Various communication protocols are currently used in the Internet of Things (IoT) devices. One of the protocols that are already standardized by ISO is MQTT protocol (ISO /IEC 20922: 2016). Many IoT developers use this protocol because of its minimal bandwidth requirement and low memory consumption. Sometimes, IoT device sends confidential data that should only be accessed by authorized people or devices.Unfortunately, the MQTT protocol only provides authentication for the security mechanism which, by default, does not encrypt the data in transit thus data privacy, authentication, and data integrity become problems in MQTT implementation.
https://nsconclave.net-square.com/attack-scenarios-and-security-analysis-of-MQTT.html
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Attack scenarios and security analysis of MQT - Bhavya Vimavala
1. || Date - 26-1-2020 || || Venue - Ahmedabad || || Presenter - Bhavya Shah ||
Attack Scenarios And Security Analysis of MQTT
2. MQTT - Message Queuing Telemetry Transport
MQTT is a machine-to-machine
(M2M)/"Internet of Things"
connectivity protocol. It was
designed as an extremely
lightweight publish/subscribe
messaging transport. It is useful
for connections with remote
locations where a small code
footprint is required and/or
network bandwidth is limited.
7. Some Of The Key Features of MQTT
● Facilitates one-to-many communication mediated by brokers
● It has facility to acknowledge the request
● Simple packet formats: binary payloads
● The protocol runs over TCP
15. Topic Hierarchy
Temp
Roof Floor 1 Floor 2
DrawingRoom Room Room Kitchen
Subscribing to the specific
topic:
Temp/Floor1/Room
Temp/Floor1/DrawingRoom
Temp/Floor2/Room
Subscribing to all Room for the
Temp:
Temp/+/Room
Subscribing to all topic of Temp:
Temp/# (wildcard entry)
16. Basic Commands
To run brocker server :
mosquitto
Subscribe for the topic :
mosquitto_sub -t "topicname"
Publish for the topic :
mosquitto_sub -t "topic" -m "message"