<p>The Message Queuing Telemetry Transport (MQTT) protocol has become a de-facto standard for lightweight communication in the Internet of Things. However, the standard MQTT lacks built-in security mechanisms for authentication and end-to-end data protection. Existing research has enhanced MQTT security via TLS, reliance on trusted authorities, and lightweight cryptographic extensions, but these approaches suffer from significant computational overhead, heavy reliance on trusted Brokers, and poor scalability in resource-constrained environments. Accordingly, this paper proposes MQTT-L, a lightweight end-to-end secure protocol designed for resource-constrained devices. MQTT-L introduces salt-driven renewable one-way hash chains to achieve lightweight Client-to-Broker authentication and fast reconnection. Furthermore, a key agreement mechanism based on extended Chebyshev chaotic maps is designed to establish end-to-end session keys, and the ChaCha20-Poly1305 cipher is integrated into MQTT-L to ensure the confidentiality and integrity of end-to-end messages. To verify the security and authentication properties of MQTT-L, we utilize the well-known ProVerif tool for formal security verification and further prove its security informally. Finally, performance evaluations, including theoretical analysis, and experimental evaluations conducted on a Mosquitto MQTT Broker testbed, demonstrate the superiority of MQTT-L over existing schemes and TLS-MQTT.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

MQTT-L: a lightweight end-to-end secure protocol with renewable hash chains for IoT environments

  • Chengzhi Yu,
  • Menglong Qi,
  • Han Luo,
  • Jie Tian,
  • Jintian Lu

摘要

The Message Queuing Telemetry Transport (MQTT) protocol has become a de-facto standard for lightweight communication in the Internet of Things. However, the standard MQTT lacks built-in security mechanisms for authentication and end-to-end data protection. Existing research has enhanced MQTT security via TLS, reliance on trusted authorities, and lightweight cryptographic extensions, but these approaches suffer from significant computational overhead, heavy reliance on trusted Brokers, and poor scalability in resource-constrained environments. Accordingly, this paper proposes MQTT-L, a lightweight end-to-end secure protocol designed for resource-constrained devices. MQTT-L introduces salt-driven renewable one-way hash chains to achieve lightweight Client-to-Broker authentication and fast reconnection. Furthermore, a key agreement mechanism based on extended Chebyshev chaotic maps is designed to establish end-to-end session keys, and the ChaCha20-Poly1305 cipher is integrated into MQTT-L to ensure the confidentiality and integrity of end-to-end messages. To verify the security and authentication properties of MQTT-L, we utilize the well-known ProVerif tool for formal security verification and further prove its security informally. Finally, performance evaluations, including theoretical analysis, and experimental evaluations conducted on a Mosquitto MQTT Broker testbed, demonstrate the superiority of MQTT-L over existing schemes and TLS-MQTT.