MQTT has become the de facto standard in the IoT. Although standard MQTT lacks built-in security features, several proposals have been made to address this gap. Unfortunately, no existing proposal aims to offer end-to-end data flow integrity in the threat model of untrusted broker. Consider that, the broker has a privileged role, since it is in the middle of communication between publishers and subscribers. Our paper attempts to bridge this gap by introducing a new protocol called MQTT-I, which achieves end-to-end data flow integrity. Our solution is inspired by approaches based on Merkle Hash Trees, commonly used in the context of outsourced data to guarantee data integrity. Our solution aligns with the specific nature of MQTT, in which: (1) publishers and subscribers dynamically join and leave the system, (2) the decoupling principle holds, meaning that publishers and subscribers do not establish any form of agreement, and (3) data, whose integrity should be protected, are multi-topic streams. Moreover, the proposed solution allows us to find the right balance between performance and security. We perform both theoretical and experimental analysis to demonstrate that the introduced security features come with an acceptable overhead in terms of computational and energy cost.

MQTT-I: Achieving End-to-End Data Flow Integrity in MQTT / Buccafurri, Francesco; De Angelis, Vincenzo; Lazzaro, Sara. - In: IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING. - ISSN 1545-5971. - 21:5(2024), pp. 4717-4734. [10.1109/TDSC.2024.3358630]

MQTT-I: Achieving End-to-End Data Flow Integrity in MQTT

Buccafurri, Francesco
;
De Angelis, Vincenzo;Lazzaro, Sara
2024-01-01

Abstract

MQTT has become the de facto standard in the IoT. Although standard MQTT lacks built-in security features, several proposals have been made to address this gap. Unfortunately, no existing proposal aims to offer end-to-end data flow integrity in the threat model of untrusted broker. Consider that, the broker has a privileged role, since it is in the middle of communication between publishers and subscribers. Our paper attempts to bridge this gap by introducing a new protocol called MQTT-I, which achieves end-to-end data flow integrity. Our solution is inspired by approaches based on Merkle Hash Trees, commonly used in the context of outsourced data to guarantee data integrity. Our solution aligns with the specific nature of MQTT, in which: (1) publishers and subscribers dynamically join and leave the system, (2) the decoupling principle holds, meaning that publishers and subscribers do not establish any form of agreement, and (3) data, whose integrity should be protected, are multi-topic streams. Moreover, the proposed solution allows us to find the right balance between performance and security. We perform both theoretical and experimental analysis to demonstrate that the introduced security features come with an acceptable overhead in terms of computational and energy cost.
2024
Security, Proposals, Protocols, Data Integrity, Threat Modeling, Streams, Standards, MQTT Security, Data Flow Integrity, IoT Security, Merkle Hash Tree, Malicious MQTT Broker
File in questo prodotto:
File Dimensione Formato  
Buccafurri_2024_TDSC_MQTT-I_Post.pdf

accesso aperto

Descrizione: Post-print
Tipologia: Documento in Post-print
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.07 MB
Formato Adobe PDF
1.07 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12318/142287
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 7
  • ???jsp.display-item.citation.isi??? 4
social impact