Lightweight Security Mechanism over MQTT Protocol for IoT Devices

Amanlou, Sanaz; Bakar, Khairul Azmi Abu

doi:10.14569/ijacsa.2020.0110726

Cited by 11 publications

(5 citation statements)

References 28 publications

(20 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Performance evaluation of the proposed scheme revealed a low memory requirement and low processing time. In [ 30 ], the authors presented a lightweight authentication and encryption mechanism based on ECDHE-PSK (Elliptic Curve Diffie–Hellman Ephemeral)-(Pre-Shared Key) for IoT-constrained devices. The proposed security mechanism outperforms the ECDHE-ECDSA in all performance evaluation tests.…”

Section: Materials and Methodsmentioning

confidence: 99%

A Secure IoT-Based Irrigation System for Precision Agriculture Using the Expeditious Cipher

Fathy

Ali²

2023

Sensors

View full text Add to dashboard Cite

Due to the recent advances in the domain of smart agriculture as a result of integrating traditional agriculture and the latest information technologies including the Internet of Things (IoT), cloud computing, and artificial intelligence (AI), there is an urgent need to address the information security-related issues and challenges in this field. In this article, we propose the integration of lightweight cryptography techniques into the IoT ecosystem for smart agriculture to meet the requirements of resource-constrained IoT devices. Moreover, we investigate the adoption of a lightweight encryption protocol, namely, the Expeditious Cipher (X-cipher), to create a secure channel between the sensing layer and the broker in the Message Queue Telemetry Transport (MQTT) protocol as well as a secure channel between the broker and its subscribers. Our case study focuses on smart irrigation systems, and the MQTT protocol is deployed as the application messaging protocol in these systems. Smart irrigation strives to decrease the misuse of natural resources by enhancing the efficiency of agricultural irrigation. This secure channel is utilized to eliminate the main security threat in precision agriculture by protecting sensors’ published data from eavesdropping and theft, as well as from unauthorized changes to sensitive data that can negatively impact crops’ development. In addition, the secure channel protects the irrigation decisions made by the data analytics (DA) entity regarding the irrigation time and the quantity of water that is returned to actuators from any alteration. Performance evaluation of our chosen lightweight encryption protocol revealed an improvement in terms of power consumption, execution time, and required memory usage when compared with the Advanced Encryption Standard (AES). Moreover, the selected lightweight encryption protocol outperforms the PRESENT lightweight encryption protocol in terms of throughput and memory usage.

show abstract

Section: Materials and Methodsmentioning

confidence: 99%

A Secure IoT-Based Irrigation System for Precision Agriculture Using the Expeditious Cipher

Fathy

Ali²

2023

Sensors

View full text Add to dashboard Cite

show abstract

“…The author in [ 13 ] in the realm of fog computing contributes a valuable lightweight authentication scheme tailored for resource-constrained IoT devices and fog gateways. On the other hand, pre-shared key (PSK) authentication methods have been proposed as a solution for low-resource devices, although they have faced questions about their security robustness [ 14 ]. That study introduced an innovative approach by combining the Elliptic Curve Diffie–Hellman Ephemeral (ECDHE) key exchange algorithm with PSK authentication within a Message Queuing Telemetry Transport (MQTT) publish–subscribe framework in the context of distributed fog computing.…”

Section: Introductionmentioning

confidence: 99%

Publish/Subscribe Method for Real-Time Data Processing in Massive IoT Leveraging Blockchain for Secured Storage

Ataei,

Eghmazi,

Shakerian

et al. 2023

Sensors

View full text Add to dashboard Cite

In the Internet of Things (IoT) era, the surge in Machine-Type Devices (MTDs) has introduced Massive IoT (MIoT), opening new horizons in the world of connected devices. However, such proliferation presents challenges, especially in storing and analyzing massive, heterogeneous data streams in real time. In order to manage Massive IoT data streams, we utilize analytical database software such as Apache Druid version 28.0.0 that excels in real-time data processing. Our approach relies on a publish/subscribe mechanism, where device-generated data are relayed to a dedicated broker, effectively functioning as a separate server. This broker enables any application to subscribe to the dataset, promoting a dynamic and responsive data ecosystem. At the core of our data transmission infrastructure lies Apache Kafka version 3.6.1, renowned for its exceptional data flow management performance. Kafka efficiently bridges the gap between MIoT sensors and brokers, enabling parallel clusters of brokers that lead to more scalability. In our pursuit of uninterrupted connectivity, we incorporate a fail-safe mechanism with two Software-Defined Radios (SDR) called Nutaq PicoLTE Release 1.5 within our model. This strategic redundancy enhances data transmission availability, safeguarding against connectivity disruptions. Furthermore, to enhance the data repository security, we utilize blockchain technology, specifically Hyperledger Fabric, known for its high-performance attributes, ensuring data integrity, immutability, and security. Our latency results demonstrate that our platform effectively reduces latency for 100,000 devices, qualifying as an MIoT, to less than 25 milliseconds. Furthermore, our findings on blockchain performance underscore our model as a secure platform, achieving over 800 Transactions Per Second in a dataset comprising 14,000 transactions, thereby demonstrating its high efficiency.

show abstract

“…The TLS protocol is a commonly used safe connection protocol used to safe communication and protect the exchanged data between devices and ensure the authenticity and integrity of these data. There are two main protocols for the TLS: The first is the TLS handshake protocol, and the second is the TLS record protocol [18]. The TLS handshake protocol is responsible for the authentication and key exchange to create a secure session between the system's devices.…”

Section: Introductionmentioning

confidence: 99%

“…The TLS_ECDHE is quick than TLS_RSA. Also, TLS_ECDHE has less power consumption and better performance than other algorithms DHE, RSA, and ECDH [18]. c) Rivest-shamir-adleman (RSA) authentication algorithm RSA is a widely used asymmetric encryption algorithm and considered one of the most secure encryption algorithms because it uses two keys, the public key for messages encryption and the private key for decryption.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Developed security and privacy algorithms for cyber physical system

Khudhur

Croock

2021

IJECE

View full text Add to dashboard Cite

Cyber-physical system (CPS) is a modern technology in the cyber world, and it integrates with wireless sensor network (WSN). This system is widely used in many applications such as a smart city, greenhouse, healthcare, and power grid. Therefore, the data security and integrity are necessary to ensure the highest level of protection and performance for such systems. In this paper, two sides security system for cyber-physical level is proposed to obtain security, privacy, and integrity. The first side is applied the secure sockets layer (SSL)/transport layer security (TLS) encryption protocol with the internet of things (IoT) based message queuing telemetry transport (MQTT) protocol to secure the connection and encrypt the data exchange between the system's parties. The second side proposes an algorithm to detect and prevent a denial of service (DoS) attack (hypertext transfer protocol (HTTP) post request) on a Web server. The experiment results show the superior performance of the proposed method to secure the CPS by detecting and preventing the cyber-attacks, which infect the Web servers. They also prove the implementation of security, privacy and integrity aspects on the CPS.

show abstract

Lightweight Security Mechanism over MQTT Protocol for IoT Devices

Cited by 11 publications

References 28 publications

A Secure IoT-Based Irrigation System for Precision Agriculture Using the Expeditious Cipher

A Secure IoT-Based Irrigation System for Precision Agriculture Using the Expeditious Cipher

Publish/Subscribe Method for Real-Time Data Processing in Massive IoT Leveraging Blockchain for Secured Storage

Developed security and privacy algorithms for cyber physical system

Contact Info

Product

Resources

About