Introducing the MQTT Security Fundamentals
Recently we did a survey asking about the most important MQTT topics you think we should cover next. As already mentioned in last week’s post the winner is Securing MQTT. So today we will start a new series called the MQTT Security Fundamentals. We hope that you are as excited as we are to discover a new part of MQTT Security every week. This first post will be more general and introductory as the upcoming ones, which will dive more into the nitty gritty about the different areas of security in MQTT. Ok, lets get started.
Why is security essential for the Internet of Things?
In our digital and global world security is prominent every day, it doesn’t matter if you are making a bank transfer, buying stuff online or access personal documents over the internet. The idea of the Internet of Things is to connect every object in order to make process more efficient, provide more comfort or improve our work and personal life in any kind of way. But connecting objects like cars, homes, machines also exposes lots of sensitive data. For example the location of all people in an household. Maybe it is good to know what your family members are up to, but it is not ideal to share these information with a burglar. There are different kinds of data, which are not meant for the public and should be protected by the pillars of information security: confidentiality, integrity and availability. There is also another take to it, when real machines or things are compromised, an attacker can do harm to real people. Like activating the breaks remotely in your car while driving or sabotage machines. Even if there is no real person involved, as we all know the exposure of sensitive data can damage the reputation of companies big time. So with more and more data that is collected every day and more devices being around in our lives security is a topic that is crucial and more important than ever.
Security Challenges in IoT
There shouldn’t be any doubt about whether security should be implemented or not, but the Internet of Things brings new challenges to the table. While security is already often a trade-off between highly secure and great usability, it gets even more interesting in the Internet of Things. IoT devices are often constrained in computing power and memory capacity. Therefore it is a challenge to use cryptographic algorithms which often need more resources than the tiny devices have all together. Another challenge is updating devices in the field. There is often only an unreliable connection available and security critical things call for immediate updates, which can be difficult to roll out to all devices at once. Additionally the challenge of making security intuitive for the user is more relevant than ever, because the acceptance of users depends on easy installation and maintenance. Nevertheless security should always be present when developing IoT applications from the very beginning.
Approach to security in MQTT
So after we provided some context let’s dive right into how MQTT handles security. If you want to freshen up your MQTT knowledge first, make sure you read the MQTT Essentials before reading any further, we will assume you already know the concepts of the protocol.
Security in MQTT is divided in multiple layers. Each layer prevents different kind of attacks. The goal of the protocol is to provide a really lightweight and easy to use communication protocol for the internet of things. So that’s why in the protocol itself are only a few security mechanisms clearly specified. But in all common implementations other state-of-the-art security standards are used, like SSL/TLS for transport security. The idea behind is that security is hard and there is no good in embedding non-standard security mechanisms and instead build upon generally accepted standards. So in the following the different levels will only be covered briefly, we will have designated posts for each of them in the series. This should only serve as high level overview and big picture.
Using a physically secure network or VPN as foundation for any communication between clients and broker is one way to provide a secure and trustworthy connection. This would be suitable for gateway applications, where the gateway is connected to devices on the one hand and with the broker over VPN on the other side.
When the goal is to provide confidentiality in most cases TLS/SSL is being used for transport encryption. It provides a secure and proven way to make sure nobody can read along and even authenticate both sides, when using client certification authentication. We will also cover in detail the feasibility of TLS on constrained devices.
On the transport level it can be ensured that the communication is encrypted and the identity is authenticated. The MQTT protocol provides a client identifier and username/password credentials, which can also be used to authenticate devices on the application level. These properties are provided by the protocol itself. When it comes to authorization or what each device is allowed to do, it lays in the hand of the broker implementation, how to handle it. Another possibility is to use payload encryption on the application level in order to make the transmitted information secure even without having a full fledged transport encryption.
Scope of the series
So this was already a very brief overview of what we will cover over the next 10 weeks. Our goal is to discuss all major pillars of Security in MQTT and best practices. We don’t have the aspiration to cover all topics in an equally detail level. But to focus on the ones, which are most commonly used and show practical examples. Another topic will be potential attacks on an MQTT solution and how to prevent these from the beginning. As already mentioned we will also cover how to adapt available security mechanisms to constrained devices. MQTT provides a lot of options to make it completely secure, but still there is no silver bullet and the security requirements are often dependent on the use case.
We hope todays overview has motivated you to follow our series of the MQTT Security Fundamentals, if you want to get notify as soon as we publish the next post, you can subscribe to our newsletter or RSS feed. You think we have missed some important topics? Please tell us, we are always open to questions and suggestions.