CIS 700/002 : Special Topics : Secure MQTT for IoT

Transcription

1 CIS 700/002 : Special Topics : Secure MQTT for IoT Sangdon Park CIS 700/002: Security of EMBS/CPS/IoT Department of Computer and Information Science School of Engineering and Applied Science University of Pennsylvania March 30, 2017

2 What is MQTT? Message Queue Telemetry Transport (MQTT) is a publish-subscribe-based lightweight messaging protocol over TCP/IP protocol 2

3 Quite popular Why MQTT? Facebook Messenger AWS IoT Lightweight Minimize code footprint on devices Reduce network bandwidth usages 3

4 The goal of Secure MQTT Authenticate each IoT device Encrypt communication channels btw IoT devices Focus of this paper 4

5 Secure MQTT Alternatives MQTT + SSL/TLS Storing and managing the certificates are cumbersome SSL/TLS is weak on various attacks (e.g., BEAST, CRIME, RC4, Heartbleed) (we think) key revocation is not simple 5

6 Contributions Proposes a secure MQTT protocol MQTT + Attribute Based Encryption (ABE) 6

7 Public-key Encryption Identity of a receiver The public key of the receiver Sender A Public CA 3. Send Enc (text, Public B ) Public B Receiver B Private B 2. Obtain the public key of B (Public B, Sign CA ) Public CA CA Private CA 7 1. Register the public key

8 Identity Based Encryption Identity of a receiver ID of the receiver Sender A B@gmail.com 3. Send Enc (text, Public PKG, B@gmail.com) B@gmail.com Receiver B 2. Private B 2. Approve and send Private B = Gen(Private PKG, B@gmail.com) Public 1. Authenticate PKG itself using B@gmail.com Private Key Generator 8 Private PKG

9 Attribute Based Encryption (ABE) Identity of a receiver Attributes of the receiver Sender A AttB 3. Send Enc (text, Public PKG, AttB) AttB Receiver B 2. Private B 2. Approve and send Private B = Gen(Private PKG, AttB) Public 1. Authenticate PKG itself using AttB Private Key Generator 9 Private PKG

10 Attributes An attribute of receivers A predicate Sender A (e.g., Temperature sensor) Send Enc ( Temp, Public PKG, AttB) Receiver B 10

11 Proposed Secure MQTT (SMQTT) SMQTT = MQTT+ABE Update MQTT protocol for ABE Use the ABE scheme based on lightweight Elliptic Curve Cryptography Types of ABE Ciphertext-Policy ABE (CP-ABE) Key-Policy ABE (KP-ABE)

12 Setup phase SMQTT Protocol Publisher (Temperature sensor) PKG (Broker) Subscriber (heater) 1. Register URI and attributes 2. Register URI and attributes 3. Generate Public PKG and Private PKG 4. Publish Public PKG Publish Private heater Note. The universe of all attributes U is known for all entities

13 SMQTT Protocol Encryption/Publish phase Publisher (Temperature sensor) 1. Set attributes A (e.g., A = a heater or an air conditioner ) PKG (Broker) Subscriber (heater) 2. Send Enc ( Temp, Public PKG, A) 2. Send Enc ( Temp, Public PKG, A) OR 2. Send Enc ( Temp, Public PKG, A) 13

14 Decryption phase SMQTT Protocol Publisher (Temperature sensor) PKG (Broker) Subscriber (heater) 1. Recv. C = Enc ( Temp, Public PKG, A) 2. Dec(C, Public PKG, Private heater ) 14

15 System details Performance Analysis Setup phase time of PKG 15

16 Discussion Pros/Cons of SMQTT protocol for IoT Pros Prior key distribution is not required Broadcast encrypted messages Cons How does PKG verify the attribute of a receiver? PKG verifies attributes and other details given by the device Any adversary can claim any attributes 16