Encrypted MQTT on Raspberry Pi

Chad Sigler
May 29 · 3 min read

Encrypt MQTT traffic on an RPI

Image for post
Image for post
Photo by Markus Spiske on Unsplash

Hello and welcome back. Today I will be talking about how to encrypt the data in use and at rest while using MQTT. The MQTT transport will be unencrypted to ensure minimum requirements for the broker.

Why

I wanted to show the power of the Virtru Developer Platform using a known, popular, and low powered device to display the performance of the Virtru SDK. MQTT is a popular transport for IoT traffic that has varying levels of Quality of Service and security. Using this approach, the traffic does not need to be explicitly encrypted and the recipient must also be authenticated to decrypt the message.

Diagram

Image for post
Image for post
MQTT

Technologies Used

MQTT Broker Setup (x86)

Host Setup

  • EC2
  • t2.micro
  • Ubuntu 18.04
  • Public IP
  • AWS Inbound Firewall Open 1883

Host Application

sudo apt update
sudo apt upgrade
sudo apt install mosquitto
systemctl status mosquitto
sudo tail -f /var/log/mosquitto/mosquitto.log

MQTT Client Publish Setup (ARM)

Host Setup

  • Raspberry Pi 4
  • Raspian Version 10 (buster)

Host Application

# publish.py in ~/publish/
# update the appid in publish.py
# update the owner email in publish.py
# update the broker IP in publish.py
sudo apt update
sudo apt upgrade
sudo apt install python3-pip
sudo python3 -m pip install --upgrade pip
pip3 install virtru-sdk
pip3 install paho-mqtt
cd ~/publish/
python3 publish.py

MQTT Client Subscriber Setup (ARM)

Host Setup

  • Raspberry Pi 4
  • Raspian Version 10 (buster)

Host Application

# subscribe.py in ~/subscribe/
# update the appid in subscribe.py
# update the owner email in subscribe.py
# update the broker IP in subscribe.py
sudo apt update
sudo apt upgrade
sudo apt install python3-pip
sudo python3 -m pip install --upgrade pip
pip3 install virtru-sdk
pip3 install paho-mqtt
cd ~/subscribe/
python3 subscribe.py

MQTT Client Subscriber Setup (x86)

Host Setup

  • EC2
  • t2.micro
  • Ubuntu 18.04

Host Application

# subscribe.py in ~/subscribe/
# update the appid in subscribe.py
# update the owner email in subscribe.py
# update the broker IP in subscribe.py
sudo apt update
sudo apt upgrade
sudo apt install python3-pip
sudo python3 -m pip install --upgrade pip
pip3 install virtru-sdk
pip3 install paho-mqtt
cd ~/subscribe/
python3 subscribe.py

subscribe.py

publish.py

Conclusion

With the release of the Virtru SDK to the Raspberry Pi, a whole new world of opportunities opens up. This post is the first related to IoT, RPI, and ARM-based processors. There is no speed penalty to use the ARM-based SDK as the Python SDK is a wrapper for the C++ SDK.

Virtru Technology Blog

Building developer tools in the interest of data protection…

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store