MQTT (Message Queue Telemetry Transport) is one of the most popular Internet of Things (IoT) communication protocols, owing to its lightweight and easiness to use. The previous MQTT standards (including version 3.1 and its precedents) do not provide proper security functions; instead, they assume the adoption of SSL/TLS in the underlying layer. However, it not only incurs larger overhead but also hinders the development of suitable authentication/confidentiality protection to suit various MQTT deployment scenarios. The newest MQTT standard called MQTT 5.0 responds to these challenges by supporting the Enhanced Authentication framework in which designers can design and implement any secure authentication mechanisms within the framework.
This paper designs and implements two efficient authentication protocols, using the MQTT 5.0 Enhanced Authentication framework. One is simple challenge-response authentication scheme, and the other is an anonymous challenge-response authentication scheme. We extend HiveMQ platform to implement the schemes and evaluate the performance. The results show that the proposed schemes demand only hundred few more milliseconds to achieve much robust authentication, compared to the simple identity-password authentication.

Internet of Things, MQTT, Authentication, Challenge and response, Anonymity