Implementation and evaluationof the ACE DTLS framework : Reducing the authentication workload of a constrained device

Abstract: IoT-devices are becoming more advanced and powerful than ever, and the applicationpotential is increasing rapidly. It is starting to become normal to have IoT-devices takingover mundane jobs such as controlling the climate at home, or monitoring e.g the water us-age of a household. These devices are usually constrained to be as cheap and primitive asthe task allows. Most of the time, they are only used to send collected data which only re-quires a one way secure channel. However, in order to apply updates or manage the deviceremotely, the communication has to be secured both ways. There are multiple suggestionson how a two way secure channel can be established while still operating on a constraineddevice. Each security specializes in its own area e.g privacy, scalability, or simplicity. Thispaper will describe how to implement the ACE-DTLS framework and analyze the perfor-mance with respect to energy consumption and security. While ACE-DTLS is quite simpleto implement without having to understand the complex math of a key exchange, it comeswith the cost of a high overhead in order to establish a secure two way connection. It mightnot be the best suited framework for small amount of data transfers available.