In this tutorial we look at how you can restrict access to a broker, and how you can protect your data using various security mechanisms.
It is important to note that these security mechanisms are initiated by the broker, and it is up to the client to comply with the mechanisms in place.
It is also important to realise that when planning security for your implementation that you must consider the capabilities of your MQTT clients as well as your broker.
This tutorial will use the free Open source Mosquitto broker, and the Paho Python MQTT client to illustrate these mechanisms.
This tutorial is split into tow sections. The first section is an overview of the mechanisms and the second covers example scenarios.
Section 1- Oveview
Client Authentication
There are three ways that a Mosquitto broker can verify the identity of an MQTT client:
- Client ids
- Usernames and passwords.
- Client Certificates
Client ids
All MQTT clients must provide a client id.
When a client subscribes to a topic/topics the client id links the topic to the client and to the TCP connection.
With persistent connections the broker remembers the client id and the subscribed topics.
When configuring an MQTT client you will need to assign a name/id to the client generally that name is unimportant as long as it is unique.
However the Mosquitto Broker allows you to impose client id prefix restrictions on the client name, and this provides some basic client security.
You could,for example, choose a prefix of C1- for your client ids and so a client with client id of C1-python1 would be allowed but a client with id of python2 would not be allowed.
You will find this setting in the security settings section of the mosquitto.conf file.
Username and Password
An MQTT broker can require a valid username and password from a client before a connection is permitted.
The username/password combination is transmitted in clear text and is not secure without some form of transport encryption.
However it does provide an easy way of restricting access to a broker and is probably the most common form of identification used.
The username used for authentication can also used in restricting access to topics.
On the Mosquitto broker you need to configure two settings for this to work. Again you will find these settings in the security section of the mosquitto.conf file.
They are allow_anonymous and password_file. To require username/password then allow_anonymous should be false and password_file should contain a valid passwords file.Example settings
allow_anonymous false password_file c:\mosquitto\passwords.txt #Windows machine
To create the passwords you will need to use the mosquiito_passwd utility that comes with the Mosquitto broker.
See Exploring Username and Password Authentication – MQTT by example
x509 Client Certificates
This is the most secure method of client authentication but also the most difficult to implement because you will need to deploy and manage certificates on many clients.
This form of authentication is really only suited to a small number of clients that need a high level of security.
See SSL and SSL Certificates Explained
Restricting Access to topics
You can control which clients are able to subscribe and publish to topics.
The main control mechanism is the username. (note: password not required), but you can also use the client id.
Unless you are running an open broker then this type of restriction will be common. See Configuring and exploring Topic Restrictions on Mosquitto
Securing Data
To protect the contents of your MQTT messages you can use:
- TLS or SSL Security
- Payload encryption
TLS Security
TLS security or as it is more commonly known SSL security is the technology that is used on the web.
This security is part of the TCP/IP protocol and not MQTT.
TLS security will provide an encrypted pipe down which your MQTT messages can flow.
This will protect all parts of the MQTT message, and not just the message payload.
The problem with this is that it requires client support, and it is unlikely to available on simple clients.
There are three methods of doing this:
- Using Self generated certificates
- Using free commercial certificates (let’s encrypt)
- Using paid commercial certificates
Payload Encryption
This is done at the application level and not by the broker. This means that you can have encrypted data without having to configure the broker.
It also means that data is encrypted end to end and not just between the broker and the client.
MQTT is after all a messaging protocol.
However this type of encryption doesn’t protect passwords (if used) on the connection itself.
Because it doesn’t involve any broker configuration or support this is likely to be a very popular method of protecting data.
See Encrypting The MQTT Payload Python Example and SSL or Payload Encryption Discussion Post
Section 2- Example Scenarios
How authentication provides Security on MQTT networks
In order for a rogue client to monitor broker traffic in needs to connect to the broker in order to publish/subscribe to topics.
Requiring a username and password makes connecting to the MQTT broker more difficult.
How do ACLs Provide Security
In order for a rogue client to monitor broker traffic in needs not only to connect to the broker but also to publish and subscribe to topics.
Restricting topic access using ACLs makes this more difficult.
How does SSL Provide Security
SSL provides protection by making it difficult for anyone with access to the network traffic to monitor MQTT traffic.
Monitoring network traffic could reveal user name and passwords and data on an MQTT connection if that connection doesn’t use SSL.
Network traffic monitoring is easier on Wireless networks than wired networks.
