Lightweight Data Aggregation Scheme Against Internal Attackers in Smart Grid Using Elliptic Curve Cryptography

Recent advances of Internet and microelectronics technologies have led to the concept of smart grid which has been a widespread concern for industry, governments, and academia. The openness of communications in the smart grid environment makes the system vulnerable to different types of attacks. The implementation of secure communication and the protection of consumers’ privacy have become challenging issues. The data aggregation scheme is an important technique for preserving consumers’ privacy because it can stop the leakage of a specific consumer’s data. To satisfy the security requirements of practical applications, a lot of data aggregation schemes were presented over the last several years. However, most of them suffer from security weaknesses or have poor performances. To reduce computation cost and achieve better security, we construct a lightweight data aggregation scheme against internal attackers in the smart grid environment using Elliptic Curve Cryptography (ECC). Security analysis of our proposed approach shows that it is provably secure and can provide confidentiality, authentication, and integrity. Performance analysis of the proposed scheme demonstrates that both computation and communication costs of the proposed scheme are much lower than the three previous schemes. As a result of these aforementioned benefits, the proposed lightweight data aggregation scheme is more practical for deployment in the smart grid environment

Anonymous and Efficient Message Authentication Scheme for Smart Grid

Smart grid has emerged as the next-generation electricity grid with power flow optimization and high power quality. Smart grid technologies have attracted the attention of industry and academia in the last few years. However, the tradeoff between security and efficiency remains a challenge in the practical deployment of the smart grid. Most recently, Li et al. proposed a lightweight message authentication scheme with user anonymity and claimed that their scheme is provably secure. But we found that their scheme fails to achieve mutual authentication and mitigate some typical attacks (e.g., impersonation attack, denial of service attack) in the smart grid environment. To address these drawbacks, we present a new message authentication scheme with reasonable efficiency. Security and performance analysis results show that the proposed scheme can satisfy the security and lightweight requirements of practical implementations and deployments of the smart grid

An anonymous authentication and key establish scheme for smart grid: FAuth

The smart meters in electricity grids enable fine-grained consumption monitoring. Thus, suppliers could adjust their tariffs. However, as smart meters are deployed within the smart grid field, authentication and key establishment between smart grid parties (smart meters, aggregators, and servers) become an urgency. Besides, as privacy is becoming a big concern for smart meters, smart grid parties are reluctant to leak their real identities during the authentication phase. In this paper, we analyze the recent authentication schemes in smart grids and other applied fields, and propose an anonymous authentication and key establishment scheme between smart grid parties: FAuth. The proposed scheme is based on bilinear maps and the computational Diffie–Hellman problem. We changed the way the smart meter parties registered at Key Generation Center, making the proposed scheme robust against various potential attacks that could be launched by the Key Generation Center, as the scheme could avoid the private key of the smart meter parties from leaking to the Key Generation Center. Besides, the proposed scheme reduced the computational load, both at the smart meter side and at the aggregator side, which make it perfectly suitable for computation-constrained devices. Security proof results show the proposed scheme is secure under the BAN logic and random oracle model

Techniques, Taxonomy, and Challenges of Privacy Protection in the Smart Grid

As the ease with which any data are collected and transmitted increases, more privacy concerns arise leading to an increasing need to protect and preserve it. Much of the recent high-profile coverage of data mishandling and public mis- leadings about various aspects of privacy exasperates the severity. The Smart Grid (SG) is no exception with its key characteristics aimed at supporting bi-directional information flow between the consumer of electricity and the utility provider. What makes the SG privacy even more challenging and intriguing is the fact that the very success of the initiative depends on the expanded data generation, sharing, and pro- cessing. In particular, the deployment of smart meters whereby energy consumption information can easily be collected leads to major public hesitations about the tech- nology. Thus, to successfully transition from the traditional Power Grid to the SG of the future, public concerns about their privacy must be explicitly addressed and fears must be allayed. Along these lines, this chapter introduces some of the privacy issues and problems in the domain of the SG, develops a unique taxonomy of some of the recently proposed privacy protecting solutions as well as some if the future privacy challenges that must be addressed in the future.Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/111644/1/Uludag2015SG-privacy_book-chapter.pd

Evaluation of the Precision-Privacy Tradeoff of Data Perturbation for Smart Metering

Abstract: Smart grid users and standardization committees require that utilities and third parties collecting metering data employ techniques for limiting the level of precision of the gathered household measurements to a granularity no finer than what is required for providing the expected service. Data aggregation and data perturbation are two such techniques. This paper provides quantitative means to identify a tradeoff between the aggregation set size, the precision on the aggregated measurements, and the privacy level. This is achieved by formally defining an attack to the privacy of an individual user and calculating how much its success probability is reduced by applying data perturbation. Under the assumption of time-correlation of the measurements, colored noise can be used to even further reduce the success probability. The tightness of the analytical results is evaluated by comparing them to experimental data

Private Graph Data Release: A Survey

The application of graph analytics to various domains have yielded tremendous societal and economical benefits in recent years. However, the increasingly widespread adoption of graph analytics comes with a commensurate increase in the need to protect private information in graph databases, especially in light of the many privacy breaches in real-world graph data that was supposed to preserve sensitive information. This paper provides a comprehensive survey of private graph data release algorithms that seek to achieve the fine balance between privacy and utility, with a specific focus on provably private mechanisms. Many of these mechanisms fall under natural extensions of the Differential Privacy framework to graph data, but we also investigate more general privacy formulations like Pufferfish Privacy that can deal with the limitations of Differential Privacy. A wide-ranging survey of the applications of private graph data release mechanisms to social networks, finance, supply chain, health and energy is also provided. This survey paper and the taxonomy it provides should benefit practitioners and researchers alike in the increasingly important area of private graph data release and analysis