Anyone add encryption into the LCM API?

[Brian Sherman]

I'm investigating using LCM as our messaging middle-ware for a project.  One requirement we need to satisfy is encrypted communications.  The plan would be to implement a symmetric key algorithm into LCM.  Doing this for one language such as java I think would be pretty straight forward but implementing for each language LCM supports seems more daunting.  Does anyone have any experience or insight into implementing encryption into LCM?  Thanks for your help.

[Edwin Olson]

Encrypting is easy.  Key management and authentication are hard.

Can you say more about what you're trying to protect against?

Ed

On Fri, Mar 31, 2017 at 8:46 AM Brian Sherman <brianj...@gmail.com> wrote:

I'm investigating using LCM as our messaging middle-ware for a project.  One requirement we need to satisfy is encrypted communications.  The plan would be to implement a symmetric key algorithm into LCM.  Doing this for one language such as java I think would be pretty straight forward but implementing for each language LCM supports seems more daunting.  Does anyone have any experience or insight into implementing encryption into LCM?  Thanks for your help.

--
You received this message because you are subscribed to the Google Groups "Lightweight Communications and Marshalling" group.
To unsubscribe from this group and stop receiving emails from it, send an email to lcm-users+...@googlegroups.com.
To post to this group, send email to lcm-...@googlegroups.com.
Visit this group at https://groups.google.com/group/lcm-users.
For more options, visit https://groups.google.com/d/optout.

--

Edwin Olson
Assoc. Professor, Computer Science & Engineering

University of Michigan
http://april.eecs.umich.edu

[Brian Sherman]

The requirement is due to the fact that our system will be running on a naval vessel.  Regardless of what the data is, it is required to be encrypted in transit.  So far the requirement is vague and hasn't been forced on us yet.  It's more that we know its coming and want to plan ahead for it.  Unfortunately what I don't know is if they'll place any additional requirements on things such as using an asymmetric algorithm, etc.  Right now I think we could get away with a symmetric key implementation where each publisher and subscriber will have to have the key in order to communicate similar to how each will have to have the compiled IDL as well.  While not as secure as other designs its simpler to implement and it adds another obstacle to someone trying to sniff the wire and decode the data.