Lightweight Security Mechanism over MQTT Protocol for IoT Devices

Security is one of the main concerns with regard to the Internet of Things (IoT) networks. Since most IoT devices are restricted in resource and power consumption, it is not easy to implement robust security mechanisms. There are different methods to secure network communications; however, they are not applicable to IoT devices. In addition, most authentication methods use certificates in which signing and verifying certificates need more computation and power. The main objective of this paper is to propose a lightweight authentication and encryption mechanism for IoT constrained devices. This mechanism uses ECDHE-PSK which is the Transport Layer Security (TLS) authentication algorithm over Message Queuing Telemetry Transport (MQTT) Protocol. This authentication algorithm provides a Perfect Forward Secrecy (PFS) feature that makes an improvement in security. It is the first time that this TLS authentication algorithm is implemented and evaluated over the MQTT protocol for IoT devices. To evaluate resource consumption of the proposed security mechanism, it was compared with the default security mechanism of the MQTT protocol and the ECDHE-ECDSA that is a certificate-based authentication algorithm. They were evaluated in terms of CPU utilization, execution time, bandwidth, and power consumption. The results show that the proposed security mechanism outperforms the ECDHE-ECDSA in all tests. Keywords—Internet of Things (IoT); MQTT; Pre-Shared Keys (PSK); elliptic curve cryptography; Diffie-Hellman Ephemeral (DHE); Digital Signature Algorithm (DSA); Perfect Forward Secrecy (PFS); authentication; power consumption; wireless sensors

[1]  Wei-hong Wang,et al.  Design and implementation of an ECDSA-based identity authentication protocol on WSN , 2009, 2009 3rd IEEE International Symposium on Microwave, Antenna, Propagation and EMC Technologies for Wireless Communications.

[2]  Mustafa Abdullah Azzawi Reliable and Secure Traffic Exchange Approach for Internet of Things ( IoT ) Devices , 2017 .

[3]  Ravi Kishore Kodali,et al.  Fuzzy controlled scalar multiplication for ECC , 2013, IEEE 2013 Tencon - Spring.

[4]  Eric Rescorla,et al.  Datagram Transport Layer Security Version 1.2 , 2012, RFC.

[5]  Munam Ali Shah,et al.  E-Lithe: A Lightweight Secure DTLS for IoT , 2017, 2017 IEEE 86th Vehicular Technology Conference (VTC-Fall).

[6]  Luis Castedo,et al.  A Practical Performance Comparison of ECC and RSA for Resource-Constrained IoT Devices , 2018, 2018 Global Internet of Things Summit (GIoTS).

[7]  Mumbai,et al.  Internet of Things (IoT): A Literature Review , 2015 .

[8]  Desta Yolanda,et al.  Internet of things using publish and subscribe method cloud-based application to NFT-based hydroponic system , 2016, 2016 6th International Conference on System Engineering and Technology (ICSET).

[9]  Ravi Kishore Kodali,et al.  ECDH based security model for IoT using ESP8266 , 2016, 2016 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT).

[10]  Mustafa Abdullah Azzawi,et al.  A Review on Internet of Things ( IoT ) in Healthcare , 2016 .

[11]  K. K. Goyal A Literature Survey on Internet of Things (IoT) , 2018 .

[12]  Shweta Lamba,et al.  An Efficient Elliptic Curve Digital Signature Algorithm (ECDSA) , 2013, 2013 International Conference on Machine Intelligence and Research Advancement.

[13]  Hannes Tschofenig,et al.  Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) , 2005, RFC.

[14]  Dayanand Ambawade,et al.  Internet of Things: Existing protocols and technological challenges in security , 2017, 2017 International Conference on Intelligent Computing and Control (I2C2).

[15]  Vineet Sahula,et al.  Lightweight security algorithm for low power IoT devices , 2016, 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[16]  Jianying Zhou,et al.  Faster Authenticated Key Agreement With Perfect Forward Secrecy for Industrial Internet-of-Things , 2020, IEEE Transactions on Industrial Informatics.

[17]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[18]  Nitin Naik,et al.  Choice of effective messaging protocols for IoT systems: MQTT, CoAP, AMQP and HTTP , 2017, 2017 IEEE International Systems Engineering Symposium (ISSE).

[19]  Xiong Luo,et al.  A Lightweight Digital Signature Based Security Scheme for Human-Centered Internet of Things , 2018, IEEE Access.

[20]  Fabiano Hessel,et al.  Evaluating the use of TLS and DTLS protocols in IoT middleware systems applied to E-health , 2017, 2017 14th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[21]  Zurina Mohd Hanapi,et al.  Comparison of ECC and RSA Algorithm in Resource Constrained Devices , 2013, 2013 International Conference on IT Convergence and Security (ICITCS).

[22]  Panwit Tuwanut,et al.  A survey on internet of things architecture, protocols, possible applications, security, privacy, real-world implementation and future trends , 2015, 2015 IEEE 16th International Conference on Communication Technology (ICCT).

[23]  Muneer Bani Yassein,et al.  Internet of Things: Survey and open issues of MQTT protocol , 2017, 2017 International Conference on Engineering & MIS (ICEMIS).

[24]  Andrei Cornel - Cristian,et al.  Smart home automation with MQTT , 2019, 2019 54th International Universities Power Engineering Conference (UPEC).

[25]  Rosilah Hassan,et al.  Enhanced MQTT for Providing QoS in Internet of Things (IoT): A Study , 2018 .

[26]  Vijay Kumar,et al.  Security analysis of TLS authentication , 2014, 2014 International Conference on Contemporary Computing and Informatics (IC3I).

[27]  Amrita Vishwa,et al.  Experimental study of Diffie-Hellman key exchange algorithm on embedded devices , 2017, 2017 International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS).

[28]  Ki-Hyung Kim,et al.  An ECDH-based light-weight mutual authentication scheme on local SIP , 2015, 2015 Seventh International Conference on Ubiquitous and Future Networks.

[29]  Suat Özdemir,et al.  Security in internet of things: A survey , 2017, 2017 International Symposium on Networks, Computers and Communications (ISNCC).

[30]  Rosilah Hassan,et al.  Performance Evaluation of Handover in WiMax with TCP and UDP as Underlying Protocol , 2015, J. Comput. Sci..

[31]  Chiara Petrioli,et al.  Security as a CoAP resource: An optimized DTLS implementation for the IoT , 2015, 2015 IEEE International Conference on Communications (ICC).