Authentication techniques in smart grid: a systematic review

Smart Grid (SG) provides enhancement to existing grids with two-way communication between the utility, sensors, and consumers, by deploying smart sensors to monitor and manage power consumption. However due to the vulnerability of SG, secure component authenticity necessitates robust authentication approaches relative to limited resource availability (i.e. in terms of memory and computational power). SG communication entails optimum efficiency of authentication approaches to avoid any extraneous burden. This systematic review analyses 27 papers on SG authentication techniques and their effectiveness in mitigating certain attacks. This provides a basis for the design and use of optimized SG authentication approaches

Homomorphic encryption and database query privacy

Homomorphic encryption is a particular type of encryption method that enables computing over encrypted data. This has a wide range of real world ramifications such as being able to blindly compute a search result sent to a remote server without revealing its content. In the first part of this thesis, we discuss how database search queries can be made secure using a homomorphic encryption scheme based on the ideas of Gahi et al. Gahi’s method is based on the integer-based fully homomorphic encryption scheme proposed by Dijk et al. We propose a new database search scheme called the Homomorphic Query Processing Scheme, which can be used with the ring-based fully homomorphic encryption scheme proposed by Braserski. In the second part of this thesis, we discuss the cybersecurity of the smart electric grid. Specifically, we use the Homomorphic Query Processing scheme to construct a keyword search technique in the smart grid. Our work is based on the Public Key Encryption with Keyword Search (PEKS) method introduced by Boneh et al. and a Multi-Key Homomorphic Encryption scheme proposed by L´opez-Alt et al. A summary of the results of this thesis (specifically the Homomorphic Query Processing Scheme) is published at the 14th Canadian Workshop on Information Theory (CWIT)

Cryptography based on the Hardness of Decoding

This thesis provides progress in the fields of for lattice and coding based cryptography. The first contribution consists of constructions of IND-CCA2 secure public key cryptosystems from both the McEliece and the low noise learning parity with noise assumption. The second contribution is a novel instantiation of the lattice-based learning with errors problem which uses uniform errors

Solving Small Exponential ECDLP in EC-based Additively Homomorphic Encryption and Applications

Additively Homomorphic Encryption (AHE) has been widely used in various applications, such as federated learning, blockchain, and online auctions. Elliptic Curve (EC) based AHE has the advantages of efficient encryption, homomorphic addition, scalar multiplication algorithms, and short ciphertext length. However, EC-based AHE schemes require solving a small exponential Elliptic Curve Discrete Logarithm Problem (ECDLP) when running the decryption algorithm, i.e., recovering the plaintext $m\in\{0,1\}^\ell$ from $m \ast G$. Therefore, the decryption of EC-based AHE schemes is inefficient when the plaintext length $\ell > 32$. This leads to people being more inclined to use RSA-based AHE schemes rather than EC-based ones. This paper proposes an efficient algorithm called $\mathsf{FastECDLP}$ for solving the small exponential ECDLP at $128$-bit security level. We perform a series of deep optimizations from two points: computation and memory overhead. These optimizations ensure efficient decryption when the plaintext length $\ell$ is as long as possible in practice. Moreover, we also provide a concrete implementation and apply $\mathsf{FastECDLP}$ to some specific applications. Experimental results show that $\mathsf{FastECDLP}$ is far faster than the previous works. For example, the decryption can be done in $0.35$ ms with a single thread when $\ell = 40$, which is about $30$ times faster than that of Paillier. Furthermore, we experiment with $\ell$ from $32$ to $54$, and the existing works generally only consider $\ell \leq 32$. The decryption only requires $1$ second with $16$ threads when $\ell = 54$. In the practical applications, we can speed up model training of existing vertical federated learning frameworks by $4$ to $14$ times. At the same time, the decryption efficiency is accelerated by about $140$ times in a blockchain financial system (ESORICS 2021) with the same memory overhead

International Symposium on Mathematics, Quantum Theory, and Cryptography

This open access book presents selected papers from International Symposium on Mathematics, Quantum Theory, and Cryptography (MQC), which was held on September 25-27, 2019 in Fukuoka, Japan. The international symposium MQC addresses the mathematics and quantum theory underlying secure modeling of the post quantum cryptography including e.g. mathematical study of the light-matter interaction models as well as quantum computing. The security of the most widely used RSA cryptosystem is based on the difficulty of factoring large integers. However, in 1994 Shor proposed a quantum polynomial time algorithm for factoring integers, and the RSA cryptosystem is no longer secure in the quantum computing model. This vulnerability has prompted research into post-quantum cryptography using alternative mathematical problems that are secure in the era of quantum computers. In this regard, the National Institute of Standards and Technology (NIST) began to standardize post-quantum cryptography in 2016. This book is suitable for postgraduate students in mathematics and computer science, as well as for experts in industry working on post-quantum cryptography

