Diro et al. “propose novel lightweight security solutions for publish-subscribe protocol-based Internet of Things [IoT] in fog networks using [elliptic curve cryptography, ECC].” This proposal would be of interest to readers who are familiar with message queue telemetry transport (MQTT) and advanced message queueing protocol (AMQP).

According to the authors, “existing security protocols such as SSL/TLS have a large overhead of computations, storage, and communications.” In providing security solutions, the researchers propose the use of ECC to decrease the performance overhead from fog network systems, scalable key exchange, and more efficient authentication and encryption systems. “ECC [is known for providing] shorter key lengths, reduced message sizes, and lower resource usages,” according to the paper.

The most interesting part is the researchers’ evaluation of “two alternative protocol design approaches using ECC for security key exchange and encryption mechanisms.” In the man-in-the-middle attack scenario, the researchers show that “mutual authentication between the subscriber/publisher and the fog broker [can be] achieved.”

The research keeps the tables simple and informative to show the differences in key sizes between ECC and RSA, and in the performance between the researchers’ two schemes and SSL/TLS. As part of the researchers’ future study, they plan “to implement the protocol on real IoT platforms.”