Pairing based anonymous and secure key agreement protocol for smart grid edge computing infrastructure

doi:10.1016/j.future.2018.06.004

Future Generation Computer Systems

Volume 88, November 2018, Pages 491-500

https://doi.org/10.1016/j.future.2018.06.004 Get rights and content

Highlights

•
A paring based key agreement protocol has been introduced for Smart Grid edge computing infrastructure
•
It facilitates authentication between the utility control and smart meter without the need of trusted third party
•
It offers security and anonymity besides traditional security requirements
•
The reliability of the proposed protocol is verified and validated through random oracle model and automated tool ProVerif

Abstract

The most vital concern in the realization of the Internet of Things (IoT) is to encounter the disparate communication systems and technologies. Interoperability solutions such as standards can help us to integrate plenty of diverse devices and their applications in an interoperable framework. Since Smart Grid is a non-trivial prevalent application of Edge computing under the umbrella of IoT. The Smart Grid furnishes communication through Internet Protocol to enable interoperability. However, IP-Based communication makes it vulnerable to serious security threats. Therefore, the secure information sharing among diverse communicating agents in the smart grid environments has become a vital concern. Specifically, to enable secure communication between the smart meter and utility, key management prior to authentication is the most critical task to do. Nowadays, several mechanisms have been introduced to establish secure communication within the emerging smart grid environment. Although, these protocols do not support smart meter anonymity and fail to offer reasonable security. In this paper, we use the identity-based signature to present an anonymous key agreement protocol for the Smart Grid infrastructure. This protocol enables the smart meters to get connected with utility control anonymously to avail the services provided by them. The smart meters realize this objective with the private key in the absence of trusted authority. The trusted authority is involved only during the registration phase The proposed protocol is verified and validated through random oracle model and automated tool ProVerif. Moreover, performance analysis is also observed to consolidate the reliability and efficiency of the proposed protocol.

Introduction

Internet of things (IoT) has emerged as a prevalent idea in which a huge number of diverse objects are linked up through the Internet to realize a network. It offers a great facility to the constituents to exchange, monitor and access the intended data with each other [1]. The escalation of the IoT has introduced the cloud infrastructure and its services. Their prosperous implementation has yet introduced another cardinal computing paradigm which is celebrated as edge computing or Edge-of-Things (EoT) computing. This paradigm enables data processing at the edge to promise low latency, low bandwidth utilization, higher scalability, higher energy preservation, higher privacy and security.

However, there are various challenges to realize the concept of Edge computing. Significant research is underway to overcome these challenges so that diverse systems and their application can be integrated to increase the productivity, reliability and scalability of the existing networks. Researchers are focusing to establish such infrastructure that can entertain the compelling requirements like interoperability, security, scalability, reliability, energy efficiency and re-usability. Since Edge computing has a plethora of valuable applications and Smart Grid is one of them, therefore similar challenges hold for it and similar requirements are intended for it [[2], [3], [4]].

Smart Grid is an ameliorated electricity generation and distribution infrastructure with aided features of intelligence and two-way communication [[5], [6], [7]]. This advanced infrastructure has increased the reliability and efficiency of the power grids, which is achieved through enhanced features of automation and artificial intelligence. Moreover, Smart Grid offers the flexibility to inject renewable energy sources and in turn distributed generation, which is proved to be very difficult in conventional grids [[8], [9], [10]].

Smart meters installed at individual homes are considered as the most important entity in the Smart Grid. As they are responsible to monitor and log the power consumption behavior of the consumers. They act as an interface to communicate with utility providers for information and control commands exchange. Each smart meter is equipped with processing module having limited processing power and scarce memory resource to carry out cryptographic operations. These operations are usually carried out on the data observed through sensing modules.

Since Smart Grid brings abundant benefits for both consumers and utility providers. However, facility off wireless communication through Internet Protocol has made it an easy picking for adversaries. Since the security of IoT [[11], [12], [13]] and cloud computing [[14], [15], [16], [17], [18], [19]] have attracted researchers’ attention recently. Designing and developing security solutions such as authentication [[20], [21], [22], [23]] and key management for ensuring the reliability of the Smart Grid environment is also considered as an emerging area of research nowadays.

