IIUM Repository

Implementation of SSL/TLS security with MQTT protocol in IoT environment

Mohd Paris, Iqbal Luqman and Habaebi, Mohamed Hadi and Zyoud, Alhareth Mohammed (2023) Implementation of SSL/TLS security with MQTT protocol in IoT environment. Wireless Personal Communications, 132 (1). pp. 163-182. ISSN 0929-6212 E-ISSN 1572-834X

[img] PDF (Journal) - Published Version
Restricted to Repository staff only

Download (1MB) | Request a copy
PDF (Scopus) - Supplemental Material
Download (160kB) | Preview


Internet of Things (IoT) is the interconnection of devices with the internet to deliver its tasks. Nowadays, security is the main concern relating to these devices. Low in power storage, low in processing capabilities and low in data storage make it hard to provide a strong set of security protocols to protect the vulnerable devices “things”. Having internet as its backbone, allows the devices to communicate seamlessly. However, without any form of protection, it would open the door for hackers or middleman to hijack the connection, steal data and sabotage the information. In this paper, Secure Socket Layer and Transport Layer Security (SSL/TLS) protocol is implemented on top of Message Queuing Telemetry Transport (MQTT) IoT application protocol and the performance of the network is evaluated and analyzed in a typical IoT testbed comprising Raspberry Pi4 and ESP32 nodes. This work focuses on energy consumption, generated overhead, system complexity and required data storage resources. Experimental results of stress testing the system indicates that SSL/TLS encryption, operating with MQTT Quality of Service (QoS) level 2, while increasing the traffic rate 3.5 orders of magnitude yields more than two thousand times the amount of overhead generated and results in 73.25 J of consumed energy. Whereas operating without the SSL/TLS encryption under the same stress testing conditions yields only 140 times the amount of overhead generated and results in a mere 18.76 J of consumed energy. This difference of 4 folds on consumed energy indicates that the SSL/TLS -enabled node battery can only last a quarter of the lifespan of the TLS-free node and concluding the SSL/TLS encryption is not a viable solution for battery-operated IoT nodes.

Item Type: Article (Journal)
Uncontrolled Keywords: IoT; Protocols; MQTT; TLS/SSL; Security; Performance analysis; Energy harvesting
Subjects: T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK7800 Electronics. Computer engineering. Computer hardware. Photoelectronic devices
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button): Kulliyyah of Engineering
Kulliyyah of Engineering > Department of Electrical and Computer Engineering
Depositing User: Dr. Mohamed Hadi Habaebi
Date Deposited: 26 Jul 2023 11:14
Last Modified: 12 Oct 2023 14:43
URI: http://irep.iium.edu.my/id/eprint/105133

Actions (login required)

View Item View Item


Downloads per month over past year