Similarly to elsewhere on the Internet, practical security in the Internet of Things (IoT) is achieved by combining an array of mechanisms, at work at all layers of the protocol stack, in system software, and in hardware. Standard protocols such as Datagram Transport Layer Security (DTLS 1.2) and Transport Layer Security (TLS 1.2) are often recommended to secure communications to/from IoT devices. Recently, the TLS 1.3 standard was released and DTLS 1.3 is in the final stages of standardization. In this paper, we give an overview of version 1.3 of these protocols, and we provide the first experimental comparative performance analysis of different implementations and various configurations of these protocols, on real IoT devices based on low-power microcontrollers. We show how different implementations lead to different compromises. We measure and compare bytes-over-the-air, memory footprint, and energy consumption. We show that, when DTLS/TLS 1.3 requires more resources than DTLS/TLS 1.2, this additional overhead is quite reasonable. We also observe that, in some configurations, DTLS/TLS 1.3 actually decreases overhead and resource consumption. All in all, our study indicates that there is still room to optimize the existing implementations of these protocols.

中文翻译：

---

低功耗IoT通信安全性：DTLS和TLS 1.3的性能

与Internet上的其他地方类似，物联网（IoT）的实用安全性是通过在协议堆栈的所有层，系统软件和硬件中结合使用一系列机制来实现的。通常建议使用标准协议，例如数据报传输层安全性（DTLS 1.2）和传输层安全性（TLS 1.2），以保护与IoT设备之间的通信安全。最近，发布了TLS 1.3标准，而DTLS 1.3处于标准化的最后阶段。在本文中，我们概述了这些协议的1.3版，并在基于低功耗微控制器的实际IoT设备上提供了这些协议的不同实现和各种配置的首次实验比较性能分析。我们展示了不同的实现方式如何导致不同的妥协。我们测量并比较了无线字节，内存占用量和能耗。我们证明，当DTLS / TLS 1.3比DTLS / TLS 1.2需要更多资源时，此额外开销是相当合理的。我们还观察到，在某些配置中，DTLS / TLS 1.3实际上减少了开销和资源消耗。总而言之，我们的研究表明，仍有优化这些协议的现有实现的空间。