Secure and Dynamic Publish/Subscribe: LCMsec

Publikation: Beitrag in Buch/Konferenzbericht/Sammelband/GutachtenBeitrag in KonferenzbandBeigetragenBegutachtung

Beitragende

  • Moritz Jasper - , Barkhausen Institut gGmbH, Technische Universität Dresden (Autor:in)
  • Stefan Kopsell - , Professur für Privacy and Security, Barkhausen Institut gGmbH (Autor:in)

Abstract

We propose LCMsec, a brokerless, decentralised Publish/Subscribe protocol. It aims to provide low-latency and high-throughput message-passing for IoT and automotive applications while providing much-needed security functionalities to combat emerging cyber-attacks in that domain. LCMsec is an extension for the Lightweight Communications and Marshalling (LCM) protocol. We extend this protocol by providing not only authenticated encryption of the messages in transit, but also a group discovery protocol inspired by the Raft consensus protocol. The Dutta-Barua group key agreement is used to agree upon a shared symmetric key among subscribers and publishers on a topic. By using a shared group key, we reduce the key agreement overhead and the number of message authentication codes (MACs) per message compared to existing proposals for secure brokerless Publish/Subscribe protocols, which establish a symmetric key between each publisher and subscriber and append multiple MACs to each message.

Details

OriginalspracheEnglisch
Titel2023 IEEE 98th Vehicular Technology Conference, VTC 2023-Fall - Proceedings
Herausgeber (Verlag)Institute of Electrical and Electronics Engineers Inc.
Seiten1-7
ISBN (elektronisch)9798350329285
PublikationsstatusVeröffentlicht - 2023
Peer-Review-StatusJa

Publikationsreihe

ReiheIEEE Conference on Vehicular Technology (VTC)
ISSN1550-2252

Konferenz

Titel98th IEEE Vehicular Technology Conference
KurztitelVTC 2023-Fall
Veranstaltungsnummer98
Dauer10 - 13 Oktober 2023
Webseite
OrtSheraton Hong Kong Tung Chung hotel
StadtHong Kong
LandChina

Externe IDs

ORCID /0000-0002-0466-562X/work/159607941

Schlagworte

Schlagwörter

  • cryptography, cybersecurity, IoT security, multicast, Publish/Subscribe security, secure group communication