Three years after its inception, the Open Smart Grid has over four million smart meters and similar devices around the world.
The Open Smart Grid Protocol manages communication on smart grids. Developed by the Energy Service Network Association (ESNA), 2012 is the standard of the European Telecommunications Standards Institute (ETSI), according to the study.
Two researchers, Phillip Jovanovic of the University of Passau, Germany, and Samuel Neves, of the University of Coimbra, Portugal, published a study that exposes several encryption flaws in the protocol.
The study entitled "Dumb Crypto in Smart Grids: Practical Cryptanalysis of the Open Smart Grid Protocol”, Explains how the encryption system used in OSGP is open to numerous attacks. The study states that the "breaking" of this encryption requires minimal computational effort.
Specifically, the vulnerability is the local authentication used for the authenticity of the code and is called OMA Digest.
"This feature is extremely weak, and can not be considered as providing any guarantee of authenticity," the researchers said.
"Protocol designers should stick to the well-known good algorithms or even the NIST approved shortlist," said Crain.
"In this case, the researchers who analyzed the OMA Digest found weaknesses. Weaknesses can be used to identify the private key with a very small number of tests. ”
Crain also said, "The No. 1 rule of cryptography is [Do not invent your own]."