When amateurs do the job of a professional, the result is smart grids secured by dumb crypto.

Buchanan, William J

Authors

Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor

Abstract

Security relies upon good programming and correct adherence to well-designed standards. If the standards are sloppy, then security has been compromised from the outset. Smart grids, which include the smart meters being rolled out to millions of homes and the upstream equipment used by electricity suppliers, are often secured by the Open Smart Grid Protocol (OSGP), developed by the Energy Service Network Association (ESNA). It’s estimated there are more than 4m devices using OSGP. If there’s one rule about cryptography it’s that it is difficult to prove there are no weaknesses. Newly developed ciphers and methods are subjected to thorough cryptanalysis and peer review – and it’s not advisable to try and re-invent the wheel and develop a new form of cryptographic method or cipher. And yet the ESNA did just that. Ever since OSGP was standardised in 2012 ESNA has been under fire for its decision, and now researchers have discovered just how bad that decision was.

Citation

Buchanan, W. J. (2015). When amateurs do the job of a professional, the result is smart grids secured by dumb crypto

Other Type	Newspaper Article
Publication Date	2015
Deposit Date	Aug 10, 2015
Publicly Available Date	May 15, 2017
Keywords	Electricity supoply industrry; metering; cryptography; Open Smart Grid Protocol (OSGP); Energy Service Network; Association (ESNA) ; computer software ; security
Public URL	http://researchrepository.napier.ac.uk/id/eprint/8776