I'm running a research project where we want to collect some readings from a smart meter that produces a public-key signature. We don't need to actually use the meter in any real deployment - it's purely a proof-of-concept experiment for a research project in cryptography. All we need to do is hook it up in a lab, and grab some readings from it on a computer.
The GuruX software seems to have support for reading from meters, including meters that sign their readings with ECDSA, but I am having a lot of trouble figuring out what physical smart meter I can buy that is capable of this.
What is the *easiest* smart meter I can buy, which can be read by a computer via GuruX, and which can sign its readings with an ECDSA signature, purely for a simple experiment in a lab? I'm located in the US.
Thanks so much!!
Hi, You are right. There are…
Hi,
You are right. There are only a few smart meters that support ECDSA. I also need to say that a common misunderstanding seems to be that the communication channel is encrypted. DLMS meters encrypt only PDUs (payload), but I believe that you already know this.
List of certificated devices is here:
https://www.dlms.com/certified-devices/
Select manufacturer that you want to buy and then download certificate. If Security features include SUITE_1 (ECDH P-256) or SUITE_2 (ECDH P-384) then it's your meter.
Most of the meters don't include that.
If you just want to test this you can also download Java example server:
https://github.com/Gurux/gurux.dlms.java/tree/master/gurux.dlms.server…
Then download the example client:
https://github.com/Gurux/gurux.dlms.java/tree/master/gurux.dlms.client…
Get the latest versions. There is one certificate export issue fixed.
Then you need to generate new client and server certificates and import them to the server. You can do this with the following arguments:
-h localhost -p 4063 -i WRAPPER -c 18 -a High -P Gurux -N 0.0.43.0.7.255 -t Verbose
Now you can connect using ECDSA authentication. There is no ECDSA-secured example server at the moment.
-h localhost -p 4063 -i WRAPPER -c 23 -a HighEcdsa -v 0.0.43.0.7.255 -t Verbose
BR,
Mikko
Thanks so much for the info!…
Thanks so much for the info!!!
I've been looking through the list and it's a big one.
Is there any chance you can recommend one specific meter that you know has been tested? If not, no problem - we'll have a look through the list.
One other question - you say: "There is no ECDSA-secured example server at the moment" - does that mean we cannot test ECDSA signatures with the example server? Or did I misinterpret this statement?
Thank you!!
Hi, ECDSA signatures are…
Hi,
ECDSA signatures are implemented for the client and server size, but the correct settings are not implemented for the example server.
For example, Ningbo Sanxing Smart Electric has implemented ECDSA.
BR,
Mikko