Client authentication with symmetric keys (AES)

36 views
Skip to first unread message

gtz...@gmail.com

unread,
Jan 19, 2018, 12:43:34 PM1/19/18
to MQTT

Hi,
I couldn't find how to use MQTT with just AES. It is clear how to encrypt the communication and authenticate the server AND the client with SSL/TLS, but as in my case I own both the server and the devices in the field, I want to simply use symmetric keys (AES) for encryption AND authentication. If I put in each of my devices a different key, and encrypt all the MQTT traffic with it (sending in clear only a device ID to inform the server which symmetric key to use), it would be a much simpler and lightweight solution than using the whole bunch of certificates and CAs etc. Also it is better because a simple embedded AES lib would be enough, instead of using the whole SSL/TLS stack, which among everything needs to be constantly monitored for security updates (according to the sys admins :) ).

I thought of using a small proxy to strip the encryption, and forward MQTT traffic as is, which is fine for the encryption part, but it can not do the authentication part, because the MQTT server wouldn't be aware of the key used by the client. E.g. if one key is compromised, it could be used with any username/password, which is not OK.

I couldn't find a MQTT server which does something like that (symmetric key encryption and authentication). Any ideas how can this be achieved in any MQTT server? Can that be done with a plugin???

(I know about the proxy protocol version 2, which in case of SSL/TLS allows the proxy to forward the CN as username, but this would mean my tiny proxy to implement that protocol too, which becomes more error prone and hard to debug solution, and I would like something more ... standard.)

Thanks
George

Karl Palsson

unread,
Jan 19, 2018, 6:02:20 PM1/19/18
to mq...@googlegroups.com

This is what TLS-PSK is....

If you want to pretend that you can reaaallly just have a AES
encryption only, on clients, then sure, you can just do that. You
can have your clients encrypt and just use mqtt "unencrypted" as
a byte transport. You have to accept that your topics are clear
text still.

This is also known as "rolling your own crypto" (You may consider
just abandoning crypto if it's "too hard", it's it's "too hard",
then clearly what you have isn't worth protecting.)

Sincerely,
Karl Palssonn
signature.html
Reply all
Reply to author
Forward
0 new messages