Towards secure end-to-end data aggregation in AMI through delayed-integrity-verification

The integrity and authenticity of the energy usage data in Advanced Metering Infrastructure (AMI) is crucial to ensure the correct energy load to facilitate generation, distribution and customer billing. Any malicious tampering to the data must be detected immediately. This paper introduces secure end-to-end data aggregation for AMI, a security protocol that allows the concentrators to securely aggregate the data collected from the smart meters, while enabling the utility back-end that receives the aggregated data to verify the integrity and data originality. Compromise of concentrators can be detected. The aggregated data is protected using Chameleon Signatures and then forwarded to the utility back-end for verification, accounting, and analysis. Using the Trapdoor Chameleon Hash Function, the smart meters can periodically send an evidence to the utility back-end, by computing an alternative message and a random value (m', r) such that m' consists of all previous energy usage measurements of the smart meter in a specified period of time. By verifying that the Chameleon Hash Value of (m', r) and that the energy usage matches those aggregated by the concentrators, the utility back-end is convinced of the integrity and authenticity of the data from the smart meters. Any data anomaly between smart meters and concentrators can be detected, thus indicating potential compromise of concentrators

A Lightweight Privacy-Preserved Spatial and Temporal Aggregation of Energy Data

Smart grid provides fine-grained real time energy consumption, and it is able to improve the efficiency of energy management. It enables the collection of energy consumption data from consumer and hence has raised serious privacy concerns. Energy consumption data, a form of personal information that reveals behavioral patterns can be used to identify electrical appliances being used by the user through the electricity load signature, thus making it possible to further reveal the residency pattern of a consumer’s household or appliances usage habit. This paper proposes to enhance the privacy of energy con- sumption data by enabling the utility to retrieve the aggregated spatial and temporal consumption without revealing individual energy consumption. We use a lightweight cryptographic mech- anism to mask the energy consumption data by adding random noises to each energy reading and use Paillier’s additive homo- morphic encryption to protect the noises. When summing up the masked energy consumption data for both Spatial and Temporal aggregation, the noises cancel out each other, hence resulting in either the total sum of energy consumed in a neighbourhood at a particular time, or the total sum of energy consumed by a household in a day. No third party is able to derive the energy consumption pattern of a household in real time. A proof-of- concept was implemented to demonstrate the feasibility of the system, and the results show that the system can be efficiently deployed on a low-cost computing platform

Secure Data Provenance in Home Energy Monitoring Networks

Smart grid empowers home owners to efficiently manage their smart home appliances within a Home Area Network (HAN), by real time monitoring and fine-grained control. However, it offers the possibility for a malicious user to intrude into the HAN and deceive the smart metering system with fraudulent energy usage report. While most of the existing works have focused on how to prevent data tampering in HAN's communication channel, this paper looks into a relatively less studied security aspect namely data provenance. We propose a novel solution based on Shamir's secret sharing and threshold cryptography to guarantee that the reported energy usage is collected from the specific appliance as claimed at a particular location, and that it reflects the real consumption of the energy. A byproduct of the proposed security solution is a guarantee of data integrity. A prototype implementation is presented to demonstrate the feasibility and practicality of the proposed solution

Smart Grid Privacy through Distributed Trust

Though the smart electrical grid promises many advantages in efficiency and reliability, the risks to consumer privacy have impeded its deployment. Researchers have proposed protecting privacy by aggregating user data before it reaches the utility, using techniques of homomorphic encryption to prevent exposure of unaggregated values. However, such schemes generally require users to trust in the correct operation of a single aggregation server. We propose two alternative systems based on secret sharing techniques that distribute this trust among multiple service providers, protecting user privacy against a misbehaving server. We also provide an extensive evaluation of the systems considered, comparing their robustness to privacy compromise, error handling, computational performance, and data transmission costs. We conclude that while all the systems should be computationally feasible on smart meters, the two methods based on secret sharing require much less computation while also providing better protection against corrupted aggregators. Building systems using these techniques could help defend the privacy of electricity customers, as well as customers of other utilities as they move to a more data-driven architecture