Submit

Login Login

Register Register

Home / Journals / CSSE / Online First / doi:10.32604/csse.2024.056741
Journal Menu
Special Issues
Table of Content

All issues

Online First

2024

2023

2022

2021

2020

2019

2018

Past Issues

Open Access

ARTICLE

Improving Smart Home Security via MQTT: Maximizing Data Privacy and Device Authentication Using Elliptic Curve Cryptography

Zainatul Yushaniza Mohamed Yusoff1, Mohamad Khairi Ishak2,*, Lukman A. B. Rahim3, Mohd Shahrimie Mohd Asaari1
1 School of Electrical and Electronic Engineering, Engineering Campus, Universiti Sains Malaysia, Nibong Tebal, Penang, 14300, Malaysia
2 Department of Electrical and Computer Engineering, College of Engineering and IT, Ajman University, Ajman, 346, United Arab Emirates
3 Faculty of Science and IT, Universiti Teknologi Petronas, Seri Iskandar, Perak, 32610, Malaysia
* Corresponding Author: Mohamad Khairi Ishak. Email: email

Computer Systems Science and Engineering https://doi.org/10.32604/csse.2024.056741

Received 29 July 2024; Accepted 24 September 2024; Published online 16 October 2024

Abstract

The rapid adoption of Internet of Things (IoT) technologies has introduced significant security challenges across the physical, network, and application layers, particularly with the widespread use of the Message Queue Telemetry Transport (MQTT) protocol, which, while efficient in bandwidth consumption, lacks inherent security features, making it vulnerable to various cyber threats. This research addresses these challenges by presenting a secure, lightweight communication proxy that enhances the scalability and security of MQTT-based Internet of Things (IoT) networks. The proposed solution builds upon the Dang-Scheme, a mutual authentication protocol designed explicitly for resource-constrained environments and enhances it using Elliptic Curve Cryptography (ECC). This integration significantly improves device authentication, data confidentiality, and energy efficiency, achieving an 87.68% increase in data confidentiality and up to 77.04% energy savings during publish/subscribe communications in smart homes. The Middleware Broker System dynamically manages transaction keys and session IDs, offering robust defences against common cyber threats like impersonation and brute-force attacks. Penetration testing with tools such as Hydra and Nmap further validated the system’s security, demonstrating its potential to significantly improve the security and efficiency of IoT networks while underscoring the need for ongoing research to combat emerging threats.

Keywords

Smart home; confidentiality; ECC; security; lightweight cryptography; authentication; integrity; efficiency

  • 72

    View

  • 11

    Download

  • 0

    Like

Related articles
Copyright© 2024 Tech Science Press
© 1997-2024 TSP (Henderson, USA) unless otherwise stated

Share Link