Lightweight Dynamic Topic-Centric End-to-End Security Mechanism for MQTT

This paper proposes a lightweight security mechanism to manage security levels in MQTT protocol reducing the protocol overhead and using a flexible security negotiation in comparison with classical TLS solution applied to application layer protocol in the IoT context. Our proposal considers the security features around the topic and it involves the publishers as the main actors to negotiate the possible security levels on the topics. The proposal supports an end-to-end security features reducing the complexity of the broker that can only forward encrypted packet towards subscribers without performing ciphering or encryption/decryption. The performance of the proposed solutions has been tested considering increasing number of topics and clients and considering some metrics such as processed packets and bytes, processing time and RAM usage. A comparison between the dynamic security approach with MQTT and classical $\text{MQTT}+\text{TLS}$ has been also considered.