Categories: News

New Crypto Dooms Open Smart Grid

It has been three years since the invention of the Open Smart Grid Protocol, and in that time it has found its way into over four million smart meters and devices worldwide.

It’s very similar to its brethren as it is full of security issues. Two researchers, Philipp Jovanovic of the University of Passau in Germany and Samuel Neves of the University of Coimbra in Portugal, published a paper exposing encryption weaknesses in the protocol.

The paper explains how the encryption scheme used in the OSGP is open to several attacks, the paper only demonstrates a few that can be exploited with minimal effort.

“This function has been found to be extremely weak, and cannot be assumed to provide any authenticity guarantee whatsoever,” the researchers wrote.

Adam Crain, a security researcher said the home made function is a “big red flag”.“Protocol designers should stick to known good algorithms or even the ‘NIST-approved’ short list”

The weaknesses discovered by Jovanovic and Neves enabled them to recover private keys with relative ease: 13 queries to an OMA digest oracle and negligible time complexity in one attack, and another in just four queries and 2^25 time complexity” “A different approach only requires one arbitrary valid plaintext-tag pair, and recovers the key in an average of 144 message verification queries, or one ciphertext-tag pair and 168 ciphertext verification queries” 

Sounds like this is quite a nasty vulnerability!

Thank you to ThreatPost for providing us with this information

Image courtesy of WPA

Robert Ainsworth

Disqus Comments Loading...

Recent Posts

Horizon Forbidden West Delayed Until 2022?

Horizon Forbidden West represents, just in case the name didn't give you a strong enough…

3 hours ago

Intel Z690 Motherboard Image Leaks Online?

With Intel's Alder Lake-S processors expected to be released later this year (probably around October),…

3 hours ago

Gigabyte Unveil AORUS P1200W PSU With Colour Display Panel

I think many would agree that when it comes to PC components, power supplies are…

3 hours ago

Intel DG2 (Xe-HPG) GPUs to Launch at CES 2022?

In something that's starting to give me flashbacks to the days of 'Ryzen is Coming',…

3 hours ago

MSI Oculux NXG253R eSports Gaming Monitor Review

Typically, when I review a monitor, the bigger they are, the more expensive they are.…

1 day ago

AMD Officially Unveils the Radeon RX 6600 XT

After months of speculation, it's finally here. Well, technically not quite yet, but as prior…

1 day ago