The message-oriented IoT protocol, Message Queuing Telemetry Transport (MQTT), is quite pervasive in smart applications. By default, the MQTT has no security scheme. It is essential to develop and implement an additional security scheme to overcome its weakness. Attribute-based encryption is suitable for MQTT topic-based communication. However, most of the works deploy a single trusted authority and perform attribute verification and key generation.
It tends to be a bottleneck in IoT and some security attacks. Moreover, most attribute-based schemes typically result in high computational complexity. The complexity of such operation is increased, especially with many attributes, and it is difficult to implement on resource-constrained wireless sensors. Thus, a lightweight attribute-based security scheme by dynamically and individually selecting the secret key without exchanging the messages can improve the MQTT security. The dynamic rules can be generated using fuzzy logic.