MQTTSec Based on Context-Aware Cryptographic Selection Algorithm (CASA) for Resource-Constrained IoT Devices

With the spread and wide adoption of IoT systems, new security and privacy concerns started to arise and be presented as serious issues. To mitigate these new threats, new countermeasures and prevention techniques based on cryptography are introduced. Since most IoT devices are restrained with the sparse availability of resources, such as memory and computational power, using traditional cryptographic algorithms is not practical as it needs special hardware implementation to accommodate these algorithms. In this work an enhancement of the traditional MQTT protocol called MQTTSec is proposed. MQTTSec allows communicating devices to select the appropriate cryptographic technique based on the available resources. A validation of the proposed technique is also provided.

[1]  Chao-Chun Chen,et al.  An Extensible and Transparent Thing-to-Thing Security Enhancement for MQTT Protocol in IoT Environment , 2019, 2019 Global IoT Summit (GIoTS).

[2]  Ju Ren,et al.  Secure Data Aggregation of Lightweight E-Healthcare IoT Devices With Fair Incentives , 2019, IEEE Internet of Things Journal.

[3]  Madhumita Panda Performance analysis of encryption algorithms for security , 2016, 2016 International Conference on Signal Processing, Communication, Power and Embedded System (SCOPES).

[4]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[5]  Muhammad Adnan Tariq,et al.  Non-functional requirements in publish, subscribe systems , 2013 .

[6]  P. Balamuralidhar,et al.  Secure MQTT for Internet of Things (IoT) , 2015, 2015 Fifth International Conference on Communication Systems and Network Technologies.

[7]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[8]  C. Lishou,et al.  Lightweight Security Scheme for MQTT/MQTT-SN Protocol , 2019, 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS).

[9]  Jianqing Zhang,et al.  Performance evaluation of Attribute-Based Encryption: Toward data privacy in the IoT , 2014, 2014 IEEE International Conference on Communications (ICC).

[10]  Rahul Johari,et al.  CRAIoT: Concept, Review and Application(s) of IoT , 2019, 2019 4th International Conference on Internet of Things: Smart Innovation and Usages (IoT-SIU).

[11]  Ken Choi,et al.  Power dissipation and area comparison of 512-bit and 1024-bit key AES , 2013, Comput. Math. Appl..

[12]  Andrea Zanella,et al.  IoT: Internet of Threats? A Survey of Practical Security Vulnerabilities in Real IoT Devices , 2019, IEEE Internet of Things Journal.

[13]  Jong Hyuk Park,et al.  Advanced lightweight encryption algorithms for IoT devices: survey, challenges and solutions , 2017, J. Ambient Intell. Humaniz. Comput..