International Symposium on Mathematics, Quantum Theory, and Cryptography

This open access book presents selected papers from International Symposium on Mathematics, Quantum Theory, and Cryptography (MQC), which was held on September 25-27, 2019 in Fukuoka, Japan. The international symposium MQC addresses the mathematics and quantum theory underlying secure modeling of the post quantum cryptography including e.g. mathematical study of the light-matter interaction models as well as quantum computing. The security of the most widely used RSA cryptosystem is based on the difficulty of factoring large integers. However, in 1994 Shor proposed a quantum polynomial time algorithm for factoring integers, and the RSA cryptosystem is no longer secure in the quantum computing model. This vulnerability has prompted research into post-quantum cryptography using alternative mathematical problems that are secure in the era of quantum computers. In this regard, the National Institute of Standards and Technology (NIST) began to standardize post-quantum cryptography in 2016. This book is suitable for postgraduate students in mathematics and computer science, as well as for experts in industry working on post-quantum cryptography

Security and Privacy in Smart Grid

Smart grid utilizes different communication technologies to enhance the reliability and efficiency of the power grid; it allows bi-directional flow of electricity and information, about grid status and customers requirements, among different parties in the grid, i.e., connect generation, distribution, transmission, and consumption subsystems together. Thus, smart grid reduces the power losses and increases the efficiency of electricity generation and distribution. Although smart grid improves the quality of grid's services, it exposes the grid to the cyber security threats that communication networks suffer from in addition to other novel threats because of power grid's nature. For instance, the electricity consumption messages sent from consumers to the utility company via wireless network may be captured, modified, or replayed by adversaries. As a consequent, security and privacy concerns are significant challenges in smart grid. Smart grid upgrade creates three main communication architectures: The first one is the communication between electricity customers and utility companies via various networks; i.e., home area networks (HANs), building area networks (BANs), and neighbour area networks (NANs), we refer to these networks as customer-side networks in our thesis. The second architecture is the communication between EVs and grid to charge/discharge their batteries via vehicle-to-grid (V2G) connection. The last network is the grid's connection with measurements units that spread all over the grid to monitor its status and send periodic reports to the main control center (CC) for state estimation and bad data detection purposes. This thesis addresses the security concerns for the three communication architectures. For customer-side networks, the privacy of consumers is the central concern for these networks; also, the transmitted messages integrity and confidentiality should be guaranteed. While the main security concerns for V2G networks are the privacy of vehicle's owners besides the authenticity of participated parties. In the grid's connection with measurements units, integrity attacks, such as false data injection (FDI) attacks, target the measurements' integrity and consequently mislead the main CC to make the wrong decisions for the grid. The thesis presents two solutions for the security problems in the first architecture; i.e., the customer-side networks. The first proposed solution is security and privacy-preserving scheme in BAN, which is a cluster of HANs. The proposed scheme is based on forecasting the future electricity demand for the whole BAN cluster. Thus, BAN connects to the electricity provider only if the total demand of the cluster is changed. The proposed scheme employs the lattice-based public key NTRU crypto-system to guarantee the confidentiality and authenticity of the exchanged messages and to further reduce the computation and communication load. The security analysis shows that our proposed scheme can achieve the privacy and security requirements. In addition, it efficiently reduces the communication and computation overhead. According to the second solution, it is lightweight privacy-preserving aggregation scheme that permits the smart household appliances to aggregate their readings without involving the connected smart meter. The scheme deploys a lightweight lattice-based homomorphic crypto-system that depends on simple addition and multiplication operations. Therefore, the proposed scheme guarantees the customers' privacy and message integrity with lightweight overhead. In addition, the thesis proposes lightweight secure and privacy-preserving V2G connection scheme, in which the power grid assures the confidentiality and integrity of exchanged information during (dis)charging electricity sessions and overcomes EVs' authentication problem. The proposed scheme guarantees the financial profits of the grid and prevents EVs from acting maliciously. Meanwhile, EVs preserve their private information by generating their own pseudonym identities. In addition, the scheme keeps the accountability for the electricity-exchange trade. Furthermore, the proposed scheme provides these security requirements by lightweight overhead; as it diminishes the number of exchanged messages during (dis)charging sessions. Simulation results demonstrate that the proposed scheme significantly reduces the total communication and computation load for V2G connection especially for EVs. FDI attack, which is one of the severe attacks that threatens the smart grid's efficiency and reliability, inserts fake measurements among the correct ones to mislead CC to make wrong decisions and consequently impact on the grid's performance. In the thesis, we have proposed an FDI attack prevention technique that protects the integrity and availability of the measurements at measurement units and during their transmission to the CC, even with the existence of compromised units. The proposed scheme alleviates the negative impacts of FDI attack on grid's performance. Security analysis and performance evaluation show that our scheme guarantees the integrity and availability of the measurements with lightweight overhead, especially on the restricted-capabilities measurement units. The proposed schemes are promising solutions for the security and privacy problems of the three main communication networks in smart grid. The novelty of these proposed schemes does not only because they are robust and efficient security solutions, but also due to their lightweight communication and computation overhead, which qualify them to be applicable on limited-capability devices in the grid. So, this work is considered important progress toward more reliable and authentic smart grid

