Secure group communication for the IoT

Important results from the project

The project goal was to develop and demonstrate a prototype, enabling secure end-to-end group communication for the IoT, using IETF open standard proposals. Security services included: Group OSCORE, to protect messages sent in a device group; and the authorized secure joining and key management of groups using the ACE framework. The project met its goal, by developing the security services above as SW modules, and then building and demonstrating a prototype where communications in two device groups are protected. Progress was made also on the related open standard proposals.

Expected long term effects

The result of the project was the developed and demonstrated prototype, where devices composing two groups securely communicated end-to-end over Multicast IP. The groups included lights to switch on/off at once and locks to close/release at once. Devices accessed their group in an authorized way and protected their communications end-to-end with Group OSCORE. Our open SW implementation sets the ground for future official integration into open source libraries. The project also helped moving forward the standardization of the considered security solutions in the IETF.

Approach and implementation

We implemented the considered security services as SW modules for the Californium library. Then, we designed the prototype with two device groups, which was presented and demonstrated to Vinnova, in January 2020. During the project, we improved the considered security solutions as such. This relied on feedback from our implementation, as well as from tests, discussions and presentations at the regular IETF meetings that both project partners attended. The project has greatly benefited from frequent interactions between the partners, face-to-face and as remote meetings.