Research Area:  Internet of Things
Recent advancements in Internet of Things (IoT) have led to emergence of fascinating breakthroughs in diverse applications. Nowadays, the use cases of smart home systems are augmenting as they provide functionalities like real-time monitoring and high degree of remote control. Message queuing telemetry transport (MQTT) protocol is one of the most widely used messaging protocols in IoT-based applications including smart homes. This protocol lacks required security features owing to which, the intruders can launch variety of attacks easily. Stirred by this, we proposed a lightweight device authentication scheme for MQTT protocol. In this work, publisher/subscriber, and broker use lightweight cryptographic operations to enable device authentication. Also, this mechanism utilizes the lightweight cryptographic keys, such as one-time key (OTKey) and Tokens (Ti) to complete registration and authentication process, respectively. Compared to other protocols, our approach reduces both communication and computation costs while maintaining the security demands. We put a prototype into practice to assess the performance of the proposed authentication mechanism. Further, we perform the formal analysis of the proposed authentication mechanism using automated validation of Internet security protocols and application protocol analyzer tool. The proposed security mechanism is resistant to various attacks, such as replay attack, device impersonate attack, malicious node attack, etc., and it enables the security features like device authentication and device anonymity in smart homes.
Keywords:  
Author(s) Name:  Narasimha Swamy S; Dheeraj Manirathnam Anna; Vijayalakshmi M N; Solomon Raju Kota
Journal name:  IEEE Internet of Things
Conferrence name:  
Publisher name:  IEEE
DOI:  10.1109/JIOT.2024.3349394
Volume Information:  Volume: 11, Pages: 15792 - 15807, (2024)
Paper Link:   https://ieeexplore.ieee.org/document/10382683