Research Output

When amateurs do the job of a professional, the result is smart grids secured by dumb crypto.

  Security relies upon good programming and correct adherence to well-designed standards. If the standards are sloppy, then security has been compromised from the outset. Smart grids, which include the smart meters being rolled out to millions of homes and the upstream equipment used by electricity suppliers, are often secured by the Open Smart Grid Protocol (OSGP), developed by the Energy Service Network Association (ESNA). It’s estimated there are more than 4m devices using OSGP. If there’s one rule about cryptography it’s that it is difficult to prove there are no weaknesses. Newly developed ciphers and methods are subjected to thorough cryptanalysis and peer review – and it’s not advisable to try and re-invent the wheel and develop a new form of cryptographic method or cipher. And yet the ESNA did just that. Ever since OSGP was standardised in 2012 ESNA has been under fire for its decision, and now researchers have discovered just how bad that decision was.

  • Type:

    Article

  • Date:

    30 November 2014

  • Publication Status:

    Published

  • Publisher

    theconversation.com

  • Library of Congress:

    QA76 Computer software

  • Dewey Decimal Classification:

    005.8 Data security

Citation

Buchanan, W. J. (2014). When amateurs do the job of a professional, the result is smart grids secured by dumb crypto. The Conversation

Authors

Keywords

Electricity supoply industrry; metering; cryptography; Open Smart Grid Protocol (OSGP); Energy Service Network; Association (ESNA) ; computer software ; security

Monthly Views:

Available Documents