Message Size Overhead of CoAP Security Protocols

This document analyzes and compares per-packet message size overheads when using different security protocols to secure CoAP over UPD and TCP . The analyzed security protocols are DTLS 1.2 , DTLS 1.3 , TLS 1.2 , TLS 1.3 , and OSCOAP . The DTLS and TLS record layers are analyzed with and without compression. DTLS are analyzed with two different alternatives ( and ) for header compression.

To enable comparison, all the overhead calculations in this section use AES-CCM with a tag length of 8 bytes, a plaintext of 6 bytes, and the sequence number ‘05’. This follows the example in , Figure 16.

This example is taken directly from , Figure 16. The nonce follow the strict profiling given in .

DTLS 1.2 gives 29 bytes overhead.

Note that the compressed overhead is dependent on the parameters epoch, sequence number, and length. The following is only an example. Note that the sequence number ‘01’ used in , Figure 15 gives an exceptionally small overhead that is not representative at all. Note that this header compression is not available when DTLS is exchanged over transports that do not use 6LoWPAN together with 6LoWPAN-GHC.

When compressed with 6LoWPAN-GHC, DTLS 1.2 with the above parameters (epoch, sequence number, length) gives 16 bytes overhead.

When compressed with raza-6lo-compressed-dtls, DTLS 1.2 with the above parameters (epoch, sequence number) gives 13 bytes overhead.

The only change compared to DTLS 1.2 is that the DTLS 1.3 record layer does not have an explicit nonce.

DTLS 1.3 gives 21 bytes overhead.

Note that the overhead is dependent on the parameters epoch, sequence number, and length. The following is only an example. Note that this header compression is not available when DTLS is exchanged over transports that do not use 6LoWPAN together with 6LoWPAN-GHC.

When compressed with 6LoWPAN-GHC, DTLS 1.3 with the above parameters (epoch, sequence number, length) gives 14 bytes overhead.

Note that the compressed overhead is dependent on the parameters epoch and sequence number. The following is only an example. Note that this header compression is not available when DTLS is exchanged over transports that do not use 6LoWPAN together with raza-6lo-compressed-dtls. Note that this header compression is not available when DTLS is exchanged over transports that do not use 6LoWPAN together with raza-6lo-compressed-dtls.

When compressed with raza-6lo-compressed-dtls, DTLS 1.3 with the above parameters (epoch, sequence number) gives 13 bytes overhead.

The changes compared to DTLS 1.2 is that the TLS 1.2 record layer does not have epoch and sequence number, and that the version is different.

TLS 1.2 gives 21 bytes overhead.

Note that the overhead is dependent on the parameters epoch, sequence number, and length. The following is only an example. Note that this header compression is not available when TLS is exchanged over transports that do not use 6LoWPAN together with 6LoWPAN-GHC.

When compressed with 6LoWPAN-GHC, TLS 1.2 with the above parameters (epoch, sequence number, length) gives 17 bytes overhead.

The change compared to TLS 1.2 is that the TLS 1.3 record layer uses a different version.

TLS 1.3 gives 21 bytes overhead.

Note that the overhead is dependent on the parameters epoch, sequence number, and length. The following is only an example. Note that this header compression is not available when TLS is exchanged over transports that do not use 6LoWPAN together with 6LoWPAN-GHC.

When compressed with 6LoWPAN-GHC, TLS 1.3 with the above parameters (epoch, sequence number, length) gives 17 bytes overhead.

Note that the overhead is dependent on the included CoAP Option numbers, if the CoAP method allows payload, as well as the length of the OSCOAP parameters Sender ID and sequence number. The below calculation uses Method = POST, Option Delta = ‘9’, and Sender ID = ‘25’, and is only an example.

OSCOAP with the above parameters gives 13 bytes overhead for requests and 9 bytes overhead for responses. Unlike DTLS and TLS, OSCOAP has much smaller overhead for responses than requests.

The compression overhead (GHC) is dependent on the parameters epoch, sequence number, and length. The following overheads should be representative for sequence numbers with the same length. The compression overhead (raza-6lo-compressed-dtls) is dependent on the length of the parameters epoch and sequence number. The following overheads apply for all sequence numbers with the same length. The OSCOAP overhead is dependent on the included CoAP Option numbers, if the CoAP method allows payload, as well as the length of the OSCOAP parameters Sender ID and sequence number.

DTLS 1.2 has quite a large overhead as it uses an explicit sequence number and an explicit nonce. DTLS 1.3, TLS 1.2, and TLS 1.3 have significantly less overhead. Both DTLS compression methods provides very good compression. raza-6lo-compressed-dtls achieves slightly better compression but requires state. GHC is stateless but provides slightly worse compression. As DTLS 1.3 uses the same version number as DTLS 1.2, both GHC and raza-6lo-compressed-dtls works well also for DTLS 1.3. The Generic Header Compression (6LoWPAN-GHC) is not very generic (the static dictionary is more or less a DTLS record layer) and the compression of TLS is significantly worse than the compression of DTLS. Similar compression levels as for DTLS could be achieved also for TLS, but this would require different static dictionaries for each version of TLS (as TLS 1.2 and TLS 1.3 uses different version numbers). The header compression is not available when (D)TLS is exchanged over transports that do not use 6LoWPAN together with 6LoWPAN-GHC or raza-6lo-compressed-dtls. OSCOAP has much lower overhead than DTLS and TLS. The overhead of OSCOAP is smaller than DTLS over 6LoWPAN with compression, and this small overhead is achieved even on deployments without 6LoWPAN or 6LoWPAN without DTLS compression. OSCOAP is lightweight because it makes use of some excellent features in CoAP, CBOR, and COSE.

This document is purely informational.

The authors want to thank Ari Keränen for reviewing previous versions of the draft.