back to article Texas Instruments to patch smart meter crypto blunder

Texas Instruments plans to patch a cryptography flaw in a widely used chip that could allow attackers to remotely tamper with electronic power meters and other devices that connect to smart electricity grids. The weakness resides in TI's Z-Stack software that runs on microcontrollers such as the CC2430. Encryption keys used to …

COMMENTS

This topic is closed for new posts.

A shining example

of good common sense,

"For these types of applications, it's critical to have very secure communication because you don't want to have just anyone to be able to control all your home appliances,"

Exactly, and therein lies a lesson to be learnt, by at least, (just a random number pulled from thin air) 34 or more leading technology companies.

Perhaps google etal, should employ some methods used by TI, or maybe not, I'm not sure I've enough confidence in google to manage my electricity bills, yet alone my ad sponsored search for hacking the stack for fun and profit.

0
0
Coat

@Neal 5

Is your choice of '34' truly random or pseudo-random?

I'll get my coat... rather, I'll use a true RNG to decide which one to take from the rack....

0
0
RW
FAIL

I'm astonished

There is an enormous body of research on PRNGs, and they are very well understood — but evidently it was ignored or misunderstood by TI. Likewise, the enormous body of information about programming and testing PRNGs to make sure they do what they are supposed to do.

Using a bad PRNG was a forgivable sin 40 years ago, but not today.

Why do I suspect that a member of the sound-bite generation did the programming, someone whose attention span doesn't encompass anything more than a 140 character tweet?

1
0
Silver badge
Unhappy

We have electronic meter reading

for electricity, hot water and heating/cooling.

Even if the hackers managed to mess up the meter readings it wouldn't make much difference anyway as Provident Energy- Canada charges for the 'hot' water whether it is cold, luke warm or hot. Never had scalding or very hot yet water yet! (Ask any owner in the Accolades)

They hack their own meters I guess.

0
0
Flame

Storm in a teacup

This is taken out of context by people without a clue what they are on about.

Security on a low power network is trade off between among other things power consumption and speed. How you do it depends entirely on what your application needs.

The TI source code make this clear and indicates where changes should be made to improve the robustness if required.

Anyway the PRNG is only part of what makes a secure protocol and you have to specify what you mean by "secure". I prefer using an RF layer that is robust - i.e. hard to jam and then run

a secure layer over that when required.

The problem here is that an overpaid university bred code monkey without any real life experience took the TI example code and plugged it into his employer's product without understanding it. He probably claimed it as his own on top of that.

Flame away - Validity of opinion is proportional to number of low power RF devices deployed. I have 60K running around in real devices that are monitored 24/7 and have 99.95% uptime. I use

the TI chip but not the TI stack since it was not appropriate for my application.

1
2
Paris Hilton

Wishful thinking

"Smart grids will also allow smart meters in consumers' garages or utility rooms to communicate directly with dish washers and other appliances, so users will know exactly how much power is being consumed at any given time."

This is wishful thinking. You can make a guess, but unless the "smart appliance" knows exactly how much power it uses it can't tell the "smart meter". I suspect it will report some fancy number the manufacturer;s marketeers thought sounded good. And even a "smart" meter can only tell the total used, hopefully accurately, not how much each appliance uses. What you need is sensors that can tell you that sort of thing, deployed at strategic measuring points, and for that, well, a normal meter with a user-usable readout is a good start. A 10 quid metering thing you can insert between plug and wall socket will tell you exactly what this here device is using right now. No need for multi-billion infrastructures to realise this claimed advantage, really.

Paris, because of her pretty numbers.

0
1

more than metering

metering is only a start.

The real payoff comes when certain consumers of large amounts of electricity (air conditioners, clothes dryers, etc) can be controlled remotely. That's where this is headed.

I guess the coder has forgotten both the Netscape ssl fisaco and the more recent Debian one. Both were failures of randon-number generation. If you want random to come out then you have to start with (more or less) random input. Fail to do that and even the best PRNG can't help you.

Those who refuse to read history are doomed to repeat it.

0
0
Gold badge
Coat

Read the Nate Lawson blog.

Joseph Reddty @ TI

"For these types of applications, it's critical to have very secure communication because you don't want to have just anyone to be able to control all your home appliances,"

So *why* didn''t you provide the building blocks for that from day one?

Note this is a double (or possibly triple) fail

16 bit shift register. Maximum 2^16-1 values. Not big by modern standards. Standard taps for maximum length LFSR found in Horowitz & Hill.

Never reset in normal use (According to Lawson notes). Might be important, might not.

Seed value taken from a register which normally is set to a couple (specificaly 0 and 100) values whatever its length.

Still *no* one actually *uses* sample code in a *real* embedded application, right?

But what about the under funded, under planned product development thought up by some Marketing clown who saw big bucks in this "Smart network" thing and thought they could grab a piece? Work handed to new EE or CS grad with stupid deadline to get it done and *no* deep understanding of security (or indeed any other) issues.

This of course could never happen in real life.

Could it?

2
0
Gold badge
Stop

Thought so.

I was wondering when that little problem was going to rear its ugly head in the dash for smart metering. We all know how much fun it is pushing patches to a few hundred PCs, now imagine this in some utilities firm in a few years' time:

"We've got a patch for that critical bug that's being exploited in our smartmeters."

"Great. About time too. Now roll that to all of the 870 different product versions we have across all of our several hundred million subscribers ASAP would you?"

1
0
Thumb Up

so , whats the speed

so whats the speed of the torrent upload/download off these hacked smart meters wireless Open mesh :) Or didnt anyone port that app yet?

1
0
Gold badge
Happy

AC@12:38

"so whats the speed of the torrent upload/download off these hacked smart meters wireless Open mesh :) Or didnt anyone port that app yet"

Release 0.9 should be ready for Beta real soon now.

0
0
This topic is closed for new posts.

Forums