OWASP MQTT Guide

The primary objective of our project is to develop robust countermeasures to mitigate the security concerns of the MQTT (Message Queuing Telemetry Transport) protocol, ensuring secure and reliable communication between IoT devices. The MQTT protocol is susceptible to several security risks, and our approach focuses on addressing the most critical threats. This prevents attackers from reading sensitive information even if they intercept the data. MQTT lacks a message integrity verification mechanism, making it vulnerable to data tampering. To counter this, we will be working on message hashing techniques, where cryptographic hash functions will be used to verify message integrity and will add a hardware level identity check modules also we are thinking about hardware level programs for tamper prevention on the cryptography processing chips on low compute devices.MQTT topics are string-based and lack enforced validation, allowing attackers to inject malicious payloads into topic names.To prevent topic hijacking, it is crucial to validate topic names and restrict wildcard usage. This will prevent attackers from publishing malicious messages under unauthorized topics.The broker will validate message hashes and reject any altered or corrupted data, ensuring that only authentic messages are processed.There is a lack of control and authorization within the MQTT protocol. By implementing role-based access control (RBAC) and topic permissions, we establish a structured mechanism to regulate access. Our solution leverages Access Control Lists (ACLs) to define permissions for publishing and subscribing to topics. This approach ensures that only authorized entities can interact with specific topics, effectively preventing unauthorized data manipulation.Another significant vulnerability is plaintext communication, where data transmitted between the client and the broker remains unencrypted, making it susceptible to interception and unauthorized access.To address this, we will be working on TLS/SSL encryption, which ensures that all communication is securely encrypted.By implementing these security enhancements, our project aims to fortify MQTT-based communication, protecting IoT ecosystems from potential cyber threats and ensuring a secure, reliable, and tamper-resistant messaging environment.

Road Map

Our project roadmap will begin with the development of an MQTT server using Node.js on an Ubuntu environment and the source code of the server will be available on github at initial release. To demonstrate real-world applicability, let’s consider an Arduino Uno R3 with a temperature sensor to collect temperature data and transmit it to the broker/server via the MQTT protocol. During this process, there will be a possible chance of potential security vulnerabilities like lack of data integrity, where transmitted data can be tampered with during communication. This poses a significant risk; for instance, if the temperature sensor records 20°C but an attacker manipulates the data in transit to 100°C, it could lead to severe consequences in an IoT system. To address this issue, we will implement message hashing techniques to ensure data integrity. By leveraging cryptographic hash functions, we will be verifying the transmitted data remains unaltered. If any modification occurs, the hash mismatch will allow the broker to detect tampering and reject the compromised message. Additionally, we are incorporating digital signatures to further enhance security. By signing messages with a cryptographic signature, we can ensure both data authenticity and integrity, preventing unauthorized modifications and providing verifiable proof of origin. Through these security implementations, our project aims to establish a secure and resilient MQTT communication framework, effectively safeguarding IoT devices from data manipulation threats up to the possible extend