A Multi-User, Single-Authentication Protocol for Smart Grid Architectures

open access articleIn a smart grid system, the utility server collects data from various smart grid devices. These data play an important role in the energy distribution and balancing between the energy providers and energy consumers. However, these data are prone to tampering attacks by an attacker, while traversing from the smart grid devices to the utility servers, which may result in energy disruption or imbalance. Thus, an authentication is mandatory to efficiently authenticate the devices and the utility servers and avoid tampering attacks. To this end, a group authentication algorithm is proposed for preserving demand–response security in a smart grid. The proposed mechanism also provides a fine-grained access control feature where the utility server can only access a limited number of smart grid devices. The initial authentication between the utility server and smart grid device in a group involves a single public key operation, while the subsequent authentications with the same device or other devices in the same group do not need a public key operation. This reduces the overall computation and communication overheads and takes less time to successfully establish a secret session key, which is used to exchange sensitive information over an unsecured wireless channel. The resilience of the proposed algorithm is tested against various attacks using formal and informal security analysis

Privacy-aware authenticated key agreement scheme for secure smart grid communication

Information and Communication Technologies (ICT) are one of the underpinning platforms of smart grids, facilitating efficient grid management and operation, optimization of resource utilization, as well as enable new products, features, and services. However, this interconnection of grid technology with ICT leads to various security challenges in the power grid. One such concern is the tampering of usage data from smart meters which may result not only in incorrect billing, but also in incorrect decisions related to demand and supply management. In addition to network based cyber attacks, smart meters are also susceptible to physical attacks since they are installed in customer premises without hardware protection mechanisms. In this paper, we propose a novel privacy-aware authenticated key agreement scheme which can not only ensure secure communication between the smart meters and the service provider, but also the physical security of smart meters. In this regard, we utilize the lightweight cryptographic primitives such as Physically Uncloneable Functions (PUFs) and one-way hash function, etc. Hence, the proposed scheme is suitable even for the resource constrained smart meters

Lightweight Data Aggregation Scheme Against Internal Attackers in Smart Grid Using Elliptic Curve Cryptography

Recent advances of Internet and microelectronics technologies have led to the concept of smart grid which has been a widespread concern for industry, governments, and academia. The openness of communications in the smart grid environment makes the system vulnerable to different types of attacks. The implementation of secure communication and the protection of consumers’ privacy have become challenging issues. The data aggregation scheme is an important technique for preserving consumers’ privacy because it can stop the leakage of a specific consumer’s data. To satisfy the security requirements of practical applications, a lot of data aggregation schemes were presented over the last several years. However, most of them suffer from security weaknesses or have poor performances. To reduce computation cost and achieve better security, we construct a lightweight data aggregation scheme against internal attackers in the smart grid environment using Elliptic Curve Cryptography (ECC). Security analysis of our proposed approach shows that it is provably secure and can provide confidentiality, authentication, and integrity. Performance analysis of the proposed scheme demonstrates that both computation and communication costs of the proposed scheme are much lower than the three previous schemes. As a result of these aforementioned benefits, the proposed lightweight data aggregation scheme is more practical for deployment in the smart grid environment

An efficient privacy-preserving authentication scheme for energy internet-based vehicle-to-grid communication

The energy Internet (EI) represents a new electric grid infrastructure that uses computing and communication to transform legacy power grids into systems that support open innovation. EI provides bidirectional communication for analysis and improvement of energy usage between service providers and customers. To ensure a secure, reliable, and efficient operation, the EI should be protected from cyber attacks. Thus, secure and efficient key establishment is an important issue for this Internet-based smart grid environment. In this paper, we propose an efficient privacy-preserving authentication scheme for EI-based vehicle-to-grid communication using lightweight cryptographic primitives such as one-way non-collision hash functions. In our proposed scheme, a customer can securely access services provided by the service provider using a symmetric key established between them. Detailed security and performance analysis of our proposed scheme are presented to show that it is resilient against many security attacks, cost effective in computation and communication, and provides an efficient solution for the EI