Lightweight Security Scheme for MQTT/MQTT-SN Protocol

In the coming years, sensors will likely have a permeated every aspect of our life. Several works explain how the Internet of things (IoT) will have an impact on almost all aspects of our life and why security is at the top of the list of IoT challenges. Constrained nodes constitute a significant portion of devices in IoT. These nodes are characterized by severe constraints on power, memory, and processing resources, therefore, do not support conventional security protocols such as Transport Layer Security (TLS). Message Queue Telemetry Transport (MQTT) is a lightweight communication protocol particularly adapted for constrained nodes. Security solution, in MQTT protocol, can be achieved in multiple layers. To ensure end-to-end encryption, Authenticated Encryption with Associated Data (AEAD) is one of the most recommended solutions. Actually, the Advanced Encryption Standard (AES) is one of the most widely used standard encryption methods. However, constrained nodes processors did not have hardware support for AES and the physical-layer packet size of these nodes is limited. This paper proposes ChaCha20-Poly1305 AEAD as a solution to secure constrained nodes communication over MQTT/MQTT-SN. ChaCha20 and Poly1305 are respectively lightweight stream cipher and one-time authenticator which continue gain popularity from crypto community. A prototype of the proposed solution is implemented on constrained nodes like Arduino UNO. The paper mainly provides results related to memory footprint and execution time. These results indicate that the proposed scheme requires small amount of memory and present low processing time.