Scribd
Upload
50 views8 pages

DLMSPart 2 Ref

dlms

Uploaded by

Vara Prasad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
50 views8 pages

DLMSPart 2 Ref

dlms

Uploaded by

Vara Prasad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 8

DLMS – Part1

HDLC(Implemented in Modem) ,
TCPWRAPPER (Implemented in Hexing and Genus SM's)

DLMS – Part2

HDLC, WRAPPER (implementd in wirepass RF module)

Now Requirement is to implement in TCP WRAPPER part2 in smart meter.

Encrition Key , Authentication Key ,IPV6 Address of Meter. Will be provided by Meter
Manufaturer.

SystemTitle,Invocation Vector to be formed from Meter Number and Invocation Counter.

Header length of frame Data


<00 01 00 01 00 01> <00 1D> <Data>

Public Client :
 No Authentication No Encryption Required.
 We can only read general information like MeterNumber, RTC, Invocation
Counter,etc.,

Sample command to read Meter No. With public client


Data
00 01 00 10 00 01 00 0D <C0 01 C1 00 01 00 00 60 01 00 FF 02 00>

Meater Reader:
 No Authentication Required Only Encryption Required.

Utility Setter:
 Both Authentication and encryption required.

Security Suite Used : GCM-AES-128

Required to read MeterNumber and Invocation Counter with Public client to frame system title and
Invocation vector.

System title : 3 digit manufacturer code and 5 digit is last 5 digits of Meternumber.

Invocation Vector : System Title + Invocation Counter.

Meter No : 12345678
Manufaturer name : LNT
IC = 1
IV = LNT456780001

AAD is Authentication data : Security Control bit(0x30) + Authentication Key

Operations Performed on meter:

GET: 0xC0
To get data from Meter

SET: 0xC1
To set daata to meter like rtc,demand integration period, load survey interval etc.,

ACTION: 0xC3
To do some action like relay ON or OFF.
Need to consider challenge bytes(16) from AARE i.e, response of AARQ command. And the
same should be encrypted with AES_ECB128 encryption.

Command should be encrypted and send to meter . The response to be decrypted to validate the frames
for futher reading in case of profiles.and normal validation for individual data reading.

Kindly Refer to DLMS Green Book for any further clarification. (Page No 439 for direct reference)

//////////////////////////////////////////////////////////////////////////////////////////////////

Key = 000102030405060708090A0B0C0D0E0F
IV = 4D4D4D0000BC614E01234567
CT = 558e556213f7405e6d6262920e
AAD = D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF
Tag = ecf73134
PT = C0010000080000010000FF0200

[Keylen = 128]
[IVlen = 96]
[PTlen = 104]
[AADlen = 128]
[Taglen = 32]

Count = 0
Key = 000102030405060708090A0B0C0D0E0F
IV = 4D4D4D0000BC614E01234567
CT = 558e556213f7405e6d6262920e
AAD = D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF
Tag = ecf73134
PT = C0010000080000010000FF0200

//////////////////////////////////////////////////////////////////////////////////////////////////

static const unsigned char gcm_key[] = {


0x09, 0x14, 0xae, 0xf4, 0xdf, 0xc0, 0x89, 0x2e, 0xd4, 0x90, 0x11, 0x9f, 0x6b, 0xe8, 0x22, 0xe5
};

static const unsigned char gcm_iv[] = {


0x0d, 0x3a, 0x22, 0x08, 0xe7, 0xb7, 0xee, 0xb6, 0x73, 0xc4, 0x7d, 0xbc
};

static const unsigned char gcm_pt[] = {


0x75, 0x6b, 0x8e, 0x5c, 0x63, 0x24, 0x29, 0xa7, 0x90, 0x3e, 0x02, 0xb3, 0x63, 0x97, 0x07,
0x60
};

static const unsigned char gcm_aad[] = {


0x52, 0xfb, 0x5b, 0x48, 0xed, 0xa5, 0x33, 0x46, 0x67, 0x2c, 0x24, 0x77, 0xdc, 0x59, 0xba, 0xae
};
static const unsigned char gcm_ct[] = {
0xfa, 0x72, 0x68, 0x90, 0x4f, 0x48, 0x77, 0xec, 0xff, 0x81, 0xc0, 0xe0, 0x50, 0x87, 0x4c, 0x03
};

static const unsigned char gcm_tag[] = {


0xd0, 0x46, 0x39, 0x0c
};

