Internet of Things (IoT) use cases require application protocols like MQTT and HTTP to be encrypted and authenticated. So it is common to use these protocols in combination with Transport Layer Security (TLS ). MQTT over TLS is described in the MQTT 3.1 specification, and HTTP over TLS is described in the HTTPS specification.
Transport Layer Security (TLS ) is a cryptographic protocol that is designed to provide secure communications over the internet between a client and server. It is meant to ensure the safe delivery of data between a client and server, but it does NOT account for security at the endpoints (the client or server side). Clients signal to the server that they wish to establish a TLS connection, then the client and server use a handshake protocol to negotiate how they will establish trust between one another. Once the handshake protocol has been completed, data can be sent between the two parties using the encryption method negotiated during the handshake.
It is common for only the client to authenticate the server, for example when a web browser connects to an HTTPS web server. IoT devices often use “mutual authentication”, where the server also authenticates the identity of the IoT device client.
The TLS Protocol implemented is v1.2
Copyright (C) Amazon Web Services, Inc. or its affiliates. All rights reserved.