However wireless networks use SSL to protect the network traffic so the listening device must also be a trusted network device to monitor network traffic.
Connection to the Internet
Unless absolutely necessary the MQTT (mosquitto) broker should not be exposed to the Internet.
Internet connections should always use SSL were possible, and authentication (username/password or client certificates) as well as ACLs.
A Bridged broker should use a firewall and only allow connection to that IP address.
Access Examples.
The following are some theoretical scenarios and what configuration I would probably use in that scenario.
They are open for discussion and i would be happy to receive feedback and also examples from your networks.
Scenario 1– Have 100 sensors sending data to a broker on a local network at regular intervals. The data isn’t confidential.
The sensor receives commands from a control station that controls the message rate of the sensors and other sensor parameters.
The control station is also located on the local network
Sensor security – SSL desirable, No authentication required or authenticate using common username/password. Publish ACL restrictions on sensor topics is desirable.
Control station security – SSL desirable, authentication desirable, ACL restrictions on control topic publish and receive is mandatory.
Scenario 2– Have 100 sensors sending data to a broker on a local network at regular intervals. The data isn’t confidential. There is no control data.
Sensor security – SSL not required, No authentication required or authenticate using common username/password. publish ACL restrictions on sensor topic desirable.
Scenario 3 –Have industrial robot(s) sending data and receiving commands from a control station. The robot and control station are on a local network.
SSL on robot and control connections. Authentication required on robot and control connections. ACL restrictions on all topics.
Scenario 4- An alarm control system monitoring the alarms from several houses/offices/locations across the Internet.
SSL on all connections. Authentication required on all connections. ACL restrictions on all topics.
Scenario 5 –A alarm control system monitoring various Tasmota devices (switches,fire alarms etc) across the Internet. The Tasmota devices do not support SSL.
A control system is available locally and across the Internet.
Consider a local broker to connect the sensors with ACL restrictions on all topics.
Use SSL,authentication and topic restrictions for the control station connection to the local broker across the Internet and also for the local control station.
Firewall Restrictions
In addition to MQTT security restrictions I would also consider basic firewall restrictions on the local MQTT broker.
Common Questions and Answers
Q- Can I use TLS with payload encryption?
A- Yes.
Q- To implement payload encryption do I need certificates?
A- No. You can use shared keys which is easier to implement.
Q- How do I know if the message is genuine and hasn’t been changed?
A- Digital signatures are the best way of doing this but they rely on a public/private key infrastructure and are unlikely to be implemented on constrained clients like sensors. However simple alternatives like HMAC are available see this hive security article.
Summary
There are several mechanisms available for securing MQTT connections.
Security restrictions are enforced by the MQTT broker, and the client must be configured accordingly.
The level of security required depends on the type of data you are sending and whether you are using public or private networks.
When using MQTT for control then security is very important and should be considered carefully.
Course Tutorials Home<<Prev….Next>>Using MQTT Over WebSockets
Mosquitto Configuration Tutorials
Related Tutorials and Resources:
- MQTT Basics for Beginners
- SSL or Payload Encryption?
- Username and Password Authentication – MQTT by example
- Hive MQTT Security Fundamentals
- JWT based authentication (Google paper)
hi Steve
what would be the easiest option to secure the connection between two Linux VMs? I’m trying to help my friend with a college project and have tried using TLS with self signed certificate but it doesn’t work at all
You could try using payload encryption.
http://www.steves-internet-guide.com/encrypting-the-mqtt-payload-python-example/
Rgds
Steve
Hi Steve,
your pages are very helpful! Thank you!
My question:
Is it possible to use individual PSK encryption for every client?
(Every client uses its own secret)
Uwe
Not sure as I know the python client doesn’t support PSK not sure if the C client does. What client are you using?
Rgds
Steve
I use C and Javascript clients.
I did my testing with the Paho Javascript client.
Uwe
Need to check if mosquitto supports clients with PSK. Does the javascript client support it? If so can you point me to the docs.
Rgds
Steve
Hi, Steve.
Other than TLS, what other lightweight protocol we can use to encrypt MQTT?
Hi
Did you see this
http://www.steves-internet-guide.com/encrypting-the-mqtt-payload-python-example/
rgds
Steve
not bad for guide for ultimate beginner
Hi Steves,
I would like to ask if in TLS over MQTT solution, the broker need to decrypte the MQTT messages before routing them to the subscribers ?
