Richard Newman, Sherman Gavette, Larry Yonge, and Ross Anderson: Protecting Powerline Communications
July 14, 2006 by PingSince homes have lots of power outlets already installed, a network that could run over the power lines would be very convenient, but needs to be secured — for example, against leaking communication over shared power lines in neighbouring houses or apartments. So the system needs to support multiple virtual networks, each one separate and secure, as well as supporting many different kinds of devices (some with only an on/off switch for a user interface).
The system needs to be simple to use, inexpensive, have a reasonable default level of security, and support higher levels of security for users that want it.
There are a lot of problems with using PKI to establish shared keys: high costs, problems with revocation lists, and the hassle of entering or checking a key fingerprint. The core problem with PKI is that it authenticates the manufacturer, but it doesn’t let the user authorize devices.
To establish assurance of user intent, a high-assurance method would be for users to type in a string printed on the device; a low-assurance method would be to press buttons on the device and the network controller at the same time, for example.