Vulnerabilities and limitations of MQTT protocol used between IoT devices
Article
Dinculeană, D. and Cheng, X. 2019. Vulnerabilities and limitations of MQTT protocol used between IoT devices. Applied Sciences. 9 (5). https://doi.org/10.3390/app9050848
Type | Article |
---|---|
Title | Vulnerabilities and limitations of MQTT protocol used between IoT devices |
Authors | Dinculeană, D. and Cheng, X. |
Abstract | With the proliferation of smart devices capable of communicating over a network using different protocols, each year more and more successful attacks are recorded against these, underlining the necessity of developing and implementing mechanisms to protect against such attacks. This paper will review some existing solutions used to secure a communication channel, such as Transport Layer Security or symmetric encryption, as well as provide a novel approach to achieving confidentiality and integrity of messages. The method, called Value-to-Keyed-Hash Message Authentication Code (Value-to-HMAC) mapping, uses signatures to send messages, instead of encryption, by implementing a Keyed-Hash Message Authentication Code generation algorithm. Although robust solutions exist that can be used to secure the communication between devices, this paper considers that not every Internet of Things (IoT) device or network design is able to afford the overhead and drop in performance, or even support such protocols. Therefore, the Value-to-HMAC method was designed to maximize performance while ensuring the messages are only readable by the intended node. The experimental procedure demonstrates how the method will achieve better performance than a symmetric-key encryption algorithm, while ensuring the confidentiality and integrity of information through the use of one mechanism. |
Publisher | MDPI AG |
Journal | Applied Sciences |
ISSN | 2076-3417 |
Publication dates | |
27 Feb 2019 | |
Publication process dates | |
Deposited | 11 Feb 2019 |
Submitted | 31 Oct 2018 |
Accepted | 03 Feb 2019 |
Output status | Published |
Publisher's version | License |
Copyright Statement | © 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
Digital Object Identifier (DOI) | https://doi.org/10.3390/app9050848 |
Language | English |
https://repository.mdx.ac.uk/item/88290
Download files
72
total views15
total downloads0
views this month0
downloads this month