One of the most used protocols in smart homes is the MQTT protocol. This protocol was developed to answer the issues of limited resources of connected objects by enabling data exchanges between objects in IoT networks. However a huge problem that IoT devices face is security. Due to the sensitive information that is transmitted and stored in IoT devices and the limitation in computational resources (CPU, memory), they are exposed to several security threats. Thus, any compromise happens to these devices, will affect the user. Although the protocol incorporates some security bricks such as pair authentication (username, password), access control lists (ACLs) and SSL/TLS encryption, its implementation in smart home networks presents many vulnerabilities related to the only authentication mechanism it offers. In this paper we propose a dynamic authentication model of the MQTT protocol taking into account the resource limitations of connected objects. This protocol is based on dynamic one-time passwords (OTP). (OTP) dynamic passwords. For the robustness of our authentication algorithm, we exploit the random number generation and processing functions, the key exchange principle and the HMAC-SHA256 hash function.
IEEE Multi-conference on Natural and Engineering Sciences for Sahel's Sustainable Development (MNE3SD)
2023-02-25
2024-09-19