HOME

TheInfoList



OR:

Constrained Application Protocol (CoAP) is a specialized Internet application protocol for constrained devices, as defined i
RFC 7252
It enables those constrained devices called "nodes" to communicate with the wider Internet using similar protocols. CoAP is designed for use between devices on the same constrained network (e.g., low-power, lossy networks), between devices and general nodes on the Internet, and between devices on different constrained networks both joined by an internet. CoAP is also being used via other mechanisms, such as SMS on mobile communication networks. CoAP is an application-layer protocol that is intended for use in resource-constrained Internet devices, such as
wireless sensor network Wireless sensor networks (WSNs) refer to networks of spatially dispersed and dedicated sensors that monitor and record the physical conditions of the environment and forward the collected data to a central location. WSNs can measure environmental c ...
nodes. CoAP is designed to easily translate to
HTTP The Hypertext Transfer Protocol (HTTP) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, ...
for simplified integration with the web, while also meeting specialized requirements such as
multicast In computer networking, multicast is group communication where data transmission is addressed to a group of destination computers simultaneously. Multicast can be one-to-many or many-to-many distribution. Multicast should not be confused with ...
support, very low overhead, and simplicity. Multicast, low overhead, and simplicity are important for
Internet of things The Internet of things (IoT) describes physical objects (or groups of such objects) with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other comm ...
(IoT) and
machine-to-machine Machine to machine (M2M) is direct communication between devices using any communications channel, including wired and wireless. Machine to machine communication can include industrial instrumentation, enabling a sensor or meter to communicate the ...
(M2M) communication, which tend to be embedded and have much less memory and power supply than traditional Internet devices have. Therefore, efficiency is very important. CoAP can run on most devices that support UDP or a UDP analogue. The Internet Engineering Task Force (
IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and a ...
) Constrained RESTful Environments Working Group
CoRE
has done the major standardization work for this protocol. In order to make the protocol suitable to IoT and M2M applications, various new functions have been added.


Specification

The core of the protocol is specified in . Various extensions have been proposed, particularly: * (2015) Observing Resources in the Constrained Application Protocol * (2016) Block-Wise Transfers in the Constrained Application Protocol (CoAP) * (2018) CoAP (Constrained Application Protocol) over TCP, TLS, and
WebSocket WebSocket is a computer communications protocol, providing full-duplex communication channels over a single TCP connection. The WebSocket protocol was standardized by the IETF as in 2011. The current API specification allowing web applications ...
s * (2021) Extended Tokens and Stateless Clients in the Constrained Application Protocol (CoAP)


Message formats

CoAP makes use of two message types, requests and responses, using a simple, binary header format. CoAP is by default bound to UDP and optionally to
DTLS Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications by allowing them to communicate in a way designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol i ...
, providing a high level of communications security. When bound to UDP, the entire message ''must'' fit within a single datagram. When used with
6LoWPAN 6LoWPAN (acronym of "IPv6 over Low-Power Wireless Personal Area Networks") in '6LoWPAN: The Embedded Internet', Shelby and Bormann redefine the 6LoWPAN acronym as "IPv6 over lowpower wireless area networks," arguing that "Personal" is no longer rel ...
as defined in RFC 4944, messages ''should'' fit into a single
IEEE 802.15.4 IEEE 802.15.4 is a technical standard which defines the operation of a low-rate wireless personal area network (LR-WPAN). It specifies the physical layer and media access control for LR-WPANs, and is maintained by the IEEE 802.15 working group, ...
frame to minimize fragmentation. The smallest CoAP message is 4 bytes in length, if the token, options and payload fields are omitted, i.e. if it only consists of the CoAP header. The header is followed by the token value (0 to 8 bytes) which may be followed by a list of options in an optimized type–length–value format. Any bytes after the header, token and options (if any) are considered the message payload, which is prefixed by the one-byte "payload marker" (0xFF). The length of the payload is implied by the datagram length.


CoAP Fixed-Size Header

The first 4 bytes are mandatory in all CoAP datagrams, they constitute the fixed-size header. These fields can be extracted from these 4 bytes in C via these macros: #define COAP_HEADER_VERSION(data) ( (0xC0 & (data) >> 6 ) #define COAP_HEADER_TYPE(data) ( (0x30 & (data) >> 4 ) #define COAP_HEADER_TKL(data) ( (0x0F & (data) >> 0 ) #define COAP_HEADER_CLASS(data) ( ((data) >> 5) & 0x07 ) #define COAP_HEADER_CODE(data) ( ((data) >> 0) & 0x1F ) #define COAP_HEADER_MID(data) ( ((data) << 8) , (data) )


Version (ver) (2 bits)

:Indicates the CoAP version number.


Type (2 bits)

:This describes the datagram's message type for the two message type context of Request and Response. :* Request :** 0 : Confirmable : This message expects a corresponding acknowledgement message. :** 1 : Non-confirmable : This message does not expect a confirmation message. :* Response :** 2 : Acknowledgement : This message is a response that acknowledge a confirmable message :** 3 : Reset : This message indicates that it had received a message but could not process it.


Token length (4 bits)

:Indicates the length of the variable-length Token field, which may be 0–8 bytes in length.


