[ros-users] [Discourse.ros.org] [Next Generation ROS] SROS2 - Securing certs and keys

[ruffsl]

Hmm... What literature have you found on the subject of Trusted Platform Module and robotics? I do like the idea of having the private credentials used for SROS2 isolated from the host OS, but that may require coding 3'rd party plugin, as the default DDS crypto plugin must load the private key from a path on disk, or serialized PEM string.

Funny you should mention TPM though, as last week or so when I was at the RoboCub 2017 Symposium, I met a PhD student, Sarah Haas from Graz University of Technology, who was presenting work on a similar topic: 

Secure Authentication for Industrial Mobile Robots using Biometric Data

https://pdfwww.gakkai-web.net/gakkai/inter/robocup2017symposium/contents/html/papers/pdf/RoboCup_Symposium_2017_paper_4.pdf

You may want to investigate the lab Sarah is from. I recall some of Sara's peers working on using TPM for the Diffie-Hellman key exchange and establish a symmetric session key without revealing the private key to the network host.

![20170731_113144|281x500](/uploads/ros/original/1X/412077763251c582d10b69f5a8092a19b2bd77c8.jpg)





---
[Visit Topic](https://discourse.ros.org/t/sros2-securing-certs-and-keys/2400/8) or reply to this email to respond.