# How to Authenticate MQTT Sessions Without Channel and Broker Security

Reto E. Koenig (Department of Computer Science, Bern University of Applied Sciences, Switzerland), Lukas Laederach (Bern University of Applied Sciences, Switzerland) and Cédric von Allmen (Bern University of Applied Sciences, Switzerland)
DOI: 10.4018/978-1-7998-2444-2.ch006
Available
$33.75 List Price:$37.50
10% Discount:-$3.75 TOTAL SAVINGS:$3.75

## Abstract

This chapter describes a new but state-of-the-art approach to provide authenticity in MQTT sessions using the means of zero-knowledge proofs. This approach completely voids session hijacking for the MQTT protocol and provides authenticity. The presented approach does not require the broker to keep any secrets for session handling. The presented approach allows completely anonymous but authentic sessions; hence, the broker does not need any priory knowledge of the client party. As it is especially targeted for applications within the world of internet of things (IoT), the presented approach is designed to require only the minimum in extra power in terms of energy and space. The approach does not introduce any new concept, but simply combines a state of the art cryptographic Zero-Knowledge Proof of identity with the existing MQTT 5.0 specification. Thus, no protocol extension is required in order to provide the targeted security properties. The described approach is completely agnostic to the application layer at the client side and is only required during MQTT session establishment.
Chapter Preview
Top

## Security Model

The main security parameter is denoted by . We write if is assigned to the output of algorithm with input . An algorithm is efficient if it runs in probabilistic polynomial time (ppt) in the length of its input. For the remainder of this paper, all algorithms are ppt if not explicitly mentioned otherwise. If $\emph{S}$ is a set, we write $a \leftarrow_R \emph{S}$ to denote that is chosen uniformly at random from $\emph{S}$. For a message , we call a block, while denotes the number of blocks in a message . For a list we require that we have unique, injective, and efficiently reversible encoding, which maps the list to .

## Complete Chapter List

Search this Book:
Reset