Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] Chacha20 and poly1305 for resource constrained devices.

I agree - we need to look at something more towards elliptic curve encryption keeping things small yet still secure - I know Atmel got a nice very small chip ATSHA204 (latest edition) can do elliptic curve encryption and also very powerful random number generator, low on batt ussages and can keep the payload small - This chip and elliptic curve encryption will make MQTT a dream place for small devices that still need to take security into account, but keep the payload still very small - SSL work fine for computers that cpu madhouse, BUT it's not only the CPU that we need to take into account with small devices - the band with usage is also a factor, so using some of the newer encryption to keep our payload down, secure and help small devices on the CPU, resource side is a win all round 

Check out this atmel chip and  elliptic curve - may well be something we see in the future devices+MQTT :)

On Tue, Jan 13, 2015 at 3:50 PM, Real Time Logic <realtimelogic@xxxxxxxxx> wrote:

Chacha20/poly1305 is a new cipher/hash combination that is truly amazing due to its small size and fast encryption/decryption speed. In my opinion, this cipher combination should be the de-facto symmetric encryption for MQTT.

The problem is that OpenSSL, which is used by Mosquitto, does not support this cipher. I therefore urge the Mosquitto developers to switch to either LibreSSL or boringssl (Google). Both of these libraries support Chacha20/poly1305.

SSL can have a huge resource impact on small microcontrollers (both size and speed), and it is therefore crucial that the best cipher combination is selected to reduce the amount of resources used; resources are both memory and CPU. If you are interested, you can read our Certificate Management for IoT tutorial that explains this in detail:

>From the above tutorial:
The combination of ChaCha20 and Poly1305 is particularly well suited for securing small embedded devices that need to preserve memory, footprint, and maintain performance with the least amount of encumbrance, by cutting down on the amount of time spent encrypting and decrypting data.

mosquitto-dev mailing list
To change your delivery options, retrieve your password, or unsubscribe from this list, visit

Back to the top