MQTLS: Toward Secure MQTT Communication with an Untrusted Broker

Abstract

The publisher-subscriber (pub/sub) paradigm is one of the promising communication models to meet the requirements such as interoperability and support of heterogeneity for the Internet-of-Things (IoT). Message Queueing Telemetry Transport (MQTT), one of the protocols based on the pub/sub model, is widely used in practice with public brokers by Eclipse Mosquitto or HiveMQ. A broker in the pub/sub model, however, is intrinsically a man-in-the-middle between clients (i.e., publishers and subscribers); thus, a broker can read and alter all the messages delivered from publishers to subscribers. Therefore, both publishers and subscribers should not exchange confidential messages via an untrusted broker or should use it in-between them at risk. We propose MQTLS, an MQTT-aware secure communication protocol among publishers, subscribers, and brokers, while restricting brokers not to read any messages from publishers, except topics that need for message delivery. The MQTLS protocol is secure, based on our novel security definition called clientto-broker-to-client (CBC) security semantics for the pub/sub model. Our OpenSSL-based MQTLS proof-of-concept shows that MQTLS increases the delay time at the initial setup due to asymmetric signature/verification. However the delay time becomes marginal - only 4.06% at the high-end device and 10.04% at the low-end device compared with the standard TLS protocol - after the key is distributed.