Design And Research Of Secure Data Transmission Schemes Based On MQTT

With the rapid development of cutting-edge techniques,the Internet of Things(Io T),big data,and artificial intelligence(AI)are merging and deeply interconnected.Io T has fully integrated into every aspect of our lives,work,and social development.Currently,the most widely used and mainstream protocol for Io T is MQTT,which has inherent advantages of low cost and low bandwidth,enabling a massive number of Io T devices to access the network.However,for the secure development of Io T,many researchers have proposed solutions to design secure algorithms starting from MQTT.There are concerns that some proposed encryption algorithms rely too heavily on copying existing algorithms and place excessive demands on device resources,making it difficult to fully reflect the advantages of the MQTT protocol.This thesis proposes a secure data transmission scheme based on MQTT,which includes authentication connection,authorized access control,and data encryption transmission.The solution mainly includes the following three aspects: Use the lightweight AugPAKE protocol to implement client and MQTT Broker proxy authentication connection.Combine the OAuth2.0protocol with the MQTT protocol to specify different client trust levels and set the scope of topic access,thereby achieving access control for communication topics.Propose three MQTT protocols with data encryption protection,called the MQTT-SE scheme,which can meet the requirements of authentication and data encryption transmission simultaneously。The secure data transmission solution proposed in this thesis has three characteristics:(1)The lightweight AugPAKE protocol is used for authentication,reducing the number of connection handshakes and the communication and storage costs.This protocol is friendly to lightweight devices.(2)Combining OAuth2.0 with the characteristics of the MQTT protocol can ensure the confidentiality and privacy of specific topics.(3)However,some restricted devices may not be able to implement the AugPAKE and OAuth2.0 protocols well.Therefore,three new MQTT-SE scheme are proposed as security supplements,including symmetric encryption-based MQTT-SE scheme,public key-based MQTT-SE scheme,and two-way authentication MQTT-SE scheme based on public key certificates.These schemes can all achieve authentication between the client and proxy server,as well as secure data transmission.Different algorithms can be used according to specific device scenarios to achieve high-performance secure encryption transmission of MQTT in low-efficiency environments.