Anotace:
End-to-End Encryption (E2EE) plays an essential role in safeguarding user privacy and protecting sensitive data across various communication platforms, including messaging applications, email services, and Internet of Things (IoT) devices. This paper presents a Hybrid Cryptography-Based E2EE method implemented on a Software Defined Networking (SDN) infrastructure, to strengthen bidirectional data security between hosts and IoT devices via the non-secure Message Queuing Telemetry Transport (MQTT) port. By addressing the threat of Man-in-the-Middle (MitM) attacks, the proposed system ensures that only authorized users can decrypt transmitted messages. This paper thoroughly analyzes the implementation and advantages of our Hybrid Cryptography-Based E2EE method by comparing RSA and ECC encryption techniques. ECC-256 is favored for key generation, owing to its high efficiency and speed, measured at 0.4009 ms. Additionally, through a comparison of RSA, AES, and ChaCha20 algorithms, AES-256 emerges as the optimal encryption choice, demonstrating the fastest encryption and decryption times for publishing 0.2758 ms and 0.1781 ms, respectively and for subscribing, with encryption at 0.2542 ms and decryption at 0.1577 ms. Along with its minimal packet size and low resource consumption, our proposed Hybrid Cryptography-Based E2EE method, implemented on SDN infrastructure, validate it's effectiveness in securing digital communications within SDN environments compared to existing solutions.