Before commenting read Forum rules
Don't comment the topic if you have a new question.
You can create a new topic selecting correct category from Gurux Forum and then create a new topic selecting "New Topic" from the top left.
Forums
Hi,
I have some questions related to ECDH/ECDSA.
1. I'd like to exchange a symmetric key with ECDH on GXDLMSDirector.
Are there any options I can choose?
2. I'd like to sign digitally using ECDSA.
What options can I choose on GXDLMSDirector?
3. Is it possible to extract and save digital signature value from ECDSA?
If it's possible, please let me know how to do it.
Thank you in advance.
Hi,
Hi,
1. ECDSA is using asymmetric keys. If you want to use symmetric keys you use block cipher and authentication keys as with security suite zero.
2. Check this link:
http://www.gurux.fi/PublicKeyCryptography
Check also the video. I hope it will help you to generate the private key for the meter and then import the public key for the meter.
Note! ECDSA and keys are complicated. If you generate a new private key, you are not allowed to establish the connection for the meter with the old certificate.
3. This is not possible. A digital signature is generated every time when you establish the connection for the meter.
BR,
Mikko
Thanks for your kindness.
Thanks for your kindness.
I have one more question related #3.
(It's for non-repudiation purposes.)
Is there any way to verify non-repudiation of message signed by ECDSA later?
For example, how to validate lp data received older than one month ago.
Is there any good way?
Hi,
Hi,
If you have the public key you can verify the signed message later. The signature is part of the DLMS message. I'll add an example below.
BR,
Mikko
7E A0 84 03 31 54 8E 2E E6 E6 00 DF 00 08 47 58 43 6C 69 65 6E 74 08 41 42 43 44 45 46 47 48 00 00 20 C8 1E 31 00 00 00 70 4B A5 0B 37 48 4E 91 9F B1 CC FE 55 AD 58 3F C5 FA 2E 04 0D BD DD FC 81 E2 40 5F 63 68 1D 77 D9 B0 8C CA 0C 1C 6B A2 11 EB DA 44 CA ED 72 B8 1F 9A 43 6E 92 9D F1 CC 7C F3 10 BB 3E CC 4A D9 3A 05 9C 9B C0 83 D5 F5 3E 43 5B E1 10 D7 4B 0A 62 F6 37 CD 14 D1 1B 89 29 15 4E 9F 9F 7E
<HDLC len="83" >
<TargetAddress Value="1" />
<SourceAddress Value="18" />
<FrameType Value="54" />
<PDU>
<GeneralSigning>
<TransactionId Value="0000000000000000" />
<OriginatorSystemTitle Value="4758436C69656E74" />
<RecipientSystemTitle Value="4142434445464748" />
<DateTime Value="" />
<OtherInformation Value="" />
<!-- Security : AuthenticationEncryption -->
<!-- Security Suite: Suite1 -->
<!-- Invocation Counter: 112 -->
<!-- Decrypt data: C0 01 C1 00 0F 00 00 28 00 00 FF 02 00
<GetRequest>
<GetRequestNormal>
# Priority: High, ServiceClass: Confirmed, Invoke ID: 1
<InvokeIdAndPriority Value="C1" />
<AttributeDescriptor>
# AssociationLogicalName
<ClassId Value="000F" />
# 0.0.40.0.0.255
<InstanceId Value="0000280000FF" />
# Object List
<AttributeId Value="02" />
</AttributeDescriptor>
</GetRequestNormal>
</GetRequest>
-->
<Content Value="C81E31000000704BA50B37484E919FB1CCFE55AD583FC5FA2E040DBDDDFC81E2" />
<Signature Value="5F63681D77D9B08CCA0C1C6BA211EBDA44CAED72B81F9A436E929DF1CC7CF310BB3ECC4AD93A059C9BC083D5F53E435BE110D74B0A62F637CD14D11B8929154E" />
</GeneralSigning>
</PDU>
</HDLC>