Government certifications, such as, FIPS 140 and Common Criteria sometimes get a bad rap for not being the end all in securing products. However, these certifications do help set a minimum base line of best practices that can help prevent an entity (product developer, standards committee, etc.) from making a preventable mistake. Recently a cryptanalysis of the mechanisms in the Open Smart Grid Protocol (OSGP) by Philipp Jovanovic and Samuel Neves identified this exact kind of mistake. The following is an excerpt from the abstract,

The authenticated encryption (AE) scheme deployed by OSGP is a non-standard composition of RC4 and a home-brewed MAC, the “OMA digest”. We present several practical key-recovery attacks against the OMA digest. The first and basic variant can achieve this with a mere 13 queries to an OMA digest oracle and negligible time complexity. A more sophisticated version breaks the OMA digest with only 4 queries and a time complexity of about 2^25 simple operations. A different approach only requires one arbitrary valid plaintext-tag pair, and recovers the key in an average of 144 queries, or one ciphertext-tag pair and 168 queries.  Since the encryption key is derived from the key used by the OMA digest, our attacks break both confidentiality and authenticity of OSGP.

The paper can be found here.

Had the OSGP been comprised of standards-based protocols and cryptographic algorithms as required for government certification, such as, FIPS 140 and Common Criteria, these attacks would not have been possible. This is just one recent example of how leveraging government certifications could have prevented potential compromise in systems.

This isn’t to say that government certifications are the end-all and be-all of product security. However, they are one tool that can be used to make a better product.