Powerless Security – A Security Analysis of in-Home Power Line Communications based on HomePlug AV2

Abstract

Power line com­mu­ni­ca­ti­on (PLC) al­lows home users and in­dus­tri­es to trans­fer data over power ca­bles. Pro­tec­tion of trans­mit­ted data is cru­ci­al be­cau­se si­gnals are not li­mi­ted to "one’s own four walls". We pro­vi­de a de­tai­led and struc­tu­red se­cu­ri­ty ana­ly­sis of the cur­rent­ly most wi­de­ly used in-Ho­me PLC stan­dard, na­me­ly the Broad­band-PLC spe­ci­fi­ca­ti­on HomeP­lug AV2 (part of IEEE 1901), and pre­sent a de­sign we­ak­ness in the pai­ring pro­cess as well as a new off­line dic­tio­na­ry at­tack that can be used to com­pu­te the main net­work key ef­fi­ci­ent­ly. We eva­lua­ted our at­tacks on 13 wi­de­ly used PLC de­vices and found all of them be vul­nerable. We pro­vi­de dif­fe­rent coun­ter­me­a­su­res and di­s­cuss their ad­van­ta­ges and di­sad­van­ta­ges. We re­s­pon­si­bly dis­clo­sed the vul­nerabi­li­ties and are cur­rent­ly sup­porting the ven­dors in fi­xing these is­su­es.