Securing MQTT Architecture Using a Blockchain

Abstract

AbstractSince MQTT (Message Queuing Telemetry Transport) protocol is designed for resource-constrained environments, it includes only elementary security measures, which are mainly sufficient for transmitting non-critical data. However, for applications that transmit critical data, it is recommended to add some security measures. Many articles have used blockchain to improve security in the IoT environment; however, most of them neglect that many IoT systems are already functional. It is tough to rebuild the architecture from scratch. This article aims to propose a secured MQTT architecture using blockchain and smart contracts without affecting the overall operation of the MQTT protocol. Instead, it adds some parameters to the standard MQTT messages. The new architecture is based on blockchain and smart contract to control and store the transactions between clients and brokers. It is composed of two phases: The registration phase, where a client asks for a token to use for publishing or receiving data, and the Publishing phase, where the brokers network verifies the validity of the token and the integrity of the data before allowing the client publication. By comparing the current architecture and the improved one, we can conclude that the architecture proposed in this article will improve the security of MQTT protocol by using tokens for authentication, topic key for ensuring data confidentiality, brokers network to avoid a single point of failure and data hash to ensure the integrity of data. Also, the overall operation of the protocol was not affected.KeywordsInternet of thingsMQTTBlockchainSmart contract