A Python-based project that demonstrates end-to-end secure data transfer over MQTT using the ASCON lightweight encryption algorithm.
It simulates multiple ESP32-like nodes (clients) that publish encrypted health sensor data (heart rate & SpO2) to a Mosquitto MQTT broker.
A server (subscriber) then receives and decrypts the data back to its original form.
- Secure communication with ASCON-128 authenticated encryption
- MQTT-based publish/subscribe with paho-mqtt
- Simulation of multiple ESP32 nodes (default: 50 nodes)
- Encrypted JSON payloads containing health data
- Decryption and validation on the subscriber side
- Fully written in Python for easy testing and demonstration
- mqtt-ascon/
- client/
- client.py # Simulates multiple ESP32 nodes (publish encrypted data)
- server/
- server.py # Subscribes and decrypts data
- client/
- requirements.txt # Dependencies
- README.md # Project documentation
-
Clone the repository:
git clone https://github.com/YOUR_USERNAME/SecureMQTT-ASCON.git cd SecureMQTT-ASCON -
Install dependencies:
pip install -r requirements.txt
-
Run the Subscriber (Server)
python server.py
Output example:
🖥️ MQTT Subscriber (Server) started... Waiting for messages. ✅ Connected to MQTT broker. 📡 Subscribed to topic: spo2/health 🔓 Decrypted data received at 12:10:03: {'id': '...', 'heart_rate': 72.4, 'spo2': 98.6, 'publish_timestamp': 1692341234567} -
Run the Publisher (Clients)
python client.py
Output example:
Publisher started. Press Ctrl+C to stop. [Node 1] Published encrypted data: {...} [Node 2] Published encrypted data: {...}
-
Algorithm: ASCON-128 (NIST Lightweight Cryptography Standard, 2023)
-
Key: 16 bytes (128-bit)
-
Nonce: 16 bytes (12-byte base + 4-byte counter)
-
Associated Data: b"health_data"
-
Payload: JSON (id, heart rate, SpO2, timestamp)
-
paho-mqtt → MQTT client library
-
ascon → ASCON lightweight encryption package
Install via:
bash pip install paho-mqtt ascon
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.