Tutorials:
Sensors, interfaces and bus systems (SENIN, BUSSY)

Encryption

last updated: 2023-01-26

Quick links

Introduction

Song of this chapter: The Beatles > Please Please Me > Do You Want To Know A Secret

Because of the EU Energy Efficiency Directive from 2012 the gas and electricity Distribution System Operators (DSO) in Luxembourg replaced there gas and energy meters with smartmeters (named smarty :(). Besides gas and electricity metering, the system is open for other metering data like water and district heat (M-Bus).
The French group Sagemcom delivered the smartmeters. All meters have to be read by one national central system, operated by a common operator. This is an economic group of interest (G.I.E.) of the 7 Luxembourgian gas and electricity DSO‘s named Luxmetering G.I.E..
Luxmetering is getting the data from 4 registers for active, reactive, import and export energy (4 times per hour) and the 3 registers for gas, water & heat (once per hour) over Power Line Communication (PLC). The smartmeters have also alarms and logs for quality of electrical energy supply (voltage, outages,...) and fraud detection, and calendar functions for the 2 external relays (home applications).

smarty

The customer wants to get his data and this is possible by reading the blinking LED of the Smartmeter. Another possibility is the 10 second data from the Smartmeter P1 port (RJ12 connector under the green lid). The P1 data output communication protocol and format is specified in the Dutch Smart Meter Requirements v5.0.2 . The solution deployed in Luxembourg includes an additional security layer standard that is conform to the IDIS package 2.0 requirement.
The encryption layer is based on Device Language Message Specification (DLMS) security suite 0 algorithm: AES128-GCM. More information can be found in this document.

AES128-Galois Counter Mode

We want to learn how to encrypt and decrypt our data in a safe way and Galois Counter Mode (GCM) in combination with the Advanced Encryption Standard (AES) block cipher used by the smartmeters is a good starting point.

There are 3 properties we want for securing our data:

AES with Galois/Counter Mode (GCM) block mode provides all the 3 properties from above.

AES is a specification for the encryption of electronic data. AES-128 works with a key size of 128 bits (there exist three standard key sizes (128, 192 and 256 bits)). The fixed block size for AES is always 128 bits.

GCM is a mode of operation for symmetric-key cryptographic block ciphers that has been widely adopted because of its efficiency and performance. GCM is defined for block ciphers with a block size of 128 bit.

GCM can be realised with our Arduino or ESP boards because it does not need powerful hardware. The throughput rates allow high-speed communication. GCM provides both data authenticity (integrity) and confidentiality.

Authenticated encryption

In GCM data blocks are numbered sequentially (counter), and then this block number is combined with an Initialization Vector (IV) and encrypted with a block cipher E, usually AES-128.

For authenticated encryption we need four inputs:

GCM encryption

After the encryption we get two outputs:

These are combined with the Additional Authenticated Data AAD and the Initialisation Vector IV, because this information is needed for the decryption.

Authenticated decryption

To be able to decrypt the message, we need the Initialisation Vector IV, the Ciphertext C , the authentication Tag T, the Additional Authenticated Data (AAD) A and the Key K. So we get five inputs, but only one output, the Plaintext P (or an error message if the decryption wasn't successful).

GCM decryption

In the following picture we see the output of a Smartmeter P1 port. The port uses inverted TIA-232, and the serial stream is encrypted with AES128-GCM:

GCM1

Encryption and Decryption wit Arduino

We need the amazing Arduino Cryptography Library from Rhys Weatherley. It is called Crypto. Install it with the Arduino library manager (Tools > Manage Libraries... ; search for Crypto). To use the library we include the following heqader-files: +

    #include <Crypto.h>
    #include <AES.h>
    #include <GCM.h>
"Just do it" Encryption 1:
    0xDB, 0x08, 0x53, 0x41, 0x47, 0x67, 0x70, 0x01, 0x5B, 0xEB, 0x82, 0x02,
    0x7A, 0x30, 0x00, 0x04, 0xE9, 0x14, 0x06, 0xF4, 0x36, 0x4C, 0x43, 0xBB,
    ...
    0x60, 0xDD, 0xC9, 0xD2, 0x67, 0x0E, 0xD0, 0xCB, 0x31, 0x15, 0x37, 0x8C,
    0x4E, 0xCD, 0x9A, 0xF6, 0x8D, 0x05, 0x2C, 0xD8, 0x97, 0x94, 0x26, 0x39
"Just do it" Encryption 2:
"Just do it" Encryption 3:

If you need to encrypt bigger messages ( more than 200 byte), the classical Arduino boards with about 2000 byte of SRAM will limit your texts. Use ESP boards instead.

Interesting links