paint-brush
Secure and Dynamic Publish/Subscribe: LCMsec: Conclusionby@marshalling
101 reads

Secure and Dynamic Publish/Subscribe: LCMsec: Conclusion

by MarshallingJuly 10th, 2024
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

LCMsec is a new secure brokerless Publish/Subscribe protocol based on UDP multicast. It is decentralised in the sense that there is no need for a central server to broker messages, facilitate key exchanges or discover peers. A discovery mechanism is instead built-in, which facilitates ease-of-use and flexibility.
featured image - Secure and Dynamic Publish/Subscribe: LCMsec: Conclusion
Marshalling HackerNoon profile picture

Authors:

(1) Moritz Jasper, Barkhausen Institut gGmbH, Wurzburger Straße 46, Dresden, Germany ([email protected]);

(2) Stefan Kopsell, Barkhausen Institut gGmbH, Wurzburger Straße 46, Dresden, Germany ([email protected]).

Abstract and Introduction

Related Work

Description of LCM

Attacker Model and Security Goals

LCMSec: The Proposed Protocol

Implementation and Evaluation

Conclusion

Appendix and References

VII. CONCLUSION

In this work, we presented LCMsec, a new secure brokerless Publish/Subscribe protocol based on UDP multicast. We have


Fig. 9. Performing the group discovery and key agreement protocol with |P| = 0, varying |J| and emulated network delays


added confidentiality, integrity and authenticity to the existing LCM protocol while minimising both overhead and computational complexity. LCMsec can be used in most environments in which LCM is currently used, e.g., IoT, automotive and robotics applications. This has been achieved by using a different threat model than previous work in the domain of multicast authentication. We make no distinction between subscribers and publishers, each subscriber is also allowed to publish messages. However, an attribute-based access control mechanism is available through the use X.509 certificates that grants access only to specific LCMdomains.


LCMsec is decentralised in the sense that there is no need for a central server to broker messages, facilitate key exchanges or discover peers. A discovery mechanism is instead built-in, which facilitates ease-of-use and flexibility. Despite the shared symmetric key, it should be noted that the protocol is scalable in dynamic situations: Through use of the DuttaBarua group key agreement, the number of network interactions when a publisher or subscriber joins a topic is minimised.


This paper is available on arxiv under CC BY 4.0 DEED license.