Recently, Wu and Zhou [24] introduced a novel key management technique for the Smart Grid environment. They have utilized a hybrid cryptosystem to enable effortless key management. Their hybrid cryptosystem is developed on the basis of both symmetric and public key cryptosystem. The symmetric key cryptosystem feature is realized using Needham–Schroeder authentication scheme. Whereas, public key cryptosystem feature is realized by ECC. Their hybrid cryptosystem promises to offer reasonable accessibility, fault tolerance, efficiency, scalability and security features. However, their protocol needs to have at least two separate servers for realizing PKI and trusted authority. Moreover, certificate verification by PKI induces greater computing overhead, which is infeasible for smart meter because it is normally equipped with limited resources.

In [25] Xia and Wang identified that Wu and Zhou’s protocol is susceptible to a man-in-the-middle attack and come up with enhanced key distribution protocol for the Smart Grid environment. Xia and Wang’s protocol presents the idea of Lightweight Directory Access Protocol (LDAP), which is utilized in the replacement of trusted third party. Their protocol can be considered as more useful through lower operating cost due to the use of LDAP. Moreover, they prescribed that single point failure threat can be avoided by deploying multiple LDAP servers.

Xia and Wang’s protocol is proved to be susceptible to impersonation and anonymous key share (UKS) attacks by the Park et al. [26]. Moreover, Xia and Wang’s protocol does not offer the perfect forward secrecy and anonymity of both smart meters and utility providers. Additionally, it is identified that most of the protocols enforce trusted authority to play an active role during authentication between the communicants. This activity can put the whole system at risk because compromise of trusted authority can enable the adversary to obtain the master key. The obtained master key can be used to engender the private keys of the communicants. Therefore, this issue is resolved by keeping trusted authority away from online authentication sessions and just utilizing it during the registration phase of the communicants.

In [27] Tsai and Lo presented an anonymous key generation and distribution protocol through identity-based signature and encryption. Their protocol initially facilitates mutual authentication between the smart meter and utility control. Later it helps session key establishment between the said communicants to enable invincible communication. However, Odelu et al. [28] identified that Tsai and Lo’s protocol is vulnerable to leakage of ephemeral secret keys and offers weak privacy for smart meter’s credential. Therefore, Odelu et al. introduced an enhanced key agreement scheme for smart grid infrastructure.

Very recently, various identity-based authenticated key exchange schemes have been introduced [[27], [29]]. These schemes enable communicants to achieve mutual authentication and exchange a common session key at the end of the successful authentication process. Nevertheless, they are proved to be infeasible or impractical due to resource-constrained nature of the Smart Grid communicating entities. Furthermore, these solutions do not offer user anonymity. Later, Wang [30] introduced four protocols for realizing authentication using a smart card. However, none of these solutions promise to offer user anonymity.

In this paper, we use the identity-based signature to present an anonymous key agreement protocol for the Smart Grid infrastructure. This protocol empowers the smart meters for anonymous information exchange with utility. Moreover, the role of trusted authority is minimized as it is only engaged during the registration phase. This feature not only reduces the dependency on the trusted authority but it also reduces the communication overhead and expected delay. The smart meters exploit the concerned private keys to replace the post-registration role of trusted authority. The proposed protocol is verified and validated through random oracle model and automated tool ProVerif. Moreover, performance analysis is also observed to consolidate the reliability and efficiency of the proposed protocol.

The rest of the paper is outlined as follows: Section 2 presents the introduced key agreement protocol. Section 3 elaborates the security strength analysis through random oracle model. Formal security validation through an automated tool ProVerif is delineated in Section 4. Security features and performance comparison is presented in Section 5. In the end, paper is concluded in Section 6.

Section snippets

Proposed Key Agreement Protocol

This section presents the proposed protocol. However, some preliminaries in the form of communicating components of the system, utilized notations and system setup are elaborated first.

