Achieving Accountability and Data Integrity in Message Queuing Telemetry Transport Using Blockchain and Interplanetary File System
-
Published:2024-07-13
Issue:7
Volume:16
Page:246
-
ISSN:1999-5903
-
Container-title:Future Internet
-
language:en
-
Short-container-title:Future Internet
Author:
Lazzaro Sara1ORCID, Buccafurri Francesco1ORCID
Affiliation:
1. Department DIIES, University Mediterranea of Reggio Calabria, Via Università 25, 89122 Reggio Calabria, Italy
Abstract
Ensuring accountability and integrity in MQTT communications is important for enabling several IoT applications. This paper presents a novel approach that combines blockchain technology and the interplanetary file system (IPFS) to achieve non-repudiation and data integrity in the MQTT protocol. Our solution operates in discrete temporal rounds, during which the broker constructs a Merkle hash tree (MHT) from the messages received. Then the broker publishes the root on the blockchain and the MHT itself on IPFS. This mechanism guarantees that both publishers and subscribers can verify the integrity of the message exchanged. Furthermore, the interactions with the blockchain made by the publishers and the broker ensure they cannot deny having sent the exchanged messages. We provide a detailed security analysis, showing that under standard assumptions, the proposed solution achieves both data integrity and accountability. Additionally, we provided an experimental campaign to study the scalability and the throughput of the system. Our results show that our solution scales well with the number of clients. Furthermore, from our results, it emerges that the throughput reduction depends on the integrity check operations. However, since the frequency of these checks can be freely chosen, we can set it so that the throughput reduction is negligible. Finally, we provided a detailed analysis of the costs of our solution showing that, overall, the execution costs are relatively low, especially given the critical security and accountability benefits it guarantees. Furthermore, our analysis shows that the higher the number of subscribers in the system, the lower the costs per client in our solution. Again, this confirms that our solution does not present any scalability issues.
Reference64 articles.
1. Lazzaro, S., De Angelis, V., Mandalari, A.M., and Buccafurri, F. (2024, January 11–15). Is Your Kettle Smarter Than a Hacker? A Scalable Tool for Assessing Replay Attack Vulnerabilities on Consumer IoT Devices. Proceedings of the 2024 IEEE International Conference on Pervasive Computing and Communications (PerCom), Biarritz, France. 2. Maskeliūnas, R., Damaševičius, R., and Segal, S. (2019). A Review of Internet of Things Technologies for Ambient Assisted Living Environments. Future Internet, 11. 3. Li, J., Maiti, A., and Fei, J. (2023). Features and Scope of Regulatory Technologies: Challenges and Opportunities with Industrial Internet of Things. Future Internet, 15. 4. Lupia, F., Lucchese, M., Merro, M., and Zannone, N. (2023, January 15–18). ICS Honeypot Interactions: A Latitudinal Study. Proceedings of the 2023 IEEE International Conference on Big Data (BigData), Sorrento, Italy. 5. Lucchese, M., Lupia, F., Merro, M., Paci, F., Zannone, N., and Furfaro, A. (September, January 29). HoneyICS: A High-interaction Physics-aware Honeynet for Industrial Control Systems. Proceedings of the 18th International Conference on Availability, Reliability and Security, ARES ’23, New York, NY, USA.
|
|