The concept of vehicle-to-grid (V2G) is that electric vehicles (EVs) communicate with the smart grid to sell demand response services by delivering electricity into the grid. By letting EVs discharge during peak hours and charge during off-peak hours, V2G networks could bring numerous social and technical benefits to the smart grid. Due to the scale of the network, the speed of the vehicles, their geographic positions, and the very sporadic connectivity between them, V2G communications have the crucial requirements of fast authentication. In 2011, Guo et al. proposed a unique batch authentication protocol for V2G communications. There are three parties in V2G communications, including an aggregator, a smart grid control centre, and individual EVs. The proposed idea is that instead of verifying each packet for each vehicle, the aggregator verifies the received batch of packets with only one signature verification. They used DSA signature for the batch authentication and claimed their protocol is strong enough to defend against security attacks. In this paper, we investigate the security of Guo et al.’s protocol. More precisely, we show that any attackers can easily forge signatures satisfying the batch verification criterion without the knowledge of the signer’s private key. To remedy the security flaw of Guo et al.’s protocol, we proposed a simple and secure improvement of Guo et al.’s protocol. The key point of the improved protocol is that we make multiple signatures in order. The attacker or the dishonest signer cannot transpose these digital signatures such that the aggregator passes the validation of the batch verifying multiple digital signatures. Based on Guo et al.’s protocol, the security of our proposed protocol is the same as that of their protocol except that our improved protocol has no security flaw of their protocol. Therefore, the improved protocol is secure to detect forged multiple signatures.
Fast batch verification for modular exponentiation and digital signatures
