CoAP supports multiple authentication options for device-to-device communication. This can be paired with Datagram-TLS (D-TLS) for higher-level confidentiality and authentication services.
CoAP defines multiple security modes based on the types of cryptographic material used: https://tools.ietf.org/html/rfc7252#section-9:
Mode |
Description |
NoSec |
There is no protocol-level security as DTLS is disabled. This mode may be sufficient if used in cases where alternate forms of security can be enabled, for example, when IPsec is being used over a TCP connection or when a secure link layer is enabled; however, the authors do not recommend this configuration. |
PreSharedKey |
DTLS is enabled and there are pre-shared keys that can ... |