scholarly journals Implementation of Event-Based Dynamic Authentication on MQTT Protocol

2019 ◽  
Vol 15 (2) ◽  
Author(s):  
Rizka Reza Pahlevi ◽  
Parman Sukarno ◽  
Bayu Erfianto
Keyword(s):  
Mutual Authentication ◽  
Transport Layer ◽  
Authentication Mechanism ◽  
Security Attack ◽  
Transport Layer Security ◽  
Data Memory ◽  
Authentication Security ◽  
Event Based ◽  
Registration Phase ◽  
Dynamic Authentication

This paper proposes an authentication mechanism on the MQ Telemetry Transport (MQTT) protocol. The exchange of data in the IoT system became an important activity. The MQTT protocol is a fast and lightweight communication protocol for IoT. One of the problems with the MQTT protocol is that there is no security mechanism in the initial setup. One security attack may occur during the client registration phase. The client registration phase has a vulnerability to accept false clients due to the absence of an authentication mechanism. An authentication mechanism has been previously made using Transport Layer Security (TLS). However, the TLS mechanism consumes more than 100 KB of data memory and is not suitable for devices that have limitations. Therefore, a suitable authentication mechanism for constraint devices is required. This paper proposes a protocol for authentication mechanisms using dynamic and event-based authentication for the MQTT protocol. The eventbased is used to reduce the computing burden of constraint devices. Dynamic usage is intended to provide different authentication properties for each session so that it can improve authentication security. As results, the applied of the event-based dynamic authentication protocol was successful in the constraint devices of  microcontrollers and broker. The microcontroller, as a client, is able to process the proposed protocol. The client uses 52% of the memory for the proposed protocol and only consumes 2% higher than the protocol without security. The broker can find authentic clients and constraint devices capable of computing to carry out mutual authentication processes to clients. The broker uses a maximum of 4.3 MB of real memory and a maximum CPU usage of 3.7%.

scholarly journals MEAP, modified EAP protocol for WLAN authentication

2021 ◽  
Author(s):  
Xiaoying Guo
Keyword(s):  
User Authentication ◽  
Mutual Authentication ◽  
Access Point ◽  
Local Area ◽  
Transport Layer ◽  
Security Measures ◽  
Data Packets ◽  
Security Guards ◽  
Security Issues ◽  
Authentication Mechanism

Wireless networking is becoming increasingly popular. However, the use of Wireless Local Area Networks (WLAN) also creates many security issues that do not exist in a wired world. WLAN connection no longer requires cable. Instead, data packets are sent on the air and are available to anyone with the ability to intercept and decode them. Traditional physical security measures like firewalls and security guards are less efficient in this new domain. The IEEE has organized the 802.11i Task Group to address 802.11 security. To solve the user authentication problem, it adopted 802.1x standard. The standard relies on Extensible Authentication Protocol (EAP) to provide the authentication function. However, after the basic EAP authentication process, the Access Point (AP) still needs to be authenticated by the client. In order to implement mutual authentication, Protected EAP (PEAP), EAP-Transport Layer Security (TLS), EAP-Tunneled TLS (TTLS) or other variants of EAP are developed. But some [are] still weak in the authentication procedure. In this thesis, a new authentication mechanism called Modified EAP (MEAP) is proposed. MEAP is based on PEAP. MEAP adds a TLS layer on top of EAP, and then uses the resulting TLS session as a tunnel to protect the later Simple Password-authenticated Exponential Key Exchange (SPEKE), which is a strong password method. MEAP can provide mutual authentication to satisfy strong authentication requirements in WLAN.

scholarly journals MEAP, modified EAP protocol for WLAN authentication

2021 ◽  
Author(s):  
Xiaoying Guo
Keyword(s):  
User Authentication ◽  
Mutual Authentication ◽  
Access Point ◽  
Local Area ◽  
Transport Layer ◽  
Security Measures ◽  
Data Packets ◽  
Security Guards ◽  
Security Issues ◽  
Authentication Mechanism

Wireless networking is becoming increasingly popular. However, the use of Wireless Local Area Networks (WLAN) also creates many security issues that do not exist in a wired world. WLAN connection no longer requires cable. Instead, data packets are sent on the air and are available to anyone with the ability to intercept and decode them. Traditional physical security measures like firewalls and security guards are less efficient in this new domain. The IEEE has organized the 802.11i Task Group to address 802.11 security. To solve the user authentication problem, it adopted 802.1x standard. The standard relies on Extensible Authentication Protocol (EAP) to provide the authentication function. However, after the basic EAP authentication process, the Access Point (AP) still needs to be authenticated by the client. In order to implement mutual authentication, Protected EAP (PEAP), EAP-Transport Layer Security (TLS), EAP-Tunneled TLS (TTLS) or other variants of EAP are developed. But some [are] still weak in the authentication procedure. In this thesis, a new authentication mechanism called Modified EAP (MEAP) is proposed. MEAP is based on PEAP. MEAP adds a TLS layer on top of EAP, and then uses the resulting TLS session as a tunnel to protect the later Simple Password-authenticated Exponential Key Exchange (SPEKE), which is a strong password method. MEAP can provide mutual authentication to satisfy strong authentication requirements in WLAN.

