Vulnerabilities and Limitations of MQTT Protocol Used between IoT Devices

With the proliferation of smart devices capable of communicating over a network using different protocols, each year more and more successful attacks are recorded against these, underlining the necessity of developing and implementing mechanisms to protect against such attacks. This paper will review some existing solutions used to secure a communication channel, such as Transport Layer Security or symmetric encryption, as well as provide a novel approach to achieving confidentiality and integrity of messages. The method, called Value-to-Keyed-Hash Message Authentication Code (Value-to-HMAC) mapping, uses signatures to send messages, instead of encryption, by implementing a Keyed-Hash Message Authentication Code generation algorithm. Although robust solutions exist that can be used to secure the communication between devices, this paper considers that not every Internet of Things (IoT) device or network design is able to afford the overhead and drop in performance, or even support such protocols. Therefore, the Value-to-HMAC method was designed to maximize performance while ensuring the messages are only readable by the intended node. The experimental procedure demonstrates how the method will achieve better performance than a symmetric-key encryption algorithm, while ensuring the confidentiality and integrity of information through the use of one mechanism.

[1]  Rick S. Blum,et al.  Cryptographic Side-Channel Signaling and Authentication via Fingerprint Embedding , 2018, IEEE Transactions on Information Forensics and Security.

[2]  Xiaojiang Du,et al.  A survey of key management schemes in wireless sensor networks , 2007, Comput. Commun..

[3]  Mohsen Guizani,et al.  An effective key management scheme for heterogeneous sensor networks , 2007, Ad Hoc Networks.

[4]  Geovandro C. C. F. Pereira,et al.  Performance Evaluation of Cryptographic Algorithms over IoT Platforms and Operating Systems , 2017, Secur. Commun. Networks.

[5]  Rajasekhar Mungara,et al.  A Routing-Driven Elliptic Curve Cryptography based Key Management Scheme for Heterogeneous Sensor Networks , 2014 .

[6]  Yonglin Hao,et al.  The Boomerang Attacks on BLAKE and BLAKE2 , 2014, Inscrypt.

[7]  Xiaochun Cheng,et al.  A Distributed Anomaly Detection System for In-Vehicle Network Using HTM , 2018, IEEE Access.

[8]  Ioannis G. Askoxylakis,et al.  Lightweight & secure industrial IoT communications via the MQ telemetry transport protocol , 2017, 2017 IEEE Symposium on Computers and Communications (ISCC).

[9]  N. Harini,et al.  Evaluating efficiency of HMAC and digital signatures to enhance security in IoT , 2018 .

[10]  Mohsen Guizani,et al.  Transactions papers a routing-driven Elliptic Curve Cryptography based key management scheme for Heterogeneous Sensor Networks , 2009, IEEE Transactions on Wireless Communications.

[11]  Lei Yang,et al.  Accurate Sybil Attack Detection Based on Fine-Grained Physical Channel Information , 2018, Sensors.

[12]  Reza Sedaghat,et al.  An adaptive security framework with extensible computational complexity for cipher systems , 2016, 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST).

[13]  Andrey Bogdanov,et al.  Biclique Cryptanalysis of the Full AES , 2011, ASIACRYPT.

[14]  Sanjay Jha,et al.  Automated Analysis of Secure Internet of Things Protocols , 2017, ACSAC.

[15]  Marc Fischlin,et al.  Backdoored Hash Functions: Immunizing HMAC and HKDF , 2018, 2018 IEEE 31st Computer Security Foundations Symposium (CSF).

[16]  Xiaochun Cheng,et al.  M-SSE: An Effective Searchable Symmetric Encryption With Enhanced Security for Mobile Devices , 2018, IEEE Access.

[17]  Lavinia Nastase,et al.  Security in the Internet of Things: A Survey on Application Layer Protocols , 2017, 2017 21st International Conference on Control Systems and Computer Science (CSCS).