I'm not sure, what the purpose of this work would/should be.
Reading
"2. Attacks on CoAP
2.1. The Block Attack
An on-path attacker can block the delivery of any number of requests
or responses. The attack can also be performed by an attacker
jamming the lower layer radio protocol."
is true for much more protocols, not only CoAP or DTLS. You can even cut
wires. To narrow such a general issues to a statement about a single
protocol may be a little smelly.
"In this document we show that protecting CoAP with a security
protocol on another layer is not nearly enough to securely control
actuators (and in many cases sensors) and that secure operation often
demands far more than the four properties traditionally provided by
security protocols."
The document addresses weakness, but it's hard to see, that this
weakness is qualified. Many of the attacks seems to be somehow "easy for
an on-path-attacker on unecrypted messages". And, yes could not be
excluded also for encrypted messages. In my opinion, encryption makes
such attacks much harder to apply, less attractive. And so "not nearly
enough" seems to be too strong.
My impression is, this document puts doubts on using DTLS 1.2.
It puts threats of unencrypted messages too close to the same (but much
lower) threats using encryption. I would appreciate, if the document is
clearer about that. Not that it turns into a disservice.
Achim Kraus https://mailarchive.ietf.org/arch/msg/core/_KAqFsWT0-U7AhBTobU-Ar-DZr4/
I'm not sure, what the purpose of this work would/should be.
Reading
"2. Attacks on CoAP
2.1. The Block Attack
is true for much more protocols, not only CoAP or DTLS. You can even cut wires. To narrow such a general issues to a statement about a single protocol may be a little smelly.
"In this document we show that protecting CoAP with a security protocol on another layer is not nearly enough to securely control actuators (and in many cases sensors) and that secure operation often demands far more than the four properties traditionally provided by security protocols."
The document addresses weakness, but it's hard to see, that this weakness is qualified. Many of the attacks seems to be somehow "easy for an on-path-attacker on unecrypted messages". And, yes could not be excluded also for encrypted messages. In my opinion, encryption makes such attacks much harder to apply, less attractive. And so "not nearly enough" seems to be too strong.
My impression is, this document puts doubts on using DTLS 1.2. It puts threats of unencrypted messages too close to the same (but much lower) threats using encryption. I would appreciate, if the document is clearer about that. Not that it turns into a disservice.