[Cryptography] Smart electricity meters can be dangerously insecure, warns expert
Arnold Reinhold
agr at me.com
Mon Jan 2 14:50:42 EST 2017
On Sun, 1 Jan 2017 13:58 Peter Gutmann wrote:
> ... the security standards that are
> expected to be applied were created in perfect isolation from reality, with
> the creators throwing in every piece of crypto woo-woo they could think of and
> expecting it to be used on a device like an MSP430. A typical smart-meter CPU
> from this family is the 420F148, an 8MHz 16-bit CPU with 2kB of RAM and 48kB
> of flash.
How much would it add to the cost of an electric meter to employ an SoC with enough power to implement the security standards? A dollar? Two? That cost would presumably be recovered from the rate payer over the life of the meter, a few cents a month.
The problem is a broader one in my view, the lack of a body that sets security standards with enough clout to say, no, really, you have to do this.
Arnold Reinhold
More information about the cryptography
mailing list