Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (2): 333-342.doi: 10.11896/jsjkx.221100157

• Information Security • Previous Articles     Next Articles

Research and Implementation of MQTT Security Mechanism Based on Domestic CryptographicAlgorithms

LIU Zechao1,2, LIANG Tao1, SUN Ruochen1, HAO Zhiqiang3,4, LI Jun3,4   

  1. 1 College of Computer Science and Technology,Harbin Engineering University,Harbin 150001,China
    2 Modeling and Emulation in E-Government National Engineering Laboratory,Beijing 100037,China
    3 China National Industrial Information Security Development Research Center,Beijing,100040,China
    4 School of Information & Intelligence Engineering,University of Sanya,Sanya,Hainan 572022,China
  • Received:2022-11-19 Revised:2023-12-15 Online:2024-02-15 Published:2024-02-22
  • About author:LIU Zechao,born in 1985,Ph.D,asso-ciate professor,master supervisor.His main research interests include indus-trial information security and crypto-graphy.LI Jun,born in 1986,Ph.D.His main research interests include industrial Internet security and data security.
  • Supported by:
    National Key R & D Program of China(2021YFB3101602),Special Project for Industrial Foundation Reconstruction and High Quality Development of Manufacturing Industry by the Ministry of Industry and Information Technology(TC220A04X-1) and Basic Research Program(JCKY2020604C011).

PDF (PC)

1524

Abstract: Aiming at the problem that existing MQTT protocol lacks effective identity authentication and data plaintext transmission,an MQTT security protection scheme is designed based on domestic cryptography algorithms SM2,SM3 and SM4.Two-way identity authentication between the client and MQTT Broker is realized by SM2 algorithm.SM4 algorithm is used to encrypt the username,password,and message contents of subjects in MQTT protocol.SM3 algorithm is used to ensure the integrity of data transmitted by MQTT protocol.Applying self-controllable domestic cryptography technology to MQTT protocol can effectively improve the security protection capability of the protocol.The security analysis and experimental results show that the proposed scheme can not only solve the security problem of MQTT protocol,but also meet the practical application requirements.

Key words: Domestic cryptographic algorithms, MQTT protocol, Identity authentication, Data encryption

CLC Number: 

