ECCAuth: A Secure Authentication Protocol for Demand Response Management in a Smart Grid System

In a smart grid system, the utility server collects data from various smart grid devices. These data play an important role in the energy distribution and balancing between the energy providers and energy consumers. However, these data are prone to tampering attacks by an attacker, while traversing from the smart grid devices to the utility servers, which may result in energy disruption or imbalance. Thus, an authentication is mandatory to efficiently authenticate the devices and the utility servers and avoid tampering attacks. To this end, a group authentication algorithm is proposed for preserving demand–response security in a smart grid. The proposed mechanism also provides a fine-grained access control feature where the utility server can only access a limited number of smart grid devices. The initial authentication between the utility server and smart grid device in a group involves a single public key operation, while the subsequent authentications with the same device or other devices in the same group do not need a public key operation. This reduces the overall computation and communication overheads and takes less time to successfully establish a secret session key, which is used to exchange sensitive information over an unsecured wireless channel. The resilience of the proposed algorithm is tested against various attacks using formal and informal security analysis.

Download Full-text

Secure Authentication for Structured Smart Grid System

2015 9th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing ◽

10.1109/imis.2015.32 ◽

2015 ◽

Cited By ~ 10

Author(s):

Inshil Doh ◽

Jiyoung Lim ◽

Kijoon Chae

Keyword(s):

Smart Grid ◽

Grid System ◽

Smart Grid System ◽

Secure Authentication

Download Full-text

Privacy-Preserving Lightweight Authentication Protocol for Demand Response Management in Smart Grid Environment

Applied Sciences ◽

10.3390/app10051758 ◽

2020 ◽

Vol 10 (5) ◽

pp. 1758 ◽

Cited By ~ 5

Author(s):

SungJin Yu ◽

KiSung Park ◽

JoonYoung Lee ◽

YoungHo Park ◽

YoHan Park ◽

...

Keyword(s):

Smart Grid ◽

Demand Response ◽

Mutual Authentication ◽

Security Analysis ◽

Privacy Preserving ◽

Authentication Protocol ◽

Session Key ◽

Energy Services ◽

Lightweight Authentication ◽

Secure Authentication

With the development in wireless communication and low-power device, users can receive various useful services such as electric vehicle (EV) charging, smart building, and smart home services at anytime and anywhere in smart grid (SG) environments. The SG devices send demand of electricity to the remote control center and utility center (UC) to use energy services, and UCs handle it for distributing electricity efficiently. However, in SG environments, the transmitted messages are vulnerable to various attacks because information related to electricity is transmitted over an insecure channel. Thus, secure authentication and key agreement are essential to provide secure energy services for legitimate users. In 2019, Kumar et al. presented a secure authentication protocol for demand response management in the SG system. However, we demonstrate that their protocol is insecure against masquerade, the SG device stolen, and session key disclosure attacks and does not ensure secure mutual authentication. Thus, we propose a privacy-preserving lightweight authentication protocol for demand response management in the SG environments to address the security shortcomings of Kumar et al.’s protocol. The proposed protocol withstands various attacks and ensures secure mutual authentication and anonymity. We also evaluated the security features of the proposed scheme using informal security analysis and proved the session key security of proposed scheme using the ROR model. Furthermore, we showed that the proposed protocol achieves secure mutual authentication between the SG devices and the UC using Burrows–Abadi–Needham (BAN) logic analysis. We also demonstrated that our authentication protocol prevents man-in-the-middle and replay attacks utilizing AVISPA simulation tool and compared the performance analysis with other existing protocols. Therefore, the proposed scheme provides superior safety and efficiency other than existing related protocols and can be suitable for practical SG environments.

Download Full-text