A Robust Security Scheme Based on Enhanced Symmetric Algorithm for MQTT in the Internet of Things

Message Queuing Telemetry Transport (MQTT) is expected to be the de facto messaging IoT standard. Therefore, MQTT must achieve efficient security. Nevertheless, the most significant drawback of the MQTT is its lack of protection mechanisms. Meanwhile, the existing approaches have added processing overhead to the devices and are still vulnerable to various attacks. Therefore, this research work presented an integrated scheme known as the Robust Security Scheme (RSS) to protect the MQTT against any exploitations that might result in sophisticated cyberattacks. The proposed RSS employs two cryptosystems: 1) a dynamic variant of the Advanced Encryption Standard (D-AES); and 2) Key-Policy Attribute-Based Encryption (KP-ABE). RSS introduces a new design architecture of the symmetric AES algorithm to encrypt the MQTT payload called D-AES. Additionally, the second part of the proposed hybrid cryptosystem is KP-ABE, which is utilized to cipher the private key of the proposed D-AES to avoid the computation overhead of bilinear maps. The performance of the proposed RSS is measured in terms of processing time and traffic overhead. Additionally, the security aspects are evaluated in terms of balance, avalanche effect, and hamming distance and compared to the existing works in a testbed environment. Results revealed that the proposed D-AES is more promising with improvements than the standard AES algorithm. The proposed scheme achieves polymorphism while maintaining interoperability. RSS exhibited improvements over the standard AES algorithm by 8.75%, 10.45%, and 6.81% in terms of balance, avalanche effect, and hamming distance, respectively.

[1]  Ahmed J. Hintaw,et al.  Renyi Joint Entropy-Based Dynamic Threshold Approach to Detect DDoS Attacks against SDN Controller with Various Traffic Rates , 2022, Applied Sciences.

[2]  Carlos García-Rubio,et al.  Performance evaluation of CoAP and MQTT with security support for IoT environments , 2021, Comput. Networks.

[3]  Selvakumar Manickam,et al.  MQTT Vulnerabilities, Attack Vectors and Solutions in the Internet of Things (IoT) , 2021, IETE Journal of Research.

[4]  Asha Rao,et al.  Lightweight Cryptographic Protocols for IoT-Constrained Devices: A Survey , 2021, IEEE Internet of Things Journal.

[5]  Bazara I. A. Barry,et al.  A Polymorphic Advanced Encryption Standard – A Novel Approach , 2021, IEEE Access.

[6]  Muhammad Shiraz,et al.  Secure Framework Enhancing AES Algorithm in Cloud Computing , 2020, Secur. Commun. Networks.

[7]  A. P. Shanthi,et al.  Towards the Design of a Stronger AES: AES with Key Dependent Shift Rows (KDSR) , 2020, Wirel. Pers. Commun..

[8]  Floriano De Rango,et al.  Energy-aware dynamic Internet of Things security system based on Elliptic Curve Cryptography and Message Queue Telemetry Transport protocol for mitigating Replay attacks , 2020, Pervasive Mob. Comput..

[9]  Mohamed A. Sobh,et al.  A Secure MQTT Protocol, Telemedicine IoT Case Study , 2019, 2019 14th International Conference on Computer Engineering and Systems (ICCES).

[10]  He Xin,et al.  An Improved Authentication Protocol Using Smart Cards for the Internet of Things , 2019, IEEE Access.

[11]  Raphaël Couturier,et al.  Efficient & secure cipher scheme with dynamic key-dependent mode of operation , 2019, Signal Process. Image Commun..

[12]  Gautam Srivastava,et al.  A Secure Publish/Subscribe Protocol for Internet of Things , 2019, IACR Cryptol. ePrint Arch..

[13]  Mustafa Sabah Taha,et al.  Combination of Steganography and Cryptography: A short Survey , 2019, IOP Conference Series: Materials Science and Engineering.

[14]  Nasib Singh Gill,et al.  Smart Sensors: Analysis of Different Types of IoT Sensors , 2019, 2019 3rd International Conference on Trends in Electronics and Informatics (ICOEI).

[15]  Suja P Mathews,et al.  Protocol Recommendation for Message Encryption in MQTT , 2019, 2019 International Conference on Data Science and Communication (IconDSC).

[16]  Xiaochun Cheng,et al.  Vulnerabilities and Limitations of MQTT Protocol Used between IoT Devices , 2019, Applied Sciences.

[17]  Marimuthu Palaniswami,et al.  Distributed Real-Time IoT for Autonomous Vehicles , 2019, IEEE Transactions on Industrial Informatics.

[18]  Selvakumar Manickam,et al.  A Brief Review on MQTT's Security Issues within the Internet of Things (IoT) , 2019, J. Commun..

[19]  Megha Agrawal,et al.  A Survey on Lightweight Authenticated Encryption and Challenges for Securing Industrial IoT , 2019, Security and Privacy Trends in the Industrial Internet of Thing.

[20]  Jörg Robert,et al.  SCRAM: A Novel Approach for Reliable Ultra-Low Latency M2M Applications , 2018, 2018 IEEE 88th Vehicular Technology Conference (VTC-Fall).

