Photo credit: arstechnica.com
Ryan Castellucci, residing just outside London, recently installed solar panels along with a battery storage system at their home. They were particularly interested in managing their energy production through an open-source dashboard. However, they unexpectedly gained access to a substantial 200 megawatts of programmable capacity. This impressive amount of energy could potentially supply power to approximately 40,000 households.
Castellucci, who identifies with they/them pronouns, obtained this level of control after accessing the administrative account of GivEnergy, a UK-based provider of energy management solutions. This account granted them root access to the cloud-connected products offered by the company, along with visibility over around 60,000 other installed systems. Such access also exposed personal information of GivEnergy customers, including names and contact details, although Castellucci chose not to utilize this information.
“I plan to set up Home Assistant and integrate it with my installation, but for now, I’ve allowed it to connect to the cloud,” Castellucci explained last Thursday. “After setting up scheduled charging, I began to explore the API. The very next night, I controlled a virtual power plant consisting of tens of thousands of batteries linked to the grid.”
Persistent Vulnerabilities
The underlying issue that Castellucci identified stemmed from an authentication bypass linked to a programming interface secured by a 512-bit RSA cryptographic key—remarkably short by today’s security standards. This key facilitated the signing of authentication tokens, effectively acting like a master key. Castellucci was able to factor the private key associated with this API using $70 worth of cloud computing over a period of less than 24 hours. Following Castellucci’s private disclosure of the vulnerability, GivEnergy implemented a fix within a day.
The fact that 512-bit RSA was first factored publicly in 1999 by a team of researchers highlights its obsolescence. This operation required extensive computational resources, including a supercomputer, and spanned several months. By 2009, enthusiasts managed to factor multiple 512-bit keys in a significantly shorter time frame using improved technology. It has become clear that as processing power increases, the difficulty and cost of factoring small keys diminish considerably.
While it might be easy to blame GivEnergy for relying on insecure encryption, Castellucci emphasized that the fault lies chiefly with the developers of the code libraries utilized for cryptographic functions.
“It’s unrealistic to expect developers to recognize the insecurity of a 512-bit RSA key,” the security researcher commented. “Most developers are not cryptographers, and it’s not solely their responsibility to comprehend these complexities. The core issue was that a library they depended on allowed the use of such outdated encryption.”
Castellucci pointed out that OpenSSL, the most extensively utilized cryptographic library, still provides the option to use 512-bit keys. Similarly, the Go crypto library continues to do the same. In a noteworthy change, the Python cryptography library recently eliminated this option, which was finalized in January (see the commit for this update).
A representative from GivEnergy echoed Castellucci’s assessment in correspondence, stating:
“In this instance, the flawed encryption approach originated from a third-party library many years ago, during our early days as a small startup with only two relatively junior developers. At that time, we assumed that the inclusion of this encryption in the library meant it was secure. This part of the codebase has remained largely unchanged over the years and did not undergo review by our more experienced team members who are now in place.”
Source
arstechnica.com