Open Smart Grid Protocol vulnerable communications across Europe

Three years after its inception, the Open Smart Grid has over four million smart meters and similar devices around the world.Smart Grid

The Open Smart Grid Protocol manages communication on smart grids. Developed by the Energy Service Network Association (ESNA), 2012 is the standard of the European Telecommunications Standards Institute (ETSI), according to the study.

Two researchers, Phillip Jovanovic of the University of Passau, Germany, and Samuel Neves, of the University of Coimbra, Portugal, published a study that exposes several encryption flaws in the protocol.

The study entitled "Dumb Crypto in Smart Grids: Practical Cryptanalysis of the Open Smart Grid Protocol”, Explains how the encryption system used in OSGP is open to numerous attacks. The study states that the "breaking" of this encryption requires minimal computational effort.

Specifically, the vulnerability is the local authentication used for the authenticity of the code and is called OMA Digest.

"This feature is extremely weak, and can not be considered as providing any guarantee of authenticity," the researchers said.

"The No. 1 rule of cryptography is: Do not invent your own"
Experts like Adam Crain (security researcher and founder of Automatak) who has published research on the DNP3 protocol used in industrial communications control systems have stated that the use of an OMA Digest function is a "big red flag". ”, Obviously meaning the dangerousness of the feature.

"Protocol designers should stick to the well-known good algorithms or even the NIST approved shortlist," said Crain.

"In this case, the researchers who analyzed the OMA Digest found weaknesses. Weaknesses can be used to identify the private key with a very small number of tests. ”

Crain also said, "The No. 1 rule of cryptography is [Do not invent your own]."

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).