Research Area:  Internet of Things
Message Queuing Telemetry Transport (MQTT) is an ISO standard (ISO/IEC PRF 20922) for Machine-to- Machine (M2M) connectivity in the implementation of Internet of Things (IoT). It is a publish-subscribe based messaging protocol. However, by itself, this protocol faces several security threats. The most common resort to these issues is the use of Transport Layer Security along with Secure Sockets Layer (TLS/SSL) which is highly unfeasible for resource constrained devices. In this paper, a novel architecture has been proposed to secure MQTT protocol in two stages. First, the payload is encrypted using a lightweight symmetric block cipher. Post encryption, a lightweight hash function SPONGENT has been used to ensure message authentication and data integrity. Then the encrypted message is published along with its hashed output to the concerned subscribers. Lightweight symmetric encryption ensures minimum overheads as compared to the conventionally used asymmetric encryption. The performance parameters of some established lightweight ciphers- PRESENT  , SIMON  , SPECK  , PRIDE  , ROADRUNNER  , MIDORI  and RECTANGLE  - have also been evaluated on Raspberry Pi to accomplish security for this publish-subscribe protocol.
Author(s) Name:  Shweta Iyer; G. V. Bansod; Praveen Naidu V; Shefali Garg
Conferrence name:  International Conference on Electrical, Electronics, Communication, Computer, and Optimization Techniques (ICEECCOT)
Publisher name:  IEEE
Paper Link:   https://ieeexplore.ieee.org/abstract/document/9001599