Before commenting read Forum rules
Don't comment the topic if you have a new question.
You can create a new topic selecting correct category from Gurux Forum and then create a new topic selecting "New Topic" from the top left.
Forums
Differnce between GCM and GMAC
Dear Sir,
As mentioned in Green book that the below are input and output of GCM
Input to GCM Block is
For Authenticated Encryption
1. Plain Text
2. Encryption Key
3. Authentcated Key
4. Nounce(IV || System Title)
Output:
1. Ciphered Text
2. Authentication Tag
What is Input and Ouput of GMAC?
I am using LN_WITH_CIPHERING application association using the HIGH_SECURITY_GMAC authentication mechanism.
In 4 Pass method ,I am able to get PASS-1 and PASS-2 but not able to generate
PaSS-3 GMAC(SC||AK||SToC)
What is input required for GMAC generation. IS it diffrent ffrom GCM ?
Regards,
Rajesh Varma
Hi Rajesh,
Hi Rajesh,
It has been a long time since GMAC, but if I remember right, there is no hash in GCM and it's in GMAC.
You can use GCM if you are generating only Encryption and authentication is not used.
Client sends:
GMAC(SC||AK||SToC)
and if meter accepts it will reply:
GMAC(SC||AK||CToS)
BR,
Mikko
https://www.gurux.fi/node/16639
Dear Sir,
Dear Sir,
I Run the GXDLMSDirector with HLS and able to operate realy disconnect,
I have log of meter.
I want to know how authentication query and response generated?
Authentication used"High"
17:35:16
7E A0 77 61 03 30 AD 6C E6 E7 00 61 69 A1 09 06 07 60 85 74 05 08 01 03 A2 03 02 01 00 A3 05 A1 03 02 01 0E A4 0A 04 08 48 50 4C 37 32 39 39 38 88 02 07 80 89 07 60 85 74 05 08 02 02 AA 12 80 10 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 BE 23 04 21 28 1F 30 00 00 04 B2 9E 12 1B E8 7A E4 D6 25 10 07 BB DE 67 15 5C 5F 2E B0 22 39 5F D8 2A 9C C8 A2 F0 E9 7E
17:35:16 Parsing AARE reply succeeded.
17:35:16 Authenticating.
7E A0 3E 03 61 32 7B 46 E6 E6 00 CB 30 30 00 00 04 B8 20 8B 00 86 F1 F5 B0 AE 50 3D DA 57 D4 32 B9 86 3C D7 22 6C DE C3 2F 48 EE 0D C4 92 88 19 B7 67 AF AE FA 63 8C 05 43 E7 6C FC 76 08 C9 7E
17:35:16
7E A0 37 61 03 52 0E 3A E6 E7 00 CF 29 30 00 00 04 B3 90 98 91 CB 20 8B 6C 26 EA C4 39 9D 95 59 F6 09 FB 90 13 12 CE 5C 7D 93 0B CB 64 12 D3 ED 65 3A B3 61 EC 38 83 BB 7E
Hi Rajesh,
Hi Rajesh,
I'm afraid that it's not so easy and you need to read High authentication steps from the DLMS standard.
That is something that I can't describe quite easily.
BR,
Mikko
Dear Sir,
Dear Sir,
By making setting Authentication "High" in Gurux,I am able to Utility setting operation.
Authentication "HIgh" stand for "manufacturer " specific?
Hi Rajesh,
Hi Rajesh,
DLMS standard don't specify details of the HLS mechanism. Gurux libraries are using AES1 for High authentication. All High-level authentication mechanisms are using the same steps to verify the password. Only securing the challenge (random string) is different for each mechanism
You can read more about High Authentication here:
https://www.gurux.fi/DLMSCOSEMFAQ
BR,
Mikko
Dear Sir,
Dear Sir,
We have read the meter through GURUX and Our project ,It is failing in authentication
Gurux response:
GXDLMSDirector 8.1.2109.3001
Log created 17:23:06
17:23:10 Initializing serial connection.
17:23:11 Send SNRM request.
7E A0 07 03 61 93 69 47 7E
17:23:11
7E A0 20 61 03 73 05 9E 81 80 14 05 02 02 00 06 02 02 00 07 04 00 00 00 01 08 04 00 00 00 01 6F EF 7E
17:23:11 Parsing UA reply succeeded.
17:23:11 Send AARQ request.
