Martine Lenders, Christian Amsüss, Cenk Gündogan, Marcin Nawrocki, Thomas C. Schmidt, Matthias Wählisch,
Securing name resolution in the IoT: DNS over CoAP,
Open Archive: arXiv.org, Technical Report, No. arXiv:2207.07486, July 2022.

Abstract: In this paper, we present the design, implementation, and analysis of DNS over CoAP (DoC), a new proposal for secure and privacy-friendly name resolution of constrained IoT devices. We implement different design choices of DoC in RIOT, an open-source operating system for the IoT, evaluate performance measures in a testbed, compare with DNS over UDP and DNS over DTLS, and validate our protocol design based on empirical DNS IoT data. Our findings indicate that plain DoC is on par with common DNS solutions for the constrained IoT but significantly outperforms when additional, CoAP standard features are used such as block-wise transfer or caching. With OSCORE for end-to-end security, we can save more than 10 kBytes of code memory compared to DTLS while enabling group communication without compromising the trust chain when using intermediate proxies or caches. We also discuss a scheme for very restricted links that compresses redundant or excessive information by up to 70%.

Topics: Internet of Things | Network Security | Internet Measurements and Analysis | Network Management


This page generated by bibTOhtml on Mo 4. Dez 14:41:18 CET 2023