DDS-SECURITY 1.2 RTF Avatar
  1. OMG Issue

DDSSEC12 — Provide pre-shared protection for unauthenticated messages

  • Key: DDSSEC12-94
  • Status: closed   Implementation work Blocked
  • Source: Real-Time Innovations ( Dr. Gerardo Pardo-Castellote, Ph.D.)
  • Summary:

    There is an inherent DoS network amplification attack that exploits peer-to-peer discovery. See https://issues.omg.org/browse/DDSIRTP26-6

    This issue should be addressed by DDS-Security. Likely using some pre-shared key mechanics to protect all messages not otherwise protected. For example, the authentication handshakes.

  • Reported: DDS-SECURITY 1.1b1 — Fri, 12 Nov 2021 16:28 GMT
  • Disposition: Resolved — DDS-SECURITY 1.2
  • Disposition Summary:

    Provide a layer of PSK protection

    Peovide the means to use a pre-shared secret to protect any RTPS message (e.g. bootstrap messges) that is not otherwise protected by the keys that the DomainParticipants exchange.

    Also define the "pre-shared" key mechanism as a separate "builtin" plugin

  • Updated: Tue, 20 Aug 2024 00:49 GMT
  • Attachments: