Powerless Security – A Security Analysis of in-Home Power Line Communications based on HomePlug AV2
2020Conference / Journal
Authors
Stefan Hoffmann Jens Müller Jörg Schwenk Gerd Bumiller
Research Hub
Research Hub A: Kryptographie der Zukunft
Research Hub B: Eingebettete Sicherheit
Research Hub C: Sichere Systeme
Research Challenges
RC 1: Cryptography against Mass Surveillance
RC 5: Physical-Layer Security
Abstract
Power line communication (PLC) allows home users and industries to transfer data over power cables. Protection of transmitted data is crucial because signals are not limited to "one’s own four walls". We provide a detailed and structured security analysis of the currently most widely used in-Home PLC standard, namely the Broadband-PLC specification HomePlug AV2 (part of IEEE 1901), and present a design weakness in the pairing process as well as a new offline dictionary attack that can be used to compute the main network key efficiently. We evaluated our attacks on 13 widely used PLC devices and found all of them be vulnerable. We provide different countermeasures and discuss their advantages and disadvantages. We responsibly disclosed the vulnerabilities and are currently supporting the vendors in fixing these issues.