2020
DOI: 10.3390/s20072002
|View full text |Cite
|
Sign up to set email alerts
|

Securing MQTT by Blockchain-Based OTP Authentication

Abstract: The Internet of Things is constantly capturing interest from modern applications, changing our everyday life and empowering industrial applications. Interaction and the collaboration among smart devices offer new challenges to security since they conflict with economic and energy consumption requirement constraints. On the other hand, the lack of security measures could negatively impact the concrete adoption of this paradigm. This paper focuses on the Message Queuing Telemetry Transport (MQTT) protocol, widel… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
13
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
4
2

Relationship

0
6

Authors

Journals

citations
Cited by 32 publications
(13 citation statements)
references
References 21 publications
0
13
0
Order By: Relevance
“…However, the transmitted information is not encrypted by default, thus enabling potential attackers to listen for communications by intercepting the CONNECT message, thus reading the credentials in clear [17]. In [18], the authentication scheme via One Time Password (OTP) is proposed and combined with the Ethereum blockchain as an external communication channel. The use of such a mechanism requires the addition of some steps during the authentication phase, which, fortunately, do not considerably increase the energy-computational requirements of the IoT devices.…”
Section: Authenticationmentioning
confidence: 99%
See 1 more Smart Citation
“…However, the transmitted information is not encrypted by default, thus enabling potential attackers to listen for communications by intercepting the CONNECT message, thus reading the credentials in clear [17]. In [18], the authentication scheme via One Time Password (OTP) is proposed and combined with the Ethereum blockchain as an external communication channel. The use of such a mechanism requires the addition of some steps during the authentication phase, which, fortunately, do not considerably increase the energy-computational requirements of the IoT devices.…”
Section: Authenticationmentioning
confidence: 99%
“…As demonstrated in [18], the envisioned authentication system satisfies three properties: (i) privacy, which ensures that user's information privacy is preserved throughout the communication flow, exchanging only an Ethereum address with the broker; (ii) not impersonation, which represents the impossibility, by a malicious entity, to impersonate a legitimate one; (iii) accountability, which guarantees the possibility of assigning the responsibility for each action to whom actually carried it out. Hence, such an approach is better than the standard authentication mechanism provided by MQTT and lighter than the TLS-based system, as stated in [18]. However, further analysis should be carried out to measure the actual overhead introduced and, consequently, the gain, in terms of energy and time on a real system.…”
Section: Authenticationmentioning
confidence: 99%
“…Among such threats, we may find user tracking (e.g., obtaining a person’s daily activity history) and user profiling. Cryptography [ 4 , 7 , 8 , 10 , 19 ] and access control [ 3 , 4 , 5 , 19 ] mechanisms are commonly implemented to improve the privacy of the data. However, the identity of the users is not always concealed in such solutions.…”
Section: Background and Motivationmentioning
confidence: 99%
“…In our proposal, MQTT is used as a complementary technology to improve interoperability between constrained IoT devices and the blockchain and reduce computational resource requirements, whereas in the proposal of [ 5 ] blockchain is used as a complementary system to offer a more reliable authorisation and authentication approach, using smart contracts, applied to MQTT. Furthermore, our system’s users are not bound to only a system, but both blockchain and MQTT, since their blockchain addresses are also used to identify them in the MQTT’s authentication and authorisation mechanisms.…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation