Thesis

on
SECURING MQTT PROTOCOL COMMUNICATION FOR THE
INTERNET OF THINGS USING ECC ALGORITHM

By
Gebreegziabher Teklay
Supervisor Captain Dr. Mehari Kiros

Defence University, College of Engineering

1

Bishoftu, Ethiopia
Date: June 29, 2020
 Introduction

Literature Review

Content
Problem Statement

Objectives

Scope of the thesis

Methodology
Results

s
Conclusion
2
 Introduction

 The internet of things

 The Internet of things is one of the top technology for the next generation.
 The internet of things is a system of interrelated computing devices.
 It has the ability to transfer data over a network without requiring
human-to-human or human-to-computer interaction.
 To create world smart environment energy social and economic significance
3
 Cont …

 Application area of IoT

 Transport applications
 Healthcare applications
 Smart home
 Smart city etc.

4
 Features for the internet of things

 supporting machine-to-machine connection.

 UDP binding with optional reliability
 supporting unicast and multicast requests.
 Low header overhead and parsing complexity.
 Simple proxy and caching capabilities.

5
 Challenges for the internet of things

 Privacy and security concerns

 Perceived privacy risks
 Device level
 Network level
 User level
 System level
 Generally IoT uses constrained memory and use battery power
6
 MQTT

MQTT protocol works on top of the TCP/IP or UDP protocol .

 Publish/Subscribe model with center of broker.
Broker is center server stored with specific Topics and routes to subscriber.

Publisher is a client that publishes a message to one or many topic in the broker.
Subscriber is that subscribes to one or many topic in the broker and receives all
the messages sent from the publisher.

It can be implemented for low-cost, battery-operated devices 7

 MQTT advantages
Efficient data transmission and quick to implement due to its being a lightweight
protocol;

Low network usage, due to minimized data packets;

Efficient distribution of data;
Successful implementation of remote sensing and control;
Fast and efficient message delivery;
Usage of small amounts of power, which is good for the connected devices; and
Reduction of network bandwidth 8
 MQTT Competing protocols
Constrained Application Protocol (CoAP) is another protocol well suited for IoT. CoAP
It also uses a request/response communication pattern.
Advanced Message Queuing Protocol (AMQP), like MQTT, uses a publish/subscribe
communication pattern.
Simple/Streaming Text Oriented Messaging Protocol (STOMP) is a text-based protocol.
Mosquitto is an open source MQTT broker.
Simple Media Control Protocol (SMCP) is a CoAP stack that's used in embedded
environments. SMCP It is also C-based.
SSI (Simple Sensor Interface) is a communications protocol for data transfer between a
combination of computers and sensors.
Data Distribution Service (DDS) for real-time systems is a middleware standard that can
9

directly publish or subscribe communications in real time in embedded systems.

 MQTT Publisher,subscriber and broker Architecture communication

publish message
Publisher
Subscriber

publish message

Publisher Subscriber
publish message
publish message

Broker Server Subscriber 10

Publisher
 Objectives

General Objective
 The General objective of this thesis is to design and simulate securing
message queue telemetry transport protocol for the internet of things
using ECC algorithm to secure publisher and subscriber
communication.

11
 Specific Objectives
To implement authentication security using ECC on MQTT protocol for
broker that integrates publisher and subscriber.

To simulate the MQTT protocol of publisher and subscriber.

To evaluate the performance of MQTT in terms of energy consumption,

CPU consumption and communication time.

12
 Scope of the thesis

The proposed thesis is to securing MQTT protocol for the internet

of things communication between publisher and subscriber with
center broker server, so it focused only on upper layer of protocol,
with considers lower layer protocol.

13
 Statement of problem
 Due to the rapid growth of IoT technology may happen vulnerability of security.
In addition to that MQTT protocol itself is not secure between publisher and
subscriber communication without integrate of security protocols. Many
researchers use TLS protocol to secure MQTT protocol communication, but TLS
protocol consumes more power and has low performance since it uses TCP /IP
protocol. So, to solve the above problem we propose MQTT broker between
publisher and subscriber for the purpose of authentication and also we use ECC
algorithm in order to provide authentication and key exchange between
publisher and subscriber communication. By using UDP protocol we can reduce
power and increase performance.( If it is possible write in short statement) 14
Literature survey

15
 Methodology

 MQTT protocol communication Publisher, Subscriber and broker.

MQTT uses publisher and subscriber to connect interested parties .

The sender publisher connect with receiver subscriber by broker.

Publisher sends message to central server or broker with topic name .
Subscriber receive message from the central server broker .
6LBR is a deployment ready platform for interconnecting IP and 6LoWPAN.
16
 Cont …

17
The General flow chart of proposed system
 ECC Encryption and Decryption
 elliptic-curve based public-key encryption / decryption asymmetric
encryption scheme based on ECC.
ECC cryptography, ECDH key exchange .
ECC private-public key pair.
We want to encrypt and decrypt data using these keys.
ECDH (Elliptic Curve Diffie–Hellman) key exchange scheme to derive a
shared secret key for symmetric data encryption and decryption.
ECC-Based Secret Key Derivation (using ECDH)
18
 cont…

Some key features of ECC

ECC uses a shorter encryption key.
It provides same level of security strength like RSA but uses much shorter key
length than RSA.

It uses public key and private key for each node.
Most suitable for wireless devices with limited memory and computing power.

