Vulnerabilities and limitations of MQTT protocol used between IoT devices

Dinculeană, Dan and Cheng, Xiaochun ORCID: https://orcid.org/0000-0003-0371-9646 (2019) Vulnerabilities and limitations of MQTT protocol used between IoT devices. Applied Sciences, 9 (5). ISSN 2076-3417 (Accepted/In press) (doi:10.3390/app9050848)

[img]
Preview
PDF - Published version (with publisher's formatting)
Available under License Creative Commons Attribution.

Download (1MB) | Preview

Abstract

With the proliferation of smart devices capable of communicating over a network using different protocols, each year more and more successful attacks are recorded against these, underlining the necessity of developing and implementing mechanisms to protect against such attacks. This paper will review some existing solutions used to secure a communication channel, such as Transport Layer Security or symmetric encryption, as well as provide a novel approach to achieving confidentiality and integrity of messages. The method, called Value-to-Keyed-Hash Message Authentication Code (Value-to-HMAC) mapping, uses signatures to send messages, instead of encryption, by implementing a Keyed-Hash Message Authentication Code generation algorithm. Although robust solutions exist that can be used to secure the communication between devices, this paper considers that not every Internet of Things (IoT) device or network design is able to afford the overhead and drop in performance, or even support such protocols. Therefore, the Value-to-HMAC method was designed to maximize performance while ensuring the messages are only readable by the intended node. The experimental procedure demonstrates how the method will achieve better performance than a symmetric-key encryption algorithm, while ensuring the confidentiality and integrity of information through the use of one mechanism.

Item Type: Article
Additional Information: Article Number = e848
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 26163
Notes on copyright: © 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Useful Links:
Depositing User: Xiaochun Cheng
Date Deposited: 11 Feb 2019 09:45
Last Modified: 08 Nov 2019 22:09
URI: https://eprints.mdx.ac.uk/id/eprint/26163

Actions (login required)

Edit Item Edit Item

Full text downloads (NB count will be zero if no full text documents are attached to the record)

Downloads per month over the past year