FSEE: A Forward Secure End-to-End Encrypted Message Transmission System for IoT

Leakage of long-term secrets is a major concern when cryptographic schemes are implemented on devices with weak protection capability, especially for resource-constrained IoT devices. Forward secrecy is a means to minimize the damage when such an event takes place. For pub-/sub-based IoT systems, several end-to-end (from publisher to subscriber) encrypted message transmission schemes have been proposed to tackle the confidentiality problems brought by malicious message brokers. But none of them provide forward secrecy. This article presents FSEE, a forward secure end-to-end encrypted message transmission system for pub-/sub-based IoT. To support FSEE, we design a novel group key exchange protocol BA-GKE, which relies on a semi-trusted key exchange server to provide forward secrecy and support asynchronous communication between group members. We prove its forward secrecy by ProVerif. The core idea of FSEE is to establish a forward secure symmetric key per device using BA-GKE asynchronously, and this device-specific key is shared with the device and its authorized subscribers for encrypting messages securely. By adding a semi-trusted key exchange server to realize BA-GKE in the current IoT architecture, FSEE does not need to change the existing message broker and could be deployed incrementally. The experimental results show that FSEE has comparable performance to existing prominent research and provides higher security.