Abstract
The Internet of things (IoT) has been undergoing accelerating growth, whereas the growth in its security is falling behind, representing a significant security problem. IoT devices use Message Queuing Telemetry Transport, which is a lightweight IoT standard messaging protocol, along with another security protocol. There are a few ways to secure communications, among which SSL/TLS is recommended. However, adapting SSL/TLS to IoT has many problems. First of all, the SSL/TLS handshake can incur considerable overhead, representing an intensive task for low-performance devices. Secondly, certain IoT communications use disposable handshakes, which are used with just one message when there is no need to connect in the future; this uses energy inefficiently and leads to reduced lifetime of the IoT devices. Thirdly, SSL/TLS may provide higher security levels than are needed for a transmission, in which case energy is wasted. Also, when only low security is required and the transmitted message is very short, SSL/TLS provides excessively secure communication and thus consumes energy inefficiently. Although there are the many problems, using SSL/TLS is unavoidable. Therefore, it is necessary to improve SSL/TLS for use with Message Queuing Telemetry Transport in the IoT. Herein we propose a method to improve energy efficiency in this environment while satisfying any of various expected security levels. Our proposed method recognizes the three inputs of security level, residual energy, and message length as the relevant device conditions. Based on these inputs, the proposed method selects an appropriate fuzzy rule to determine which client-compatible cipher suite is most suitable for the conditions. Herein we demonstrate the validity of our proposed method by means of experiments on its energy efficiency relative to that of SSL/TLS.