부산대학교 도서관

The over-the-air (OTA) updating mechanism is one critical mechanism for Internet of Things (IoT); the OTA updating mechanism facilitates the systems remotely update the firmware/software without recalling the devices or visiting the remote sites. However, the existent MQTT-based OTA models (like Amazon, Infineon, etc.) ignore the privacy against a curious broker: they assume the users trust the broker and the broker would not peek at the transmission contents. This strong assumption is dangerous as we can see that many high-profile-security IT servers (like Coinbase) have been compromised either from the internal staff or from the external hackers. This article, based the end-to-end (E2E) channel establishment, designs, implements, and evaluates a new MQTT-based OTA scheme. The E2E channel ensures the security and the privacy. The AVISPA-based formal proof validates its security goals. The evaluation, based on the implementations, shows that the proposed scheme enhances the security/privacy while keeping the efficiency.