MQTT Messaging Protocol Overview

Updated 16 November 2025

MQTT Messaging Protocol is a lightweight, topic-based publish–subscribe system designed for efficient IoT, M2M, and sensor network communications.
It offers low latency, minimal framing overhead, and reduced energy consumption, making it ideal for bandwidth-constrained and high-latency networks.
Recent extensions, including TEE-based security, QUIC transport, and advanced broker discovery, enhance scalability, mobility, and secure data processing.

The Message Queuing Telemetry Transport (MQTT) is a lightweight, topic-based publish–subscribe messaging protocol that has achieved de facto standard status for Internet of Things (IoT), machine-to-machine (M2M), wireless sensor networks, and industrial deployments. Designed to operate efficiently across bandwidth-constrained, high-latency, or unreliable networks, MQTT is distinguished by minimal framing overhead, robust session management, flexible Quality of Service (QoS) guarantees, and strong application decoupling. MQTT’s flexible, scalable brokered architectures—underpinned by extensible syntax and security primitives—have fostered numerous research extensions in broker distribution, edge/fog integration, protocol hardening, and semantic enrichment.

1. Protocol Architecture and Core Workflow

MQTT operates on a central broker–client model: publishers send data on hierarchical string topics, while subscribers express interest in topic filters (optionally with wildcards), all over persistent TCP (or QUIC/UDP in some variants) connections. Protocol operations are mediated through control packets comprising fixed, variable, and payload headers, conforming to a tightly-defined binary framing. The core protocol sequence includes:

Connection Management:

Client initiates with CONNECT (including flags for session persistence, authentication, will message), to which the broker replies CONNACK.

Subscription Lifecycle:

Clients SUBSCRIBE on topics (with optional QoS); the broker responds with SUBACK specifying granted QoS.

Data Exchange:
- QoS 0 (“At most once”): no ACK, best effort.
- QoS 1 (“At least once”): PUBACK handshake, possible duplicates.
- QoS 2 (“Exactly once”): PUBREC, PUBREL, PUBCOMP four-way handshake to prevent duplicates (state machine formalization in (Dizdarevic et al., 2018)).
Keep-alive/Fault Detection:

Periodic PINGREQ/PINGRESP exchanges maintain session liveness.

Disconnection:

DISCONNECT packet closes the session.

The packet structure is analytically minimal: the fixed header is 2–5 bytes, variable headers contain only essential metadata (e.g., topic name, packet identifier), and the payload is unstructured, facilitating binary or application-defined formats (Shao et al., 2019).

2. Performance, Energy, and Deployment Characteristics

MQTT’s protocol design confers several operational advantages:

Latency: Empirical studies report round-trip times of ≈1–10 ms for MQTT (QoS 0/1), contrasting with ≈20–200 ms for HTTP/REST (Dizdarevic et al., 2018).
Framing and Bandwidth Efficiency: Typical header overhead is ∼2 bytes minimum, substantially lower than HTTP’s ≥100 bytes and allowing efficient multiplexing of telemetry (Shao et al., 2019).
Energy Consumption: For battery-constrained devices, MQTT achieves 3–5× lower energy usage per delivered message relative to HTTP/REST. Calculations of expected transmissions/latency in the presence of packet loss demonstrate the differential cost of QoS levels (e.g., $E[N]=1/(1-p)$ for QoS 1) (Shao et al., 2019).
Developer Adoption: Surveys indicate MQTT and HTTP/REST dominate IoT protocol choices (Dizdarevic et al., 2018).
Power-Limited Applications: Evaluation on embedded architectures (e.g., Arduino/ESP8266) demonstrates autonomy of ∼1.5 days on a single 18650 cell with data rates characteristic of environmental monitoring (Shao et al., 2019).

MQTT’s default operation assumes a single broker topology; horizontal scaling and high-availability are addressed in practice via clustering (Mosquitto, HiveMQ, VerneMQ, EMQX) and distributed broker architectures (Dizdarevic et al., 2018, Hmissi et al., 4 Jun 2024).

