Open AccessMQTT-PRESENT: Approach to secure internet of things applications using MQTT protocol
Author(s) -
Imane Sahmi,
Abderrahim Abdellaoui,
Tomader Mazri,
Nabil Hmina
Publication year - 2021
Publication title -
international journal of power electronics and drive systems/international journal of electrical and computer engineering
Language(s) - English
Resource type - Journals
eISSN - 2722-2578
pISSN - 2722-256X
DOI - 10.11591/ijece.v11i5.pp4577-4586
Subject(s) - mqtt , computer science , message queue , computer network , computer security , scalability , authentication (law) , internet layer , authentication protocol , encryption , protocol (science) , the internet , internet of things , internet protocol , world wide web , database , medicine , alternative medicine , pathology
The big challenge to raise for deploying the application's domain of the Internet of Things is security. As one of the popular messaging protocols in the IoT world, the message queue telemetry transport (MQTT) is designed for constrained devices and machine-to-machine communications, based on the publish-subscribe model, it offers a basic authentication using username and password. However, this authentication method might have a problem in terms of security and scalability. In this paper, we provide an analysis of the current research in the literature related to the security for the MQTT protocol, before we give a brief description of each algorithm used on our approach, to finally propose a new approach to secure this protocol based on AugPAKE algorithm and PRESENT encryption. This solution provides mutual authentication between the broker and their clients (publishers and subscribers), the confidentiality of the published message is protected twice, the integrity and non-repudiation of MQTT messages which is protected during the process of transmission.