Please ask about problems and questions regarding this tutorial on answers.ros.org. Don't forget to include in your question the link to this page, the versions of your OS & ROS, and also add appropriate tags. |
Transport Security and ROS
Description: This tutorial explains what, why, and how TLS is used in SROS.Keywords: SROS, TLS
Tutorial Level: INTERMEDIATE
Next Tutorial: SROS/Tutorials/KeyserverAndSROS
Overview
This tutorial will introduce you to how SROS uses TLS. First, let us familiarize ourselves with TLS itself.
What is TLS
Transport Layer Security (TLS) is the predecessor to Secure Sockets Layer (SSL), both frequently referred to as "SSL", are cryptographic protocols that provide communications security over a computer network. Versions of the protocols find widespread use in applications such as https web browsing, email, instant messaging, and voice-over-IP (VoIP). The TLS protocol aims primarily to provide privacy and data integrity between two communicating applications. Connections secured by TLS, connections between a client (e.g., a listener node) and a server (e.g., talker node) have one or more of the following properties: https://en.wikipedia.org/wiki/Transport_Layer_Security
- Privacy: connections are private (or secure) because symmetric cryptography
- Identity: communicating parties can be authenticated using public-key cryptography
- Integrity: prevent undetected loss or alteration of the data during transmission
TLS is an effective method for securing ROS communication. TLS protects SROS from network threats, even attacks inside a local networks or firewall, by encrypting all ROS related traffic. Additionally, because TLS leverages Public Key Infrastructure (PKI), this helps provide chains of trust, as well as certificate expiration, revocation, and policies used to provide access control within the ROS graph, a topics found in later tutorials. https://en.wikipedia.org/wiki/Public_key_infrastructure
Why is TLS used in SROS
As mentioned above, we can leverage TLS to protect all ROS related traffic. This helps us to ensure that malicious actors can not redirect or replay network traffic, nor could they modify or spoof messages via man-in-the-middle attacks. Additionally, even if the robot become compromised, either through later system/physical level access, previous recorded traffic can not be decrypted thanks to the Forward Secrecy provided in TLS. https://en.wikipedia.org/wiki/Forward_secrecy
For example, one may wish to setup a ROS system within a network without using a Virtual Private Network (VPN) or Software-Defined Networking (SDN) for various reasons, e.g, corporate policy, nested networking complexity, or deployment and maintenance limitations. This network may not be preferably secure, or perhaps out of your control, but the security of the ROS application using it is significant to you. Using SROS, we can ensure our ROS application's network traffic remain secure even amongst these challenging constraints.
How is TLS used in SROS
SROS uses TLS by shimming its way between the network stack and the ROS client library. This enables SROS to wrap all socket level ROS communication via TLS, with any client libraries modifications made careful not modify how users interact with them. This affords users the all the benefits of SROS, without any necessary modifications to users' ROS application code using those same client libraries. It should also be noted that the modifications to ROS client libraries not only encompass securing the IP sockets, but also policy callback that enable the client library to evaluate the permissions of a connection, providing SROS an additional level of internal access control, again addresses in later tutorials.
The next few tutorials will walk you through an example SROS setup, as well as provide commentary and suggestions about additional relevant features when appropriate.