3. Extensions for Security, Transport, and Processing

3.1 End-to-End Security with Trusted Execution Environments (MQT-TZ)

MQTT brokers typically process all payloads in the clear, a major vulnerability in MedTech, finance, and critical infrastructure scenarios. MQT-TZ integrates ARM TrustZone Trusted Execution Environment (TEE) into an off-the-shelf Mosquitto broker, introducing:

Two-phase Mutual Authentication:
- Phase 1: TLS 1.2 handshake establishes master_secret via standard PRF formulas (see section 2 in (Segarra et al., 2020)).
- Phase 2: Client generates a 32-byte symmetric key $K_c$ , encrypts it under the TEE’s RSA public key $PK_{TEE}$ , and transmits via “tz/key_setup” topic. The response is ACK = $E_{K_c}$ ("OK").
Dual-layer Encryption:
- Transport layer: Every client–broker hop secured by TLS.
- Application layer: Message payload encrypted by the client with $K_c$ , re-encrypted by the TEE for each subscriber under $K_{sub}$ . Non-trusted code (broker/host) never accesses plaintext.
TEE as Proxy:
- All key provisioning, secure storage, and payload re-encryption occur inside the TEE, with a secure in-memory LRU cache to minimize secure storage I/O.
Performance:
- AES-CBC in TEE is 100–250× slower than OpenSSL (REE). Secure-storage key retrieval incurs a 200–300× penalty over cached keys, making the LRU cache essential. Publishing latency increases by up to 4× (hot cache) or 8× (cold cache); 99th percentile tail ≈350 ms (Segarra et al., 2020).
- Real-world ECG streaming with 50 devices shows Raspberry Pi 3B (with TrustZone) supporting real-time monitoring at 50–55% CPU utilization versus <5% for plain Mosquitto, i.e., +10–15% overhead.

3.2 QUIC-based Transport for Low-latency and Mobility Robustness

Standard MQTT over TCP/TLS is limited by connection overhead, half-open connection resource waste, and head-of-line blocking. MQTT over QUIC implements:

0-RTT/1-RTT Handshakes: Session resumption eliminates 2–3 RTT overhead, with up to 56.25% fewer packets during setup.
Stream Multiplexing: QUIC streams decouple logical control/message exchanges, so packet loss on one stream does not stall others.
Connection Migration: Use of persistent connection IDs enables seamless client mobility/NAT rebinding.
Resource Footprint Reductions: For 100 half-open connections, broker CPU and memory use decrease by ∼83% and 50%, respectively (Kumar et al., 2018).
Delivery Latency: Under 10% packet drop, QUIC reduces latency by 55.6% over TCP; even at 50% loss, gains persist (down to 14.9–36.6%).

A plausible implication is that high-mobility, lossy link deployments (e.g., vehicular IoT) should prefer MQTT/QUIC over MQTT/TCP.

3.3 Transparent Broker Discovery and Mobility (TD-MQTT)

Conventional MQTT requires clients to know the broker address a priori, hindering broker mobility, dynamic scaling, and horizontal applications. TD-MQTT introduces a transparent indirection via a master broker (MB):

Resource Discovery:

MB maintains the set of brokers B and topics managed, built via TCP connect scans and subscribing with wildcard “#” to each broker.

Subscription Redirection:

Subscriber S requests a topic from MB; MB returns the appropriate broker address and S reconnects.

Failure/Relocation Handling:

S detects broken brokers via lack of PINGRESP; MB manages topic relocation signaling via DISCONNECT(0x9C/0x9D).

Performance Models:

Analytical models based on queuing delay, transmission delay ( $T_{message}=size/R$ ), and resource discovery delay ( $T_{TD}$ , $T_{BD}$ ) accurately predict bounded rebind latency ( $\approx$ 15–20 ms for topic discovery).

Latency and Scalability:
- TD-MQTT maintains nearly constant end-to-end response time regardless of broker hop count (e.g., 1–18 ms for 1–5 hops versus 20–100 ms for standard MQTT).
- Compared to EMMA, topic discovery is reduced by an order of magnitude per discovery event (Hmissi et al., 4 Jun 2024).

4. Protocol Enhancements: Filtering, Aggregation, and Processing (MQTT+)

MQTT+ enriches the MQTT syntax and broker functionality to address the high traffic and energy costs of data processing at the edge:

Rule-based Filtering:

Topic syntax supports operators (e.g., $GT;30/sensor/temp$ , $CONTAINS;error/system/log$ ) for on-broker filter-evaluation.