Security Analysis

This segment furnishes the security strength of the ID-based authentication protocol under jurisdiction of random oracle model.

A.
Security model
Our introduced authentication protocol $P$ involve three participants i.e. smart meter $S M$ , utility control $U C$ and $T$ . However, frequent communication takes place between $S M$ and $U C$ . Throughout the enactment of $P$ , each participant comes up with muliple instances. Each instance of a communicant is designated as $i$ . Individually, each of these instances are termed as

Formal Security Proof through ProVerif

Formal proof is performed to evaluate the robustness and reliability of the schemes. The protocols are scrutinized against familiar active assailants like an insider, who is usually aware of the few internal cryptographic parameters. The ProVerif is considered as the widely utilized verification tool to facilitate an automatic scrutiny of the security solutions. It makes use of applied $π$ calculus and can verify many security features such as: secrecy, privacy, reachability, availability and

Security and Performance Comparisons

This section elaborates the security and performance contrast of various analogous protocols of Tsai and Lo [27], Saxena et al. [31], Xia and Wang [25] and Wang [30]. The Table 2 reveals that our introduced protocol offers higher invincibility against several familiar attacks. Tsai and Lo’s protocol does not promises to offer prevention against replay and man-in-the-middle attacks. Whereas, rest of the analogous protocols are severely vulnerable against potential security threats as it is

Conclusion

In this paper, we proposed an anonymous key agreement protocol for Smart Grid Edge computing infrastructure. This protocol helps the smart meter to obtain services from utility control anonymously using the single private key. The prominent feature of the introduced protocol is that smart meter performs authentication with the corresponding utility without the involvement of trusted authority. As compared to analogous protocol the introduced protocol not only offer authentication but it also

Acknowledgments

This research is supported by the Scientific Research Fund of Hunan Provincial Education Department, China under Grant No.16B089, the Hunan Provincial Natural Science Foundation of China under grant no. 2018JJ3191 and National Natural Science Foundation of China under grant no. 61772194, 61572013. Prof. Joel Rodrigues is supported by national funding from the FCT-Fundação para a Ciência e a Tecnologia, Portugal through the UID/EEA/50008/2013 Project; by the Government of Russian Federation,

Khalid Mahmood received the M.S. degree in Computer Science from Riphah International University, Islamabad, Pakistan in 2010. He is pursuing Ph.D. degree in Computer Science from International Islamic University, Islamabad, Pakistan. His research interests include Lightweight Cryptography, Smart Grid Authentication and Information Security.

References (33)

MahmoodK. et al.
A lightweight message authentication scheme for Smart Grid communications in power sector
Comput. Electr. Eng.
(2016)
RauschS. et al.
Distributional and efficiency impacts of clean and renewable energy standards for electricity
Resour. Energy Econ.
(2014)
MahmoodK. et al.
An elliptic curve cryptography based lightweight authentication scheme for smart grid communication
Future Gener. Comput. Syst.
(2018)
LiX. et al.
A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments
J. Netw. Comput. Appl.
(2018)
LiP. et al.
Multi-key privacy-preserving deep learning in cloud computing
Future Gener. Comput. Syst.
(2017)
LiuQ. et al.
Achieving reliable and secure services in cloud computing environments
Comput. Electr. Eng.
(2017)
LiX. et al.
Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks
Comput. Netw.
(2017)
ShiW. et al.
Edge computing: Vision and challenges
IEEE Internet Things J.
(2016)
LiuY. et al.
A practical privacy-preserving data aggregation (3PDA) scheme for smart grid
IEEE Trans. Ind. Inf.
(2018)
Von DollenD.
Report to NIST on the Smart Grid Interoperability Standards Roadmap
(2009)

FarhangiH.

The path of the smart grid

IEEE Power Energy Mag.

(2010)

Draft Guide for Smart Grid Interoperability of Energy Technology and Information Technology Operation with the Electric Power System (EPS), and End-use Applications and Loads

(2011)

YuF.R. et al.