//////////////////////////////////////////////////////////////////////////////////////////////////

const unsigned char


key[16]={0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32};
const unsigned char IV[12] ={0x48,0x50,0x4C,0x37,0x32,0x39,0x39,0x38,0x00,0x00,0x00,0x01};
const unsigned char
plaintext[31]={0xc7,0x01,0xc1,0x00,0x01,0x00,0x09,0x10,0x63,0xc2,0x55,0x04,0xe2,0x7b,0x94,0xaf,0x50,
0x51,0x0a,0x3f,0x6c,0x42,0x7d,0x25};
const unsigned char
add_data[17]={0x30,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32};
const unsigned char tag_ref[16]={0xce,0xbe,0x6a,0xa1,0x2a,0x93,0xd7,0xcb,0x4f,0x93,0x38,0x65};

///////////////////////////////////////////////////////////////////////////////////////////////////
7E A0 5A 00 02 04 01 41 10 7E 14 E6 E6 00
60 36
A1 09 06 07 60 85 74 05 08 01 03 A6
0A 04
08 31 32 33 34 35 36 37 38
8A 02 07 80 8B 07 60 85 74 05 08 02 01 AC
0A 80
08 31 31 31 31 31 31 31 31
BE
23
04
21
21 1F 20 00 00 01 51 2A A3 55 F3 AE 2D 37 85 EB F9 97 E0

21 1F 2000000151 2AA355F3AE2D3785EBF997E01AD2

A5 D1 7E

7E A0 4D 41 00 02 04 01 30 9E 63 E6 E7 00
61 3C
A1 09 06 07 60 85 74 05 08 01 03 A2 03 02 01 00 A3 05 A1 03 02 01 00 A4
0A 04 08 4C 47 5A 00 00 00 08 56
BE
17
04
15
28 13 20 00 00 01 4E 5E D1 E2 47 FB 6E 56 6F 70 D8 95 CB BC 5D

28 13 200000014E 5ED1E247FB6E566F70D895CBBC5D

CA 8B 7E

System Title(Sys-T) 4D4D4D0000BC614E (here, the five last octets contain the
manufacturing number in hexa) 8 64
Frame Counter-(FC) 01234567
4 32
Initialization Vector(IV) Sys-T || FC 4D4D4D0000BC614E01234567
12 96

Block cipher key (global)EK


000102030405060708090A0B0C0D0E0F 16 128
Authentication Key(AK)
D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF

Inputs
xDLMS APDU to be protected
APDU 01011000112233445566778899AABBCC
DDEEFF0000065F1F0400007E1F04B0 31 188
Plaintext(P) 01011000112233445566778899AABBCC
DDEEFF0000065F1F0400007E1F04B0 31 188
Associated data(A) SC || AK 30D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF
17 136

Outputs
Ciphertext(C) 801302FF8A7874133D414CED25B42534
D28DB0047720606B175BD52211BE68 31 188
Authentication tag(T) 41DB204D39EE6FDB8E356855
12 96

The complete ciphered APDU


TAG || LEN || SH || C || T
21303001234567801302FF8A7874133D 414CED25B42534D28DB0047720606B17
5BD52211BE6841DB204D39EE6FDB8E35 6855
21 30 30 01234567 801302FF8A7874133D414CED25B42534
D28DB0047720606B175BD52211BE68 41DB204D39EE6FDB8E356855

BE10// tag and length for AARQ user field


040E// encoding the choice for user-information (OCTET STRING, universal) and length
01// tag for xDLMS-Initiate request
00// usage field for dedicated-key component – not used
00// usage field for the response allowed component – not used
00// usage field of the proposed-quality-of-service component – not used
06// proposed dlms version number 6
5F1F// tag for conformance block
04// length of the conformance block
00// encoding the number of unused bits in the bit string
00301D//conformance block
FFFF// client-max-receive-pdu-size

const unsigned char AARQUserInfo1[] =


{0xA1,0x09,0x06,0x07,0x60,0x85,0x74,0x05,0x08,0x01,0x01,0x8A,0x02,0x07,
0x80,0x8B,0x07,0x60,0x85,0x74,0x05,0x08,0x02,0x01,0xAC};
const unsigned char AARQUserInfo2[] =
{0xBE,0x10,0x04,0x0E,0x01,0x00,0x00,0x00,0x06,0x5F,0x1F,0x04,0x00,0x00,0x18,0x1D,0xFF,0
xFF};//workng
//
{0xBE,0x10,0x04,0x0E,0x01,0x00,0x00,0x00,0x06,0x5F,0x1F,0x04,0x00,0x18,0x18,0x1C,0x02,0
x00};//workng

