• Security
• IoT

The Internet of Things (IoT) is a powerful technology that is rapidly expanding. A lot of challenges are still open due to the limitations of the devices used, characterized by having very low computation capability and energy constraints. The security aspect is without doubts one of the most complex field to deal with since, due to the constrained nature, it is very hard to design a secure yet lightweight protocol.
In this thesis, the security aspect has been studied for the routing layer. Protect the network topology and routing data is a necessary condition for the proper functioning of the entire network. RPL, the standardized routing protocol for IoT, supports two security modes: preinstalled and authenticated. Mechanisms governing Authenticated mode are still not defined since they are out of scope to the RPL specification. The aim of this thesis it to design, implement and evaluate such system.
Our proposed solution is a secure but lightweight protocol for nodes authentication and keys distribution. The authentication protocol consists of a symmetric-key based protocol, built and implemented according to a RESTful model trough the CoAP protocol. Moreover, the CoAP Observing feature has been exploited in order to design the related key exchange protocol. The current Contiki RPL implementation has been opportunely extended in order to support the new protocol and to make it operate in authenticated mode. Finally, the overall system has been tested and evaluated in order to figure out how the network gets heavier by using our proposed security mechanisms