Communication systems for grid integration of renewable energy resources

IEEE Netw.

(2011)

D.G. Photovoltaics, E. Storage, IEEE guide for smart grid interoperability of energy technology and information...

LiX. et al.

A robust and energy efficient authentication protocol for industrial internet of things

IEEE Internet Things J.

(2017)

LiX. et al.

A robust ecc based provable secure authentication protocol with privacy protection for industrial internet of things

IEEE Trans. Ind. Inf.

(2017)

Cited by (82)

Privacy preserving Federated Learning framework for IoMT based big data analysis using edge computing
2023, Computer Standards and Interfaces
The current industrial scenario has witnessed the application of several artificial intelligence-based technologies for mining and processing IoMT-based big data. An emerging distributed machine learning paradigm, Federated Learning (FL), has been widely applied in IoMT-based systems as a measure to overcome the issues associated with incorporating AI into such lightweight distributed computing systems while tackling privacy issues as well. However, extensive research has identified that classical FL is still prone to privacy threats due to data leakage and the chances of adversarial attacks during gradient transfer operations. Inspired by these issues, we propose a privacy-preserving framework ( $F e d_s e l e c t$ ) that ensures user anonymity in IoMT-based environments for big data analysis under the FL scheme. Fed_Select utilizes alternative minimization to limit gradients and participants in system training to decrease points of system vulnerability. The framework works on an edge computing-based architecture which ensures user anonymity via the employment of hybrid encryption techniques along with added benefits of load reduction at the central server. Also, a Laplacian noise-based differential privacy is employed on the shared attributes for security enhancement that adds confidentiality to the transferred data even during adversarial scenarios. Experimental results on standard datasets showcase that the change in the volume of gradients shared and the number of participants is not proportional to the variation in various system performance parameters. Specifically, an idealistic range of client and gradient-sharing fractions along with the appropriate value of noise for differential privacy implementation is determined. Additionally, we analyze the system from a security perspective as well as compare it with other schemes.
An access control scheme in IoT-enabled Smart-Grid systems using blockchain and PUF
2023, Internet of Things (Netherlands)
IoT-enabled Smart Grid (IoT-SG) is an emerging paradigm that enables the bi-direction communication of IoT devices and hardware to efficiently collect and transmit the consumer’s information over the Internet. However, the underlying open communication network and resource-constrained capabilities of devices invite manifold challenges and threats in terms of security and privacy. To alleviate such issues, we designed a private blockchain-based access control protocol for IoT-SG using Physically Unclonable Function (PUF). Our protocol allows the Service Provider (SP) and smart meters to transfer the data in an efficient and secure manner. The participating SPs form the Peer-to-Peer (P2P) network, and each peer node is responsible for securely creating the blocks from the gathered data. Thereafter, all the peer nodes employ a voting-based consensus mechanism to verify and add the recently created block into the blockchain network. We have rigorously validated the security of our protocol under the Random or Real (RoR) model. The testbed results and security feature analysis show that our protocol is more efficient than competing ones while it also provides significant security properties.
A new hierarchical architecture and protocol for key distribution in the context of IoT-based smart cities
2022, Journal of Information Security and Applications
Citation Excerpt :
This paper is not the first or only attempt to present a key distribution solution that is based on ECC. Several previous studies have used ECC in order to distribute the keys such as [8,15,22,23]. Some other papers found in the literature such as [13,14,24–28] have used Block Incomplete Balanced Diagram (BIBD) key distribution technique in their presented approaches.
The Internet of Things (IoT) is a system of objects such as traditional computers, cameras, sensors and other things that are interconnected via a network to gather, process, and exchange context relevant data. Security is considered as one of the most important challenges facing IoT. Key distribution techniques are at the core of security provision and are critical components of any system in order to establish a secure connection between any two objects. In this paper a new Hierarchical Key Distribution (HKD) architecture and a set of Hierarchical Hybrid Key Distribution (H2KD) protocols are presented for IoT environment to support the provision of smart cities applications. The applicability of this protocols has been studied over HKD architecture and simulated using AVISPA tool and using Burrows–Abadi–Needham (BAN) logic. The targeted features of designing the architecture and the protocols are supporting mobility, scalability, heterogeneity and supporting constrained nodes’ limited capabilities. The performance of H2KD set of protocols has been evaluated based on a quantitative measure of several performance metrics including the memory storage, the computation cost for the constraint nodes, the number of messages exchanged and needed to establish a new session key for a mobile node. Scalability and resilience of the proposed protocols have been also measured. Simulation results show that H2KD protocols are safe against various attacks. Moreover, the analysis results show that the H2KD reduces communication, computation, and the storage costs for constraint nodes by 51.5% compared with related protocols. Additionally, H2KD has been found to provide more scalability and resilience than rival protocols.
Privacy-preserving statistical analysis over multi-dimensional aggregated data in edge computing-based smart grid systems
2022, Journal of Systems Architecture
Smart grid systems enable bidirectional data communication between users and a smart grid control center (CC), by utilizing various communication infrastructures and embedded devices. To extract valuable information from users’ power consumption data efficiently, multi-dimensional data of users are required to be analyzed deeply. To protect users’ privacy, power consumption data are usually encrypted before transmission, which simultaneously makes it difficult to conduct statistical analysis. In this paper, we propose a scheme which enables privacy-preserving statistical analysis over multi-dimensional aggregated data (SA-MAD) in smart grid systems equipped with edge computing. We modify Boneh–Goh–Nissim (BGN) public key cryptosystem to a dual-message encryption mode, combining with two special superincreasing sequences to deal with multi-dimensional encrypted data aggregation. Besides, we design an identity-based aggregate signature to ensure encrypted data integrity in smart grid systems, and employ shamir secret sharing technique to support transmission fault-tolerance mechanism from smart meters to corresponding edge servers. SA-MAD enables CC to flexibly conduct privacy-preserving statistical analysis (e.g., sum, average, and variance) over aggregated data, and it could be easily extended to support covariance and linear regression computation. The performance evaluation demonstrates the feasibility of SA-MAD in edge computing-based smart grid systems.
PF-AKA: PUF-FSM based Authentication and Key Agreement Framework for IoT based Smart Grid Networks
2024, Cluster Computing
A Comprehensive Review on Cyber-Attacks in Power Systems: Impact Analysis, Detection, and Cyber Security
2024, IEEE Access

