随着日新月异的高新技术不断发展, 物联网、大数据、人工智能交叉融合, 深度关联. 物联网全面融入了我们的生活、工作、社会发展等方方面面. 而物联网目前最广泛、最主流的协议当属MQTT协议, 低开销低带宽的先天优势促成了海量物联网设备接入网络. 但在万物互联时代大背景下, “自由可控, 安全可信”是行业发展的理念和标准. 目前很多研究者提出了从MQTT出发设计安全算法的方案, 但发现“基于MQTT的数据加密传输算法”该论文的核心算法存在密钥泄露的风险, 为此指出了其核心算法的缺陷并提出3种新的MQTT-SE算法. 分别是基于对称加密的MQTT-SE算法、基于公钥的MQTT-SE算法、基于公钥证书的双向认证MQTT-SE算法. 从而达到MQTT传输在低效能环境下的基础上达到高性能安全加密传输的目的.
With the rapid development of high-tech with each passing day, the cross fusion and deep correlation among the Internet of Things, big data, and artificial intelligence are implemented. The Internet of Things is fully integrated into all aspects of our life and work as well as social development. At present, the most widely used and mainstream protocol of the Internet of Things is the message queuing telemetry transport (MQTT) protocol, whose inherent advantages of low overhead and low bandwidth have contributed to the access of a large number of Internet of Things devices to the network. However, in the era of the Internet of Everything, “freedom, controllability, safety, and credibility” are the concepts and criteria of industrial development. Many researchers have proposed MQTT-based design schemes for security algorithms. Regarding the paper titled “Data encryption transmission algorithm Based on MQTT”, however, its core algorithm is found to be at risk of key leakage. Therefore, this study points out the defects of this core algorithm and proposes three MQTT-SE algorithms respectively based on symmetric encryption, public key, and mutual verification of public key certificates. These algorithms can achieve the purpose of high-performance and safe encryption transmission even in a low performance MQTT transmission environment.