On the Formal Verification of Authenticated Encryption of the MQTT Protocol

The Message Queuing Telemetry Transport (MQTT) protocol is highly preferable for Internet of Things (IoT) environments due to its lightweight architecture, but routing sensitive medical data through a central broker introduces severe privacy risks if the broker is untrusted or compromised. To address this, we propose secure MQTT, a high performance end to end encrypted (E2EE) protocol tailored for constrained devices that renders the broker completely blind to message payloads and incapable of m