View all citing articles on Scopus

Xiong Li now is an associate professor at School of Computer Science and Engineering of the Hunan University of Science and Technology (HNUST), China. He received his master’s degree in mathematics and cryptography from Shaanxi Normal University (SNNU), China in 2009 and Ph.D. degree in computer science and technology from Beijing University of Posts and Telecommunications (BUPT), China in 2012. He has published more than 70 referred journal papers in his research interests, which include cryptography, information security, cloud computing security etc. He is currently an Editor of Telecommunication Systems and KSII Transactions on Internet and Information Systems. He has served on TPC member of several international conferences on information security and reviewer for more than 30 ISI indexed journals. He is a winner of Journal of Network and Computer Applications 2015 best research paper award.

Shehzad Ashraf Chaudhry received distinction in his Masters and Ph.D. from International Islamic University Islamabad, Pakistan in 2009 and 2016 respectively. He was awarded Gold Medal for achieving 4.0/4.0 CGPA in his Masters. Currently, he is working as an Assistant Professor at the Department of Computer Science & Software Engineering, International Islamic University, Islamabad. He authored more than 55 scientific publications appeared in different international journals and proceedings including 45 in SCI/E journals. Considering his research, Pakistan Council for Science & Technology granted him the prestigious Research Productivity Award (RPA), while declaring him the 4th Top productive Computer Scientist in Pakistan. He has served as TPC member of various international conferences and is an active reviewer of many ISI indexed journals. He also served as guest editor for several special issues in ISI indexed journals. His research interests include Lightweight Cryptography, Elliptic/Hyper Elliptic Curve Cryptography, Multimedia Security, E- Payment systems, MANETs, SIP authentication, Smart Grid Security, IP Multimedia sub-system and Next Generation Networks. He occasionally writes on issues of Higher Education in Pakistan.

