@dajames Re: Bring them on....
I agree that brute-force cracking AES-128 is likely to remain too expensive to bother attacking an individual Smart Meter for at least a decade.
However, you're assuming there are no other points of attack.
There's only two ways to implement the security on smart meters:
1) Every meter has its own, individual key. This requires either a large backend database of SN:Key or an algorithm to generate a key from the meter serial number.
- So a miscreant attacks the database or keygen algorithm. This is a high-value target because once cracked, the miscreant has all the meters. The database is as secure as the weakest organisation with access to it.
2) Every meter has the same key (or there are a small number of keys). This key will be written down somewhere.
- So a miscreant only needs to find a copy of the key.
Both methods leave the system open to attack without even touching the meter - and assume that the implementation is perfect, which is highly unlikely.
You're right that if cracking these meters only gave you "free energy", it probably wouldn't be much of a target because there are easier (if more dangerous) ways to do this already - just bypass the meter. Yep, it's live working but you don't die too often.
However, cracking these meters gives you control over whether power is delivered at all. What would happen if a "terrorist group" decided to cut off a significant number of properties at the same time?