ChaCha20-Poly1305 Crypto Core Compatible with Transport Layer Security 1.3

2021 ◽  
Author(s):  
Ronaldo Serrano ◽  
Ckristian Duran ◽  
Trong-Thuc Hoang ◽  
Marco Sarmiento ◽  
Akira Tsukamoto ◽  
...  
Keyword(s):  
Transport Layer ◽  
Transport Layer Security

scholarly journals Boosting Authentication Security by Building Strong Password and Individualizing Easy to Remember Techniques

2016 ◽  
Vol 2 (3) ◽  
pp. 520
Author(s):  
Nooruldeen Nasih Qader
Keyword(s):  
Information Security ◽  
The Other ◽  
Secure Systems ◽  
Authentication Mechanism ◽  
Other Hand ◽  
Similar Strategy ◽  
Authentication Security

Newly released researches disclose the need of canceling the incorrect opinion; security by Password (PW) is dead and proves that these believe has been hurtful. Moreover, recommended a campaign prioritize strategies of building PW. Considering the PW features such as costless, maturity and vast experiences, and usability PW continues to be the most used options in Information Security (IS), it is furthermore, consider most challengers to researchers and really needs further boosting. PWs control authentication mechanism of IS, requiring that individuals choose strong PW. The best advice to protect from hackers is randomly generating unique PW for every site and service, to apply this advice we need more techniques of easy to remember and hard to guess. This study proposed a bunch of easy to remember techniques for building a strong PW. Also, it exhibited the importance of similar strategy despite existing of many helpful PW managers. On the other hand, this paper compiled and analyzed today’s data regarding authenticating secure systems via PW. Analyzed data showed some of common weakness in PW selection. Moreover, gathered information and evaluated data indicated the need of boosting PW. Proposed techniques and solutions enable individuals to select appropriate PW easily.

scholarly journals Implementasi dan Analisis Fitur Keamanan Protokol MQTT pada Telehealthcare

JoTI ◽  
2020 ◽  
Vol 2 (2) ◽  
pp. 12-23
Author(s):  
Dian Rachmadini ◽  
Ira Puspasari ◽  
Jusak
Keyword(s):  
Cross Correlation ◽  
Transport Layer ◽  
Transport Layer Security

Protokol MQTT merupakan salah satu protokol IoT dengan konsep publisher, subscriber, dan broker. Penerapan protokol MQTT dengan fitur keamanan dapat menggunakan Transport Layer Security (TLS). Pada makalah ini, fitur keamanan TLS pada MQTT akan diimplementasikan untuk mengirim data sinyal EKG. Sinyal EKG berbeda setiap orang dan merupakan privasi bagi pasien, karena dari sinyal EKG ini juga dapat digunakan untuk melihat penyakit pasien tersebut. Proses transmisi pada MQTT Security (MQTTS) akan menggunakan file kunci yang telah dibuat oleh broker. File kunci ini akan diberikan kepada client supaya bisa melakukan komunikasi, mengirim dan menerima data yang telah terenkripsi. Enkripsi data dilakukan karena adanya file kunci ini sehingga proses transmisi lebih aman. Hasil analisis perhitungan selisih besar paket sebelum dan setelah pengiriman pada QoS 0 adalah 152,6458 byte dan 139,4504 byte. Sedangkan QoS 1 sebesar 99,7932 byte dan 115,5321 byte. Kedua QoS menunjukkan selisih yang cukup besar, tetapi disisi lain pegiriman data menjadi lebih aman. Pada pengujian waktu yang diperlukan untuk proses enkripsi, QoS 0 menghasilkan waktu rata-rata 0,7 ms, QoS 1 menunjukkan hasil lebih lama yaitu 9,6 ms   dikarenakan penambahan sinyal kontrol pada QoS 1. Hasil uji integritas data dengan cross-correlation , QoS 0 dan QoS 1 menunjukkan nilai 1 pada lag ke-0 yang artinya data yang dikirim dan diterima tidak terdapat perubahan (sama).

Sign in / Sign up

Export Citation Format

Share Document