Paper 2015/088

Structural Weaknesses in the Open Smart Grid Protocol

Klaus Kursawe and Christiane Peters

Abstract

The Open Smart Grid Protocol (OSGP) is currently deployed in various countries in large-scale Smart Metering projects. The protocol was developed by the OSGP Alliance and published as a standard by the European Telecommunications Standards Institute (ETSI). We identify several security issues in the OSG Protocol, primarily the use of a weak digest function and the way the protocol utilizes the RC4 algorithm for encryption. A straight-forward oracle attack triggers the leakage of key material of the digest function. We outline how an attacker can make use of the simple protocol structure to send maliciously altered messages with valid authentication tags to the meters.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
protocol analysisauthentication protocolOSGPISOIEC 14908Advanced Smart MeteringRC4oracle attackbit-flipping attack
Contact author(s)
christiane pascale peters @ gmail com
History
2015-06-15: last of 3 revisions
2015-02-14: received
See all versions
Short URL
https://ia.cr/2015/088
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/088,
      author = {Klaus Kursawe and Christiane Peters},
      title = {Structural Weaknesses in the Open Smart Grid Protocol},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/088},
      year = {2015},
      url = {https://eprint.iacr.org/2015/088}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.