TAG LEN SC-A FC UNCIPHERED-APDU T


C8 len 10 framecounter data(Authenticated APDU) Auth_tag

ex: C8 0F 10 0D C0 01 00 00 08 00 00 01 00 00 FF 02 00

TAG LEN SC-E FC CIPHEREDTXT


C8 len 20 framecounter data(Encrypted APDU)

TAG LEN SC-AE FC CIPHEREDTXT


T
C8 Framelen 30 framecounter data(Encr+AUTH APDU)
authentication-tag

REQUEST
7E A0 23 00 02 04 01 41 32 1B 46 E6 E6 00
C8 - TAG CIPHER REQ
12 - LEN
20 - SECURITY HEADER (SC||FC)
0100000

0 - RESERVED - MUST SET 0


0 - KEY SET 0 UNICAST 1 BROADCAST
1 - INDICATE ENCRYPTION
0 - INDICATE AUTH
0 - SEC SUITE ID
0-"
0-"
0-"

00 00 01 52 - FC
49 7D DE 37 01 7F 80 AB 12 3F CF D0 B4 - ENC DATA

AS THERE IS NO AUTH - AUTH TAG NOT PRESENT

D4 4F - cheksum

7E

RESONSE
7E A0 24 41 00 02 04 01 52 36 C6 E6 E7 00
CC - TAG CIPHER RES
13 - LEN
20 -

00 00 01 4F
5D FB 10 6E 34 F8 7C EE 1B 67 15 63 B7 CE

82 E9 7E

A = AAD
IV = Initialization vector
96 BITS 12 OCTETS
64 BITS - SYSTEM TITLE - LEADING BITS -
3 BYTES LETTER MANF ID
5 BYTES
32 BITS - INVOCATION FIELD - TRAILING BITS - FRAME COUNTER

AK =Authentication key
P = Plaintext
C = Ciphertext
SC = Security control byte:
SC-A: Authentication only AAD = SC-A || AK || APDU
TAG LEN SC-A FC UN-CIPHERAPDU T
SC-E: Encryption only AAD = NULL
TAG LEN SC-E FC CIPHERAPDU
SC-AE: Authenticated encryption AAD = SC-AE || AK
TAG LEN SC-AE FC CIPHERAPDU T
EK = Encryption key
Sys-T = System title
FC = Frame counter
T = Authentication tag LEN MUST BE 96 BITS 12 BYTE
xDLMS

Additional Authenticated Data (Associated data)contain:


- Authentication only: SC-A || AK || DLMS-APDU;
- Encryption only: Null
- Authenticated encryption: SC-AE || AK

Security suite : GCM-AES-128


System Title (Sys-T) : 4D4D4D0000BC614E(the 5 last octets are the manf'ing
no in hex) 8 64
Frame Counter(FC) : 01234567
4 32
Initialization Vector(IV) : Sys-T || FC
12 96
4D4D4D0000BC614E01234567
Block cipher key (global)-(EK) : 000102030405060708090A0B0C0D0E0F
16 128
Authentication Key(AK) : D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF
16 128

Security applied Authentication Encryption Authenticated


encryption
Security control byte
(with unicast key)-(SC) SC-A(10) SC-E(20) SC-AE(30)
1 8

Security header - SH SH = SC-A || FC SH = SC-E || FC SH


= SC-AE || FC
1001234567 2001234567
3001234567 5 40

Inputs Authentication Encryption


Authenticated encryption

xDLMS APDU
to be protected- APDU C0010000080000010000FF0200
13 104
(Get-request, attribute 2 of the Clock object)

Plaintext - P Null C0010000080000010000FF0200


C0010000080000010000FF0200 13 104

Associated data-A SC || AK || APDU – SC || AK


Associated Data – Authentication
(A-A) 10D0D1D2D3D4D5D6 - -
D7D8D9DADBDCDDDE
DFC0010000080000
010000FF0200
30
240
Associated Data – Encryption
(A-E) – – –
0 0
Associated Data – Authenticated encryption
(A-AE) – – 30D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF 17
136

You might also like