TZI began development of tinydtls in 2011 to estimate the memory footprint of a minimal Datagram Transport Layer Security (DTLS) engine. At that time, the Constrained RESTful Environments (CoRE) working group in the IETF scrutinized various options for securing the Constrained Application Protocol (CoAP). One question addressed the applicability of DTLS together with two new cipher suites that have been proposed for resource-limited network nodes, i.e. TLS_PSK_WITH_AES_128_CCM_8 for Pre-Shared Key (PSK) mode, and TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 for Raw Public Key (RPK) mode. As these new cipher suites as well as the use of raw public keys in DTLS were still in an early phase of standardization, no known DTLS implementation provided support. It would not have been too hard to enhance existing open source DTLS implementations, though. But in turn, investigating the bare minimum that is required to run a minimal DTLS stack would have implied significant changes to the existing code. Developing the DTLS engine from scratch also allowed to support not only POSIX-compliant systems but also embedded operating systems such as Contiki. Since its initial release, tinydtls has become an important tool for experimenting with DTLS in constrained devices by users from academia as well as industry. It has been used as a blueprint and reference platform during development of other DTLS implementations such as Scandium and contiki-dtls, and is designed to integrate with libcoap, a widely deployed CoAP implementation in C. Bindings for other languages such as lua exist.
tinydtls provides a light-weight implementation of the DTLS protocol that can be used in devices with tight memory constraints, i.e. in the order of 100 KiB flash memory and about 10 KiB RAM. The cipher suites supported by tinydtls are limited to TLS_PSK_WITH_AES_128_CCM_8 and TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 that are mandatory-to-implement for CoAP. In scope:
- Integration of new cipher suites as they become available and are recommended for use with CoAP, e.g. the proposed TLS_ECDHE_PSK_WITH_AES_128_CCM_8 to achieve forward secrecy in the PSK mode of CoAP.
- Implementation of DTLS extensions that are useful in constrained environments, e.g. the maximum fragment length negotiation specified in RFC6066.
- Provide an interface for using hardware acceleration for cryptographic computations such as AES or ECC.
- Include optional lua binding for rapid prototyping of DTLS-enabled applications.
- Optimize memory usage and runtime behavior.
- Improve code quality, including error handling and robustness.
Out of scope:
- Development of new cipher suites.
- Implementing application logic except for example code that illustrates how to use the library.
- Support for CoAP's certificate mode.
tinydtls is a library for Datagram Transport Layer Security (DTLS) covering both the client and the server state machine. It is implemented in C and provides support for the mandatory cipher suites specified in CoAP.
Currently, the library is used by Wakaama to facilitate security on the transport layer. Wakaama and other CoAP implementations need DTLS support for secure communication at transport layer. Hosting the project at Eclipse can facilitate integration with other projects such as libcoap or Wakaama. Users that want to use DTLS with their Eclipse projects currently have to do the integration part by themselves. As this is a difficult task, errors that affect the overall security of their projects are more likely.
The library contains an implementation of the Rijndael algorithm (AES) from OpenBSD. The license information is available in the source file rijndael.c. The SHA256 implementation included with tinydtls is licensed under BSD (taken from Aaron D. Gifford). The implementation of the ECC curve secp256r1 was originally developed by Chris K Cockrum and has been put under MIT license. Additional contributions to tinydtls are from Hauke Mehrtens.