RVD icon indicating copy to clipboard operation
RVD copied to clipboard

Published 20 hours ago verified publisher icon aliasrobotics

RVD#451: DDS cryptographic plugin, AES_GCM subject to forgery, key recovery and timing attacks, and nonce replay attacks

Open vmayoral opened this issue 5 years ago • 3 comments 

id: 451
title: 'RVD#451: DDS cryptographic plugin, AES_GCM subject to forgery, key recovery
  and timing attacks, and nonce replay attacks'
type: vulnerability
description: For the cryptographic plugin, AES_GCM and AES_GMAC are used for sign
  and encrypt functions, which are symmetric key operations. As discussed earlier,processing
  symmetric key operations are low latency, especially when cryptographic modes are
  combined into an atomic operation. A number of published papers have investigated
  the exploits using AES_GCM including forgery, key recovery and timing attacks, and
  nonce replay attacks. AES_GCM is mostly discussed in the papers, but GMAC is a mode
  of GCM in which no plaintext is supplied and the output is the authenticated field.
  First reported at https://journals.sagepub.com/doi/pdf/10.1177/1729881418770011
  by DiLuoffo et al.
cwe: CWE-208 (Information Exposure Through Timing Discrepancy)
cve: None
keywords:
- malformed
- 'robot component: DDS'
- 'robot component: FastRTPS'
- 'robot component: ROS2'
- 'vendor: ADLINK'
- 'vendor: RTI'
- 'vendor: eProsima'
- weakness
system: ROS 2
vendor: eProsima, ADLINK, RTI
severity:
  rvss-score: None
  rvss-vector: N/A
  severity-description: ''
  cvss-score: 0
  cvss-vector: ''
links:
- https://github.com/aliasrobotics/RVD/issues/451
- https://journals.sagepub.com/doi/pdf/10.1177/1729881418770011
flaw:
  phase: unknown
  specificity: N/A
  architectural-location: N/A
  application: N/A
  subsystem: N/A
  package: N/A
  languages: None
  date-detected: 2018-06-01 (00:00)
  detected-by: Vincenzo DiLuoffo, William R Michalson and Berk Sunar
  detected-by-method: N/A
  date-reported: 2019-10-07 (00:00)
  reported-by: Alias Robotics
  reported-by-relationship: security researcher
  issue: https://github.com/aliasrobotics/RVD/issues/451
  reproducibility: ''
  trace: null
  reproduction: ''
  reproduction-image: ''
exploitation:
  description: ''
  exploitation-image: ''
  exploitation-vector: ''
  exploitation-recipe: ''
mitigation:
  description: ''
  pull-request: ''
  date-mitigation: ''

vmayoral avatar Oct 07 '19 07:10 vmayoral

Feedback (automatically generated):

  • FIXME: Flaw not identified as a vulnerability, weakness or exposure. Have you included # Vulnerability (or Weakness or Exposure) report at the top of the ticket?, see Vulnerability report template for more information or review other tickets to get inspiration

Please review the feedback above. Once addressed, either request the removal of the malformed label to trigger another automatic review.

github-actions[bot] avatar Oct 27 '19 17:10 github-actions[bot]

Feedback (automatically generated):

  • FIXME: Robot or Robot component not present in summary table or invalid, see Vulnerability report template for more information or review other tickets and get inspiration
  • FIXME: CWD ID not present in summary table or invalid, see Vulnerability report template for more information or review other tickets and get inspiration
  • FIXME: Attack vector not present in summary table or invalid, see Vulnerability report template for more information or review other tickets and get inspiration
  • FIXME: ### Description not present or invalid, see Vulnerability report template for more information or review other tickets and get inspiration

Please review the feedback above. Once addressed, either request the removal of the malformed label to trigger another automatic review.

github-actions[bot] avatar Oct 29 '19 13:10 github-actions[bot]

Same as https://github.com/aliasrobotics/RVD/issues/453, further triage is needed in here.

vmayoral avatar Dec 08 '19 09:12 vmayoral