| dc.description.abstract |
Internet of Things (IoT) connected devices will be reaching people seamlessly in
future days. The security aspects for the IoT domain have always been open
field of research and analysis. Each of the IoT protocols have its own strength
and vulnerabilities. The Message Queue Telemetry Transport (MQTT)
application layer IoT protocol is widely used in present day’s context. Since,
MQTT standard has no mandatory requirements regarding the security
services; therefore, manipulating the security issues in MQTT platforms
seems very easy. This thesis analyzes the security of MQTT protocol. Basing
on the analysis, a security enhanced MQTT protocol is proposed. The proposed
protocol is based with added cryptographic primitives to offer security
services for IoT system. Mutual authentication between subscriber and broker,
mutual authentication between publisher and broker, authentication with key
distribution, use of only symmetric key cryptography are the few salient
features of the proposed enhanced MQTT protocol. This thesis also conducts
a formal verification for the proposed MQTT protocol to prove that the
proposed protocol satisfies the intended security attributes. The evaluation
result validates that the proposed protocol ensures the secrecy property of the
cryptographic credentials and hence, operates securely. |
en_US |