Temporal and Spatial Aggregation:
- Aggregates (e.g., $AVG$ , $MAX$ ) can be computed over sliding temporal windows ( $DAILYAVG$ ) and across spatial topic sets (wildcards or explicit lists).
- Composite subscriptions enable operator chaining (e.g., $SUM$ DAILYAVG/+/temp).
- Each payload’s TTL determines aggregation eligibility.
In-Broker Processing:

Built-in functions (e.g., face recognition, image count) can be advertised and invoked via special topics ( $CNTPPL$ ).

Broker Implementation:

Implemented as a HiveMQ Java plugin, the system extends OnPublishReceivedCallback for filter, aggregation, and processing pipelines.

Performance:
- Data aggregation reduces network traffic approximately $(m \cdot \lambda/\lambda_A) \cdot [P/(P+O)]$ -fold, with measured traffic nearly constant versus linear in m·n for standard MQTT (Giambona et al., 2018).
- For image-processing scenarios, downlink traffic is reduced by ≈100×, at the cost of increased broker CPU/RAM load; the trade-off is explicit.

5. Domain-specific Integration: Automated Mobility and Edge/Fog Computing

In connected, automated, and vehicular systems, MQTT brokers are deployed across the edge–cloud continuum to bridge ROS (Robot Operating System) agents over mobile 5G links:

ROS–MQTT Bridging:

C++ nodelets serialize and deserialize between ROS topics and MQTT, configured via YAML files (ros_topic ↔ mqtt_topic).

Performance KPIs:

End-to-end (ROS ↔ cloud ↔ ROS) latencies of ≈86.1 ms (σ≈6.7 ms), with 99.5% of samples under 100 ms; one-way MQTT-only comms achieve ≈21.9 ms for 0.18 MB payloads over 5G (Reiher et al., 2022).

QoS and Security:

QoS 1 is a recommended tradeoff, increasing latency by only 5%; encryption via TLS, VPN, or AES overlay networks adds minimal latency overhead (+1.4–7.7 ms).

Scalability:

MQTT sustains up to 55 Hz throughput (≈10 MB/s) for large payloads in automotive scenarios.

6. Best Practices, Trade-offs, and Future Directions

QoS Selection:

Choose QoS 0 for non-critical telemetry (high rate, low energy), QoS 1 for delivery assurance with duplicate tolerance, and QoS 2 only when exactly-once semantics are indispensable (Dizdarevic et al., 2018, Shao et al., 2019).

KeepAlive and Session Tuning:

KeepAlive interval balances detection of dead links versus protocol overhead. Persistent sessions “CleanSession=0” preserve subscription/state but require broker-side resource management.

Clustering & High Availability:

Production deployments use clustering to mitigate broker failure and balance load; persistent session storage consistency is crucial (Dizdarevic et al., 2018).

Security Extensions:

MQT-TZ illustrates the feasibility of offloading cryptographic operations into TEE proxies without client code changes. Op-TEE’s cryptographic performance is a bottleneck; hardware accelerators are strongly advised (Segarra et al., 2020).

Distributed Broker Models:

TD-MQTT’s master broker abstraction provides practical broker mobility and failover while maintaining MQTT’s core programming model (Hmissi et al., 4 Jun 2024). Master broker replication and consensus remains an ongoing research area.

A plausible implication is that large-scale, horizontally distributed IoT systems will increasingly combine transparent resource discovery (TD-MQTT), broker-side computation (MQTT+), and hardware-anchored security (MQT-TZ) to optimize the balance of efficiency, robustness, and privacy.

7. Limitations and Outstanding Research Challenges

Processing Overhead:

Broker-side image or semantic processing (MQTT+) can saturate broker resources if computationally-intensive functions are overused (Giambona et al., 2018).

TEE Crypto Performance:

Arm TrustZone-based crypto is several orders of magnitude slower than standard libraries, adversely affecting latency. Cache techniques partially mitigate this but point to hardware limitations (Segarra et al., 2020).

Scalability of Wildcard Subscriptions:

At scale, wildcard or “#” subscriptions may stress broker state and control-plane traffic; topic-indexing schemes and bloom filtering have been suggested but require further validation (Hmissi et al., 4 Jun 2024).

Formal Verification:

The adoption of distributed or replicated brokers invokes nontrivial state machines and liveness/safety properties; formal modeling and verification are proposed as future work (Hmissi et al., 4 Jun 2024).

MQTT continues to evolve as the foundational protocol for distributed telemetry and IoT messaging, with research-driven enhancements addressing its security, scalability, and semantic expressiveness in increasingly large and heterogeneous deployments.