A. Proposed Secure MQTT Protocol Ar

A. Proposed Secure MQTT Protocol Architecture
We propose secure MQTT (SMQTT) based on ABE (cf. Fig.1). In this protocol, a new publish service ’Spublish’ is proposed which uses message type ’0000’, wherein the mes-sage is encrypted using ABE [12]. To make it lightweight and suitable for IoT, we adapt ABE scheme based on lightweight Elliptic Curve Cryptography (ECC) [1], [13]. Here Publisher uses Spublish command to publish an encrypted message using ABE. Hence, Subscribers who satisfy the access policy are capable of decrypting the message.


B. Proposed Attribute Based Encryption for SMQTT
In ABE technique, sender device encrypts data based on set of conditions in terms of access policy and subsequently receiver device is able to decrypt the ciphertext, if it satisfies access policy. This access policy is expressed in terms of conditions containing the user attributes (can be feature, property, role, etc). Typically, access policy is expressed as a predicate with set of attributes and boolean constructs (OR, AND, NOT). Further in KP-ABE and CP-ABE encryption and decryption depends on key based access policy [7], [14] and ciphertext based access policy [8] respectively. Generally access policy is described as a n-ary access tree. For instance, Fig.2 represents a snapshot of an access tree. According to this access policy, a temperature sensor device publishes temperature data under Smart Home topic through ’Spublish’. A subscriber device who is a controller for Air conditioner or Heater and co-located in the same Location ID of the sensor or a fire alarm device can decrypt the temperature data for the smart home application.