Cryptology ePrint Archive: Report 2016/455
Extracting the RC4 secret key of the Open Smart Grid Protocol
Linus Feiten, Matthias Sauer
Abstract: The Open Smart Grid Protocol (OSGP) is a widely used industry standard for exchanging sensitive data between devices inside of smart grids. For message confidentiality, OSGP implements a customised form of the RC4 stream cipher. In this work, we show how already known weaknesses of RC4 can be exploited to successfully attack the OSGP implementation as well. The attack modification is able to effectively derive the secret OSGP encryption and decryption key, given that an attacker can accumulate the cipher streams of approximately 90,000 messages. The possession of this key allows the attacker to decrypt all data intercepted on the OSGP smart grid and thereby obtain privacy critical information of its participants.
Category / Keywords: applications / Cryptography, Security, RC4, Smart Grid, Protocol
Date: received 10 May 2016
Contact author: feiten at informatik uni-freiburg de
Available format(s): PDF | BibTeX Citation
Note: An abbreviated version of this paper has been presented at the Workshop "Industrial Control System Security (ICSS)" at the Annual Computer Security Applications Conference 2015 (ACSAC 31).
This version includes extended examples, formulas and a description of RC4.
Version: 20160513:095546 (All versions of this report)
Short URL: ia.cr/2016/455
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]