Cryptology ePrint Archive: Report 2015/088
Structural Weaknesses in the Open Smart Grid Protocol
Klaus Kursawe and Christiane Peters
Abstract: The Open Smart Grid Protocol (OSGP) is currently deployed in various countries in large-scale Smart Metering projects. The protocol was developed by the OSGP Alliance and published as a standard by the European Telecommunications Standards Institute (ETSI).
We identify several security issues in the OSG Protocol, primarily the use of a weak digest function and the way the protocol utilizes the RC4 algorithm for encryption. A straight-forward oracle attack triggers the leakage of key material of the digest function. We outline how an attacker can make use of the simple protocol structure to send maliciously altered messages with valid authentication tags to the meters.
Category / Keywords: cryptographic protocols / protocol analysis, authentication protocol, OSGP, ISO/IEC 14908, Advanced Smart Metering, RC4, oracle attack, bit-flipping attack
Date: received 5 Feb 2015, last revised 15 Jun 2015
Contact author: christiane pascale peters at gmail com
Available format(s): PDF | BibTeX Citation
Version: 20150615:165829 (All versions of this report)
Short URL: ia.cr/2015/088
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]