DDS-SECURITY 1.1 RTF Avatar
  1. OMG Issue

DDSSEC11 — Unnecessary Additional Authenticated Data in common_mac

Open Closed All
  • Key: DDSSEC11-70
  • Status: closed  
  • Source: Real-Time Innovations ( Dr. Gerardo Pardo-Castellote, Ph.D.)
  • Summary:

    Current specification defines the followin additional authenticated data when calculating the common_mac:

    • In encode_serialized_payload() the Additional Authenticated Data is empty (9.5.3.3.4.4).
    • In encode_datawriter/reader_submessage the Additional Authenticated Data contains the 4 Bytes in the SEC_SUB_MSG (9.5.3.3.4.5)
    • In encode_rtps_message the Additional Authenticated Data contains the 4 Bytes in the SEC_SUB_MSG (9.5.3.3.4.6)

    It is not clear that this additional step is providing a real gain. We should discuss if we want to change the specification to use an empty additional data in all cases.
  • Reported: DDS-SECURITY 1.0 — Tue, 11 Apr 2017 11:32 GMT
  • Disposition: Resolved — DDS-SECURITY 1.1
  • Disposition Summary:

    Change Specification to Use Empty AAD

    Change the specification to use an empty AAD.
  • Updated: Tue, 19 Dec 2017 20:03 GMT