7E A0 4C 03 61 10 58 27 E6 E6 00 60 3E A1 09 06 07 60 85 74 05 08 01 01 8A 02 07 80 8B 07 60 85 74 05 08 02 02 AC 12 80 10 33 14 07 17 31 78 64 2E 48 72 49 32 72 6B 33 5E BE 10 04 0E 01 00 00 00 06 5F 1F 04 00 00 1E 5D FF FF 4E EE 7E
17:23:11
7E A0 58 61 03 30 07 51 E6 E7 00 61 4A A1 09 06 07 60 85 74 05 08 01 01 A2 03 02 01 00 A3 05 A1 03 02 01 0E 88 02 07 80 89 07 60 85 74 05 08 02 02 AA 12 80 10 47 65 6E 75 73 06 09 48 00 00 00 00 05 16 C3 5F BE 10 04 0E 08 00 06 5F 1F 04 00 00 18 1D 02 00 00 07 56 B6 7E
17:23:11 Parsing AARE reply succeeded.
17:23:11 Authenticating.
7E A0 2B 03 61 32 8D EB E6 E6 00 C3 01 C1 00 0F 00 00 28 00 00 FF 01 01 09 10 B6 02 07 D8 11 40 56 69 89 50 30 97 0A D8 90 DF D2 AA 7E
17:23:11
7E A0 24 61 03 52 62 DC E6 E7 00 C7 01 C1 00 01 00 09 10 B7 A9 2F 62 8C 79 AB 42 74 F2 B0 DF 3E B9 B8 6B DB 92 7E
17:23:20 Method object 0.0.96.3.10.255, interface DisconnectControl
7E A0 1B 03 61 54 4F A1 E6 E6 00 C3 01 C1 00 46 00 00 60 03 0A FF 01 01 0F 00 68 A6 7E
17:23:21
7E A0 11 61 03 74 F3 BA E6 E7 00 C7 01 C1 00 00 FC B4 7E
Our response
HEX Send 7EA00703619369477E
HEX Recieve 7EA020610373059E81801405020200060202000704000000010804000000016FEF7E
HEX Send 7EA04C0361105827E6E600603EA1090607608574050801018A0207808B0760857405080202AC12801014726C483D395969535A5F3A6162600CBE10040E01000000065F1F0400001E5DFFFF3A887E
HEX Recieve 7EA0586103300751E6E700614AA109060760857405080101A203020100A305A10302010E88020780890760857405080202AA12801047656E7573420913000000004119C321BE10040E0800065F1F040000181D020000074A8C7E
HEX Send 7EA02B0361328DEBE6E600C301C1000F0000280000FF01010910B60207D811405669895030970AD890DFD2AA7E
HEX Recieve MP1 7EA011610352C7FEE6E700C701C1010C48677E
I have compare both in GURUX translator but not found diffrence why it get fail response in our case.
Hi Rajesh,
Hi Rajesh,
If fails in both cases. The meter returns HardwareFault-error but your application doesn't care about it.
https://www.gurux.fi/GuruxDLMSTranslator?translate=7EA011610352C7FEE6E7…
BR,
Mikko
Dear Sir,
Dear Sir,
I can see that We are getting error of"Hardware fault"
Before sending to you log details I have already checked in DLMS transaltor of GURUX.
MY question was why I am getting"Hardware fault" in my case and not in your case.
Because compairing your response with my response ,We have not found the any difference except "Challenge"
For my challenge it gives "Hardware fault" where as query was right.
Hi,
Hi,
I believe that you are sending invalid CtoS.
BR,
Mikko
Dear Sir,
Dear Sir,
ctoS is any arbitrary octet string . How it can be invallid?
Using this arbitary string in Aarq query i got response Aare from meter
I need the function used for "genus meter" authentication like LNG
public static byte[] EncryptLandisGyrHighLevelAuthentication(byte[] password, byte[] seed)
{
byte[] crypted = new byte[seed.Length];//Settings.StoCChallenge
seed.CopyTo(crypted, 0);
for (int pos = 0; pos != password.Length; ++pos)
{
if (password[pos] != 0x30)
{
crypted[pos] += (byte)(password[pos] - 0x30);
//Convert to cabital letter.
if (crypted[pos] > 0x39)
{
crypted[pos] += 7;
}
}
}
return crypted;
}
Hi,
Hi,
The challenge that you generate is not correct and the meter doesn't accept it. You are using the wrong challenge.
BR,
Mikko
Dear Sir,
Dear Sir,
Wrong challange in AARQ or Authenticating?
If wrong challange in authenticating then how the correct challange we can generate?
Hi Rajesh,
Hi Rajesh,
DLMS is a very complicated protocol. I propose that you use our open-source versions to read the meter.
If you are interested we can give hourly based consultation:
https://www.gurux.fi/comment/HireUs
BR,
Mikko