Securing MQTT Protocol for IoT Devices Research Paper 2022
Added on 2022-10-06
3 Pages448 Words1 Views
Securing MQTT Protocol for IoT devices
MQTT is one of the popular protocols in IoT due to its various features such as being
lightweight and its efficient use of bandwidth. It is a publish/subscribe protocol based on
TCP. A broker is used to control the distribution of information by storing, filtering and
prioritizing publisher client’s requests to the subscriber clients.
However, there exist some vulnerabilities in MQTT that put its security at risk. For example,
a message from a Publisher is published under a specific topic such that all the subscribers
under that topic can receive the message sent through a broker. The various messages are
distinguished by the message header. However, the contents in the variable header such as the
password and username are not encrypted and therefore not secure.
To solve this problem, a more secure MQTT would be the one shown in the diagram below
based on ABE scheme [1].
It makes use of a new type of message ’0000’ as well as encrypting the message through
ABE scheme which is built upon Elliptic Curve Cryptography (ECC) that is very lightweight.
To send an encrypted message, a publisher will use Spublish command, and the message can
only be decrypted by that meet all the conditions outlined in the access policy.
The protocol will use two types of ABE; CP-ABE and KPABE. It will also include three
different entities; the publisher, PKG (broker) and the subscriber
MQTT is one of the popular protocols in IoT due to its various features such as being
lightweight and its efficient use of bandwidth. It is a publish/subscribe protocol based on
TCP. A broker is used to control the distribution of information by storing, filtering and
prioritizing publisher client’s requests to the subscriber clients.
However, there exist some vulnerabilities in MQTT that put its security at risk. For example,
a message from a Publisher is published under a specific topic such that all the subscribers
under that topic can receive the message sent through a broker. The various messages are
distinguished by the message header. However, the contents in the variable header such as the
password and username are not encrypted and therefore not secure.
To solve this problem, a more secure MQTT would be the one shown in the diagram below
based on ABE scheme [1].
It makes use of a new type of message ’0000’ as well as encrypting the message through
ABE scheme which is built upon Elliptic Curve Cryptography (ECC) that is very lightweight.
To send an encrypted message, a publisher will use Spublish command, and the message can
only be decrypted by that meet all the conditions outlined in the access policy.
The protocol will use two types of ABE; CP-ABE and KPABE. It will also include three
different entities; the publisher, PKG (broker) and the subscriber
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Problems in IoT in Automobile Industrylg...
|5
|1112
|245