Power­less Se­cu­ri­ty – A Se­cu­ri­ty Ana­ly­sis of in-Ho­me Power Line Com­mu­ni­ca­ti­ons based on HomeP­lug AV2

Ste­fan Hoff­mann, Jens Mül­ler, Jörg Schwenk, Gerd Bu­mil­ler

18th In­ter­na­tio­nal Con­fe­rence on Ap­p­lied Cryp­to­gra­phy and Net­work Se­cu­ri­ty (ACNS 2020)


Ab­stract

Power line com­mu­ni­ca­ti­on (PLC) al­lows home users and in­dus­tri­es to trans­fer data over power ca­bles. Pro­tec­tion of trans­mit­ted data is cru­ci­al be­cau­se si­gnals are not li­mi­ted to "one’s own four walls". We pro­vi­de a de­tai­led and struc­tu­red se­cu­ri­ty ana­ly­sis of the cur­rent­ly most wi­de­ly used in-Ho­me PLC stan­dard, na­me­ly the Broad­band-PLC spe­ci­fi­ca­ti­on HomeP­lug AV2 (part of IEEE 1901), and pre­sent a de­sign we­ak­ness in the pai­ring pro­cess as well as a new off­line dic­tio­na­ry at­tack that can be used to com­pu­te the main net­work key ef­fi­ci­ent­ly. We eva­lua­ted our at­tacks on 13 wi­de­ly used PLC de­vices and found all of them be vul­nerable. We pro­vi­de dif­fe­rent coun­ter­me­a­su­res and di­s­cuss their ad­van­ta­ges and di­sad­van­ta­ges. We re­s­pon­si­bly dis­clo­sed the vul­nerabi­li­ties and are cur­rent­ly sup­porting the ven­dors in fi­xing these is­su­es.

Tags: homep­lug, PLC, power line