Abstract
MQTT is a publisher-broker-subscriber architecture in which a broker forwards the messages to interested subscribers, which facilitates the broker's capacity to peek at the message contents; therefore, both academia and industry design and develop end-to-end (E2E) channels to protect the privacy against a curious broker which honestly follows the protocols but would peek at the contents for its benefits. However, we notice that the double-encryption issue of the conventional MQTT broker-based E2E models and the heavy broker-decrypt-re-encrypt overhead undermine MQTT efficiency strengths. In this study, we highlight the weaknesses, propose several solutions, implement the schemes, and experiment with them in the simulated scenarios. Security analysis and formal security proofs are verified to ensure the security goals. The analysis and the evaluations on the implementations confirm both the group key-based approach and the client-broker-channel, integrity-only approach could improve the efficiency performance while preserving security strengths.