Message Encryption

Definition

Encrypting a message body using a cryptographic key.

How it works

Message encryption transforms plaintext messages into unreadable ciphertext using algorithms and cryptographic keys. Symmetric encryption uses a shared key for both encryption and decryption, while asymmetric encryption involves a pair of public and private keys. The sender encrypts the message with the recipient's public key, and only the recipient, with the corresponding private key, can decrypt and read the message. This process ensures confidentiality during data transmission, preventing unauthorized access. Widely used encryption standards include AES (symmetric) and RSA (asymmetric), safeguarding sensitive information in various communication channels.

Encyryption within ROS2

SROS2 implements AES-GCM-GMAC using the built-in DDS plugin, as per the design documentation. This is in compliance with the DDS Security specification. It is important to keep the private cryptographic keys safe, preferably in a keystore server. However, ROS2 is generally ran on a relatively compute rich system, compared to most embedded or robotic systems. On these less compute rich systems an algorithm like AES could be too compute heavy to effectively use. Within the robotics/OT sphere availability is critical, systems cant be slowed down by heavy cryptographic calculations. In his paper “Applied cryptography in embedded systems”, which can be found on the website of the university of Vaasa, Yang Qian illustrates the different evaluations that have to be made regarding cryptography in this area of work. Note that the paper is from 2013, and the technical content is likely to be largely outdated, but the concepts and evaluation metrics still apply.

Considerations

Working with sophisticated modern cryptography can result in extra compute overhead. This may become a problem in systems that require real time operations if these systems are insufficiently compute rich, they may also lack dedicated chips to run certain protocols quickly. Using the right cryptographic standard is important to maintain security, but the system must still be able to function correctly. Furthermore, private keys must be kept private. They cannot be stored or transferred in the public domain. Preferably they are stored within a limited access, logged & monitored vault. The Certification Authority must be a trusted party. If the party can't be trusted, or trust is compromised all the keys provided by it must be revoked immediately. See the DigiNotar incident.

Related ATTACK Techniques

Eavesdrop

Replay Controller Traffic

References

APPLIED CRYPTOGRAPHY IN EMBEDDED SYSTEMS Message Encryption in Robot Operating System: Collateral Effects of Hardening Mobile Robots ROS 2 DDS-Security integration