Embedded MQTT Client Library

SharkMQTT is a secure implementation of the MQTT v3.1.1 Standard adopted for IoT by Oasis.The introduction of SSL provides military grade authentication and encryption, allowing efficient broker communication with the least amount of compromise or impact to resource constrained embedded devices.

See also our SMQ IoT protocol, which includes integrated point-to-point communication, a feature typically required in IoT design.


    • End-to-End IoT Security
    • ANSI C Source Code Library
    • Pre-Integrated with SharkSSL
    • Implemented with OASIS Approved MQTTv3.1.1
    • Basic MQTT Authentication
    • x.509 Authentication
    • SharkMQTT (including sharkSSL) 22kB ROM, 4kB RAM
    • Bare Metal (Super-Loop) and RTOS Support

About MQTT

MQTT is a publish/subscribe messaging protocol, designed for constrained devices, low-bandwidth, and high-latency or unreliable networks. The protocol is useful for emerging IoT or M2M connected devices, where bandwidth, memory, and power are at a premium. http://www.mqtt.org

About Oasis

A non-profit organization that promotes industry consensus and produces worldwide standards for the Internet of Things. https://www.oasis-open.org

MQTT Security Paramount!

Using dual authentication is paramount when deploying an MQTT solution -- that is, the MQTT client authenticates the MQTT server and the MQTT server authenticates the MQTT client. The reason strong dual authentication is so important when using MQTT is due to the fact that the MQTT protocol enables wildcard subscriptions. An attacker that manages to connect to an MQTT broker can subscribe to all messages sent via the broker, study the data, and then craft MQTT messages that will compromise the entire MQTT solution.

We help our customers avoid creating an MQTT solution that can be compromised!

There are many MQTT solutions on the internet that can be compromised. We wrote an article for DZone that shows how easy it is to compromise many MQTT solutions. The attack, including the source code, is available at DZone. The attack uses the Lua MQTT library that comes with the Barracuda App Server, an additional MQTT client library we provide.

See the DZone article Hacking MQTT Using Lua for details.

Download SharkMQTT

IoT Security: Creating X.509 Chain of Trust

Learn the entire process of setting up the chain of trust for your IoT solution. The video, which is available on YouTube, provides a practical example that you can follow and setup on your own computer for learning purposes. The comprehensive video tutorial guides you through the process of setting up secure and trusted communication. After completing the hands-on tutorials, you will be an expert in using SSL for secure communication and how to create and manage SSL certificates.