A Lightweight Authentication and Privacy Preservation Scheme for MQTT

Abstract

Message Queuing Telemetry Transport (MQTT) is a protocol commonly used in smart IoT applications. The protocol reduces the resource saturation but does not implement appropriate security mechanisms. There have been attempts to add security features to MQTT; however, they do not take into account the resource-constrained nature of IoT devices. The Cipher-text Policy Attribute-Based Encryption (CP-ABE) scheme provides fine-grained access to topic-related data and adequate data storage on MQTT server. In this work, we propose an Improved CP-ABE (ICP-ABE) scheme integrated with a lightweight symmetric encryption algorithm - PRESENT. The new scheme separates the roles of attribute auditing and key extraction. By using a blind key, MQTT servers verify the identity of sender nodes without knowing the sender's attributes. The PRESENT algorithm is employed in the proposed scheme in order to securely share such blind keys between clients. The efficiency of the scheme is evaluated in terms of throughput, packet delivery ratio, network delay, and execution time.