I work for a startup called Blue mesh Solutions. I’ve developed a new library that provides symmetric key encryption (with a default minimum of 1024 bits). I've successfully integrated this library directly into the Mosquitto source code, creating a modified Mosquitto broker and accompanying library. This enhancement offers the following key capabilities: - End-to-End Payload Encryption: Message payloads are encrypted end-to-end, ensuring confidentiality between the publishing client and the subscribing client.
- Topic Encryption: In addition to payload encryption, the MQTT topic itself is also encrypted.
- Flexible Security Layers: This encryption can be used in two primary ways:
- Double-Wrapped Security: It can be layered on top of existing TLS connections, providing an additional robust layer of encryption.
- Resource-Constrained Devices: Alternatively, for devices where TLS overhead is prohibitive, this library offers a viable encryption solution without requiring full TLS implementation.
I believe this feature would be a valuable addition to the Mosquitto core source. It addresses critical security needs, particularly for sensitive data and in environments with limited resources. Would there be interest in incorporating this enhancement into the official Mosquitto source? If so, what would be the process for proposing this, and who typically makes the final decision on such contributions? Thanks Tim |
