JMD P1 Eport-E20 and AES key

New design P1 meter and Info
BUTTON_POST_REPLY
admin
Site Admin
BerichtenCOLON 16
GeregistreerdCOLON 27 Jan 2022 08:52

JMD P1 Eport-E20 and AES key

Bericht door admin »

For some needed a key to read the P1 meter such as Luxembourg.
To setup read this:

Login to your P1 reader.
Select Communication settings from used P1 or P2
P1 Communication settings-a.jpg
P1 Communication settings-a.jpg (70.13 KiB) 82 keer bekeken
Now select Security and select AES.
Security AES-a.jpg
Security AES-a.jpg (72.77 KiB) 82 keer bekeken
Now you can put your AES key from your provider and save it.

And it should work.

Any questions: mail: support@7er.nl
alexboss
BerichtenCOLON 2
GeregistreerdCOLON 08 Aug 2022 11:55

Re: JMD P1 Eport-E20 and AES key

Bericht door alexboss »

admin schreefCOLON 05 Jul 2022 11:13 For some needed a key to read the P1 meter such as Luxembourg.
...
Dear JMD,

I found your post referenced in the comments on https://www.zuidwijk.com/product/p1-rea ... t/#reviews

I'm based in Luxembourg and using a P1 reader (E10 actually, not E20).

Unfortunately, I can't use the technique you shared since the key is 32 characters long (AES-GCM), and the one expected by the P1 is 16 characters long (AES).

But maybe I missed some step, could you please double-check if this technique exposed definitely work for Smart Readers in Luxembourg, and if so, which part of 16 characters from the 32 characters long AES-GCM key to use for the P1?

Thank you and best regards.
Screenshot from 2022-08-08 13-20-43.png
Screenshot from 2022-08-08 13-20-43.png (30.14 KiB) 27 keer bekeken
Laatst gewijzigd door 1 op alexboss, in totaal 8 keer gewijzigd.
admin
Site Admin
BerichtenCOLON 16
GeregistreerdCOLON 27 Jan 2022 08:52

Re: JMD P1 Eport-E20 and AES key

Bericht door admin »

Dear Alexboss,

AES key's can be 128, 192 or 256 bit.

AES-CGM is only the protocol and only say how to handle.
https://isuruka.medium.com/selecting-th ... e3ebae173c

This function is build in the Eport series but only AES 128 bit .
When I look to the Luxembourg meter it is also AES 128 bit
The manual describe:

3.2.5 P1 software – Channel security
The P1 protocol is a plain text protocol: it is required to secure the link to ensure end user data confidentiality.
In deviation to DSMR P1, an encryption layer is added over the P1 protocol.
This encryption layer is based on DLMS security suite 0 algorithm: AES128-GCM
This channel has its own separate security context: a separated encryption key and a dedicated frame counter.
The parameters used for the encryption algorithm are the following:
• IV is 96 bits = system-title (64 bits) || frame counter (32 bits)
• AAD is 17 bytes = 30h || 00112233445566778899AABBCCDDEEFFh
• tag length is 96 bits long
AAD is used the same way as in DLMS suite 0 with a fixed "Authentication key". This is mainly to stay as close as possible to existing DLMS implementation and achieve better interoperability with IHD devices: although the Green book makes the AK optional, most implementations use it.
Encrypted data (with its tag) is sent in binary form on the serial link, using a general-glo-ciphering frame:
DBh || 08h(system-title length) || system-title || (length of the subsequent bytes: 17 + length of data) || 30h || frame counter || ciphered data || GCM tag
A security setup (class 64) instance is defined for P1 port security.
This security setup instance cannot be referenced by an Association LN instance.
The attribute 2 is used to toggle on and off the security on P1. Only the values 0 (unencrypted) and 3 (encrypted authenticated) are permitted.

I can 't check it on this site but the length of key have to be 128 bit and the Eport can handle it.

I found some other solution:
Why decode direct?
Domoticz has it inside.
Decodekey.jpg
Decodekey.jpg (200.17 KiB) 19 keer bekeken
This should work to.

Hope this helps.

JMD
alexboss
BerichtenCOLON 2
GeregistreerdCOLON 08 Aug 2022 11:55

Re: JMD P1 Eport-E20 and AES key

Bericht door alexboss »

Dear JMD,

Thank you for your feedback.
admin schreefCOLON 10 Aug 2022 22:32 I can 't check it on this site but the length of key have to be 128 bit and the Eport can handle it.
Indeed, the specs you provide are correct, they are from https://www.luxmetering.lu/pdf/SPEC%20- ... 210308.pdf

But I can guarantee the protocol used is AES-GCM and the length of the key is 32 characters long.

I successfully tested the reading of the meter with smartmeter2mqtt and the key was 32 characters (and it's also stipulated in the doc of smartmeter2mqtt).

As such, I think the information in this topic is not working for Luxembourg.
admin schreefCOLON 10 Aug 2022 22:32 I found some other solution:
Why decode direct?
Domoticz has it inside.
Good remark, well, if Domoticz can directly decrypt the packets sent by the smartmeter, then it's perfect. But I'm using Home Assistant, and unfortunately there are not there yet (they support some DSMR, but the implementation for Luxembourg through P1 is not working as it should since they don't decrypt packets). We hoped this trick could work with a Slimmelezer P1 as reported here, but unfortunately it doesn't for Luxembourg.

Thanks anyway and best regards.

Alexandre
BUTTON_POST_REPLY