  • TP309.2
[1]MOUSTAFA N,TURNBULL B,CHOO K K R.An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things[J].IEEE Internet of Things Journal,2018,6(3):4815-4830.
[2]WOOD D,APTHORPE N,FEAMSTER N.Cleartext DataTransmissions in Consumer Iot Medical Devices[C]//Procee-dings of the 2017 Workshop on Internet of Things Security and Privacy.2017:7-12.
[3]AZROUR M,MABROUKI J,GUEZZAZ A,et al.Internet of Things security:challenges and key issues[J].Security and Communication Networks,2021,2021:1-11.
[4]MILEVA A,VELINOV A,HARTMANN L,et al.Comprehensive analysis of MQTT 5.0 susceptibility to network covert channels[J].Computers & Security,2021,104:102207.
[5]NAIK N.Choice of Effective Messaging Protocols for IoT Systems:MQTT,CoAP,AMQP and HTTP[C]//2017 IEEE International Systems Engineering Symposium(ISSE).IEEE,2017:1-7.
[6]DINCULEANĂ D,CHENG X.Vulnerabilities and limitations of MQTT protocol used between IoT devices[J].Applied Sciences,2019,9(5):848.
[7]ZHANG L,GE Y.Identity Authentication Based on Domestic Commercial Cryptography with Blockchain in the Heteroge-neous Alliance Network[C]//2021 IEEE International Confe-rence on Consumer Electronics and Computer Engineering(ICCECE).IEEE,2021:191-195.
[8]SHEN C X,GONG B.The innovation of trusted cmputing based on the domestic cryptography[J].Journal of Cryptologic Research,2015,2(5):381-389.
[9]SINGH M,RAJAN M A,SHIVRAJ V L,et al.Secure mqtt for Internet of Things(iot)[C]//2015 fifth International Confe-rence on Communication Systems and Network Technologies.IEEE,2015:746-751.
[10]BISNE L,PARMAR M.Composite Secure MQTT for Internet of Things Using ABE and Dynamic S-box AES[C]//2017 Innovations in Power and Advanced Computing Technologies(IPACT).IEEE,2017:1-5.
[11]BHAWIYUGA A,DATA M,WARDA A.Architectural Design of Token Based Authentication of MQTT protocol in Constrai-ned IoT device[C]//2017 11th International Conference on Tele-communication Systems Services and Applications(TSSA).IEEE,2017:1-4.
[12]CALABRETTA M,PECORI R,VELTRI L.A Token-basedProtocol for Securing MQTT Communications[C]//2018 26th International Conference on Software,Telecommunications and Computer Networks(SoftCOM).IEEE,2018:1-6.
[13]SU W T,CHEN W C,CHEN C C.An Extensible and Transpa-rent Thing-to-thing Security Enhancement for mqtt Protocol in Iot Environment[C]//2019 Global IoT Summit(GIoTS).IEEE,2019:1-4.
[14]CHIEN H Y,CHEN Y J,QIU G H,et al.A MQTT-API-compatible IoT security-enhanced platform[J].Int.J.Sens.Networks,2020,32(1):54-68.
[15]DE RANGO F,POTRINO G,TROPEA M,et al.Energy-aware dynamic Internet of Things security system based on Elliptic Curve Cryptography and Message Queue Telemetry Transport protocol for mitigating replay attacks[J].Pervasive and Mobile Computing,2020,61:101105.
[16]SANJUAN E B,CARDIEL I A,CERRADA J A,et al.Message queuing telemetry transport(MQTT) security:a cryptographic smart card approach[J].IEEE Access,2020,8:115051-115062.
[17]PATEL C,DOSHI N.A novel MQTT security framework in generic IoT model[J].Procedia Computer Science,2020,171:1399-1408.
[18]AMANLOU S,BAKAR K A A.Lightweight security mecha-nism over MQTT protocol for IoT devices[J].International Journal of Advanced Computer Science and Applications,2020,11(7):202-207.
[19]GU Z C,GUO Y B,FANG C.End-to-end security solution for message queue telemetry transport protocol based on proxy re-encryption[J].Journal of Computer Applications,2021,41(5):1378-1385.
[20]SPINA M G,DE RANGO F,MAROTTA G M.Lightweight Dynamic Topic-centric End-to-end Security Mechanism for MQTT[C]//2021 IEEE/ACM 25th International Symposium on Distributed Simulation and Real Time Applications(DS-RT).IEEE,2021:1-7.
[21]MENDOZA-CARDENAS F,LEON-AGUILAR R S,QUIROZ-ARROYO J L.CP-ABE Encryption over MQTT for an IoT System with Raspberry Pi[C]//2022 56th Annual Conference on Information Sciences and Systems(CISS).IEEE,2022:236-239.
[22]ZHANG Y,HE D,ZHANG M,et al.A provable-secure and practical two-party distributed signing protocol for SM2 signature algorithm[J].Frontiers of Computer Science,2020,14(3):1-14.
[23]ABED S,JAFFAL R,MOHD B J,et al.Performance evaluation of the SM4 cipher based on field-programmable gate array implementation[J].IET Circuits,Devices & Systems,2021,15(2):121-135.
[24]TOLDINAS J,LOZINSKIS B,BARANAUSKAS E,et al.MQTT Quality of Service VersusEnergy Consumption[C]//2019 23rd International Conference Electronics.IEEE,2019:1-4.
[25]AL ENANY M O,HARB H M,ATTIYA G.A Compara-tive Analysis of MQTT and IoT Application Protocols[C]//2021 International Conference on Electronic Engineering(ICEEM).IEEE,2021:1-6.
[1] WANG Yi, HU Xuexian, WEI Jianghong. Two-factor Authentication Scheme for Blind Cloud Storage System Based on Password and SmartCard [J]. Computer Science, 2024, 51(1): 363-370.
[2] WANG Xinmiao, SUN Tingting, MA Jingjun. Research Progress of RSA Algorithm in Network Data Transmission [J]. Computer Science, 2023, 50(6A): 220300107-7.
[3] LIN Feilong, YUE Yuedong, ZHENG Jianhui, CHEN Zhongyu, LI Minglu. Blockchain-based Identity Authentication and Authorization Mechanism [J]. Computer Science, 2023, 50(6A): 220700158-9.
[4] ZHANG Shue, TIAN Chengwei, LI Baogang. Review of Identity Authentication Research Based on Blockchain Technology [J]. Computer Science, 2023, 50(5): 329-347.
[5] CAO Meng, YU Yang, LIANG Ying, SHI Hong-zhou. Key Technologies and Development Trends of Big Data Trade Based on Blockchain [J]. Computer Science, 2021, 48(11A): 184-190.
[6] WU Yu-hong and HU Xiang-dong. Study on Security of Industrial Internet Network Transmission [J]. Computer Science, 2020, 47(6A): 360-363.
[7] CHEN Meng-dong, GUO Dong-sheng, XIE Xiang-hui, WU Dong. Design and Implementation of Rule Processor Based on Heterogeneous Computing Platform [J]. Computer Science, 2020, 47(4): 312-317.
[8] CHENG Qing-feng, LI Yu-ting, LI Xing-hua, JIANG Qi. Research on Application of Cryptography Technology for Edge Computing Environment [J]. Computer Science, 2020, 47(11): 10-18.
[9] ZHAO Jiao-jiao, MA Wen-ping, LUO Wei, LIU Xiao-xue. Hierarchical Hybrid Authentication Model Based on Key Sharing [J]. Computer Science, 2019, 46(2): 115-119.
[10] HUANG Guo-rui, GUO Kang, WANG Shi-gui, JIANG Jin-bo. Design and Implementation ofHandheld Data Acquisition Terminal [J]. Computer Science, 2019, 46(11A): 567-569.
[11] YIN Qiu-shi, CHEN Jian-hua. Improved Identity Authentication Protocol Based on Elliptic Curve Cryptographyin Multi-server Environment [J]. Computer Science, 2018, 45(6): 111-116.
[12] ZHANG Shu-nan, CAI Ying, FAN Yan-fang, XIA Hong-ke. Chinese Data Encryption Scheme of Efficient Ciphertext Retrieving in Cloud Storage [J]. Computer Science, 2018, 45(6): 124-129.
[13] YANG Dong-ju and FENG Kai. Distributed and Unified Authentication Optimization Mechanism Based on Cache [J]. Computer Science, 2018, 45(3): 300-304.
[14] ZHOU Chang-chun, TIAN Xiao-li, ZHANG Ning, YANG Yun-jun and LI Duo. Research on Identity Authentication Technology in Cloud Computing [J]. Computer Science, 2016, 43(Z6): 339-341.
[15] XU Tai-zhong, YANG Tian-chi, CHENG Juan and SHAO Qi-feng. Design Method of SRAM-PUF Based on Error Correcting Code Fuzzy Extractor [J]. Computer Science, 2016, 43(Z11): 373-376.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.