Husnain Abbas Naqvi received his Ph.D. from The University of Auckland, New Zealand. Currently he is working as Assistant Professor at the Department of Computer Science, International Islamic University, Islamabad. He authored more than 50 scientific publications published in different international journals and proceedings. His broad research interests include Sensor Networks, Collaborative Communications, Lightweight Cryptography, Beamforming and Space Time Block Codes.

Saru Kumari is currently an Assistant Professor with the Department of Mathematics, C.C.S. University, Meerut, U.P, India. She received Ph.D. degree in Mathematics in 2012 from C.C.S. University, Meerut, Uttar Pradesh, India. She has published 68 papers in international journals and conferences including 52 research publications in SCI indexed journals. Her research field is cryptology.

Arun Kumar Sangaiah has received his Doctor of Philosophy (Ph.D.) degree in Computer Science and Engineering from the VIT University, Vellore, India. He is presently working as an Associate Professor in School of Computer Science and Engineering, VIT University, India. His area of interest includes software engineering, computational intelligence, wireless networks, bio-informatics, and embedded systems. He has authored more than 100 publications in different journals and conference of national and international repute. Moreover, he has carried out number of funded research projects for Indian government agencies. Also, he was registered a one Indian patent in the area of Computational Intelligence. Besides, Dr. Sangaiah is responsible for Editorial Board Member/Associate Editor of various international journals.

Joel J.P.C. Rodrigues [S’01, M’06, SM’06] is a professor and senior researcher at the National Institute of Telecommunications (Inatel), Brazil and senior researcher at the Instituto de Telecomunicações, Portugal. Prof. Joel is the editor-in-chief of the International Journal on E-Health and Medical Communications, the editor-in-chief of the Recent Advances on Communications and Networking Technology, the editor-in-chief of the Journal of Multimedia Information Systems, and editorial board member of several high-reputed journals. He has been general chair and TPC Chair of many international conferences, including IEEE ICC, GLOBECOM, and HEALTHCOM. He is a member of many international TPCs and participated in several international conferences organization. He has authored or coauthored over 500 papers in refereed international journals and conferences, 3 books, and 2 patents. He had been awarded several Outstanding Leadership and Outstanding Service Awards by IEEE Communications Society and several best papers awards. Prof. Rodrigues is a licensed professional engineer (as senior member), member of the Internet Society, an IARIA fellow, and a senior member ACM and IEEE.

View full text

Pairing based anonymous and secure key agreement protocol for smart grid edge computing infrastructure

Highlights

Abstract

Introduction

Section snippets

Proposed Key Agreement Protocol

Security Analysis

Formal Security Proof through ProVerif

Security and Performance Comparisons

Conclusion

Acknowledgments

Comput. Electr. Eng.

Resour. Energy Econ.

Future Gener. Comput. Syst.

J. Netw. Comput. Appl.

Future Gener. Comput. Syst.

Comput. Electr. Eng.

Comput. Netw.

Edge computing: Vision and challenges

IEEE Internet Things J.

A practical privacy-preserving data aggregation (3PDA) scheme for smart grid

IEEE Trans. Ind. Inf.

Report to NIST on the Smart Grid Interoperability Standards Roadmap

The path of the smart grid

IEEE Power Energy Mag.

Draft Guide for Smart Grid Interoperability of Energy Technology and Information Technology Operation with the Electric Power System (EPS), and End-use Applications and Loads

Communication systems for grid integration of renewable energy resources

IEEE Netw.

A robust and energy efficient authentication protocol for industrial internet of things

IEEE Internet Things J.

A robust ecc based provable secure authentication protocol with privacy protection for industrial internet of things

IEEE Trans. Ind. Inf.