The rapid adoption of IoT technologies in both residential and industrial environments has made lightweight communication protocols such as Message Queuing Telemetry Transport (MQTT). However, MQTT’s native authentication mechanisms, based on static credentials, remain vulnerable to attacks such as credential theft, replay, and denial of service. In this paper, we propose a hybrid secure and resilient authentication framework that combines the dynamic properties of One-Time Passwords (OTP) with the decentralized trust and auditability of blockchain-based smart contracts. The proposed system allows each IoT device to generate a session-specific OTP, which is then verified both locally and on-chain, ensuring robust protection against spoofing and tampering. In order to enhance system resilience, a key contribution that distinguishes this blockchain-OTP scheme from prior art is to integrate an autonomous broker failover mechanism. This mechanism enables seamless switching to secondary brokers during failures or attacks. Experimental evaluations conducted on constrained devices (Raspberry Pi 4, ESP32) and a simulated Ethereum blockchain show that the proposed framework achieves strong security guarantees with minimal computational and bandwidth overhead, while remaining compatible with standard MQTT deployments. This approach provides a scalable and tamperproof solution for secure IoT authentication in dynamic and adversarial environments.
IEEE Global Conference on Artificial Intelligence & Internet of Things (IEEE GCAIoT)
2025-11-25
2026-01-14