A study of secure communication scheme in MQTT: TLS vs AES cryptography

Abstract

The Internet of Things (IoT) technology requires low latency communications. One of the lightweight protocols in the IoT is the MQTT protocol. However, the MQTT protocol is not equipped with the appropriate security mechanism. As a consequence, the MQTT messages are easily eavesdropped and modified by the attackers. This research studies the use of AES cryptography-based communication scheme against the TLS-based communication scheme, which can be used to create end-to-end secure communication channels from the MQTT publishers to the MQTT subscribers. Experimental results show that the TLS-based communication scheme possess the highest cost in terms of communication delay and network cost among all schemes in the experiment. Eventually, the AES-based MQTT communication scheme is more appropriate for IoT environments because of its communication delay and network cost, which are considerably equal to the plaintext-based MQTT communications.