[21]  Marione Ver C. Suana Enhancement of Advanced Encryption Standard (AES) Cryptographic Strength via Generation of Cipher Key-Dependent S-Box , 2018 .

[22]  Mohammad Hammoudeh,et al.  Defense Methods Against Social Engineering Attacks , 2018, Computer and Network Security Essentials.

[23]  Ajaz Hussain Mir,et al.  Securing Publish-Subscribe Services with Dynamic Security Protocol in MQTT Enabled Internet of Things , 2017 .

[24]  Ioannis G. Askoxylakis,et al.  Lightweight & secure industrial IoT communications via the MQ telemetry transport protocol , 2017, 2017 IEEE Symposium on Computers and Communications (ISCC).

[25]  Lavinia Nastase,et al.  Security in the Internet of Things: A Survey on Application Layer Protocols , 2017, 2017 21st International Conference on Control Systems and Computer Science (CSCS).

[26]  Muhammad Usman,et al.  SIT: A Lightweight Encryption Algorithm for Secure Internet of Things , 2017, ArXiv.

[27]  Manish Parmar,et al.  Composite secure MQTT for Internet of Things using ABE and dynamic S-box AES , 2017, 2017 Innovations in Power and Advanced Computing Technologies (i-PACT).

[28]  Abdullah Al Mamun,et al.  Security Analysis of AES and Enhancing its Security by Modifying S-Box with an Additional Byte , 2017 .

[29]  Olha Khomlyak,et al.  An investigation of lightweight cryptography and using the key derivation function for a hybrid scheme for security in IoT , 2017 .

[30]  Ritu Vijay,et al.  An AES–CHAOS-Based Hybrid Approach to Encrypt Multiple Images , 2017 .

[31]  Shashi B. Rana,et al.  Development of modified AES algorithm for data security , 2016 .

[32]  Mansoor Ebrahim,et al.  FPGA Implementation of Secure Force (64-Bit) Low Complexity Encryption Algorithm , 2015 .

[33]  Yassine Sadqi,et al.  Kerberos V5: Vulnerabilities and perspectives , 2015, 2015 Third World Conference on Complex Systems (WCCS).

[34]  Mansoor Ebrahim,et al.  FPGA implementation of 64 bit Secure Force algorithm using full loop-unroll architecture , 2015, 2015 IEEE International Conference on Control System, Computing and Engineering (ICCSCE).

[35]  P. Balamuralidhar,et al.  Secure MQTT for Internet of Things (IoT) , 2015, 2015 Fifth International Conference on Communication Systems and Network Technologies.

[36]  Tooska Dargahi,et al.  On the Feasibility of Attribute-Based Encryption on Smartphone Devices , 2015, IoT-Sys@MobiSys.

[37]  Mahamod Ismail,et al.  Enhancement of AES algorithm based on chaotic maps and shift operation for image encryption , 2015 .

[38]  Jianqing Zhang,et al.  Performance evaluation of Attribute-Based Encryption: Toward data privacy in the IoT , 2014, 2014 IEEE International Conference on Communications (ICC).

[39]  Lida Xu,et al.  Internet of Things for Enterprise Systems of Modern Manufacturing , 2014, IEEE Transactions on Industrial Informatics.

[40]  Prem Prakash Jayaraman,et al.  OpenIoT: Open Source Internet-of-Things in the Cloud , 2014, OpenIoT@SoftCOM.

[41]  P. Balamuralidhar,et al.  Lightweight IBE scheme for Wireless Sensor nodes , 2013, 2013 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS).

[42]  Mansoor Ebrahim,et al.  Secure Force: A low-complexity cryptographic algorithm for Wireless Sensor Network (WSN) , 2013, 2013 IEEE International Conference on Control System, Computing and Engineering.

[43]  Abdelrahman Altigani,et al.  A hybrid approach to secure transmitted messages using advanced encryption standard (AES) and Word Shift Coding Protocol , 2013, 2013 INTERNATIONAL CONFERENCE ON COMPUTING, ELECTRICAL AND ELECTRONIC ENGINEERING (ICCEEE).

[44]  Vincent Rijmen,et al.  Low-Data Complexity Attacks on AES , 2012, IEEE Transactions on Information Theory.

[45]  P. Balamuralidhar,et al.  An identity based encryption using elliptic curve cryptography for secure M2M communication , 2012, SecurIT '12.

[46]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[47]  Alan Kaminsky,et al.  An overview of cryptanalysis research for the advanced encryption standard , 2010, 2010 - MILCOM 2010 MILITARY COMMUNICATIONS CONFERENCE.

[48]  Orr Dunkelman,et al.  The effects of the omission of last round's MixColumns on AES , 2010, Inf. Process. Lett..

[49]  Kazys Kazlauskas,et al.  Key-Dependent S-Box Generation in AES Block Cipher System , 2009, Informatica.

[50]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[51]  N KrishnamurthyG,et al.  Making AES Stronger: AES with Key Dependent S-Box , 2008 .

[52]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[53]  Joan Daemen,et al.  AES Proposal : Rijndael , 1998 .

[54]  Réjane Forré,et al.  The Strict Avalanche Criterion: Spectral Properties of Boolean Functions and an Extended Definition , 1988, CRYPTO.

[55]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..