Request/response code (8 bits)

The three most significant bits form a number known as the "class", which is analogous to the class of HTTP status codes. The five least significant bits form a code that communicates further detail about the request or response. The entire code is typically communicated in the form class.code . You can find the latest CoAP request/response codes a

though the below list gives some examples: * Method: 0.XX * Success: 2.XX * Client Error: 4.XX * Server error: 5.XX * Signaling Codes: 7.XX


Message ID (16 bits)

:Used to detect message duplication and to match messages of type acknowledgement/reset to messages of type confirmable/non-confirmable.


Token

Every request carries a token (but it may be zero length) whose value was generated by the client. The server must echo every token value without any modification back to the client in the corresponding response. It is intended for use as a client-local identifier to match requests and responses, especially for concurrent requests. Matching requests and responses is not done with the message ID because a response may be sent in a different message than the acknowledgement (which uses the message ID for matching). For example, this could be done to prevent retransmissions if obtaining the result takes some time. Such a detached response is called "separate response". In contrast, transmitting the response directly in the acknowledgement is called "piggybacked response" which is expected to be preferred for efficiency reasons.


Option

Option delta: * 0 to 12: For delta between 0 to 12: Represents the exact delta value between the last option ID and the desired option ID, with no option delta extended value * 13: For delta from 13 to 268: Option delta extended is an 8-bit value that represents the option delta value minus 13 * 14: For delta from 269 to 65,804: Option delta extended is a 16-bit value that represents the option delta value minus 269 * 15: Reserved for payload marker, where the option delta and option length are set together as 0xFF. Option length: * 0 to 12: For option length between 0 to 12: Represents the exact length value, with no option length extended value * 13: For option length from 13 to 268: Option length extended is an 8-bit value that represents the option length value minus 13 * 14: For option length from 269 to 65,804: Option length extended is a 16-bit value that represents the option length value minus 269 * 15: Reserved for future use. It is an error for the option length field to be set to 0xFF. Option value: * Size of option value field is defined by option length value in bytes. * Semantic and format this field depends on the respective option.


Implementations


Proxy implementations


Squid 3.1.9 with transparent HTTP-CoAP mapping module

jcoap Proxy

Californium cf-proxy2

CoAPthon

FreeCoAP


CoAP group communication

In many CoAP application domains it is essential to have the ability to address several CoAP resources as a group, instead of addressing each resource individually (e.g. to turn on all the CoAP-enabled lights in a room with a single CoAP request triggered by toggling the light switch). To address this need, the IETF has developed an optional extension for CoAP in the form of an experimental RFC: Group Communication for CoAP - RFC 7390 This extension relies on IP multicast to deliver the CoAP request to all group members. The use of multicast has certain benefits such as reducing the number of packets needed to deliver the request to the members. However, multicast also has its limitations such as poor reliability and being cache-unfriendly. An alternative method for CoAP group communication that uses unicasts instead of multicasts relies on having an intermediary where the groups are created. Clients send their group requests to the intermediary, which in turn sends individual unicast requests to the group members, collects the replies from them, and sends back an aggregated reply to the client.


Security

CoAP defines four security modes * NoSec, where
DTLS Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications by allowing them to communicate in a way designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol i ...
is disabled * PreSharedKey, where DTLS is enabled, there is a list of pre-shared keys, and each key includes a list of which nodes it can be used to communicate with. Devices must support the AES cipher suite. * RawPublicKey, where DTLS is enabled and the device uses an asymmetric key pair without a certificate, which is validated out of band. Devices must support the AES cipher suite and Elliptic Curve algorithms for key exchange. * Certificate, where DTLS is enabled and the device uses
X.509 In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secu ...
certificates for validation. Research has been conducted on optimizing DTLS by implementing security associates as CoAP resources rather than using DTLS as a security wrapper for CoAP traffic. This research has indicated that improvements of up to 6.5 times none optimized implementations. In addition to DTLS, RFC8613 defines the Object Security for Constrained RESTful Environments ( OSCORE) protocol which provides security for CoAP at the application layer.


Security issues

Although the protocol standard includes provisions for mitigating the threat of
DDoS In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host A ...
amplification attacks, these provisions are not implemented in practice, resulting in the presence of over 580,000 targets primarily located in China and attacks up to 320 Gbps."The CoAP protocol is the next big thing for DDoS attacks", Catalin Cimpanu, 2018-12-05
/ref>


See also

*
Internet of Things The Internet of things (IoT) describes physical objects (or groups of such objects) with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other comm ...
* OMA Lightweight M2M *
Web of Things Web of Things (WoT) describes a set of standards by the World Wide Web Consortium (W3C) for the interoperability of different Internet of things (IoT) platforms and application domains. Building blocks The WoT building blocks provide a way to i ...
* Static Context Header Compression (SCHC)


References


External links

{{commons category, SSL and TLS
RFC 7252 "The Constrained Application Protocol (CoAP)"

coap.me
– CoAP test server run by
University of Bremen The University of Bremen (German: ''Universität Bremen'') is a public university in Bremen, Germany, with approximately 23,500 people from 115 countries. It is one of 11 institutions which were successful in the category "Institutional Strategi ...
Hypertext Transfer Protocol Application layer protocols Internet of things