19
 cont …
Some key advantage of ECC
The shorter ECC key is faster.
Due to the use of a key with a shorter length, the generated cipher texts
and signatures are also smaller.

It requires less computational power in comparison to other asymmetric

encryption methods such as RSA.
20
 ECDSA SIGNATURE GENERATION AND VERIFICATION

Public key encryption algorithms such as elliptic curve cryptography

(ECC)and elliptic curve. Digital signature algorithm (ECDSA): Elliptic
Curve Digital Signature Algorithm is based on the elliptic curve
cryptography and it has important differences in comparison to the Digital
Signature Algorithm (DSA).
Generally, here is how the ECDSA key generation algorithm works; a
random number generator is started and when its operation is completed,
delivers the numeric value that becomes the private key d.

21
FLOW CHART FOR ELLIPTIC CURVE SIGNATURE GENERATION

22
 MQTT PROTOCOL COMMUNICATION FOR THE IOT

6LBR(Border Router)
6LBR(Border Router) 6LBR we used as a Border Router (BR) with a broker and
Mote devices (WSN nodes) as clients running on Local Area Network (LAN). A Border

Router is used to connect the 6LowPAN devices with the IPv6 network.

6LoWPALN IPv6 over Low power Wireless Person Network, with the concept
originated that low-power devices with limited processing capabilities should be able to

participate in the IoT and the need of IP address were important for the appropriate

function of those devices. 23

 Cont …
UDP
 User Datagram Protocol (UDP) is similarly a communication
protocol that is used to transmit data between nodes.
It is a connectionless protocol.
UDP does not need to establish any connection between sender and
receiver before user data transmission.

24
 Cont…

 Quality of Service (QoS) that defines how the messages are delivered
between nodes .
QoS 0: bBroker or client delivers the message once without any
confirmation.
 QoS 1: bBroker or client delivers the message with confirmation at least
once.
 QoS 2: bBroker or client delivers the message with four-step handshaking
exactly once. 25
 SIMULATION TOOLS
Contiki OS
Contiki is an open source operating system for the Internet of Things.
It connects tiny low-cost, low-power microcontrollers to the Internet.
Contiki is a powerful toolbox for building complex wireless systems and
provides powerful low-power Internet communication.

Contiki it supports fully standard IPv6 and IPv4, along with the recent
low-power wireless standards: 6loWPAN, MQTT ,RPL and CoAP.
26
 cont…
Cooja Simulator:
Cooja network Simulator Contiki is operating system for networked
memory constrained system with a focus one cooja simulation.
 Cooja simulator is a network simulator specifically designed for wirles
sensor networks.
Cooja is a java based simulator provided with Contiki to test the
applications in simulator prepared for different motes.
Cooja simulation allows of different levels from physical to application
layer. 27
 cont…


MSP430 microcontroller


is designed for low cost and low power consumption compiler.


Installing the msp430-gcc version 4.7 needed for the compiler required commands to

download and install are


$ sudo apt-get update


$ sudo apt-get install gcc-arm-none-eabi gdb-arm-none-eabi


$ sudo apt-get -y install build-essential automake gettext


$ sudo apt-get -y install gcc-arm-none-eabi curl graphviz


$ sudo apt-get -y install gcc gcc-msp430
28
 Implementation of MQTT Protocol communication for the IoT

MQTT protocol communication for the IoT implementation we used a Z1 motes

devise connect with 6LBR border router IPv6 address.
Contiki operating system open source OS for the IoT low cost, low power, and low
memory.
Mote devices that are severely constrained in memory power processing power and
communication bandwidth.
 We used the IPv6 address of the border router as a connection of Global and local.
 All MQTT protocol communication publisher, subscriber are connected to the
broker.

29
MQTT Protocol Cooja contiki network simulators output

30
 Results
 MQTT protocol communication for the Internet of things
includes Simulation result of proposed system architecture and
WSN nodes neighbors of 6LBR
 MQTT pulisher,subscriber and broker communications, the
performance of energy consumption (power consumption),
performance analysis of memory allocation (i.e. memory) and
validation of the simulation results.

31
energy consumption

32
cont …

33
CPU consumption

34
Cont…

35
computational time

36
Cont…

37
 Conclusion
We have introduced the security in MQTT communication for Internet of Things.
The proposed security mechanisms were evaluated experimentally considering three
main aspects: the impact of such mechanisms on the power consumption of sensing
devices, CPU consumption and Computational time.
We consider such three aspects to be fundamental in evaluating the effectiveness of any
proposal on security for constrained wireless sensing platforms.
The research solutions described in this paper provide benefits in respect to the efficient
support of ECC authentication and key agreement, and also contribute to promote the
security of LoWPAN devices and internet host communications.
 As verified with our experimental evaluation, when employing current sensing
platforms the delegation of costly ECC computations to a more powerful device 3.8
 Future work

IoT technologies such as sensor and RFID make our life becomes more
comfortable and easier.
The Importance of security in the IoT sector is dramatically rising along with the
rapid progression of the underlying industry.
The vision of IoT is not only limited to make our lives easier but also to ensure
safety benefits for the end-users.
In the feature is supporting multiple border routers in larger 6LoWPAN networks.
This presents a challenge for stateful filtering rules which would need to share
their state between each 6LoWPAN border router 39
THANK YOU !!!!!

40