3

After reading the OMG specification about secure DDS: https://www.omg.org/spec/DDS-SECURITY/1.1/

I understood that DDS participants will authenticate each others though a handshake and deduce a secret using DH. This shared secret is used for the publisher (writer) to share the key used to encrypt the messages published in order for a subscriber (reader) to decrypt the message.

However, what happens if there are multiple publishers for the same topic?

  • Do they agree on the same key?
  • Do they generate they own key and send them to each reader ?

I am expecting the first option, but could not find confirmation within the OMG specification.

Stoogy
  • 1,307
  • 3
  • 16
  • 34

1 Answers1

2

However, what happens if there are multiple publishers for the same topic?

Each DataWriter (not Publisher) generates its own symmetric key which gets shared with all its matched DataReaders. The fact that multiple DataWriters may be writing to the same Topic does not change this -- each of them generates their own key and uses it to protects its own updates.

Note that this is the behavior as prescribed by the so-called built-in plugins as defined in Chapter 9 of the specification that you mentioned. These are defined to provide out-of-the-box functionality with interoperability between vendors. Customized plugins may behave differently.

Reinier Torenbeek
  • 16,669
  • 7
  • 46
  • 69