap is working fine, however is only a CoAP server. And sadly, I’ll not have a client tested soon.
The DTLS branch is being superseded by the DTLS implementation in the
current develop branch which is in a pretty good shape and is scheduled
for release on 2018-08-10, see [1].
The libcoap package that is currently in RIOT is based on the late
release and therefore does not support DTLS. As the sock_secure and
tlsman PRs are being merged into RIOT, it should not be too hard to
integrate these with the new libcoap release.
