RVD#449: Lack of Forward Secrecy (FS) support in handshake algorithms

[vmayoral]

id: 449
title: 'RVD#449: Lack of Forward Secrecy (FS) support in handshake algorithms'
type: weakness
description: "In the DDS protocol, only two types of algorithms, \u201CDH+MODP-2048-256\u201D\
  \ and \u201CECDH+prime256v1-CEUM\u201D, are supported. These handshake algorithms\
  \ (DH and ECDH) do not support forward secrecy (FS). In cryptography, FS is a property\
  \ of secure communication protocols in which the compromise of any long-term keys\
  \ also compromises past session keys. Since the DH public key is fixed in the certificate\
  \ and its corresponding private key is also fixed, all past session keys can be\
  \ computed by an adversary if a long-term private key is compromised and all past\
  \ traffic was recorded by the adversary. First reported at https://arxiv.org/pdf/1809.09566.pdf\
  \ by Kim et al. as part of work sponsored by the U.S. Army Tank Automotive Research,\
  \ Development, and Engineering Center (TARDEC)"
cwe: 'CWE-656: Reliance on Security Through Obscurity'
cve: None
keywords:
- components software
- malformed
- 'robot component: DDS'
- 'robot component: ROS2'
- 'vendor: ADLINK'
- 'vendor: RTI'
- 'vendor: eProsima'
- weakness
system: null
vendor: null
severity:
  rvss-score: None
  rvss-vector: N/A
  severity-description: ''
  cvss-score: 0
  cvss-vector: ''
links:
- https://github.com/aliasrobotics/RVD/issues/449
- https://arxiv.org/pdf/1809.09566.pdf
flaw:
  phase: unknown
  specificity: N/A
  architectural-location: N/A
  application: N/A
  subsystem: N/A
  package: N/A
  languages: None
  date-detected: 2018-09-24 (00:00)
  detected-by: Jongkil Kim, Jonathon M. Smereka, Calvin Cheung, Surya Nepal and Marthie
    Groble
  detected-by-method: N/A
  date-reported: 2019-10-07 (00:00)
  reported-by: Alias Robotics
  reported-by-relationship: security researcher
  issue: https://github.com/aliasrobotics/RVD/issues/449
  reproducibility: ''
  trace: null
  reproduction: ''
  reproduction-image: ''
exploitation:
  description: ''
  exploitation-image: ''
  exploitation-vector: ''
  exploitation-recipe: ''
mitigation:
  description: ''
  pull-request: ''
  date-mitigation: null

[github-actions[bot]]

Feedback (automatically generated):

• FIXME: Flaw not identified as a vulnerability, weakness or exposure. Have you included # Vulnerability (or Weakness or Exposure) report at the top of the ticket?, see for more information or review other tickets to get inspiration

Please review the feedback above. Once addressed, either request the removal of the malformed label to trigger another automatic review.

[github-actions[bot]]

Feedback (automatically generated):

• FIXME: Robot or Robot component not present in summary table or invalid, see for more information or review other tickets and get inspiration
• FIXME: CWD ID not present in summary table or invalid, see for more information or review other tickets and get inspiration
• FIXME: Attack vector not present in summary table or invalid, see for more information or review other tickets and get inspiration
• FIXME: ### Description not present or invalid, see for more information or review other tickets and get inspiration

Please review the feedback above. Once addressed, either request the removal of the malformed label to trigger another automatic review.

[vmayoral]

Elevating to vulnerability and marked that "Needs triage"