Secure message transmission and its applications

In this thesis we focus on various aspects of secure message transmission protocols. Such protocols achieve the secure transmission of a message from a sender to a receiver - where the term “secure” encapsulates the notion of privacy and reliability of message transmission. These two parties are connected using an underlying network in which a static computationally unlimited active adversary able to corrupt up to t network nodes is assumed to be present. Such protocols are important to study as they are used extensively in various cryptographic protocols and are of interest to other research areas such as ad-hoc networks, military networks amongst others. Optimal bounds for the number of phases (communication from sender to receiver or vice versa), connectivity requirements (number of node disjoint network paths connecting sender and receiver - denoted by n), communication complexity (complexity of the number of field elements sent - where F is the finite field used and jFj = q) and transmission complexity (proportion of communication complexity to complexity of secrets transmitted) for secure message transmission protocols have been proven in previous work. In the one-phase model it has been shown that n 3t+1 node disjoint paths are required to achieve perfect communication. In the two phase model only n 2t + 1 node disjoint paths are necessary. This connectivity is also the required bound for almost perfectly secure one-phase protocols - protocols which achieve perfect privacy but with a negligible probability may fail to achieve reliability. In such cases the receiver accepts a different message to that transmitted by the sender or does not accept any message. The main focus of recent research in secure message transmission protocols has been to present new protocols which achieve optimal transmission complexity. This has been achieved through the transmission of multiple messages. If a protocol has a communication complexity of O(n3) field elements, to achieve optimal transmission complexity O(n2) secrets will have to be communicated. This has somewhat ignored the simplification and improvement of protocols which securely transmit a single secret. Such improvements include constructing more efficient protocols with regards to communication complexity, computational complexity and the number of field elements sent throughout the whole protocol. In the thesis we first consider one-phase almost perfectly secure message transmission and present two new protocols which improve on previous work. We present a polynomial time protocol of O(n2) communication complexity which at the time of writing this thesis, is computationally more efficient than any other protocol of similar communication complexity for the almost perfectly secure transmission of a single message. Even though our first almost perfectly secure transmission protocol is of polynomial time, it is important to study other protocols also and improve previous work presented by other researchers. This is the idea behind the second one-phase almost perfectly secure message transmission protocol we present which requires an exponential complexity of field operations but lower (O(n)) communication complexity. This protocol also improves on previous protocols of similar communication complexity, requiring in the order of O(log q) less computation to complete - where q denotes the size of the finite field used. Even though this protocol is of exponential time, for small values of n (e.g. when t = 1, t = 2 or t = 3) it may be beneficial to use this protocol for almost perfectly secure communication as opposed to using the polynomial time protocol. This is because less field elements need to be transmitted over the whole network which connects a sender and a receiver. Furthermore, an optimal almost perfectly secure transmission protocol will be one with O(n) communication complexity and with polynomial computational complexity. We hope that in the future, other researchers will be inspired by our proposed protocol, improve on our work and ideally achieve these optimal results. We also consider multi-phase protocols. By combining various cryptographic schemes, we present a new two-phase perfectly secure single message transmission protocol. At the time of writing this thesis, the protocol is the most efficient protocol when considering communication complexity. Our protocol has a communication complexity of O(n2) compared to O(n3) of previous work thus improving on the communication complexity by an order of O(n) for the perfectly secure message transmission of a single message. This protocol is then extended to a three phase protocol where a multi-recipient broadcast end channel network setting is considered. As opposed to point to point networks where a path from a sender reaches a single receiver, this network model is new in the field of message transmission protocols. In this model each path from a sender reaches multiple receivers, with all receivers receiving the same information from their common network communication channel. We show how the use of this protocol upon such a network can lead to great savings in the transmission and computation carried out by a single sender. We also discuss the importance and relevance of such a multi-recipient setting to practical applications. The first protocols in the field of perfectly secure message transmission with a human receiver are also presented. This is a topic proposed by my supervisor Professor Yvo Desmedt for which I constructed solutions. In such protocols, one of the communicating parties is considered to be a human who does not have access to a computational device. Because of this, solutions for such protocols need to be computationally efficient and computationally simple so that they can be executed by the human party. Experiments with human participants were carried out to assess how easily and accurately human parties used the proposed protocols. The experimental results are presented and these identify how well human participants used the protocols. In addition to the security of messages, we also consider how one can achieve anonymity of message transmission protocols. For such protocols, considering a single-receiver multi-sender scenario, the presence of a t-threshold bounded adversary and the transmission of multiple secrets (as many as the number of sender), once the protocols ends one should not be able to identify the sender of a received message. Considering a passive and active adversary new protocols are presented which achieve the secure and anonymous transmission of messages in the information-theoretic security model. Our proposed solutions can also be applied (with minor alterations) to the dual problem when a single-sender multi-recipient communication setting is considered. The contributions of the thesis are primarily theoretical - thus no implementation of the proposed protocols was carried out. Despite this, we reflect on practical aspects of secure message transmission protocols. We review the feasibility of implementing secure message transmission protocols in general upon various networks - focusing on the Internet which can be considered as the most important communication network at this time. We also describe in theory how concepts of secure message transmission protocols could possibly be used in practical implementations for secure communication on various existing communication networks. Open problems that remain unsolved in the research area of the proposed protocols are also discussed and we hope that these inspire research and future solutions for the design (and implementation) of better and more efficient secure message transmission protocols