Browse > Article
http://dx.doi.org/10.6109/jkiice.2018.22.11.1554

Message Encryption Methods for DDS Security Performance Improvement  

Han, Jae-Hoon (Naval R&D center, HanwhaSystems)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.22, no.11, 2018 , pp. 1554-1561 More about this Journal
Abstract
This paper surveys the DDS, a real - time communication middleware, and proposes ways to improve the DDS secure communication performance. DDS is a communication middleware standard by the OMG. The OMG has released the DDS Security standard to resolve the security issues. The security performance of DDS can be considered into transmission speed and confidentiality. In terms of confidentiality, AES-GCM, currently the encryption algorithm specified by DDS Security, is a very strong encryption algorithm, but there are well known weaknesses associated with authentication. In terms of speed, The computational load for the security function is a restriction to use DDS in systems which requires real-time performance. Therefore, in order to improve the DDS security, algorithms that are faster than AES-GCM and strong in encryption strength are needed. In this paper, we propose a DDS message encryption method applying AES-OCB algorithm to meet these requirements and Compared with the existing DDS, the transmission performance is improved by up to 12%.
Keywords
DDS; DDS Security; Cryptography; AES-GCM; AES-OCB;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 DDS Portal. What is DDS[Internet]. Available: https://www.omgwiki.org/dds/what-is-dds-3/.
2 S. H. Ham, and D. W. Park, "Study on Policies for National Cybersecurity," Journal of the Korea Institute of Information and Communication Engineering, vol. 21, no. 9, pp. 1666-1673, Sep. 2017.   DOI
3 T. White, M. N. Johnstone and M. Peacock, "An investigation into some security issues in the DDS messaging protocol," in Proceeding of 15th Australian Information Security Management Conference, Perth, pp. 132-139, 2017.
4 OMG Std. DDS Security Version 1.1, OMG, 2018.
5 Y. K. Go and C. S. Kim, "Cryptographic Overhead of DDS Security for Naval Combat System Security," in Proceeding of the Korean Information Science Society Conference, Jeju, pp. 1217-1219, 2017.
6 N. Ferguson.(2005, May). Authentication weaknesses in GCM. Comments submitted to NIST Modes of Operation Process[online]. pp. 1-19. Available: https://csrc.nist.gov/csrc/media/projects/block-cipher-techniques/documents/bcm/comments/cwc-gcm/ferguson2.pdf.
7 OMG Std. Data Distribution Service for Real-time Systems Version 1.2, OMG, 2007.
8 OMG Std, The Real-Time Publish-Subscribe WireProtocol: DDS Interoperability Wire Protocol Specification Version 2.1, OMG, 2014.
9 S. M. Kim, T. M. Chang, H. S. Kim, and M. S. Kang, "Design of High-Speed AES Cipher Processor Using Pipeline Technique," Journal of Security Engineering, vol. 11, no. 2, pp.145-154, Apr. 2014.   DOI
10 D. A. McGrew, and J. Viega, "The security and performance of the Galois/Counter Mode (GCM) of operation," in Proceeding of the International Conference on Cryptology in India, Berlin, pp. 343-355, 2004.
11 G. Procter and C. Cid, "On weak keys and forgery attacks against polynomial-based MAC schemes," Journal of Cryptology, vol. 28, no. 4, pp. 769-795, Oct. 2015.   DOI
12 J. P. Aumasson, Serious Cryptography: A Practical Introduction to Modern Encryption, San Francisco, 2017.
13 T. Krovetz and P. Rogaway, "The Software Performance of Authenticated-Encryption Modes," in Proceedings of the International Workshop on Fast Software Encryption, Berlin, pp. 306-327, 2011.
14 OCB Mode. OCB: free licenses[internet]. Available: http://web.cs.ucdavis.edu/-rogaway/ocb/license.htm.
15 T. Krovetz and P. Rogaway. (2014, May). The OCB authenticated-encryption algorithm, IETF RFC 7253[Online], pp. 1-19. Available: https://tools.ietf.org/html/rfc7253.