Cascoda and Thread
Cascoda joined the Thread group in 2015, and we have since become a leading member, contributing to the specification draft, the open source software implementation and marketing collateral. We currently Chair the Thread Low Power Working Group.
Thread is a low-power wireless mesh network-layer protocol, based on the universally-supported Internet Protocol (IP), and built using open and proven standards. Thread enables direct IP-based device-to-device and device-to-cloud communications. It reliably connects hundreds (or thousands) of products and includes mandatory security features. Thread networks have no single point of failure, can self-heal and reconfigure when a device is added or removed, and are simple to setup and use.
Thread, as a network layer, ensures that the data sent over the air cannot be tampered with or viewed by any unauthorised device. Thread also ensures that devices that join the network are legitimate and authorised. In order to secure data over the air, Thread uses a network-wide key employing symmetric key cryptography known as AES-CCM. AES-CCM uses a network-wide key to encrypt each message, and appends a tag for authentication. If the recipient has the network-wide key, it can decrypt the message, and authenticate that it was neither tampered with in transit, nor replayed from a past transmission. This network-wide key is periodically changed to prevent any individual key from becoming exhausted.
When a new device is joining a network for the first time, it does not know the network-wide key and therefore needs to obtain it. This process is known as commissioning. Of course, the network-wide key cannot be transmitted without encryption, as it could be obtained by an attacker. To overcome this problem, Thread commissioning uses a process known as Password-Authenticated Key Exchange (PAKE), which is part of the Datagram Transport Layer Security (DTLS) standard. PAKE uses a low-strength secret (e.g. a password, QR/bar code or RFID) in conjunction with asymmetric elliptic curve cryptography to authenticate the new device, and generate a high-strength secret between the two parties. The high strength secret is used to encrypt the communication of the network-wide key to the joining device. This entire process is orchestrated by a Thread commissioner such as a smartphone connected to a Thread Border Router over WiFi.
Thread mesh networking guide
Along with Routers and End-Devices, Thread introduces a new type of device, the Router Eligible End Device (REED). The REED is able to change its role between a Router and an End-device, based on the needs of the mesh network.
Downgrading and Upgrading
A REED can dynamically Downgrade itself to an End-node or Upgrade itself to a Router, dependant on the needs of the network. So, if a REED has no connection to an End-Device, it can Downgrade itself to an End-Device to minimize network overhead. Similarly, if a REED is the only node in reach of a new End-Device wishing to join the network, it can dynamically upgrade itself to a Router. This is done automatically, meaning that Thread self-optimises to decide which devices need to be Routers and which need to be End-Devices.
A Thread Leader
A Leader is a Thread Router that manages the network by circulating configuration information amongst all Routers in the network. Leaders are dynamically self-elected from any Router in a network. This behaviour allows for maximum network resilience.
A Thread Border Router
A Border Router is router device, responsible for routing data between the Thread network & the internet. Multiple Border Routers are allowed, to improve redundancy, throughput and lower latency.
Thread networks are able to partition and self-heal. When network connectivity breaks down, each partition dynamically elects a new Thread Leader and connectivity continues uninterrupted.