Cryptology ePrint Archive: Report 2016/455

Extracting the RC4 secret key of the Open Smart Grid Protocol

Linus Feiten, Matthias Sauer

Abstract: The Open Smart Grid Protocol (OSGP) is a widely used industry standard for exchanging sensitive data between devices inside of smart grids. For message confidentiality, OSGP implements a customised form of the RC4 stream cipher. In this work, we show how already known weaknesses of RC4 can be exploited to successfully attack the OSGP implementation as well. The attack modification is able to effectively derive the secret OSGP encryption and decryption key, given that an attacker can accumulate the cipher streams of approximately 90,000 messages. The possession of this key allows the attacker to decrypt all data intercepted on the OSGP smart grid and thereby obtain privacy critical information of its participants.

Category / Keywords: applications / Cryptography, Security, RC4, Smart Grid, Protocol

Date: received 10 May 2016

Contact author: feiten at informatik uni-freiburg de

Available format(s): PDF | BibTeX Citation

Note: An abbreviated version of this paper has been presented at the Workshop "Industrial Control System Security (ICSS)" at the Annual Computer Security Applications Conference 2015 (ACSAC 31).

https://www.acsac.org/2015/workshops/icss/

This version includes extended examples, formulas and a description of RC4.

Version: 20160513:095546 (All versions of this report)

Short URL: ia.cr/2016/455

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]