Thank you
Yes
The message si decrypted by the broker.
rgds
steve
Hey Steve,
As the MQTT protocol uses SSL/TLS for encryption, how does the MQTT broker decrypts the encrypted messages. I understand that the MQTT Broker has the feature called Content-based filtering and Subject Based Filtering. How does the Broker decrypt the messages to perform the Content or Subject Based Filtering?
Hi
MQTT protocol only uses ssl when the broker requires it.
SSL is an envelop into which the mqtt packet is placed and removed at the receiver.
This has nothing do do with topic filtering.
There is no subject or content filtering in MQTT as the payload is binary
Rgds
Steve
Thank you for the response Steve.
As the Payload is binary, what makes the MQTT Broker provide their subscribers with the necessary topics. How it differentiates and provide the right topic to their subscribers?
The broker matches the publish topic with the subscribe topics and any client subscribed to that topic gets the message . If no one is subscribed to that topic the message is dropped.
Hi Steve thanks for sharing securing MQTT.
I would like to use username and password to authenticate the client and encrypt everything through CA signed server certificate, my question is: in this mode the credentials pass in clear text or are they protected by the ssl channel?
thanks in advice for support.
With SSL everything is encrypted including the username/password
Hi Steve great info sharing on securing MQTT.
In this statement “This will protect all parts of the MQTT message, and not just the message payload.”
Does that include Topic encryption as well when we use TLS? or are the topics visible in plaintext?
Looking forward to your response.
Yes it includes the topic
rgds
steve
Hi Steve,
Thanks for your tutorial. I want to implement home automation system using mqtt protocol on esp8266(tiny) I know the way forward. I will check whether there is an encryption library on arduino as well.
Ah, further digging brought me here: https://mosquitto.org/man/mosquitto-conf-5.html
This answers my questions (and more!) about SSL for client auth and securing data; would still be interested in (informed) opinions about magnitude of added latency when using SSL w/ MQTT.
Thanks,
Chris
Chris
Just did a quick test and found no great difference in the time taken to send/receive messages. If you know Python I can send you the scripts so you can run your own tests.
rgds
Steve
Hi Steve,
Are the “client authentication” vs “securing data” aspects of using SSL/TLS separable? Can one use x508 certs solely for client authentication without also encrypting the data? I’d like to securely limit who can subscribe but I’m not terribly concerned about third parties sniffing the data; my overriding goal is the fastest throughput possible, where milliseconds count, and I’m assuming there’s an added latency to encrypt/decrypt the message stream, and perhaps also an added latency if encrypted data are larger than unencrypted. I have little feel for the typical “costs” (in latency) of either of these relative to the total transit time from device through broker to client, so perhaps my concerns are misplaced (and I’d be glad to be set straight on that), but that’s where my question comes from…
Thanks so much for your fantastic suite of clear and concise resources on MQTT and related topics!
Chris
My understanding is that they are completely independent of each other but I have never tried using client certificates for authentication.
I’m also not sure about the effect of SSL on latency but expect that it has a cost.
I did start writing a Python script to test it but got side tracked. I will try to get around to finishing it.
Rgds
Steve
hello again steve,
can i load the paho python code to esp8266? is it possible?
Roy
Not familiar with esp8266 but I did a search and it seems that it uses micropython and has its own micropython mqtt client.
Take a look here
https://www.hackster.io/bucknalla/mqtt-micropython-044e77
rgds
steve
hello there steve, since TLS is not part of mqtt per se and its not advisable to low resource IoT device, is it possible to encrypt the ENTIRE mqtt message including the username and password using other encryption algorithm(lightweight)? is it possible?
Rey
Not as far as I know but you can encrypt the message. In fact I think this is the better option anyway as it is end to end and not client to broker. I did an tutorial demo using python here.
http://www.steves-internet-guide.com/encrypting-the-mqtt-payload-python-example/
thanks for you reply steve, do you have tutorials in how to used TLS in MQTT?
how TLS encrypt information from Publisher and how the subscriber decrypt it using TLS? How TSL encrypt the entire message or only the payload was encrypted by TLS?
TLS is a link encryption mechanism and only encrypts the link between client and broker. To have end to end encryption each link would need TLS.
Alternatively you can use message payload encryption for end to end encryption. see
http://www.steves-internet-guide.com/encrypting-the-mqtt-payload-python-example/
http://www.steves-internet-guide.com/mosquitto-tls/